Tijn
-
Items
10 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Tijn
-
Hallo Kweezie, super, internet doet het weer! Wat mij betreft is dit nu opgelost. Het begon allemaal met Optimizer Pro en die is nu weg. Je hebt al aangegeven hoe ik Text Enhance kan verwijderen en ik zag er meerdere topics over. Die ga ik lezen en volgen. Voor nu is mijn computerprobleem opgelost, dankjewel! Met groeten, Tijn
-
Hallo Kweezie! Daar ben ik weer. Het heeft even geduurd aangezien internet het niet meer doet sinds ik de laatste keer Combo-fix heb gedraaid. In het netwerkcentrum staat aangegeven 'identificeren', hetgeen niet lukt. Inmiddels Ziggo gebeld, gaven aan dat het niet aan de verbinding cq het modem ligt. Vervolgens router aangeschaft (was laatst gecrasht, een ongeluk komt nooit alleen zeg maar...) hierdoor heb ik weer draadloos internet voor de laptop. Ziggo gaf ook als tip om de driver voor de netwerkkaart (Realtek PCIe family controller) opnieuw te installeren. Dat inmiddels gedaan. De melding was dat het identificeren ging, alleen de verbinding met internet kwam niet tot stand. Na hernieuwd opstarten pc is de melding weer dat het identificeren niet lukt. Het aantal grijze haren begint inmiddels drastisch toe te nemen, daarom vraag: hoe los ik dit op? Dank alvast, groeten, Tijn
-
Hallo Kweezie! Was enkele dagen niet in de gelegenheid om te klussen aan de pc. Nu wel. Vervelende is dat ik die Text Enhance pop-ups blijf houden (as we speak ook zichtbaar op het pc-forum, aarggh). Optimizer Pro sinds begin deze week onder controle, dat is fijn. Nu Text Enhance nog. Heb combo-fix nog enkele keren gedraaid, zie hieronder laatste logfile. Dank dank voor alle adviezen en meekijken, met groeten, Tijn ComboFix 12-06-15.06 - Tijn 16-06-2012 21:06:31.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.7913.6746 [GMT 2:00] Gestart vanuit: c:\users\Tijn\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-16 to 2012-06-16 )))))))))))))))))))))))))))))) . . 2012-06-16 19:10 . 2012-06-16 19:10 -------- d-----w- c:\users\Luca\AppData\Local\temp 2012-06-16 19:10 . 2012-06-16 19:10 -------- d-----w- c:\users\Iris\AppData\Local\temp 2012-06-16 19:10 . 2012-06-16 19:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-16 19:10 . 2012-06-16 19:10 -------- d-----w- c:\users\Cas\AppData\Local\temp 2012-06-16 19:10 . 2012-06-16 19:10 -------- d-----w- c:\users\Bregje\AppData\Local\temp 2012-06-16 11:43 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CC6A8EE-CFDD-4FAF-96AB-B68A6219C32C}\mpengine.dll 2012-06-15 09:24 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-15 09:23 . 2012-06-15 09:23 -------- d-----w- c:\users\Cas\AppData\Local\Apple 2012-06-13 20:58 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-13 20:58 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-13 20:58 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-09 20:00 . 2012-03-08 16:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-06-09 08:34 . 2012-06-09 08:34 388096 ----a-r- c:\users\Tijn\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-09 08:34 . 2012-06-09 08:34 -------- d-----w- c:\program files (x86)\Trend Micro 2012-06-08 22:35 . 2012-06-08 22:35 -------- d-----w- c:\users\Tijn\AppData\Roaming\Malwarebytes 2012-06-08 22:34 . 2012-06-08 22:34 -------- d-----w- c:\programdata\Malwarebytes 2012-06-08 22:34 . 2012-06-09 19:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-06-08 22:34 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-08 22:16 . 2012-06-08 22:16 -------- d-----w- c:\program files\Enigma Software Group 2012-06-08 22:14 . 2012-06-08 22:14 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-05-18 07:09 . 2012-05-18 07:09 -------- d-----w- c:\users\Luca\AppData\Local\Apple . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-30 11:35 . 2012-05-09 17:24 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-20 18:44 . 2011-04-27 14:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44 . 2011-04-18 12:18 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-03-19 21:44 . 2012-03-19 21:44 5888792 ----a-w- c:\windows\system32\GfxUI.exe 2012-03-19 21:44 . 2012-03-19 21:44 509720 ----a-w- c:\windows\system32\igfxsrvc.exe 2012-03-19 21:44 . 2012-03-19 21:44 439064 ----a-w- c:\windows\system32\igfxpers.exe 2012-03-19 21:44 . 2012-03-19 21:44 398616 ----a-w- c:\windows\system32\hkcmd.exe 2012-03-19 21:44 . 2012-03-19 21:44 276248 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe 2012-03-19 21:44 . 2012-03-19 21:44 250136 ----a-w- c:\windows\system32\igfxext.exe 2012-03-19 21:44 . 2012-03-19 21:44 184600 ----a-w- c:\windows\system32\difx64.exe 2012-03-19 21:44 . 2012-03-19 21:44 170264 ----a-w- c:\windows\system32\igfxtray.exe 2012-03-19 21:42 . 2012-03-19 21:42 90112 ----a-w- c:\windows\system32\igfxCoIn_v2696.dll 2012-03-19 21:32 . 2012-03-19 21:32 14745600 ----a-w- c:\windows\system32\drivers\igdkmd64.sys 2012-03-19 21:31 . 2012-03-19 21:31 8087040 ----a-w- c:\windows\system32\igdumd64.dll 2012-03-19 21:31 . 2012-03-19 21:31 963912 ----a-w- c:\windows\system32\igkrng600.bin 2012-03-19 21:31 . 2012-03-19 21:31 261208 ----a-w- c:\windows\system32\igfcg600m.bin 2012-03-19 21:31 . 2012-03-19 21:31 79360 ----a-w- c:\windows\system32\igdde64.dll 2012-03-19 21:26 . 2011-08-31 18:47 6120960 ----a-w- c:\windows\SysWow64\igdumd32.dll 2012-03-19 21:25 . 2012-03-19 21:25 58880 ----a-w- c:\windows\SysWow64\igdde32.dll 2012-03-19 21:22 . 2011-08-31 18:42 9605632 ----a-w- c:\windows\system32\igd10umd64.dll 2012-03-19 21:11 . 2011-08-31 18:37 7795200 ----a-w- c:\windows\SysWow64\igd10umd32.dll 2012-03-19 20:31 . 2012-03-19 20:31 18137088 ----a-w- c:\windows\system32\ig4icd64.dll 2012-03-19 20:21 . 2012-03-19 20:21 13212672 ----a-w- c:\windows\SysWow64\ig4icd32.dll 2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrom.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrsky.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrslv.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxresn.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrus.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrptg.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrplk.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrsve.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrptb.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrtha.lrc 2012-03-19 20:18 . 2012-03-19 20:18 440320 ----a-w- c:\windows\system32\igfxrell.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrita.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrhun.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrnor.lrc 2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrheb.lrc 2012-03-19 20:18 . 2012-03-19 20:18 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc 2012-03-19 20:18 . 2012-03-19 20:18 430592 ----a-w- c:\windows\system32\igfxrkor.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxrfra.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrnld.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrfin.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrdan.lrc 2012-03-19 20:18 . 2012-03-19 20:18 429056 ----a-w- c:\windows\system32\igfxrcht.lrc 2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrara.lrc 2012-03-19 20:18 . 2012-03-19 20:18 428544 ----a-w- c:\windows\system32\igfxrchs.lrc 2012-03-19 20:18 . 2012-03-19 20:18 126976 ----a-w- c:\windows\system32\igfxcpl.cpl 2012-03-19 20:18 . 2012-03-19 20:18 386560 ----a-w- c:\windows\system32\igfxpph.dll 2012-03-19 20:18 . 2012-03-19 20:18 410624 ----a-w- c:\windows\system32\igfxTMM.dll 2012-03-19 20:17 . 2012-03-19 20:17 28672 ----a-w- c:\windows\system32\igfxexps.dll 2012-03-19 20:17 . 2011-08-31 18:21 63488 ----a-w- c:\windows\system32\igfxsrvc.dll 2012-03-19 20:17 . 2011-08-31 18:20 110592 ----a-w- c:\windows\system32\hccutils.dll 2012-03-19 20:17 . 2012-03-19 20:17 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2012-03-19 20:17 . 2012-03-19 20:17 434688 ----a-w- c:\windows\system32\igfxdev.dll 2012-03-19 20:17 . 2012-03-19 20:17 172032 ----a-w- c:\windows\system32\gfxSrvc.dll 2012-03-19 20:16 . 2012-03-19 20:16 286208 ----a-w- c:\windows\system32\igfxrenu.lrc 2012-03-19 20:16 . 2012-03-19 20:16 142336 ----a-w- c:\windows\system32\igfxdo.dll 2012-03-19 20:16 . 2011-08-31 18:20 9007616 ----a-w- c:\windows\system32\igfxress.dll 2012-03-19 20:12 . 2012-03-19 20:12 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll 2012-03-19 20:11 . 2012-03-19 20:11 325120 ----a-w- c:\windows\SysWow64\igfxdv32.dll 2012-03-19 20:09 . 2012-03-19 20:09 524800 ----a-w- c:\windows\system32\iglhsip64.dll 2012-03-19 20:09 . 2012-03-19 20:09 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll 2012-03-19 20:09 . 2012-03-19 20:09 2967040 ----a-w- c:\windows\system32\igfxcmjit64.dll 2012-03-19 20:09 . 2012-03-19 20:09 237056 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll 2012-03-19 20:09 . 2012-03-19 20:09 2321408 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll 2012-03-19 20:09 . 2012-03-19 20:09 213504 ----a-w- c:\windows\system32\iglhcp64.dll 2012-03-19 20:09 . 2012-03-19 20:09 193024 ----a-w- c:\windows\system32\igfxcmrt64.dll 2012-03-19 20:09 . 2012-03-19 20:09 177152 ----a-w- c:\windows\SysWow64\iglhcp32.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-06-12_19.49.47 ))))))))))))))))))))))))))))))))))))))))) . + 2012-06-13 21:58 . 2012-05-17 22:25 73216 c:\windows\SysWOW64\mshtmled.dll + 2012-06-13 21:58 . 2012-05-17 22:31 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll - 2012-04-11 20:44 . 2012-02-28 01:08 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll + 2012-06-13 21:58 . 2012-05-17 22:31 65024 c:\windows\SysWOW64\jsproxy.dll - 2012-04-11 20:44 . 2012-02-28 01:08 65024 c:\windows\SysWOW64\jsproxy.dll + 2012-06-13 21:58 . 2012-05-18 01:51 96768 c:\windows\system32\mshtmled.dll - 2012-04-11 20:44 . 2012-02-28 06:47 86528 c:\windows\system32\migration\WininetPlugin.dll + 2012-06-13 21:58 . 2012-05-18 01:56 86528 c:\windows\system32\migration\WininetPlugin.dll + 2012-06-13 21:58 . 2012-05-18 01:56 85504 c:\windows\system32\jsproxy.dll - 2012-04-11 20:44 . 2012-02-28 06:47 85504 c:\windows\system32\jsproxy.dll - 2012-01-14 21:26 . 2012-06-12 07:50 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-01-14 21:26 . 2012-06-12 20:20 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-01-14 21:26 . 2012-06-12 20:20 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2012-01-14 21:26 . 2012-06-12 07:50 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-06-12 07:50 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-06-12 20:20 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:46 . 2012-06-15 09:20 92944 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2012-06-13 22:02 . 2012-06-13 22:02 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll - 2012-05-10 01:05 . 2012-05-10 01:05 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll + 2012-06-13 22:02 . 2012-06-13 22:02 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll - 2012-05-10 01:05 . 2012-05-10 01:05 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll - 2012-05-10 01:05 . 2012-05-10 01:05 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll + 2012-06-13 22:02 . 2012-06-13 22:02 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll + 2012-06-13 22:02 . 2012-06-13 22:02 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll - 2012-05-10 01:05 . 2012-05-10 01:05 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll - 2012-05-10 01:05 . 2012-05-10 01:05 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll + 2012-06-13 22:02 . 2012-06-13 22:02 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll + 2012-06-13 22:02 . 2012-06-13 22:02 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll - 2012-05-10 01:05 . 2012-05-10 01:05 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll + 2012-06-13 22:02 . 2012-06-13 22:02 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll - 2012-05-10 01:05 . 2012-05-10 01:05 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll + 2012-06-13 22:02 . 2012-06-13 22:02 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll - 2012-05-10 01:05 . 2012-05-10 01:05 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll + 2012-06-13 22:02 . 2012-06-13 22:02 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll - 2012-05-10 01:05 . 2012-05-10 01:05 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll + 2012-06-13 22:02 . 2012-06-13 22:02 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll - 2012-05-10 01:05 . 2012-05-10 01:05 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll - 2012-05-10 01:05 . 2012-05-10 01:05 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll + 2012-06-13 22:02 . 2012-06-13 22:02 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll - 2012-05-10 01:05 . 2012-05-10 01:05 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2012-06-13 22:02 . 2012-06-13 22:02 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2012-06-13 22:02 . 2012-06-13 22:02 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll - 2012-05-10 01:05 . 2012-05-10 01:05 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll + 2012-06-13 22:02 . 2012-06-13 22:02 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll - 2012-05-10 01:05 . 2012-05-10 01:05 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll - 2012-05-10 01:05 . 2012-05-10 01:05 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll + 2012-06-13 22:02 . 2012-06-13 22:02 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll - 2012-05-10 01:05 . 2012-05-10 01:05 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2012-06-13 22:02 . 2012-06-13 22:02 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2012-06-13 22:02 . 2012-06-13 22:02 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2012-05-10 01:05 . 2012-05-10 01:05 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2012-06-13 22:02 . 2012-06-13 22:02 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2012-05-10 01:05 . 2012-05-10 01:05 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2012-06-13 22:02 . 2012-06-13 22:02 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2012-05-10 01:05 . 2012-05-10 01:05 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2012-05-10 01:05 . 2012-05-10 01:05 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-06-13 22:02 . 2012-06-13 22:02 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2012-05-10 01:05 . 2012-05-10 01:05 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2012-06-13 22:02 . 2012-06-13 22:02 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2012-06-13 22:02 . 2012-06-13 22:02 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2012-05-10 01:05 . 2012-05-10 01:05 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2012-01-30 17:52 . 2012-05-10 01:06 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2012-01-30 17:52 . 2012-06-13 22:02 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe - 2012-01-30 17:52 . 2012-05-10 01:06 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe + 2012-01-30 17:52 . 2012-06-13 22:02 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe - 2012-01-30 17:52 . 2012-05-10 01:06 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2012-01-30 17:52 . 2012-06-13 22:02 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2012-06-14 17:52 . 2012-06-14 17:52 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\eef76dd965ea0a8ae5fb0c734d84389c\System.Web.DynamicData.Design.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\2b97ccae44726f13c418f1406180c3e8\System.Web.DynamicData.Design.ni.dll - 2012-04-11 08:44 . 2010-11-12 23:33 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Drawing.resources.dll + 2012-04-11 08:44 . 2010-11-13 00:34 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Drawing.resources.dll + 2012-06-16 19:10 . 2012-06-16 19:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-06-12 19:21 . 2012-06-12 19:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-06-16 19:10 . 2012-06-16 19:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-06-12 19:21 . 2012-06-12 19:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-04-11 20:44 . 2012-02-28 01:09 231936 c:\windows\SysWOW64\url.dll + 2012-06-13 21:58 . 2012-05-17 22:33 231936 c:\windows\SysWOW64\url.dll - 2012-04-11 20:44 . 2012-02-28 01:06 716800 c:\windows\SysWOW64\jscript.dll + 2012-06-13 21:58 . 2012-05-17 22:29 716800 c:\windows\SysWOW64\jscript.dll + 2012-06-13 21:58 . 2012-05-17 22:29 142848 c:\windows\SysWOW64\ieUnatt.exe - 2012-01-15 10:15 . 2012-01-15 10:15 142848 c:\windows\SysWOW64\ieUnatt.exe - 2012-04-11 20:44 . 2012-02-28 00:59 176640 c:\windows\SysWOW64\ieui.dll + 2012-06-13 21:58 . 2012-05-17 22:20 176640 c:\windows\SysWOW64\ieui.dll + 2012-06-13 20:57 . 2012-04-24 04:36 140288 c:\windows\SysWOW64\cryptsvc.dll + 2012-06-13 20:57 . 2012-04-24 04:36 103936 c:\windows\SysWOW64\cryptnet.dll + 2012-06-13 21:58 . 2012-05-18 01:58 237056 c:\windows\system32\url.dll - 2012-04-11 20:44 . 2012-02-28 06:48 237056 c:\windows\system32\url.dll - 2010-11-21 03:24 . 2010-11-21 03:24 209920 c:\windows\system32\profsvc.dll + 2012-06-13 20:57 . 2012-05-01 05:40 209920 c:\windows\system32\profsvc.dll + 2011-04-12 13:00 . 2012-06-16 06:59 703648 c:\windows\system32\perfh013.dat + 2009-07-14 02:36 . 2012-06-16 06:59 618132 c:\windows\system32\perfh009.dat + 2011-04-12 13:00 . 2012-06-16 06:59 134580 c:\windows\system32\perfc013.dat + 2009-07-14 02:36 . 2012-06-16 06:59 107412 c:\windows\system32\perfc009.dat + 2012-06-13 21:58 . 2012-05-18 01:55 818688 c:\windows\system32\jscript.dll - 2012-04-11 20:44 . 2012-02-28 06:45 818688 c:\windows\system32\jscript.dll + 2012-06-13 21:58 . 2012-05-18 01:55 173056 c:\windows\system32\ieUnatt.exe - 2012-01-15 10:15 . 2012-01-15 10:15 173056 c:\windows\system32\ieUnatt.exe + 2012-06-13 21:58 . 2012-05-18 01:47 248320 c:\windows\system32\ieui.dll - 2012-04-11 20:44 . 2012-02-28 06:39 248320 c:\windows\system32\ieui.dll - 2009-07-14 04:45 . 2012-05-10 01:22 414632 c:\windows\system32\FNTCACHE.DAT + 2009-07-14 04:45 . 2012-06-14 15:44 414632 c:\windows\system32\FNTCACHE.DAT + 2012-06-13 20:57 . 2012-04-28 03:55 210944 c:\windows\system32\drivers\rdpwd.sys - 2012-03-14 07:25 . 2012-02-17 04:58 210944 c:\windows\system32\drivers\rdpwd.sys + 2012-06-13 20:57 . 2012-04-24 05:37 184320 c:\windows\system32\cryptsvc.dll + 2012-06-13 20:57 . 2012-04-24 05:37 140288 c:\windows\system32\cryptnet.dll - 2009-07-14 05:01 . 2012-06-12 19:20 385004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-06-16 19:10 385004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-05-18 11:47 . 2012-06-13 22:02 444428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1065007715-4146422663-686824172-1005-8192.dat + 2012-04-21 09:03 . 2012-04-21 09:03 616024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll - 2012-04-11 08:44 . 2012-01-26 23:31 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll + 2012-06-13 20:57 . 2012-04-23 22:33 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll + 2012-04-21 09:03 . 2012-04-21 09:03 616024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll - 2012-04-11 08:44 . 2012-01-26 23:33 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2012-06-13 20:57 . 2012-04-23 22:35 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll - 2012-05-10 01:05 . 2012-05-10 01:05 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2012-06-13 22:02 . 2012-06-13 22:02 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2012-06-13 22:02 . 2012-06-13 22:02 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll - 2012-05-10 01:05 . 2012-05-10 01:05 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll - 2012-05-10 01:05 . 2012-05-10 01:05 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll + 2012-06-13 22:02 . 2012-06-13 22:02 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll + 2012-06-13 22:02 . 2012-06-13 22:02 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll - 2012-05-10 01:05 . 2012-05-10 01:05 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll - 2012-05-10 01:05 . 2012-05-10 01:05 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2012-06-13 22:02 . 2012-06-13 22:02 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2012-06-13 22:02 . 2012-06-13 22:02 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll - 2012-05-10 01:05 . 2012-05-10 01:05 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll + 2012-06-13 22:02 . 2012-06-13 22:02 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2012-05-10 01:05 . 2012-05-10 01:05 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2012-05-10 01:05 . 2012-05-10 01:05 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll + 2012-06-13 22:02 . 2012-06-13 22:02 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll + 2012-06-13 22:02 . 2012-06-13 22:02 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll - 2012-05-10 01:05 . 2012-05-10 01:05 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll - 2012-05-10 01:05 . 2012-05-10 01:05 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll + 2012-06-13 22:02 . 2012-06-13 22:02 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll - 2012-05-10 01:05 . 2012-05-10 01:05 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2012-06-13 22:02 . 2012-06-13 22:02 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2012-05-10 01:05 . 2012-05-10 01:05 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2012-06-13 22:02 . 2012-06-13 22:02 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2012-06-13 22:02 . 2012-06-13 22:02 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2012-05-10 01:05 . 2012-05-10 01:05 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2012-06-13 22:02 . 2012-06-13 22:02 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll - 2012-05-10 01:05 . 2012-05-10 01:05 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll + 2012-06-13 22:02 . 2012-06-13 22:02 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll - 2012-05-10 01:05 . 2012-05-10 01:05 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll + 2012-06-13 22:02 . 2012-06-13 22:02 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2012-05-10 01:05 . 2012-05-10 01:05 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2012-05-10 01:05 . 2012-05-10 01:05 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-06-13 22:02 . 2012-06-13 22:02 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-06-13 22:02 . 2012-06-13 22:02 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll - 2012-05-10 01:05 . 2012-05-10 01:05 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll + 2012-06-13 22:02 . 2012-06-13 22:02 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll - 2012-05-10 01:05 . 2012-05-10 01:05 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll - 2012-05-10 01:05 . 2012-05-10 01:05 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2012-06-13 22:02 . 2012-06-13 22:02 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2012-06-13 22:02 . 2012-06-13 22:02 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll - 2012-05-10 01:05 . 2012-05-10 01:05 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll + 2012-06-13 22:02 . 2012-06-13 22:02 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll - 2012-05-10 01:05 . 2012-05-10 01:05 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll + 2012-06-13 22:02 . 2012-06-13 22:02 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2012-05-10 01:05 . 2012-05-10 01:05 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2012-06-13 22:02 . 2012-06-13 22:02 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2012-06-13 22:02 . 2012-06-13 22:02 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2012-05-10 01:05 . 2012-05-10 01:05 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2012-06-13 22:02 . 2012-06-13 22:02 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll - 2012-05-10 01:05 . 2012-05-10 01:05 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll + 2012-06-13 22:02 . 2012-06-13 22:02 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2012-05-10 01:05 . 2012-05-10 01:05 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2012-06-13 22:02 . 2012-06-13 22:02 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2012-05-10 01:05 . 2012-05-10 01:05 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-06-13 22:02 . 2012-06-13 22:02 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll - 2012-05-10 01:05 . 2012-05-10 01:05 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll + 2012-06-13 22:02 . 2012-06-13 22:02 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll - 2012-05-10 01:05 . 2012-05-10 01:05 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll - 2012-05-10 01:05 . 2012-05-10 01:05 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2012-06-13 22:02 . 2012-06-13 22:02 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2012-06-13 22:02 . 2012-06-13 22:02 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll - 2012-05-10 01:05 . 2012-05-10 01:05 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll - 2012-05-10 01:05 . 2012-05-10 01:05 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll + 2012-06-13 22:02 . 2012-06-13 22:02 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll - 2012-05-10 01:05 . 2012-05-10 01:05 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll + 2012-06-13 22:02 . 2012-06-13 22:02 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll + 2012-06-13 22:02 . 2012-06-13 22:02 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll - 2012-05-10 01:05 . 2012-05-10 01:05 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll + 2012-06-13 22:02 . 2012-06-13 22:02 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2012-05-10 01:05 . 2012-05-10 01:05 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2012-06-13 22:02 . 2012-06-13 22:02 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll - 2012-05-10 01:05 . 2012-05-10 01:05 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll + 2012-06-13 22:02 . 2012-06-13 22:02 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll - 2012-05-10 01:05 . 2012-05-10 01:05 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll - 2012-05-10 01:05 . 2012-05-10 01:05 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll + 2012-06-13 22:02 . 2012-06-13 22:02 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll + 2012-06-13 22:02 . 2012-06-13 22:02 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll - 2012-05-10 01:05 . 2012-05-10 01:05 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll - 2012-05-10 01:05 . 2012-05-10 01:05 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll + 2012-06-13 22:02 . 2012-06-13 22:02 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll - 2012-05-10 01:05 . 2012-05-10 01:05 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll + 2012-06-13 22:02 . 2012-06-13 22:02 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll - 2012-05-10 01:05 . 2012-05-10 01:05 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2012-06-13 22:02 . 2012-06-13 22:02 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2012-05-10 01:05 . 2012-05-10 01:05 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2012-06-13 22:02 . 2012-06-13 22:02 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2012-05-10 01:05 . 2012-05-10 01:05 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll + 2012-06-13 22:02 . 2012-06-13 22:02 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll + 2012-06-13 22:02 . 2012-06-13 22:02 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2012-05-10 01:05 . 2012-05-10 01:05 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2012-05-10 01:05 . 2012-05-10 01:05 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll + 2012-06-13 22:02 . 2012-06-13 22:02 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll + 2012-06-13 22:02 . 2012-06-13 22:02 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - 2012-05-10 01:05 . 2012-05-10 01:05 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll + 2012-06-13 22:02 . 2012-06-13 22:02 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll - 2012-05-10 01:05 . 2012-05-10 01:05 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll - 2012-05-10 01:05 . 2012-05-10 01:05 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-06-13 22:02 . 2012-06-13 22:02 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2012-05-10 01:05 . 2012-05-10 01:05 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2012-06-13 22:02 . 2012-06-13 22:02 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2012-06-13 22:02 . 2012-06-13 22:02 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2012-05-10 01:05 . 2012-05-10 01:05 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2012-05-10 01:05 . 2012-05-10 01:05 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll + 2012-06-13 22:02 . 2012-06-13 22:02 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - 2012-05-10 01:05 . 2012-05-10 01:05 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll + 2012-06-13 22:02 . 2012-06-13 22:02 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll + 2012-06-13 22:02 . 2012-06-13 22:02 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2012-05-10 01:05 . 2012-05-10 01:05 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-06-13 22:02 . 2012-06-13 22:02 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2012-05-10 01:05 . 2012-05-10 01:05 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2012-06-13 22:02 . 2012-06-13 22:02 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2012-05-10 01:05 . 2012-05-10 01:05 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2012-01-30 17:52 . 2012-05-10 01:06 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2012-01-30 17:52 . 2012-06-13 22:02 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2012-01-30 17:52 . 2012-06-13 22:02 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2012-01-30 17:52 . 2012-05-10 01:06 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2012-01-30 17:52 . 2012-05-10 01:06 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe + 2012-01-30 17:52 . 2012-06-13 22:02 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe + 2012-01-30 17:52 . 2012-06-13 22:02 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe - 2012-01-30 17:52 . 2012-05-10 01:06 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe - 2012-01-30 17:52 . 2012-05-10 01:06 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2012-01-30 17:52 . 2012-06-13 22:02 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2012-01-30 17:52 . 2012-05-10 01:06 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe + 2012-01-30 17:52 . 2012-06-13 22:02 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe + 2012-06-14 17:54 . 2012-06-14 17:54 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\08becdcc9bd647c4e4d07ceea7fe4895\WindowsFormsIntegration.ni.dll + 2012-06-14 17:54 . 2012-06-14 17:54 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ca5505a49a075ee7ad2535f89d9ea992\System.ServiceProcess.ni.dll + 2012-06-14 17:54 . 2012-06-14 17:54 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\0d8257087be3e57b071d1d5ccd705c2f\System.Messaging.ni.dll + 2012-06-14 17:54 . 2012-06-14 17:54 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\52792a7ce63196551c29f5201562c1ae\System.Configuration.Install.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 232960 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\db2b738efe91eed6c4413faf44707248\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 247808 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\b3b3284d16359533332c3424e1330c5c\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 864768 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\13f2ca7a3f3c6cf653896f76a7b167b6\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\097137b03ff37196b4b8ba62db34d64a\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\f669d7c64bbabbc41a4dc0221b5e8fb9\Microsoft.Office.Tools.Common.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 199680 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\90d90e963577dcdcf1474cb98bd76781\Microsoft.Office.Tools.Outlook.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 993280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\644f5d4e386c5f2d2602e7348cc8a4a5\Microsoft.Office.Tools.Excel.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 408576 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\55238bfa679e1af6406aaf7d64173fc6\Microsoft.Office.Tools.Outlook.Implementation.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\44752ffa92ebb7170951a41898d8b9c6\WindowsFormsIntegration.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\a730931e386537e3c229e049c9a6d271\System.Messaging.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\c7d60a49e43964b1ae17e9a080376c6d\System.Configuration.Install.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 708608 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\f120c1f17850a7b8d105f22907a09dd0\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 177152 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\740410269afdf2276525e1dfd870fee8\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 210432 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\39817a23777554d968852971b91a4f78\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\8cc4dd9babffe370cf375925fba15f84\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 864768 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\ec9a55a16c6613554d1a7409811b7a2c\Microsoft.Office.Tools.Common.Implementation.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 312320 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\e8c07660c0c8463446df806f2e374f5c\Microsoft.Office.Tools.Outlook.Implementation.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 336384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\54ab02cb617ed9070723032361c72de6\Microsoft.Office.Tools.Common.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 152064 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\42a5e49641bff019e55a8228560fc541\Microsoft.Office.Tools.Outlook.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 730624 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\282f3b9bd8dc8a67787e210a9b0e78e3\Microsoft.Office.Tools.Excel.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 676864 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\14ae412fbc10916dda33ce1616a63cf1\Microsoft.Office.Tools.Word.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f4d304fcbfda323997083a1f88b83719\WindowsFormsIntegration.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\681410f842337dccc72eb059738c3ced\TaskScheduler.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\72b4992e45d232251a273a59eb3333d5\System.Web.Routing.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\b905eb57b631a30c60caa4d68c186963\System.Web.Entity.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\e412dfbf1aa49bbe345a02a4d23104f5\System.Web.Entity.Design.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\815769f953ebe3f84439d522c97317b8\System.Web.DynamicData.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\c8144ee08dccdac183527e53c86aa901\System.Web.Abstractions.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\d5d612f7d372f500e3062e3814e79d75\System.Messaging.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\fbc02e9f5a14bb93082ebc88bc577413\System.Drawing.Design.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\a88ca70ab9641b8236149bc5dd8d1564\System.Configuration.Install.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\2f1bad2fb963482a02443d5e7fece2b6\napsnap.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\bb4947f0ecc925a7bcfd129b6eec8f9b\napinit.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\67240ddde494b9cc05cd732ccd099668\MMCFxCommon.ni.dll + 2012-06-14 16:20 . 2012-06-14 16:20 305664 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\fda2f68162063c54d2e669e85de7dfb1\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 215040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d8ac6d32594128bdafe00220ef23a5ed\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll + 2012-06-14 16:22 . 2012-06-14 16:22 226304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d1ffef140ded6229eb2681594a992395\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 311296 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d15c134536adfb0899d5e8c1b56ca0da\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll + 2012-06-14 16:22 . 2012-06-14 16:22 225280 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\cf9c858a00058974b41c67bbd68e45c4\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll + 2012-06-14 16:22 . 2012-06-14 16:22 773120 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\3adbee43498cd363d94881c0a329d519\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\c28d0d3c7d9214d676526f0f3b5eb305\Microsoft.Office.Tools.Outlook.v9.0.ni.dll + 2012-06-14 16:20 . 2012-06-14 16:20 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\795e07cc078bee3396f1d946f734c871\Microsoft.Office.Tools.v9.0.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\e29cbd30a31d3c8dae19eb17f70c4ec4\Microsoft.MediaCenter.iTv.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\409dae089f2e041343cff71f822cd505\Microsoft.MediaCenter.ITVVM.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\803188573fb19785a94284e097c48a67\Microsoft.ManagementConsole.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\4ae6ccc32dafb4e3765b9db05585bd48\mcplayerinterop.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\b0db345fd62a84c98fd8b0bf3c72e8bb\mcGlidHostObj.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\bc5df15ee827e248dd6f819874a85718\EventViewer.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\08c9aa18b306aa47ddc0ae4a63b05d04\ehExtHost.ni.exe + 2012-06-14 17:52 . 2012-06-14 17:52 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\f3e052584df9c614407da662dd3c3df3\TaskScheduler.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\06e4119a0a3484bb0ca667a16145ce74\System.Web.Routing.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\4f13c2c06fb97f6659473f02802b377b\System.Web.Extensions.Design.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\bc239944bca7cc6b6ddb473259183c7d\System.Web.Entity.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\3701488fb9e601ebe963db25b784d684\System.Web.Entity.Design.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a09cc9877f51f16a4610b702155e8b70\System.Web.DynamicData.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c6aad1edcc51862ceb26b6b65dad1490\System.Web.Abstractions.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\912a0776c2bfd35ff76bd0b8ba977ed4\System.Drawing.Design.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\498d2033c60fe5b777cf923b71b25972\System.Configuration.Install.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\acfafa161ea232928cb02b01c50acf1c\napsnap.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\0abec246c5ca6ec4858bfd3ab84da0ec\napinit.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\1e03b7c2539c5376f0665a4aba04efbd\MMCFxCommon.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 617472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e439c12c9e047a5252fc0870a0edad57\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d7f1a24f4ab28ff9859120d65b72d688\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 134144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b38419688a94fd9884d66fc7b428019f\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\787f2a870ba9d0895455ccd8578f1a20\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\54aa66ae5ce18ece1133102c5de4a105\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 196608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\53e28029e5ba9e58f9da188d4c68ed0d\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\e1a8a0ddc283db83528f343abaa74ac5\Microsoft.Office.Tools.Outlook.v9.0.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\b70bc4c745dd9a2e5e90e46bcedfe1dc\Microsoft.Office.Tools.Word.v9.0.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\78dd5caf7a28d0b1b122483818205cf0\Microsoft.Office.Tools.Common.v9.0.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\51ad304ce7ae5aa72a6afdbce7661195\Microsoft.Office.Tools.v9.0.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\622b582866fca37f113bd97ae4c6d1f6\Microsoft.ManagementConsole.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\02577b78c6ed2f9bda301de888dccad8\EventViewer.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\a6b8eb80cfbdd927b2fa4ecb69fc0209\ehExtHost32.ni.exe - 2012-04-11 08:44 . 2012-01-26 23:33 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2012-06-13 20:57 . 2012-04-23 22:35 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2012-06-13 20:58 . 2010-11-12 23:33 544768 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Design.resources.dll - 2011-04-12 12:59 . 2011-04-12 12:59 544768 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Design.resources.dll + 2012-06-13 21:58 . 2012-05-17 22:35 1129472 c:\windows\SysWOW64\wininet.dll + 2012-06-13 21:58 . 2012-05-17 22:36 1103872 c:\windows\SysWOW64\urlmon.dll + 2012-06-13 20:57 . 2012-05-04 10:03 3913072 c:\windows\SysWOW64\ntoskrnl.exe - 2012-05-09 17:24 . 2012-03-31 04:39 3913072 c:\windows\SysWOW64\ntoskrnl.exe - 2012-05-09 17:24 . 2012-03-31 04:39 3968368 c:\windows\SysWOW64\ntkrnlpa.exe + 2012-06-13 20:57 . 2012-05-04 10:03 3968368 c:\windows\SysWOW64\ntkrnlpa.exe + 2012-06-13 20:57 . 2012-04-07 11:26 2342400 c:\windows\SysWOW64\msi.dll + 2012-06-13 21:58 . 2012-05-17 22:45 1800192 c:\windows\SysWOW64\jscript9.dll + 2012-06-13 21:58 . 2012-05-17 22:27 1793024 c:\windows\SysWOW64\iertutil.dll + 2012-06-13 21:58 . 2012-05-17 22:48 9737728 c:\windows\SysWOW64\ieframe.dll + 2012-06-13 20:57 . 2012-04-24 04:36 1158656 c:\windows\SysWOW64\crypt32.dll + 2012-06-13 21:58 . 2012-05-18 01:59 1392128 c:\windows\system32\wininet.dll + 2012-06-13 20:57 . 2012-05-15 01:32 3146752 c:\windows\system32\win32k.sys + 2012-06-13 21:58 . 2012-05-18 01:59 1346048 c:\windows\system32\urlmon.dll + 2012-06-13 20:57 . 2012-05-04 11:06 5559664 c:\windows\system32\ntoskrnl.exe - 2012-05-09 17:24 . 2012-03-31 06:05 5559664 c:\windows\system32\ntoskrnl.exe + 2012-06-13 20:57 . 2012-04-07 12:31 3216384 c:\windows\system32\msi.dll + 2012-06-13 21:58 . 2012-05-18 02:06 2311680 c:\windows\system32\jscript9.dll + 2012-06-13 21:58 . 2012-05-18 01:54 2144768 c:\windows\system32\iertutil.dll + 2012-06-13 20:57 . 2012-04-24 05:37 1462272 c:\windows\system32\crypt32.dll + 2009-07-14 04:45 . 2012-06-14 15:47 7226309 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:45 . 2012-06-05 06:51 7226309 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2012-03-21 22:50 . 2012-06-15 23:25 1592460 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1065007715-4146422663-686824172-1006-8192.dat + 2012-01-15 21:58 . 2012-06-16 19:10 6895043 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1065007715-4146422663-686824172-1000-8192.dat + 2012-01-15 21:58 . 2012-06-16 19:10 3265136 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1065007715-4146422663-686824172-1000-4096.dat + 2012-03-15 11:17 . 2012-03-15 11:17 5029672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll + 2012-06-13 20:58 . 2012-03-21 22:30 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll - 2012-05-09 17:24 . 2012-01-04 03:34 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll + 2012-06-13 20:58 . 2012-03-21 22:30 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll - 2010-11-21 03:23 . 2010-11-21 03:23 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll + 2012-03-15 11:17 . 2012-03-15 11:17 5029672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll + 2012-06-13 20:58 . 2012-03-21 22:32 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll - 2012-05-09 17:24 . 2012-01-04 02:51 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll - 2010-11-21 03:24 . 2010-11-21 03:24 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2012-06-13 20:58 . 2012-03-21 22:32 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll - 2012-05-10 01:05 . 2012-05-10 01:05 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll + 2012-06-13 22:02 . 2012-06-13 22:02 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll - 2012-05-10 01:05 . 2012-05-10 01:05 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll + 2012-06-13 22:02 . 2012-06-13 22:02 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll - 2012-05-10 01:05 . 2012-05-10 01:05 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll + 2012-06-13 22:02 . 2012-06-13 22:02 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll + 2012-06-13 22:02 . 2012-06-13 22:02 5029672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-06-13 22:02 . 2012-06-13 22:02 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll - 2012-05-10 01:05 . 2012-05-10 01:05 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll - 2012-05-10 01:05 . 2012-05-10 01:05 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll + 2012-06-13 22:02 . 2012-06-13 22:02 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll + 2012-06-13 22:02 . 2012-06-13 22:02 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll - 2012-05-10 01:05 . 2012-05-10 01:05 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll + 2012-06-13 22:02 . 2012-06-13 22:02 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll - 2012-05-10 01:05 . 2012-05-10 01:05 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll - 2012-05-10 01:05 . 2012-05-10 01:05 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll + 2012-06-13 22:02 . 2012-06-13 22:02 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll - 2012-05-10 01:05 . 2012-05-10 01:05 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll + 2012-06-13 22:02 . 2012-06-13 22:02 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll - 2012-05-10 01:05 . 2012-05-10 01:05 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll + 2012-06-13 22:02 . 2012-06-13 22:02 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll + 2012-06-13 22:02 . 2012-06-13 22:02 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll - 2012-05-10 01:05 . 2012-05-10 01:05 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll - 2012-05-10 01:05 . 2012-05-10 01:05 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll + 2012-06-13 22:02 . 2012-06-13 22:02 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll + 2012-06-13 22:02 . 2012-06-13 22:02 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll - 2012-05-10 01:05 . 2012-05-10 01:05 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2012-06-13 22:02 . 2012-06-13 22:02 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll - 2012-05-10 01:05 . 2012-05-10 01:05 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll - 2012-05-10 01:05 . 2012-05-10 01:05 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll + 2012-06-13 22:02 . 2012-06-13 22:02 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll - 2012-05-10 01:05 . 2012-05-10 01:05 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll + 2012-06-13 22:02 . 2012-06-13 22:02 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - 2012-05-10 01:05 . 2012-05-10 01:05 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2012-06-13 22:02 . 2012-06-13 22:02 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2012-06-13 22:02 . 2012-06-13 22:02 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll - 2012-05-10 01:05 . 2012-05-10 01:05 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-06-13 22:02 . 2012-06-13 22:02 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll - 2012-05-10 01:05 . 2012-05-10 01:05 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll + 2012-05-17 00:58 . 2012-05-17 00:58 3462144 c:\windows\Installer\1d4015e.msp + 2012-04-22 20:46 . 2012-04-22 20:46 1187328 c:\windows\Installer\1d40146.msp + 2012-03-15 12:26 . 2012-03-15 12:26 4212736 c:\windows\Installer\1d4013b.msp - 2012-01-30 17:52 . 2012-05-10 01:06 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2012-01-30 17:52 . 2012-06-13 22:02 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2012-01-30 17:52 . 2012-05-10 01:06 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2012-01-30 17:52 . 2012-06-13 22:02 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2012-01-30 17:52 . 2012-05-10 01:06 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2012-01-30 17:52 . 2012-06-13 22:02 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2012-01-30 17:52 . 2012-06-13 22:02 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe - 2012-01-30 17:52 . 2012-05-10 01:06 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2012-06-14 17:53 . 2012-06-14 17:53 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e286701acf74012d3aa4a21953f03b6b\WindowsBase.ni.dll + 2012-06-14 17:54 . 2012-06-14 17:54 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\950f64ba9fb22ca06c5b2b9cf6f5f4b4\System.Windows.Forms.DataVisualization.ni.dll + 2012-06-14 17:54 . 2012-06-14 17:54 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\d2de16284459454472a6875185c64d08\System.Printing.ni.dll + 2012-06-14 17:54 . 2012-06-14 17:54 2305024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1225ef41527a975de83f22328d0a3b93\System.Drawing.ni.dll + 2012-06-14 17:54 . 2012-06-14 17:54 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\ad9ff5d55f7ea22e80c39e0ff0240984\System.Deployment.ni.dll + 2012-06-14 17:54 . 2012-06-14 17:54 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\707f90689caf41ad429bf3ad373503cb\System.Activities.Presentation.ni.dll + 2012-06-14 17:54 . 2012-06-14 17:54 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\16c9569b75a9f47c38b60ba733936e1a\ReachFramework.ni.dll + 2012-06-14 17:54 . 2012-06-14 17:54 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\9c3d6b3ddef66cac069b6ab1fec514f8\PresentationUI.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\e4d308f69077903e24de92fe4fc06d29\Microsoft.VisualBasic.Compatibility.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\70e2694fe050bd480b9f61f935ca2da5\Microsoft.VisualBasic.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 2035200 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\e2db7f82cd4cb8fa2a2323b5659dd281\Microsoft.Office.Tools.Excel.Implementation.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 1070080 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\8da91be67f85f2d15c39ff4857bf123e\Microsoft.Office.Tools.Word.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\1fcbdf811223e332b431d330f20809c0\Microsoft.Office.Tools.Word.Implementation.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 1118208 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\0c6e82dd514f710f91aba5c5b09c81a8\Microsoft.Office.Tools.Common.Implementation.ni.dll + 2012-06-13 22:02 . 2012-06-13 22:02 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\7f0476e4df01ca2219f7db531408e91c\System.Windows.Forms.DataVisualization.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\f87f8bc0bc9563096150f23f6c220e7b\System.Printing.ni.dll + 2012-06-13 22:02 . 2012-06-13 22:02 1666048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\e899cda47704280f54949c69b78c55cc\System.Deployment.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\36299fad6b7b591cfb6bd9e50dbd33df\System.Activities.Presentation.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\442af6f7c8b447bdec3ad8d23da89c5a\ReachFramework.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\cf455da9b8fedf66767c1a7ab3eea9c9\PresentationUI.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 1139712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2ed0173a2e75b1a3943bd2d96649a50c\Microsoft.VisualBasic.Compatibility.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09c2f8f606e09d85cfe6e0ad89fbe729\Microsoft.VisualBasic.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 1551872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\37be99ab7a190282e52ef03e6c507d65\Microsoft.Office.Tools.Excel.Implementation.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 1117696 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\203dafe1fd6248a74e6dd8c012668c94\Microsoft.Office.Tools.Word.Implementation.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\70cc5e8a5a3372fe0b104c1b20392cd2\System.WorkflowServices.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\aa638ba79250284eb4af4adaa4a4117b\System.Workflow.Runtime.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\996dc2af3b9e5c111130935f298908c6\System.Workflow.ComponentModel.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\178797db84abae2eeaed835bd28ca52c\System.Workflow.Activities.ni.dll + 2012-06-14 15:46 . 2012-06-14 15:46 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\a32734087cd0db5607d5744ca63235d7\System.Web.Services.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\af7689e8cbec5d2755497be23c30e293\System.Web.Mobile.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\768ea257d75839979b4efb2d49d653f6\System.Web.Extensions.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\2c47bc5d426a7cf9ffef1425eda08184\System.Web.Extensions.Design.ni.dll + 2012-06-14 15:46 . 2012-06-14 15:46 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\b964519964d302b4977e1380d8d15f1a\System.Printing.ni.dll + 2012-06-14 15:46 . 2012-06-14 15:46 2318848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll + 2012-06-14 15:46 . 2012-06-14 15:46 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\6e4e9b07f376d445df1718c0011fa99b\System.Deployment.ni.dll + 2012-06-14 15:46 . 2012-06-14 15:46 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\1f88a3693c8ddd527a130aff49dc58b3\ReachFramework.ni.dll + 2012-06-14 15:46 . 2012-06-14 15:46 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\b91c32fab08ba62d8c7681cc596895be\PresentationUI.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\ac1ba76ed19d668ce53a74593f040453\Narrator.ni.exe + 2012-06-14 16:22 . 2012-06-14 16:22 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\df2557ab1b8e4389d846e13dc82eba57\MMCEx.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\61812970c4743b686a67f28687e1dcb6\MIGUIControls.ni.dll + 2012-06-14 16:22 . 2012-06-14 16:22 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1586ee919f86130df9771cf9b8d95d3a\Microsoft.VisualBasic.ni.dll + 2012-06-14 16:22 . 2012-06-14 16:22 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\ca7e936eed0de2436d87b2601ee3a20a\Microsoft.PowerShell.Editor.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6caa366471176a065a96d77e8ba01eeb\Microsoft.PowerShell.Commands.Utility.ni.dll + 2012-06-14 16:22 . 2012-06-14 16:22 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3040e2de07177c0a6a66a49de61fdc59\Microsoft.PowerShell.GPowerShell.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 1186304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\91391297ea9428993774313f05e98dd2\Microsoft.Office.Tools.Word.v9.0.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 1875456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\6ecfa88a42ba7c5c3a4580cd479d0d21\Microsoft.Office.Tools.Excel.v9.0.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 1093632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\0929a1a8f19d58cca0ff9bf5f9086dc1\Microsoft.Office.Tools.Common.v9.0.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b2afc0af3d89ae00e973b4e6e9db382c\Microsoft.MediaCenter.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\73bfbdccdc1b0ae87f70a0ec594fee3c\Microsoft.MediaCenter.Bml.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\653e1ee01f10d658d52ca42e17e74283\Microsoft.MediaCenter.UI.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\dac69844e6333484159a4cf544190906\Microsoft.Ink.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4b362e9e25c33e371f06403edec8849a\Microsoft.Build.Tasks.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\33730d136a34d2f4e56a0322f49ee9b6\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\cc4844e7242c1e35d145bf2439f944c5\mcstore.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e3e5aa45736b95804bf6bb7eca08a57b\System.WorkflowServices.ni.dll + 2012-06-14 15:48 . 2012-06-14 15:48 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\88bfc62ac0195a8ae673c444a3339505\System.Workflow.Runtime.ni.dll + 2012-06-14 15:48 . 2012-06-14 15:48 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\cfb739be21092d5b8f7b4fde529e6aaa\System.Workflow.ComponentModel.ni.dll + 2012-06-14 15:48 . 2012-06-14 15:48 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\a815fffab98375c1919df68b5b292725\System.Workflow.Activities.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4a90802e36dee6e10d9bf54832cbf549\System.Web.Mobile.ni.dll + 2012-06-14 17:52 . 2012-06-14 17:52 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c45efc7ec92c1da8e67eb597559ec39c\System.Web.Extensions.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\991dbe40be5b114ed705bb5b48e6b330\System.Printing.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\87f73de6e080d37be93adfc7d5c31d7a\ReachFramework.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\163517c8a195fb48f7ef6ee17c585bdb\PresentationUI.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\17add09c98fa34255142d42697db53df\Narrator.ni.exe + 2012-06-14 17:51 . 2012-06-14 17:51 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\21abde8efab609732b2ade3f05234e79\MMCEx.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\0e7da0df83f0619e3b0e0a7d7ee05fa3\MIGUIControls.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\99ae5f32cd1dc3618659bc3c77f2b2a9\Microsoft.PowerShell.Commands.Utility.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\77b5496d214dd5034294b058c0bb0e8d\Microsoft.PowerShell.GPowerShell.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\72765e5fab12761eb6d3f58180fa34d7\Microsoft.PowerShell.Editor.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 1354752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\63513a219edd166209b039f0681f1d59\Microsoft.Office.Tools.Excel.v9.0.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 1787904 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\fb4866eac162b305cc84d1c7cc8da1f5\Microsoft.Office.InfoPath.Client.Internal.Host.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 1564672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\5190887d5ed2ef28d1596fd2f48bd935\Microsoft.Office.BusinessApplications.Runtime.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 4752384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\48c93c9b5095c25bc4fde40f25c014ea\Microsoft.Office.BusinessApplications.SyncServices.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 3238400 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\2db98cd03e8f4be6c6b33bee3bdbfc30\Microsoft.Office.BusinessData.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 2091520 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\2983eeeb5d0c013e215bf9fc069710a6\Microsoft.Office.BusinessApplications.RuntimeUi.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\8ce1d10f94b40f054017865757552f2d\Microsoft.MediaCenter.UI.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7fab1ec8f5ed6a55a8a73b2c590bd7cd\Microsoft.MediaCenter.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\4d381048e3b9c0914c0f72c6aa0a599d\Microsoft.Ink.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3893fa9a19b52dee8b2cc424840d5d08\Microsoft.Build.Tasks.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\1d2250044b1ecff755e26ed12f6d27cb\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-06-14 17:51 . 2012-06-14 17:51 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\3a4e56a8d1075cf0af0619c383b3e592\mcstore.ni.dll - 2012-05-09 17:24 . 2012-01-04 02:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-06-13 20:58 . 2012-03-21 22:32 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2010-11-21 03:24 . 2010-11-21 03:24 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-06-13 20:58 . 2012-03-21 22:32 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-06-13 21:58 . 2012-05-17 23:11 12314624 c:\windows\SysWOW64\mshtml.dll + 2009-07-14 02:34 . 2012-06-14 15:44 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT - 2009-07-14 02:34 . 2012-06-04 12:03 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2012-06-13 21:58 . 2012-05-18 02:47 17807360 c:\windows\system32\mshtml.dll + 2012-01-15 10:02 . 2012-06-13 22:00 58957832 c:\windows\system32\MRT.exe + 2012-06-13 21:58 . 2012-05-18 02:16 10924032 c:\windows\system32\ieframe.dll + 2012-06-14 17:54 . 2012-06-14 17:54 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e883d90a0210bf99ca88f3b4ade53a24\System.Windows.Forms.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\a3c3789d54894008501ce5891f1eeb40\PresentationFramework.ni.dll + 2012-06-14 17:53 . 2012-06-14 17:53 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\9d69a7a407bbc43a1bcb2da603af5840\PresentationCore.ni.dll + 2012-06-13 22:02 . 2012-06-13 22:02 13198336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll + 2012-06-13 22:02 . 2012-06-13 22:02 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll + 2012-06-13 22:02 . 2012-06-13 22:02 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll + 2012-06-14 15:46 . 2012-06-14 15:46 17383424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll + 2012-06-14 15:46 . 2012-06-14 15:46 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\582144c0ee317038621aebc626187b56\System.Design.ni.dll + 2012-06-14 15:46 . 2012-06-14 15:46 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll + 2012-06-14 15:46 . 2012-06-14 15:46 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll + 2012-06-14 16:21 . 2012-06-14 16:21 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\0c1f96a4136efe532bbb8eb91d3de300\ehshell.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 12436480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c144f89b1f8f292d6940a1b2f8ffbec\System.Design.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 14340608 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll + 2012-06-14 15:47 . 2012-06-14 15:47 12237824 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp wsauth . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 116648] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 116648] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 wsnm;VMware View Client;c:\program files\VMware\VMware View\Client\bin\wsnm.exe [2011-02-18 494192] S2 wsnm_usbctrl;VMware View USB Control;c:\program files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe [2011-02-18 1120368] S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 vmwvusb;VMware View Generic USB Driver;c:\windows\system32\Drivers\vmwvusb.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2012-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 17:04] . 2012-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 17:04] . 2012-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1065007715-4146422663-686824172-1000Core.job - c:\users\Tijn\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15 10:26] . 2012-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1065007715-4146422663-686824172-1000UA.job - c:\users\Tijn\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15 10:26] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.nl/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 TCP: Interfaces\{EABBD825-4E43-440D-8816-C270AADC813B}: NameServer = 208.67.222.222,208.67.220.220 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1065007715-4146422663-686824172-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1065007715-4146422663-686824172-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe . ************************************************************************** . Voltooingstijd: 2012-06-16 21:13:09 - machine werd herstart ComboFix-quarantined-files.txt 2012-06-16 19:13 ComboFix2.txt 2012-06-13 06:23 ComboFix3.txt 2012-06-13 05:58 ComboFix4.txt 2012-06-12 19:51 . Pre-Run: 155.249.491.968 bytes beschikbaar Post-Run: 155.066.281.984 bytes beschikbaar . - - End Of File - - 60FF49E1B5809114E777F779539C60FF
-
Beste Kweezie, heb het verwijderd (het zit nog wel in de prullenbak). Groeten, Tijn
-
Hallo Kweezie! Al met al een heel proces. Heb eerst ComboFix gewoon gestart. Later nog een keer door de de textfile naar de koppeling op het bureaublad te slepen. PC een keer herstart. En hieronder het resultaat in de vorm van de logfile. Dank voor je support hierbij, groeten, Tijn ComboFix 12-06-12.03 - Tijn 13-06-2012 8:16.3.4 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.7913.6145 [GMT 2:00] Gestart vanuit: c:\users\Tijn\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\Tijn\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\sh4ldr c:\sh4ldr\shldr.mbr . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-13 to 2012-06-13 )))))))))))))))))))))))))))))) . . 2012-06-13 06:19 . 2012-06-13 06:19 -------- d-----w- c:\users\Luca\AppData\Local\temp 2012-06-13 06:19 . 2012-06-13 06:19 -------- d-----w- c:\users\Iris\AppData\Local\temp 2012-06-13 06:19 . 2012-06-13 06:19 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-13 06:19 . 2012-06-13 06:19 -------- d-----w- c:\users\Cas\AppData\Local\temp 2012-06-13 06:19 . 2012-06-13 06:19 -------- d-----w- c:\users\Bregje\AppData\Local\temp 2012-06-12 20:30 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B66969FC-02BE-44EB-A8AC-DEDE8C36561C}\mpengine.dll 2012-06-11 20:17 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-09 20:00 . 2012-03-08 16:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-06-09 08:34 . 2012-06-09 08:34 388096 ----a-r- c:\users\Tijn\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-09 08:34 . 2012-06-09 08:34 -------- d-----w- c:\program files (x86)\Trend Micro 2012-06-08 22:35 . 2012-06-08 22:35 -------- d-----w- c:\users\Tijn\AppData\Roaming\Malwarebytes 2012-06-08 22:34 . 2012-06-08 22:34 -------- d-----w- c:\programdata\Malwarebytes 2012-06-08 22:34 . 2012-06-09 19:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-06-08 22:34 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-08 22:16 . 2012-06-08 22:16 -------- d-----w- c:\program files\Enigma Software Group 2012-06-08 22:14 . 2012-06-08 22:31 -------- d-----w- c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP 2012-06-08 22:14 . 2012-06-08 22:14 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-05-18 07:09 . 2012-05-18 07:09 -------- d-----w- c:\users\Luca\AppData\Local\Apple 2012-05-14 19:58 . 2012-05-14 19:58 -------- d-----w- c:\users\Tijn\AppData\Roaming\VMware . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-31 06:05 . 2012-05-09 17:24 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-31 04:39 . 2012-05-09 17:24 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-03-31 04:39 . 2012-05-09 17:24 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-03-31 03:10 . 2012-05-09 17:24 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-03-30 11:35 . 2012-05-09 17:24 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-20 18:44 . 2011-04-27 14:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44 . 2011-04-18 12:18 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-03-19 21:44 . 2012-03-19 21:44 5888792 ----a-w- c:\windows\system32\GfxUI.exe 2012-03-19 21:44 . 2012-03-19 21:44 509720 ----a-w- c:\windows\system32\igfxsrvc.exe 2012-03-19 21:44 . 2012-03-19 21:44 439064 ----a-w- c:\windows\system32\igfxpers.exe 2012-03-19 21:44 . 2012-03-19 21:44 398616 ----a-w- c:\windows\system32\hkcmd.exe 2012-03-19 21:44 . 2012-03-19 21:44 276248 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe 2012-03-19 21:44 . 2012-03-19 21:44 250136 ----a-w- c:\windows\system32\igfxext.exe 2012-03-19 21:44 . 2012-03-19 21:44 184600 ----a-w- c:\windows\system32\difx64.exe 2012-03-19 21:44 . 2012-03-19 21:44 170264 ----a-w- c:\windows\system32\igfxtray.exe 2012-03-19 21:42 . 2012-03-19 21:42 90112 ----a-w- c:\windows\system32\igfxCoIn_v2696.dll 2012-03-19 21:32 . 2012-03-19 21:32 14745600 ----a-w- c:\windows\system32\drivers\igdkmd64.sys 2012-03-19 21:31 . 2012-03-19 21:31 8087040 ----a-w- c:\windows\system32\igdumd64.dll 2012-03-19 21:31 . 2012-03-19 21:31 963912 ----a-w- c:\windows\system32\igkrng600.bin 2012-03-19 21:31 . 2012-03-19 21:31 261208 ----a-w- c:\windows\system32\igfcg600m.bin 2012-03-19 21:31 . 2012-03-19 21:31 79360 ----a-w- c:\windows\system32\igdde64.dll 2012-03-19 21:26 . 2011-08-31 18:47 6120960 ----a-w- c:\windows\SysWow64\igdumd32.dll 2012-03-19 21:25 . 2012-03-19 21:25 58880 ----a-w- c:\windows\SysWow64\igdde32.dll 2012-03-19 21:22 . 2011-08-31 18:42 9605632 ----a-w- c:\windows\system32\igd10umd64.dll 2012-03-19 21:11 . 2011-08-31 18:37 7795200 ----a-w- c:\windows\SysWow64\igd10umd32.dll 2012-03-19 20:31 . 2012-03-19 20:31 18137088 ----a-w- c:\windows\system32\ig4icd64.dll 2012-03-19 20:21 . 2012-03-19 20:21 13212672 ----a-w- c:\windows\SysWow64\ig4icd32.dll 2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrom.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrsky.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrslv.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxresn.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrus.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrptg.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrplk.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrsve.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrptb.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrtha.lrc 2012-03-19 20:18 . 2012-03-19 20:18 440320 ----a-w- c:\windows\system32\igfxrell.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrita.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrhun.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrnor.lrc 2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrheb.lrc 2012-03-19 20:18 . 2012-03-19 20:18 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc 2012-03-19 20:18 . 2012-03-19 20:18 430592 ----a-w- c:\windows\system32\igfxrkor.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxrfra.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrnld.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrfin.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrdan.lrc 2012-03-19 20:18 . 2012-03-19 20:18 429056 ----a-w- c:\windows\system32\igfxrcht.lrc 2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrara.lrc 2012-03-19 20:18 . 2012-03-19 20:18 428544 ----a-w- c:\windows\system32\igfxrchs.lrc 2012-03-19 20:18 . 2012-03-19 20:18 126976 ----a-w- c:\windows\system32\igfxcpl.cpl 2012-03-19 20:18 . 2012-03-19 20:18 386560 ----a-w- c:\windows\system32\igfxpph.dll 2012-03-19 20:18 . 2012-03-19 20:18 410624 ----a-w- c:\windows\system32\igfxTMM.dll 2012-03-19 20:17 . 2012-03-19 20:17 28672 ----a-w- c:\windows\system32\igfxexps.dll 2012-03-19 20:17 . 2011-08-31 18:21 63488 ----a-w- c:\windows\system32\igfxsrvc.dll 2012-03-19 20:17 . 2011-08-31 18:20 110592 ----a-w- c:\windows\system32\hccutils.dll 2012-03-19 20:17 . 2012-03-19 20:17 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2012-03-19 20:17 . 2012-03-19 20:17 434688 ----a-w- c:\windows\system32\igfxdev.dll 2012-03-19 20:17 . 2012-03-19 20:17 172032 ----a-w- c:\windows\system32\gfxSrvc.dll 2012-03-19 20:16 . 2012-03-19 20:16 286208 ----a-w- c:\windows\system32\igfxrenu.lrc 2012-03-19 20:16 . 2012-03-19 20:16 142336 ----a-w- c:\windows\system32\igfxdo.dll 2012-03-19 20:16 . 2011-08-31 18:20 9007616 ----a-w- c:\windows\system32\igfxress.dll 2012-03-19 20:12 . 2012-03-19 20:12 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll 2012-03-19 20:11 . 2012-03-19 20:11 325120 ----a-w- c:\windows\SysWow64\igfxdv32.dll 2012-03-19 20:09 . 2012-03-19 20:09 524800 ----a-w- c:\windows\system32\iglhsip64.dll 2012-03-19 20:09 . 2012-03-19 20:09 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll 2012-03-19 20:09 . 2012-03-19 20:09 2967040 ----a-w- c:\windows\system32\igfxcmjit64.dll 2012-03-19 20:09 . 2012-03-19 20:09 237056 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll 2012-03-19 20:09 . 2012-03-19 20:09 2321408 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll 2012-03-19 20:09 . 2012-03-19 20:09 213504 ----a-w- c:\windows\system32\iglhcp64.dll 2012-03-19 20:09 . 2012-03-19 20:09 193024 ----a-w- c:\windows\system32\igfxcmrt64.dll 2012-03-19 20:09 . 2012-03-19 20:09 177152 ----a-w- c:\windows\SysWow64\iglhcp32.dll 2012-03-17 07:58 . 2012-05-09 17:24 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-06-12_19.49.47 ))))))))))))))))))))))))))))))))))))))))) . - 2012-01-14 21:26 . 2012-06-12 07:50 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-01-14 21:26 . 2012-06-12 20:20 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2012-01-14 21:26 . 2012-06-12 07:50 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2012-01-14 21:26 . 2012-06-12 20:20 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-06-12 07:50 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-06-12 20:20 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-06-13 06:20 . 2012-06-13 06:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-06-12 19:21 . 2012-06-12 19:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-06-12 19:21 . 2012-06-12 19:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-06-13 06:20 . 2012-06-13 06:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-04-12 13:00 . 2012-06-13 06:12 703426 c:\windows\system32\perfh013.dat - 2011-04-12 13:00 . 2012-06-12 19:25 703426 c:\windows\system32\perfh013.dat + 2009-07-14 02:36 . 2012-06-13 06:12 617910 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2012-06-12 19:25 617910 c:\windows\system32\perfh009.dat + 2011-04-12 13:00 . 2012-06-13 06:12 134358 c:\windows\system32\perfc013.dat - 2011-04-12 13:00 . 2012-06-12 19:25 134358 c:\windows\system32\perfc013.dat + 2009-07-14 02:36 . 2012-06-13 06:12 107190 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-06-12 19:25 107190 c:\windows\system32\perfc009.dat - 2009-07-14 05:01 . 2012-06-12 19:20 385004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-06-13 06:19 385004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-01-15 21:58 . 2012-06-13 06:19 6875592 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1065007715-4146422663-686824172-1000-8192.dat - 2012-01-15 21:58 . 2012-06-12 19:20 6875592 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1065007715-4146422663-686824172-1000-8192.dat + 2012-01-15 21:58 . 2012-06-12 21:54 2158060 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1065007715-4146422663-686824172-1000-4096.dat - 2012-01-15 21:58 . 2012-06-09 20:19 2158060 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1065007715-4146422663-686824172-1000-4096.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp wsauth . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . 2;2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 116648] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 116648] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 wsnm;VMware View Client;c:\program files\VMware\VMware View\Client\bin\wsnm.exe [2011-02-18 494192] S2 wsnm_usbctrl;VMware View USB Control;c:\program files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe [2011-02-18 1120368] S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 vmwvusb;VMware View Generic USB Driver;c:\windows\system32\Drivers\vmwvusb.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2012-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 17:04] . 2012-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 17:04] . 2012-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1065007715-4146422663-686824172-1000Core.job - c:\users\Tijn\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15 10:26] . 2012-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1065007715-4146422663-686824172-1000UA.job - c:\users\Tijn\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15 10:26] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.nl/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 TCP: Interfaces\{EABBD825-4E43-440D-8816-C270AADC813B}: NameServer = 208.67.222.222,208.67.220.220 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1065007715-4146422663-686824172-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1065007715-4146422663-686824172-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe . ************************************************************************** . Voltooingstijd: 2012-06-13 08:23:05 - machine werd herstart ComboFix-quarantined-files.txt 2012-06-13 06:23 ComboFix2.txt 2012-06-13 05:58 ComboFix3.txt 2012-06-12 19:51 . Pre-Run: 155.749.629.952 bytes beschikbaar Post-Run: 155.665.883.136 bytes beschikbaar . - - End Of File - - 900EACADBA31BCD43808DA3919A64D8B
-
Ha Kweezie, Kreeg inderdaad de melding en heb daarna op ja (=verwijderen...) geklikt, prompt geen IE meer. Vervolgens computer herstart, nu is IE 9 geïnstalleerd en werkt internet weer. Wel alle bookmarks kwijt, maar die kan ik vast nog wel ergens vinden. Hieronder het logfile, bedankt voor je reactie alvast en met groeten, Tijn ComboFix 12-06-12.01 - Tijn 12-06-2012 21:15:55.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.7913.6139 [GMT 2:00] Gestart vanuit: c:\users\Tijn\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . G:\Autorun.inf . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-12 to 2012-06-12 )))))))))))))))))))))))))))))) . . 2012-06-12 19:19 . 2012-06-12 19:19 -------- d-----w- c:\users\Luca\AppData\Local\temp 2012-06-12 19:19 . 2012-06-12 19:19 -------- d-----w- c:\users\Iris\AppData\Local\temp 2012-06-12 19:19 . 2012-06-12 19:19 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-12 19:19 . 2012-06-12 19:19 -------- d-----w- c:\users\Cas\AppData\Local\temp 2012-06-12 19:19 . 2012-06-12 19:19 -------- d-----w- c:\users\Bregje\AppData\Local\temp 2012-06-11 20:17 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E14EE381-25EC-4274-8FB7-DC662FA9B912}\mpengine.dll 2012-06-10 19:18 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-09 20:00 . 2012-03-08 16:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-06-09 08:34 . 2012-06-09 08:34 388096 ----a-r- c:\users\Tijn\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-09 08:34 . 2012-06-09 08:34 -------- d-----w- c:\program files (x86)\Trend Micro 2012-06-08 22:35 . 2012-06-08 22:35 -------- d-----w- c:\users\Tijn\AppData\Roaming\Malwarebytes 2012-06-08 22:34 . 2012-06-08 22:34 -------- d-----w- c:\programdata\Malwarebytes 2012-06-08 22:34 . 2012-06-09 19:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-06-08 22:34 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-08 22:16 . 2012-06-08 22:31 -------- d-----w- C:\sh4ldr 2012-06-08 22:16 . 2012-06-08 22:16 -------- d-----w- c:\program files\Enigma Software Group 2012-06-08 22:14 . 2012-06-08 22:31 -------- d-----w- c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP 2012-06-08 22:14 . 2012-06-08 22:14 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-05-18 07:09 . 2012-05-18 07:09 -------- d-----w- c:\users\Luca\AppData\Local\Apple 2012-05-14 19:58 . 2012-05-14 19:58 -------- d-----w- c:\users\Tijn\AppData\Roaming\VMware . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-31 06:05 . 2012-05-09 17:24 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-31 04:39 . 2012-05-09 17:24 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-03-31 04:39 . 2012-05-09 17:24 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-03-31 03:10 . 2012-05-09 17:24 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-03-30 11:35 . 2012-05-09 17:24 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-20 18:44 . 2011-04-27 14:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44 . 2011-04-18 12:18 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-03-19 21:44 . 2012-03-19 21:44 5888792 ----a-w- c:\windows\system32\GfxUI.exe 2012-03-19 21:44 . 2012-03-19 21:44 509720 ----a-w- c:\windows\system32\igfxsrvc.exe 2012-03-19 21:44 . 2012-03-19 21:44 439064 ----a-w- c:\windows\system32\igfxpers.exe 2012-03-19 21:44 . 2012-03-19 21:44 398616 ----a-w- c:\windows\system32\hkcmd.exe 2012-03-19 21:44 . 2012-03-19 21:44 276248 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe 2012-03-19 21:44 . 2012-03-19 21:44 250136 ----a-w- c:\windows\system32\igfxext.exe 2012-03-19 21:44 . 2012-03-19 21:44 184600 ----a-w- c:\windows\system32\difx64.exe 2012-03-19 21:44 . 2012-03-19 21:44 170264 ----a-w- c:\windows\system32\igfxtray.exe 2012-03-19 21:42 . 2012-03-19 21:42 90112 ----a-w- c:\windows\system32\igfxCoIn_v2696.dll 2012-03-19 21:32 . 2012-03-19 21:32 14745600 ----a-w- c:\windows\system32\drivers\igdkmd64.sys 2012-03-19 21:31 . 2012-03-19 21:31 8087040 ----a-w- c:\windows\system32\igdumd64.dll 2012-03-19 21:31 . 2012-03-19 21:31 963912 ----a-w- c:\windows\system32\igkrng600.bin 2012-03-19 21:31 . 2012-03-19 21:31 261208 ----a-w- c:\windows\system32\igfcg600m.bin 2012-03-19 21:31 . 2012-03-19 21:31 79360 ----a-w- c:\windows\system32\igdde64.dll 2012-03-19 21:26 . 2011-08-31 18:47 6120960 ----a-w- c:\windows\SysWow64\igdumd32.dll 2012-03-19 21:25 . 2012-03-19 21:25 58880 ----a-w- c:\windows\SysWow64\igdde32.dll 2012-03-19 21:22 . 2011-08-31 18:42 9605632 ----a-w- c:\windows\system32\igd10umd64.dll 2012-03-19 21:11 . 2011-08-31 18:37 7795200 ----a-w- c:\windows\SysWow64\igd10umd32.dll 2012-03-19 20:31 . 2012-03-19 20:31 18137088 ----a-w- c:\windows\system32\ig4icd64.dll 2012-03-19 20:21 . 2012-03-19 20:21 13212672 ----a-w- c:\windows\SysWow64\ig4icd32.dll 2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrom.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrsky.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrslv.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxresn.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrus.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrptg.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrplk.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrsve.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrptb.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrtha.lrc 2012-03-19 20:18 . 2012-03-19 20:18 440320 ----a-w- c:\windows\system32\igfxrell.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrita.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrhun.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrnor.lrc 2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrheb.lrc 2012-03-19 20:18 . 2012-03-19 20:18 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc 2012-03-19 20:18 . 2012-03-19 20:18 430592 ----a-w- c:\windows\system32\igfxrkor.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxrfra.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrnld.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrfin.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrdan.lrc 2012-03-19 20:18 . 2012-03-19 20:18 429056 ----a-w- c:\windows\system32\igfxrcht.lrc 2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrara.lrc 2012-03-19 20:18 . 2012-03-19 20:18 428544 ----a-w- c:\windows\system32\igfxrchs.lrc 2012-03-19 20:18 . 2012-03-19 20:18 126976 ----a-w- c:\windows\system32\igfxcpl.cpl 2012-03-19 20:18 . 2012-03-19 20:18 386560 ----a-w- c:\windows\system32\igfxpph.dll 2012-03-19 20:18 . 2012-03-19 20:18 410624 ----a-w- c:\windows\system32\igfxTMM.dll 2012-03-19 20:17 . 2012-03-19 20:17 28672 ----a-w- c:\windows\system32\igfxexps.dll 2012-03-19 20:17 . 2011-08-31 18:21 63488 ----a-w- c:\windows\system32\igfxsrvc.dll 2012-03-19 20:17 . 2011-08-31 18:20 110592 ----a-w- c:\windows\system32\hccutils.dll 2012-03-19 20:17 . 2012-03-19 20:17 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2012-03-19 20:17 . 2012-03-19 20:17 434688 ----a-w- c:\windows\system32\igfxdev.dll 2012-03-19 20:17 . 2012-03-19 20:17 172032 ----a-w- c:\windows\system32\gfxSrvc.dll 2012-03-19 20:16 . 2012-03-19 20:16 286208 ----a-w- c:\windows\system32\igfxrenu.lrc 2012-03-19 20:16 . 2012-03-19 20:16 142336 ----a-w- c:\windows\system32\igfxdo.dll 2012-03-19 20:16 . 2011-08-31 18:20 9007616 ----a-w- c:\windows\system32\igfxress.dll 2012-03-19 20:12 . 2012-03-19 20:12 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll 2012-03-19 20:11 . 2012-03-19 20:11 325120 ----a-w- c:\windows\SysWow64\igfxdv32.dll 2012-03-19 20:09 . 2012-03-19 20:09 524800 ----a-w- c:\windows\system32\iglhsip64.dll 2012-03-19 20:09 . 2012-03-19 20:09 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll 2012-03-19 20:09 . 2012-03-19 20:09 2967040 ----a-w- c:\windows\system32\igfxcmjit64.dll 2012-03-19 20:09 . 2012-03-19 20:09 237056 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll 2012-03-19 20:09 . 2012-03-19 20:09 2321408 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll 2012-03-19 20:09 . 2012-03-19 20:09 213504 ----a-w- c:\windows\system32\iglhcp64.dll 2012-03-19 20:09 . 2012-03-19 20:09 193024 ----a-w- c:\windows\system32\igfxcmrt64.dll 2012-03-19 20:09 . 2012-03-19 20:09 177152 ----a-w- c:\windows\SysWow64\iglhcp32.dll 2012-03-17 07:58 . 2012-05-09 17:24 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp wsauth . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 116648] R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 116648] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 wsnm;VMware View Client;c:\program files\VMware\VMware View\Client\bin\wsnm.exe [2011-02-18 494192] S2 wsnm_usbctrl;VMware View USB Control;c:\program files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe [2011-02-18 1120368] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 vmwvusb;VMware View Generic USB Driver;c:\windows\system32\Drivers\vmwvusb.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 17:04] . 2012-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07 17:04] . 2012-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1065007715-4146422663-686824172-1000Core.job - c:\users\Tijn\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15 10:26] . 2012-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1065007715-4146422663-686824172-1000UA.job - c:\users\Tijn\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15 10:26] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.nl/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 TCP: Interfaces\{EABBD825-4E43-440D-8816-C270AADC813B}: NameServer = 208.67.222.222,208.67.220.220 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) Toolbar-10 - (no file) WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1065007715-4146422663-686824172-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1065007715-4146422663-686824172-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe . ************************************************************************** . Voltooingstijd: 2012-06-12 21:51:37 - machine werd herstart ComboFix-quarantined-files.txt 2012-06-12 19:51 . Pre-Run: 156.179.566.592 bytes beschikbaar Post-Run: 156.527.091.712 bytes beschikbaar . - - End Of File - - C80017229F518D14D0AC19735D224094
-
Hallo Kweezie, Nieuwe log. HijackThis scant trouwens ongelooflijk snel, kwestie van seconden dan is ie al weer klaar. Die 020 - AppInitwas trouwens al weg, ik denk doordat ik met MWAM dat programma heb verwijderd. Text Enhance blijf ik zien, Bittorent toolbaar inmiddels met instellingen van Chrome uit Chrome verwijderd, krijg het echter niet uit de lijst met programma's. Dank weer voor je reactie! Met groeten, Tijn Logfile of Trend Micro HijackThis v2.0.4Scan saved at 8:13:28, on 12-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [Google Update] "C:\Users\Tijn\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EABBD825-4E43-440D-8816-C270AADC813B}: NameServer = 208.67.222.222,208.67.220.220 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: VMware View Client (wsnm) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe O23 - Service: VMware View USB Control (wsnm_usbctrl) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe -- End of file - 9243 bytes
-
Hallo Kweezie, MBAW vond de volgende bedreiging: PUP.DownloadnSave (C:\ProgramData\CodecC\bhoclass.dll Neem aan dat ik die moet verwijderen? Groeten, Tijn
-
Bedankt Kweezie, Hoefde maar een paar dingen te verwijderen bij Hijack This (SearchAssistant en CustomizeSearch en Global Startup: McAfee). Over 020 - AppInit heb ik getwijfeld, de extensie stond er niet achter dus die heb ik laten staan. Zijn dit ook de aanpassingen om Text Enhance weg te krijgen? Het gekke is dat het via het configuratiescherm niet werkt om de bittorent toolbar te de-installeren. Zie hieronder de nieuwe logfiles, met groeten, Tijn Logfile of Trend Micro HijackThis v2.0.4Scan saved at 10:36:47, on 9-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files (x86)\BittorrentBar_NL\prxtbBitt.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll O2 - BHO: BittorrentBar_NL - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files (x86)\BittorrentBar_NL\prxtbBitt.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CodecC - {AFC4B7C5-9BDE-4D72-9D2D-B9B9687D4F8E} - C:\ProgramData\CodecC\bhoclass.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL O3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files (x86)\BittorrentBar_NL\prxtbBitt.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll O3 - Toolbar: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [Google Update] "C:\Users\Tijn\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/ge...sh/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EABBD825-4E43-440D-8816-C270AADC813B}: NameServer = 208.67.222.222,208.67.220.220 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: VMware View Client (wsnm) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe O23 - Service: VMware View USB Control (wsnm_usbctrl) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe Weet niet op dit het juiste bestand is van MBAW - hij had een (1) melding gevonden 2012/06/11 08:02:35 +0200 TIJN-PC Tijn MESSAGE Starting protection 2012/06/11 08:02:37 +0200 TIJN-PC Tijn MESSAGE Protection started successfully 2012/06/11 08:02:40 +0200 TIJN-PC Tijn MESSAGE Starting IP protection 2012/06/11 08:02:41 +0200 TIJN-PC Tijn MESSAGE IP Protection started successfully 2012/06/11 09:36:24 +0200 TIJN-PC Tijn MESSAGE Starting protection 2012/06/11 09:36:25 +0200 TIJN-PC Tijn MESSAGE Protection started successfully 2012/06/11 09:36:28 +0200 TIJN-PC Tijn MESSAGE Starting IP protection 2012/06/11 09:36:29 +0200 TIJN-PC Tijn MESSAGE IP Protection started successfully 2012/06/11 15:16:18 +0200 TIJN-PC Tijn MESSAGE Starting protection 2012/06/11 15:16:19 +0200 TIJN-PC Tijn MESSAGE Protection started successfully 2012/06/11 15:16:22 +0200 TIJN-PC Tijn MESSAGE Starting IP protection 2012/06/11 15:16:23 +0200 TIJN-PC Tijn MESSAGE IP Protection started successfully 2012/06/11 15:22:40 +0200 TIJN-PC Tijn MESSAGE Executing scheduled update: Daily 2012/06/11 15:22:47 +0200 TIJN-PC Tijn MESSAGE Scheduled update executed successfully: database updated from version v2012.06.09.05 to version v2012.06.11.04 2012/06/11 15:22:47 +0200 TIJN-PC Tijn MESSAGE Starting database refresh 2012/06/11 15:22:47 +0200 TIJN-PC Tijn MESSAGE Stopping IP protection 2012/06/11 15:23:28 +0200 TIJN-PC Tijn MESSAGE IP Protection stopped 2012/06/11 15:23:29 +0200 TIJN-PC Tijn MESSAGE Database refreshed successfully 2012/06/11 15:23:29 +0200 TIJN-PC Tijn MESSAGE Starting IP protection 2012/06/11 15:23:30 +0200 TIJN-PC Tijn MESSAGE IP Protection started successfully 2012/06/11 23:15:17 +0200 TIJN-PC Tijn MESSAGE Starting database refresh 2012/06/11 23:15:17 +0200 TIJN-PC Tijn MESSAGE Stopping IP protection
-
Logfile of Trend Micro HijackThis v2.0.4Scan saved at 10:36:47, on 9-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tijn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files (x86)\BittorrentBar_NL\prxtbBitt.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll O2 - BHO: BittorrentBar_NL - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files (x86)\BittorrentBar_NL\prxtbBitt.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CodecC - {AFC4B7C5-9BDE-4D72-9D2D-B9B9687D4F8E} - C:\ProgramData\CodecC\bhoclass.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL O3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files (x86)\BittorrentBar_NL\prxtbBitt.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll O3 - Toolbar: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [Google Update] "C:\Users\Tijn\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/ge...sh/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EABBD825-4E43-440D-8816-C270AADC813B}: NameServer = 208.67.222.222,208.67.220.220 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: VMware View Client (wsnm) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe O23 - Service: VMware View USB Control (wsnm_usbctrl) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe ---------- Post toegevoegd om 22:38 ---------- Vorige post was om 22:30 ---------- Had het bericht wat snel geplaatst...! Dus, het probleem: Optimizer Pro. Inmiddels HijackThis and MWAV gedraaid, zie hieronder het tweede logfile van HijackThis. Het logfile van MWAV geeft aan dat er geen bedreigingen gevonden zijn. Graag hoor ik of ik nog iets moet doen met de resultaten die HijackThis aangeeft. Bedankt alvast en met groeten, Tijn ---------- Post toegevoegd om 22:49 ---------- Vorige post was om 22:38 ---------- En als ik nog wat mag toevoegen, hoe krijg ik het volgende weg: - Text Enhance - De toolbar van Bittorent in Chrome
