-
Items
19 -
Registratiedatum
-
Laatst bezocht
Over Tchii
- Verjaardag 19-04-1987
PC Specificaties
-
Besturingssysteem
Microsoft Windows 8.1 6.3.9600
Tchii's prestaties
-
Owkeey, heb hem ingesteld zoals op de afbeelding, zullen kijken of er verbetering in komt. Hopelijk wel MBAM en Avast vinden allesinds al geen malware. Heb nu ook YAC (yet another cleaner) om het gedrag van memory verbruik in oog te houden en te scannen of die misschien wat vond wat andere niet vonden. (Ze lijken echter precies wel geen logje ofzo te hebben :S ) Normaal loopt FF zo tussen 300-400 MB maar soms schiet ie gelijk naar 1,5-2 GIG in een paar tellen O_O Als ik dan een quicke clean do voor junk files is het weer ff opgelost. Toch maar allemaal een verwarrende boel. Dikke kus
-
Sorry voor het traag reageren, had weer ziekenhuis afspraken. En ja had het inderdaad fout begrepen dan. Sorry! Inmiddels al een keer geherinstalleerd. FF doet al minder raar, maar nog wel raar. Het gaat altijd even goed en dan begint ie weer stilaan te blokkeren. Dus dacht nog een keer met hitman pro scannen. Weer twee cookies erbij. C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\mgs3ijp0.default-1416603031975\cookies.sqlite:ads.healthline.com C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\mgs3ijp0.default-1416603031975\cookies.sqlite:doubleclick.net Dat lijken mij echt adverteer sites, maar ik ben niet meer op zo'n site geweest sinds dat een klein slippertje. hoe komen die cookies dan elke keer toch weer terug zo uit zichzelf en kan het daarom zijn dat mijn firefox vaag doet?
-
Hmm eens proberen, had het al wel een keertje herinitialisatiefunctie uitgevoerd omdat mijn FF er recent terug opstaat. Maar toch een keertje proberen. Als ik de flash add-on uitschakel kan ik geen webgames meer spelen, ook al staat flash gewoon geinstaleerd.
-
@Passer, loop toch nog vast na eenige tijd maar blokeerd al iets minder. Enkel nog unity, flash adobe dingetje en avast aan, alle andere add ons enzo uit gezet. Zelfs als alles uitstaat loopt ie toch nog vast. Ben enorm gehecht aan firefox maar misschien dan toch een andere browser proberen? :S @Asus, ja me logjes zagen er goed uit dus dacht dat alles opgelost was. Of allesinds toch qua virusen/malware etc. Ik zag er geen kwaad in om een nieuwe topic te openen voor firefox probleempjes, sorry als dit fout van me was (dit topicje sluiten en terug gaan naar mijn vorig topicje?)
-
Zal ik een keertje gaan proberen! Gaat wel even tijd in beslag nemen, maar post asap ik kan even of dit geholpen heeft of niet. Alvast super bedankt voor de tip
-
Hay hay iedereen, hopelijk staat deze in het juiste topic, het was even twijfelen waar ik hem het beste zou plaatsen. Ik had een paar vraagjes ivm cookies omdat mijn firefox regelmatig, dagelijks, enorm vaag doet. Lieve Emphyrio hier heeft me geholpen met mijn laptopje op te schonen en die logjes zagen er goed uit. (Nog een keertje bedankt Emphy! ) Dus qua malware, virusen enzo zou alles in orde moeten zijn. Maar mijn firefox blijft erg vaag doen. Zo begint hij enorm te blokkeren tijdens het surfen na een tijdje, en bij flash/unity web games nog eens zo snel. (not responding) Regelmatig crasht ie ook of geeft hij een runtime error. Na al een paar keer te scannen met MBAM en Avast en Ccleaner te gebruiken dacht ik plots aan hitman pro programmatje. Toen ik met hitman scande heeft ie een paar cookies gevonden. Het type advertisement brol. (logje hier onderaan) Schoot me toen te binnen dat ik inderdaad 1x eens op een foute ad-achtige pagina terecht ben gekomen per ongeluk. Die blokeerde mijn firefox en moest hem via task manager afsluiten. (Meteen gescanned enzo er na) Ik pas hier immers altijd heel erg voor op, en sinds dan zijn de firefox problemen begonnen. (en verergeren ze) Nu vroeg ik mij af, kan het hier aan liggen dat mijn firefox zich zo raar gedraagt sinds recent? Zou er dan toch nog ergens iets diep verstopt zitten door die cookies ofzo? Kan het eigenlijk door cookies komen? (weet eigenlijk niet zo goed wat cookies zijn) Hitman heeft de cookies verwijderd maar de (not responding) en blokages houden aan. Ik heb dit zelfs eerst in notepad moeten typen omdat rechtstreeks in het forum typen niet te doen is met het continu vastlopen. Iemand nog ideetjes, info of raad hier over? Alvast super bedankt! Dikke kus! Vorig topic voor wie de logs even wil bekijken: http://www.pc-helpforum.be/f163/er-wat-mis-en-ik-vind-74175/ Het hitman pro logje: [ATTACH]37698[/ATTACH] HitmanPro 3.7.9.232 www.hitmanpro.com Computer name . . . . : TCHII Windows . . . . . . . : 6.3.0.9600.X64/2 User name . . . . . . : TCHII\Tchii UAC . . . . . . . . . : Enabled License . . . . . . . : Trial (26 days left) Scan date . . . . . . : 2014-11-23 18:53:02 Scan mode . . . . . . : Normal Scan duration . . . . : 8m 3s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 9 Objects scanned . . . : 1 654 889 Files scanned . . . . : 30 705 Remnants scanned . . : 515 495 files / 1 108 689 keys Cookies _____________________________________________________________________ C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\mgs3ijp0.default-1416603031975\cookies.sqlite:ads.pubmatic.com C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\mgs3ijp0.default-1416603031975\cookies.sqlite:be.sitestat.com C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\mgs3ijp0.default-1416603031975\cookies.sqlite:dmtracker.com C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\mgs3ijp0.default-1416603031975\cookies.sqlite:doubleclick.net C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\mgs3ijp0.default-1416603031975\cookies.sqlite:gsk.112.2o7.net C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\mgs3ijp0.default-1416603031975\cookies.sqlite:hearstdigital.122.2o7.net C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\mgs3ijp0.default-1416603031975\cookies.sqlite:statcounter.com C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\mgs3ijp0.default-1416603031975\cookies.sqlite:statse.webtrendslive.com C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\mgs3ijp0.default-1416603031975\cookies.sqlite:xiti.com HitmanPro_20141123_1901.log
-
Er is wat mis en ik vind niet wat, hoe, waar.
Tchii reageerde op Tchii's topic in Archief Bestrijding malware & virussen
Buiten firefox en flash games niet, voor mij mag het topic verlopig gesloten worden als jij je zegen van clean geeft Nog een keer super bedankt! Dikke kus -
Er is wat mis en ik vind niet wat, hoe, waar.
Tchii reageerde op Tchii's topic in Archief Bestrijding malware & virussen
Deleting folders "C:\Users\Tchii\AppData\Local\Comodo" deleted "C:\ProgramData\Comodo" deleted "C:\Program Files\COMODO" deleted Zo, hardnekkig spul die comodo! Bah! Lijkt er ook op dat CCleaner vaak dezelfde fouten terug vind bij het herstellen. Nou ff snel me E-peekje doen, logje komt eraan - - - Updated - - - E-Peek v 1.0.5.6 © Emphyrio/Onsia Patrick 2013-2014 Downloaded @ E Dev Run at vr 21 nov 2014 17:50 . Windows 8.1 (64 bits) C:\Windows [NTFS - Fixed] Default Browser: Firefox 33.1.1 (x86 nl) Boot mode: Normal boot User logged in: Tchii . Java x86: n/a Java x64: n/a . AV : Windows Defender [updated - Running] AS : Windows Defender [updated - Running] FW : Windows firewall . ==================== Files and Folders history ================================= Folders Created Last 7 days : 21/11/2014 ##### r-h-s-d+a- C:\zoek_backup 21/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Uninstaller Tool(Comodo Forums) 21/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\VirtualStore 21/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Temp 21/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Diagnostics 21/11/2014 ##### r-h+s+d+a- C:\Config.Msi 21/11/2014 ##### r-h+s+d+a- C:\$RECYCLE.BIN 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Unity 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Macromedia 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Comodo 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Unity 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Programs 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Macromedia 20/11/2014 ##### r-h-s-d+a- C:\ProgramData\TOSHIBA Tempro 20/11/2014 ##### r-h-s-d+a- C:\ProgramData\Malwarebytes 20/11/2014 ##### r-h-s-d+a- C:\ProgramData\IsolatedStorage 20/11/2014 ##### r-h-s-d+a- C:\Program Files\Malwarebytes Anti-Malware 20/11/2014 ##### r-h-s-d+a- C:\Program Files\CCleaner 20/11/2014 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware 20/11/2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev 20/11/2014 ##### r-h-s-d+a- C:\AdwCleaner 20/11/2014 ##### r-h+s+d+a- C:\System Volume Information 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Mozilla 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Adobe 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\TOSHIBA 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Packages 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Mozilla 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Microsoft 19/11/2014 ##### r-h-s-d+a- C:\ProgramData\ToshibaEurope 19/11/2014 ##### r-h-s-d+a- C:\ProgramData\Mozilla 19/11/2014 ##### r-h-s-d+a- C:\Program Files (x86)\Mozilla Maintenance Service 19/11/2014 ##### r-h-s-d+a- C:\Program Files (x86)\Mozilla Firefox 19/11/2014 ##### r-h-s+d+a- C:\Users\Tchii\AppData\Roaming\Microsoft 19/11/2014 ##### r-h+s-d+a- C:\Users\Tchii\AppData 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Templates 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Start Menu 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\SendTo 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Recent 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\PrintHood 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\NetHood 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\My Documents 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Local Settings 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Cookies 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Application Data 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\AppData\Local\Temporary Internet Files 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\AppData\Local\History 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\AppData\Local\Application Data 19/11/2014 ##### r+h-s-d+a+ C:\Users\Tchii\SkyDrive 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Videos 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Searches 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Saved Games 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Pictures 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Music 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Links 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Favorites 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Downloads 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Documents 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Desktop 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Contacts Files Modified Last 7 days : 21/11/2014 00000133 r-h-s-d-a+ C:\Windows\system32\log.txt 20/11/2014 04646338 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI 20/11/2014 01060864 r-h-s-d-a+ C:\Windows\SysWOW64\mfc71.dll 20/11/2014 00806586 r-h-s-d-a+ C:\Windows\system32\perfh013.dat 20/11/2014 00801394 r-h-s-d-a+ C:\Windows\system32\perfh00C.dat 20/11/2014 00793160 r-h-s-d-a+ C:\Windows\system32\perfh010.dat 20/11/2014 00754248 r-h-s-d-a+ C:\Windows\system32\perfh007.dat 20/11/2014 00722476 r-h-s-d-a+ C:\Windows\system32\perfh009.dat 20/11/2014 00348160 r-h-s-d-a+ C:\Windows\SysWOW64\msvcr71.dll 20/11/2014 00336032 r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT 20/11/2014 00162126 r-h-s-d-a+ C:\Windows\system32\perfc013.dat 20/11/2014 00158900 r-h-s-d-a+ C:\Windows\system32\perfc007.dat 20/11/2014 00158846 r-h-s-d-a+ C:\Windows\system32\perfc00C.dat 20/11/2014 00156082 r-h-s-d-a+ C:\Windows\system32\perfc010.dat 20/11/2014 00135592 r-h-s-d-a+ C:\Windows\system32\perfc009.dat 20/11/2014 00057096 r-h-s-d-a+ C:\Windows\system32\certsentry.dll Files Created Last 7 days : 21/11/2014 00000133 r-h-s-d-a+ C:\Windows\system32\log.txt 21/11/2014 00000109 r-h-s-d-a+ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 20/11/2014 23134208 r-h-s-d-a+ C:\Windows\system32\mshtml.dll 20/11/2014 21186352 r-h-s-d-a+ C:\Windows\system32\shell32.dll 20/11/2014 18644072 r-h-s-d-a+ C:\Windows\SysWOW64\shell32.dll 20/11/2014 18576384 r-h-s-d-a+ C:\Windows\system32\Windows.UI.Xaml.dll 20/11/2014 17073152 r-h-s-d-a+ C:\Windows\SysWOW64\mshtml.dll 20/11/2014 13949440 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.UI.Xaml.dll 20/11/2014 13192704 r-h-s-d-a+ C:\Windows\system32\twinui.dll 20/11/2014 13051904 r-h-s-d-a+ C:\Windows\system32\ieframe.dll 20/11/2014 11688448 r-h-s-d-a+ C:\Windows\SysWOW64\twinui.dll 20/11/2014 11266048 r-h-s-d-a+ C:\Windows\SysWOW64\ieframe.dll 20/11/2014 103374192 r-h-s-d-a+ C:\Windows\system32\MRT.exe 20/11/2014 07399256 r-h-s-d-a+ C:\Windows\system32\ntoskrnl.exe 20/11/2014 06640640 r-h-s-d-a+ C:\Windows\system32\mstscax.dll 20/11/2014 06353960 r-h-s-d-a+ C:\Windows\system32\sppsvc.exe 20/11/2014 05770752 r-h-s-d-a+ C:\Windows\SysWOW64\mstscax.dll 20/11/2014 05768704 r-h-s-d-a+ C:\Windows\system32\jscript9.dll 20/11/2014 04604416 r-h-s-d-a+ C:\Windows\system32\d2d1.dll 20/11/2014 04244480 r-h-s-d-a+ C:\Windows\SysWOW64\jscript9.dll 20/11/2014 04189184 r-h-s-d-a+ C:\Windows\system32\win32k.sys 20/11/2014 04175360 r-h-s-d-a+ C:\Windows\system32\dbgeng.dll 20/11/2014 04106240 r-h-s-d-a+ C:\Windows\system32\SyncEngine.dll 20/11/2014 03936256 r-h-s-d-a+ C:\Windows\SysWOW64\d2d1.dll 20/11/2014 03532288 r-h-s-d-a+ C:\Windows\system32\wuaueng.dll 20/11/2014 03395920 r-h-s-d-a+ C:\Windows\system32\WSService.dll 20/11/2014 03210528 r-h-s-d-a+ C:\Windows\system32\msmpeg2vdec.dll 20/11/2014 02896896 r-h-s-d-a+ C:\Windows\system32\msftedit.dll 20/11/2014 02873344 r-h-s-d-a+ C:\Windows\SysWOW64\dbgeng.dll 20/11/2014 02804528 r-h-s-d-a+ C:\Windows\SysWOW64\msmpeg2vdec.dll 20/11/2014 02801664 r-h-s-d-a+ C:\Windows\system32\actxprxy.dll 20/11/2014 02765824 r-h-s-d-a+ C:\Windows\system32\iertutil.dll 20/11/2014 02617344 r-h-s-d-a+ C:\Windows\system32\authui.dll 20/11/2014 02570240 r-h-s-d-a+ C:\Windows\system32\SettingsHandlers.dll 20/11/2014 02397184 r-h-s-d-a+ C:\Windows\system32\d3d10warp.dll 20/11/2014 02334208 r-h-s-d-a+ C:\Windows\system32\wininet.dll 20/11/2014 02295808 r-h-s-d-a+ C:\Windows\SysWOW64\authui.dll 20/11/2014 02266624 r-h-s-d-a+ C:\Windows\SysWOW64\msftedit.dll 20/11/2014 02168320 r-h-s-d-a+ C:\Windows\SysWOW64\iertutil.dll 20/11/2014 02152448 r-h-s-d-a+ C:\Windows\system32\msxml3.dll 20/11/2014 02143960 r-h-s-d-a+ C:\Windows\SysWOW64\mfcore.dll 20/11/2014 02143744 r-h-s-d-a+ C:\Windows\system32\dwmcore.dll 20/11/2014 02140888 r-h-s-d-a+ C:\Windows\system32\d3d11.dll 20/11/2014 02134120 r-h-s-d-a+ C:\Windows\system32\d3d9.dll 20/11/2014 02133208 r-h-s-d-a+ C:\Windows\system32\mfcore.dll 20/11/2014 02071552 r-h-s-d-a+ C:\Windows\SysWOW64\d3d10warp.dll 20/11/2014 02065448 r-h-s-d-a+ C:\Windows\SysWOW64\explorer.exe 20/11/2014 02041856 r-h-s-d-a+ C:\Windows\system32\inetcpl.cpl 20/11/2014 01964032 r-h-s-d-a+ C:\Windows\SysWOW64\inetcpl.cpl 20/11/2014 01943536 r-h-s-d-a+ C:\Windows\system32\crypt32.dll 20/11/2014 01928144 r-h-s-d-a+ C:\Windows\system32\combase.dll 20/11/2014 01843712 r-h-s-d-a+ C:\Windows\system32\Display.dll 20/11/2014 01820160 r-h-s-d-a+ C:\Windows\SysWOW64\wininet.dll 20/11/2014 01816576 r-h-s-d-a+ C:\Windows\SysWOW64\Display.dll 20/11/2014 01799944 r-h-s-d-a+ C:\Windows\SysWOW64\d3d9.dll 20/11/2014 01765384 r-h-s-d-a+ C:\Windows\SysWOW64\d3d11.dll 20/11/2014 01765376 r-h-s-d-a+ C:\Windows\SysWOW64\dwmcore.dll 20/11/2014 01756160 r-h-s-d-a+ C:\Windows\system32\WMPDMC.exe 20/11/2014 01720560 r-h-s-d-a+ C:\Windows\system32\ntdll.dll 20/11/2014 01704448 r-h-s-d-a+ C:\Windows\system32\wucltux.dll 20/11/2014 01643584 r-h-s-d-a+ C:\Windows\system32\winload.efi 20/11/2014 01584128 r-h-s-d-a+ C:\Windows\system32\workfolderssvc.dll 20/11/2014 01581968 r-h-s-d-a+ C:\Windows\SysWOW64\crypt32.dll 20/11/2014 01507704 r-h-s-d-a+ C:\Windows\system32\winload.exe 20/11/2014 01503232 r-h-s-d-a+ C:\Windows\system32\wlansvc.dll 20/11/2014 01486848 r-h-s-d-a+ C:\Windows\system32\dbghelp.dll 20/11/2014 01476184 r-h-s-d-a+ C:\Windows\system32\winresume.efi 20/11/2014 01472048 r-h-s-d-a+ C:\Windows\SysWOW64\ntdll.dll 20/11/2014 01415680 r-h-s-d-a+ C:\Windows\system32\lsasrv.dll 20/11/2014 01399176 r-h-s-d-a+ C:\Windows\system32\winmde.dll 20/11/2014 01393664 r-h-s-d-a+ C:\Windows\system32\urlmon.dll 20/11/2014 01391104 r-h-s-d-a+ C:\Windows\SysWOW64\WMPDMC.exe 20/11/2014 01374384 r-h-s-d-a+ C:\Windows\system32\wmpmde.dll 20/11/2014 01371824 r-h-s-d-a+ C:\Windows\SysWOW64\combase.dll 20/11/2014 01362944 r-h-s-d-a+ C:\Windows\SysWOW64\user32.dll 20/11/2014 01345536 r-h-s-d-a+ C:\Windows\system32\winresume.exe 20/11/2014 01341288 r-h-s-d-a+ C:\Windows\system32\gdi32.dll 20/11/2014 01317376 r-h-s-d-a+ C:\Windows\SysWOW64\msxml3.dll 20/11/2014 01302528 r-h-s-d-a+ C:\Windows\system32\AppXDeploymentServer.dll 20/11/2014 01287576 r-h-s-d-a+ C:\Windows\system32\kernel32.dll 20/11/2014 01238016 r-h-s-d-a+ C:\Windows\SysWOW64\dbghelp.dll 20/11/2014 01231360 r-h-s-d-a+ C:\Windows\system32\Windows.Media.dll 20/11/2014 01227264 r-h-s-d-a+ C:\Windows\system32\mispace.dll 20/11/2014 01214976 r-h-s-d-a+ C:\Windows\system32\schedsvc.dll 20/11/2014 01204968 r-h-s-d-a+ C:\Windows\SysWOW64\winmde.dll 20/11/2014 01160704 r-h-s-d-a+ C:\Windows\system32\Windows.Web.Http.dll 20/11/2014 01156096 r-h-s-d-a+ C:\Windows\SysWOW64\urlmon.dll 20/11/2014 01147904 r-h-s-d-a+ C:\Windows\system32\UIAutomationCore.dll 20/11/2014 01109424 r-h-s-d-a+ C:\Windows\system32\KernelBase.dll 20/11/2014 01104896 r-h-s-d-a+ C:\Windows\system32\SearchFolder.dll 20/11/2014 01104384 r-h-s-d-a+ C:\Windows\system32\IKEEXT.DLL 20/11/2014 01085952 r-h-s-d-a+ C:\Windows\system32\twinui.appcore.dll 20/11/2014 01067080 r-h-s-d-a+ C:\Windows\system32\mfasfsrcsnk.dll 20/11/2014 01067008 r-h-s-d-a+ C:\Windows\SysWOW64\gdi32.dll 20/11/2014 01060864 r-h-s-d-a+ C:\Windows\SysWOW64\mfc71.dll 20/11/2014 01057280 r-h-s-d-a+ C:\Windows\system32\rdvidcrl.dll 20/11/2014 01036288 r-h-s-d-a+ C:\Windows\SysWOW64\kernel32.dll 20/11/2014 01019392 r-h-s-d-a+ C:\Windows\SysWOW64\actxprxy.dll 20/11/2014 01011712 r-h-s-d-a+ C:\Windows\system32\TSWorkspace.dll 20/11/2014 00980480 r-h-s-d-a+ C:\Windows\SysWOW64\mispace.dll 20/11/2014 00960512 r-h-s-d-a+ C:\Windows\system32\MFMediaEngine.dll 20/11/2014 00947712 r-h-s-d-a+ C:\Windows\system32\reseteng.dll 20/11/2014 00922624 r-h-s-d-a+ C:\Windows\system32\AppXDeploymentExtensions.dll 20/11/2014 00920064 r-h-s-d-a+ C:\Windows\SysWOW64\UIAutomationCore.dll 20/11/2014 00914944 r-h-s-d-a+ C:\Windows\system32\ReAgent.dll 20/11/2014 00909312 r-h-s-d-a+ C:\Windows\system32\MrmCoreR.dll 20/11/2014 00903168 r-h-s-d-a+ C:\Windows\system32\iphlpsvc.dll 20/11/2014 00888832 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.Media.dll 20/11/2014 00883184 r-h-s-d-a+ C:\Windows\SysWOW64\mfasfsrcsnk.dll 20/11/2014 00872840 r-h-s-d-a+ C:\Windows\system32\mfplat.dll 20/11/2014 00869888 r-h-s-d-a+ C:\Windows\SysWOW64\twinui.appcore.dll 20/11/2014 00855552 r-h-s-d-a+ C:\Windows\SysWOW64\rdvidcrl.dll 20/11/2014 00848384 r-h-s-d-a+ C:\Windows\system32\WSShared.dll 20/11/2014 00842752 r-h-s-d-a+ C:\Windows\system32\MsSpellCheckingFacility.dll 20/11/2014 00835584 r-h-s-d-a+ C:\Windows\SysWOW64\KernelBase.dll 20/11/2014 00834048 r-h-s-d-a+ C:\Windows\system32\audiosrv.dll 20/11/2014 00830464 r-h-s-d-a+ C:\Windows\SysWOW64\SearchFolder.dll 20/11/2014 00830464 r-h-s-d-a+ C:\Windows\system32\samsrv.dll 20/11/2014 00828416 r-h-s-d-a+ C:\Windows\system32\BFE.DLL 20/11/2014 00817664 r-h-s-d-a+ C:\Windows\system32\ieapfltr.dll 20/11/2014 00809872 r-h-s-d-a+ C:\Windows\system32\mfmp4srcsnk.dll 20/11/2014 00802816 r-h-s-d-a+ C:\Windows\SysWOW64\MFMediaEngine.dll 20/11/2014 00795648 r-h-s-d-a+ C:\Windows\SysWOW64\TSWorkspace.dll 20/11/2014 00770560 r-h-s-d-a+ C:\Windows\SysWOW64\ReAgent.dll 20/11/2014 00764864 r-h-s-d-a+ C:\Windows\system32\mfmpeg2srcsnk.dll 20/11/2014 00762368 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.Web.Http.dll 20/11/2014 00761856 r-h-s-d-a+ C:\Windows\system32\WorkfoldersControl.dll 20/11/2014 00749056 r-h-s-d-a+ C:\Windows\system32\SettingSyncCore.dll 20/11/2014 00747008 r-h-s-d-a+ C:\Windows\system32\wlidcli.dll 20/11/2014 00745336 r-h-s-d-a+ C:\Windows\system32\oleaut32.dll 20/11/2014 00716288 r-h-s-d-a+ C:\Windows\system32\swprv.dll 20/11/2014 00708616 r-h-s-d-a+ C:\Windows\system32\iuilp.dll 20/11/2014 00708608 r-h-s-d-a+ C:\Windows\system32\jscript9diag.dll 20/11/2014 00703488 r-h-s-d-a+ C:\Windows\SysWOW64\ieapfltr.dll 20/11/2014 00699840 r-h-s-d-a+ C:\Windows\system32\d3d10level9.dll 20/11/2014 00698232 r-h-s-d-a+ C:\Windows\SysWOW64\mfplat.dll 20/11/2014 00695808 r-h-s-d-a+ C:\Windows\SysWOW64\WSShared.dll 20/11/2014 00669352 r-h-s-d-a+ C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 20/11/2014 00663680 r-h-s-d-a+ C:\Windows\SysWOW64\mfmp4srcsnk.dll 20/11/2014 00656384 r-h-s-d-a+ C:\Windows\system32\dnsapi.dll 20/11/2014 00631296 r-h-s-d-a+ C:\Windows\system32\WWAHost.exe 20/11/2014 00630272 r-h-s-d-a+ C:\Windows\SysWOW64\MsSpellCheckingFacility.dll 20/11/2014 00628736 r-h-s-d-a+ C:\Windows\system32\SettingSyncHost.exe 20/11/2014 00627200 r-h-s-d-a+ C:\Windows\system32\msfeeds.dll 20/11/2014 00621056 r-h-s-d-a+ C:\Windows\SysWOW64\MrmCoreR.dll 20/11/2014 00618496 r-h-s-d-a+ C:\Windows\SysWOW64\apphelp.dll 20/11/2014 00607744 r-h-s-d-a+ C:\Windows\system32\comdlg32.dll 20/11/2014 00589824 r-h-s-d-a+ C:\Windows\system32\rastls.dll 20/11/2014 00588800 r-h-s-d-a+ C:\Windows\SysWOW64\SettingSyncCore.dll 20/11/2014 00586240 r-h-s-d-a+ C:\Windows\system32\qedit.dll 20/11/2014 00578952 r-h-s-d-a+ C:\Windows\SysWOW64\d3d10level9.dll 20/11/2014 00578560 r-h-s-d-a+ C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 20/11/2014 00566784 r-h-s-d-a+ C:\Windows\system32\wpncore.dll 20/11/2014 00565248 r-h-s-d-a+ C:\Windows\system32\SkyDrive.exe 20/11/2014 00558080 r-h-s-d-a+ C:\Windows\system32\apphelp.dll 20/11/2014 00553472 r-h-s-d-a+ C:\Windows\SysWOW64\jscript9diag.dll 20/11/2014 00552624 r-h-s-d-a+ C:\Windows\SysWOW64\oleaut32.dll 20/11/2014 00548864 r-h-s-d-a+ C:\Windows\system32\vbscript.dll 20/11/2014 00544768 r-h-s-d-a+ C:\Windows\SysWOW64\wlidcli.dll 20/11/2014 00531968 r-h-s-d-a+ C:\Windows\SysWOW64\comdlg32.dll 20/11/2014 00524288 r-h-s-d-a+ C:\Windows\SysWOW64\msfeeds.dll 20/11/2014 00518656 r-h-s-d-a+ C:\Windows\SysWOW64\WWAHost.exe 20/11/2014 00516496 r-h-s-d-a+ C:\Windows\system32\dxgi.dll 20/11/2014 00513536 r-h-s-d-a+ C:\Windows\SysWOW64\rastls.dll 20/11/2014 00492544 r-h-s-d-a+ C:\Windows\SysWOW64\dnsapi.dll 20/11/2014 00488448 r-h-s-d-a+ C:\Windows\SysWOW64\qedit.dll 20/11/2014 00481944 r-h-s-d-a+ C:\Windows\system32\mfsvr.dll 20/11/2014 00478208 r-h-s-d-a+ C:\Windows\SysWOW64\SettingSyncHost.exe 20/11/2014 00470016 r-h-s-d-a+ C:\Windows\system32\mfds.dll 20/11/2014 00465960 r-h-s-d-a+ C:\Windows\system32\AudioSes.dll 20/11/2014 00461312 r-h-s-d-a+ C:\Windows\system32\XpsGdiConverter.dll 20/11/2014 00458616 r-h-s-d-a+ C:\Windows\system32\WerFault.exe 20/11/2014 00454656 r-h-s-d-a+ C:\Windows\SysWOW64\vbscript.dll 20/11/2014 00447488 r-h-s-d-a+ C:\Windows\system32\sppcomapi.dll 20/11/2014 00433664 r-h-s-d-a+ C:\Windows\SysWOW64\mfds.dll 20/11/2014 00433664 r-h-s-d-a+ C:\Windows\system32\ipnathlp.dll 20/11/2014 00419160 r-h-s-d-a+ C:\Windows\system32\hal.dll 20/11/2014 00411648 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 20/11/2014 00408480 r-h-s-d-a+ C:\Windows\SysWOW64\WerFault.exe 20/11/2014 00407024 r-h-s-d-a+ C:\Windows\system32\Faultrep.dll 20/11/2014 00406400 r-h-s-d-a+ C:\Windows\SysWOW64\dxgi.dll 20/11/2014 00391512 r-h-s-d-a+ C:\Windows\system32\tsmf.dll 20/11/2014 00386722 r-h-s-d-a+ C:\Windows\system32\ApnDatabase.xml 20/11/2014 00381952 r-h-s-d-a+ C:\Windows\system32\WUSettingsProvider.dll 20/11/2014 00381168 r-h-s-d-a+ C:\Windows\SysWOW64\mfsvr.dll 20/11/2014 00376320 r-h-s-d-a+ C:\Windows\system32\pnrpsvc.dll 20/11/2014 00369280 r-h-s-d-a+ C:\Windows\SysWOW64\Faultrep.dll 20/11/2014 00358896 r-h-s-d-a+ C:\Windows\system32\dcomp.dll 20/11/2014 00348160 r-h-s-d-a+ C:\Windows\SysWOW64\msvcr71.dll 20/11/2014 00345552 r-h-s-d-a+ C:\Windows\SysWOW64\tsmf.dll 20/11/2014 00338944 r-h-s-d-a+ C:\Windows\system32\rdpclip.exe 20/11/2014 00336896 r-h-s-d-a+ C:\Windows\SysWOW64\XpsGdiConverter.dll 20/11/2014 00335360 r-h-s-d-a+ C:\Windows\system32\eappcfg.dll 20/11/2014 00331776 r-h-s-d-a+ C:\Windows\system32\eapphost.dll 20/11/2014 00326024 r-h-s-d-a+ C:\Windows\SysWOW64\AudioSes.dll 20/11/2014 00325120 r-h-s-d-a+ C:\Windows\system32\eapp3hst.dll 20/11/2014 00317616 r-h-s-d-a+ C:\Windows\system32\wintrust.dll 20/11/2014 00306688 r-h-s-d-a+ C:\Windows\system32\msieftp.dll 20/11/2014 00303616 r-h-s-d-a+ C:\Windows\system32\sti.dll 20/11/2014 00286208 r-h-s-d-a+ C:\Windows\system32\pcsvDevice.dll 20/11/2014 00282112 r-h-s-d-a+ C:\Windows\system32\SystemEventsBrokerServer.dll 20/11/2014 00273920 r-h-s-d-a+ C:\Windows\SysWOW64\msieftp.dll 20/11/2014 00273408 r-h-s-d-a+ C:\Windows\system32\Windows.Graphics.dll 20/11/2014 00272896 r-h-s-d-a+ C:\Windows\SysWOW64\eappcfg.dll 20/11/2014 00263168 r-h-s-d-a+ C:\Windows\system32\bisrv.dll 20/11/2014 00262144 r-h-s-d-a+ C:\Windows\SysWOW64\eapphost.dll 20/11/2014 00255488 r-h-s-d-a+ C:\Windows\system32\dnsrslvr.dll 20/11/2014 00254464 r-h-s-d-a+ C:\Windows\system32\AppXDeploymentClient.dll 20/11/2014 00249856 r-h-s-d-a+ C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 20/11/2014 00249856 r-h-s-d-a+ C:\Windows\system32\rdpencom.dll 20/11/2014 00245248 r-h-s-d-a+ C:\Windows\SysWOW64\eapp3hst.dll 20/11/2014 00235960 r-h-s-d-a+ C:\Windows\SysWOW64\wintrust.dll 20/11/2014 00233920 r-h-s-d-a+ C:\Windows\system32\mfps.dll 20/11/2014 00226304 r-h-s-d-a+ C:\Windows\system32\miutils.dll 20/11/2014 00225792 r-h-s-d-a+ C:\Windows\SysWOW64\dcomp.dll 20/11/2014 00221184 r-h-s-d-a+ C:\Windows\system32\profsvc.dll 20/11/2014 00218624 r-h-s-d-a+ C:\Windows\system32\ie4uinit.exe 20/11/2014 00218112 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.Graphics.dll 20/11/2014 00218112 r-h-s-d-a+ C:\Windows\SysWOW64\sti.dll 20/11/2014 00211646 r-h+s-d-a+ C:\Users\Tchii\AppData\Local\IconCache.db 20/11/2014 00208896 r-h-s-d-a+ C:\Windows\SysWOW64\rdpencom.dll 20/11/2014 00207872 r-h-s-d-a+ C:\Windows\system32\deviceregistration.dll 20/11/2014 00206336 r-h-s-d-a+ C:\Windows\system32\WSClient.dll 20/11/2014 00202240 r-h-s-d-a+ C:\Windows\system32\ubpm.dll 20/11/2014 00198656 r-h-s-d-a+ C:\Windows\SysWOW64\AppXDeploymentClient.dll 20/11/2014 00197120 r-h-s-d-a+ C:\Windows\system32\scrrun.dll 20/11/2014 00195584 r-h-s-d-a+ C:\Windows\system32\msrating.dll 20/11/2014 00189952 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 20/11/2014 00186880 r-h-s-d-a+ C:\Windows\system32\WorkFoldersShell.dll 20/11/2014 00184832 r-h-s-d-a+ C:\Windows\system32\dafWfdProvider.dll 20/11/2014 00180224 r-h-s-d-a+ C:\Windows\SysWOW64\miutils.dll 20/11/2014 00178176 r-h-s-d-a+ C:\Windows\system32\easwrt.dll 20/11/2014 00174592 r-h-s-d-a+ C:\Windows\SysWOW64\WSClient.dll 20/11/2014 00171864 r-h-s-d-a+ C:\Windows\system32\kd_02_8086.dll 20/11/2014 00164864 r-h-s-d-a+ C:\Windows\SysWOW64\msrating.dll 20/11/2014 00160768 r-h-s-d-a+ C:\Windows\system32\AppxAllUserStore.dll 20/11/2014 00160256 r-h-s-d-a+ C:\Windows\system32\DWWIN.EXE 20/11/2014 00156672 r-h-s-d-a+ C:\Windows\SysWOW64\scrrun.dll 20/11/2014 00140800 r-h-s-d-a+ C:\Windows\SysWOW64\easwrt.dll 20/11/2014 00139776 r-h-s-d-a+ C:\Windows\SysWOW64\AppxAllUserStore.dll 20/11/2014 00139776 r-h-s-d-a+ C:\Windows\system32\poqexec.exe 20/11/2014 00139264 r-h-s-d-a+ C:\Windows\system32\ieUnatt.exe 20/11/2014 00138752 r-h-s-d-a+ C:\Windows\SysWOW64\DWWIN.EXE 20/11/2014 00138240 r-h-s-d-a+ C:\Windows\system32\OEMLicense.dll 20/11/2014 00136704 r-h-s-d-a+ C:\Windows\system32\psmsrv.dll 20/11/2014 00132608 r-h-s-d-a+ C:\Windows\system32\msched.dll 20/11/2014 00131160 r-h-s-d-a+ C:\Windows\system32\easinvoker.exe 20/11/2014 00124416 r-h-s-d-a+ C:\Windows\SysWOW64\poqexec.exe 20/11/2014 00115712 r-h-s-d-a+ C:\Windows\system32\winbici.dll 20/11/2014 00113152 r-h-s-d-a+ C:\Windows\system32\shsetup.dll 20/11/2014 00112128 r-h-s-d-a+ C:\Windows\SysWOW64\ieUnatt.exe 20/11/2014 00111616 r-h-s-d-a+ C:\Windows\system32\ieetwcollector.exe 20/11/2014 00104320 r-h-s-d-a+ C:\Windows\system32\ncryptsslp.dll 20/11/2014 00103936 r-h-s-d-a+ C:\Windows\SysWOW64\OEMLicense.dll 20/11/2014 00103424 r-h-s-d-a+ C:\Windows\system32\WiFiDisplay.dll 20/11/2014 00101888 r-h-s-d-a+ C:\Windows\system32\eappgnui.dll 20/11/2014 00094208 r-h-s-d-a+ C:\Windows\SysWOW64\shsetup.dll 20/11/2014 00093184 r-h-s-d-a+ C:\Windows\SysWOW64\eappgnui.dll 20/11/2014 00092672 r-h-s-d-a+ C:\Windows\system32\dafBth.dll 20/11/2014 00088272 r-h-s-d-a+ C:\Windows\SysWOW64\ncryptsslp.dll 20/11/2014 00084992 r-h-s-d-a+ C:\Windows\system32\mshtmled.dll 20/11/2014 00084480 r-h-s-d-a+ C:\Windows\system32\WSCollect.exe 20/11/2014 00083968 r-h-s-d-a+ C:\Windows\system32\TSWbPrxy.exe 20/11/2014 00075360 r-h-s-d-a+ C:\Windows\system32\imagehlp.dll 20/11/2014 00070680 r-h-s-d-a+ C:\Windows\SysWOW64\imagehlp.dll 20/11/2014 00069632 r-h-s-d-a+ C:\Windows\SysWOW64\mshtmled.dll 20/11/2014 00066048 r-h-s-d-a+ C:\Windows\system32\iesetup.dll 20/11/2014 00064512 r-h-s-d-a+ C:\Windows\system32\tsgqec.dll 20/11/2014 00061952 r-h-s-d-a+ C:\Windows\SysWOW64\iesetup.dll 20/11/2014 00057096 r-h-s-d-a+ C:\Windows\system32\certsentry.dll 20/11/2014 00054776 r-h-s-d-a+ C:\Windows\system32\wuauclt.exe 20/11/2014 00053760 r-h-s-d-a+ C:\Windows\system32\jsproxy.dll 20/11/2014 00053248 r-h-s-d-a+ C:\Windows\SysWOW64\tsgqec.dll 20/11/2014 00053248 r-h-s-d-a+ C:\Windows\system32\ftp.exe 20/11/2014 00051200 r-h-s-d-a+ C:\Windows\SysWOW64\ieetwproxystub.dll 20/11/2014 00049152 r-h-s-d-a+ C:\Windows\SysWOW64\ftp.exe 20/11/2014 00048640 r-h-s-d-a+ C:\Windows\system32\ieetwproxystub.dll 20/11/2014 00044936 r-h-s-d-a+ C:\Windows\system32\wldp.dll 20/11/2014 00043008 r-h-s-d-a+ C:\Windows\SysWOW64\jsproxy.dll 20/11/2014 00033792 r-h-s-d-a+ C:\Windows\system32\iernonce.dll 20/11/2014 00032768 r-h-s-d-a+ C:\Windows\SysWOW64\iernonce.dll 20/11/2014 00032088 r-h-s-d-a+ C:\Windows\system32\ploptin.dll 20/11/2014 00030208 r-h-s-d-a+ C:\Windows\system32\CredentialMigrationHandler.dll 20/11/2014 00027136 r-h-s-d-a+ C:\Windows\SysWOW64\CredentialMigrationHandler.dll 20/11/2014 00024064 r-h-s-d-a+ C:\Windows\system32\bi.dll 20/11/2014 00007597 r-h-s-d-a+ C:\Users\Tchii\AppData\Local\Resmon.ResmonCfg 20/11/2014 00004096 r-h-s-d-a+ C:\Windows\system32\ieetwcollectorres.dll 19/11/2014 06447104 r-h+s+d-a+ C:\Users\Tchii\ntuser.dat.LOG2 19/11/2014 02195456 r-h+s+d-a+ C:\Users\Tchii\ntuser.dat.LOG1 19/11/2014 01048576 r-h+s+d-a+ C:\Users\Tchii\NTUSER.DAT 19/11/2014 00524288 r-h+s+d-a+ C:\Users\Tchii\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000002.regtrans-ms 19/11/2014 00524288 r-h+s+d-a+ C:\Users\Tchii\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000001.regtrans-ms 19/11/2014 00065536 r-h+s+d-a+ C:\Users\Tchii\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TM.blf 19/11/2014 00000020 r-h+s+d-a- C:\Users\Tchii\ntuser.ini ==================== RUNNING PROCESSES ========================================= [TODDSrv] -SYSTEM- C:\Windows\system32\TODDSrv.exe - (TOSHIBA Corporation) ==================== IE PAGES ================================================== IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB IE04 - HKCU\..\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms} IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {C6882FE1-CC23-447D-A538-29AE1CBDBF14} IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB IE04 x64 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66} IE04 x64 - HKCU\..\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms} IE04 x64 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {C6882FE1-CC23-447D-A538-29AE1CBDBF14} ==================== Auto Load ================================================= AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = userinit.exe AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe, AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe ==================== Firefox =================================================== FF - ProfilePath - C:\Users\Tchii\AppData\Roaming\Mozilla\firefox\Profiles\1u4m7770.default FF - Ext: [Default 33.1.1 ] - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} visible: True active: True FF - Ext: [Adblock Plus 2.6.6 ] - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} visible: True active: True FF - PlugIn: [Adobe® Flash® Player 15.0.0.223 Plugin] - C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ==================== Windows Host File ========================================= ==================== Auto Start Programs ======================================= ASP01 - HKLM\..\Run @ TSVU = "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe" ASP04 - HKCU\..\Run @ CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR ASP01 x64 - HKLM\..\Run @ TSVU = "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe" ASP04 x64 - HKCU\..\Run @ CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR ASP - Startup - C:\Users\Tchii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ==================== Extra Items IE ============================================ EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia ==================== Internet Default Prefix =================================== IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// ==================== Default Settings IE - DSIE ================================ DSIE - ieuinit.inf: START_PAGE= "http://go.microsoft.com/fwlink/p/?LinkId DSIE - ieuinit.inf: SEARCH_PAGE_URL= "http://go.microsoft.com/fwlink/?LinkId ==================== ShellServiceObjectDelayLoad - SSODL ======================= SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = ==================== Extra items - EXT (Torpig/ConduitSearch) ================== EXT00 - HKLM\SOFTWARE\AppDataLow\Software\Amazon EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Unity EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Unity EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe SERV - R2 - [CxAudMsg] - Conexant Audio Message Service - c:\windows\system32\cxaudmsg64.exe SERV - R2 - [dts_apo_service] - DTS APO Service - c:\program files (x86)\dts, inc\dts studio sound\dts_apo_service.exe SERV - R2 - [intel® Capability Licensing Service Interface] - Intel® Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe SERV - R2 - [intel® ME Service] - Intel® ME Service - c:\program files (x86)\intel\intel® management engine components\fwservice\intelmefwservice.exe SERV - R2 - [jhi_service] - Intel® Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel® management engine components\dal\jhi_service.exe SERV - R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe SERV - R2 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe SERV - R2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe SERV - R2 - [TODDSrv] - TOSHIBA Optical Disc Drive Service - c:\windows\system32\toddsrv.exe SERV - R2 - [TOSHIBA eco Utility Service] - TOSHIBA eco Utility Service - c:\program files\toshiba\teco\tecoservice.exe SERV - R2 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - R3 - [iCCS] - Intel® Integrated Clock Controller Service - Intel® ICCS - c:\program files (x86)\intel\intel® integrated clock controller service\iccproxy.exe SERV - R3 - [TemproMonitoringService] - TEMPRO Service - c:\program files (x86)\toshiba tempro\temprosvc.exe SERV - R3 - [TMachInfo] - TMachInfo - c:\program files\toshiba\toshiba service station\tmachinfo.exe SERV - R3 - [TPCHSrv] - TPCH Service - c:\program files\toshiba\tphm\tpchsrv.exe SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe SERV - S3 - [cphs] - Intel® Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe SERV - S3 - [GamesAppService] - GamesAppService - c:\program files (x86)\wildtangent games\app\gamesappservice.exe SERV - S3 - [iDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe SERV - S3 - [iEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe SERV - S3 - [intel® Capability Licensing Service TCP IP Interface] - Intel® Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe SERV - S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe SERV - S3 - [sNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe *** Win32ShareProcess *** SERV - R2 - [samSs] - Security Accounts Manager - c:\windows\system32\lsass.exe SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe SERV - R3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [spooler] - Print Spooler - c:\windows\system32\spoolsv.exe SERV - S3 - [uI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe *** File System Driver *** DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys DRV - R0 - [WdFilter] - Windows Defender Mini-Filter Driver - C:\Windows\system32\Drivers\WdFilter.sys DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys DRV - R0 - [disk] - Disk Driver - C:\Windows\system32\Drivers\disk.sys DRV - R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys DRV - R0 - [iaStorA] - iaStorA - C:\Windows\system32\Drivers\iaStorA.sys DRV - R0 - [intelpep] - Intel® Power Engine Plug-in Driver - C:\Windows\system32\Drivers\intelpep.sys DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys DRV - R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys DRV - R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys DRV - R0 - [pdc] - pdc - C:\Windows\system32\Drivers\pdc.sys DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys DRV - R0 - [spaceport] - Storage Spaces Driver - C:\Windows\system32\Drivers\spaceport.sys DRV - R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys DRV - R0 - [tos_sps64] - TOSHIBA tos_sps64 Service - C:\Windows\system32\Drivers\tos_sps64.sys DRV - R0 - [TVALZ] - TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver - C:\Windows\system32\Drivers\TVALZ.sys [x] DRV - R0 - [TVALZFL] - TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver - C:\Windows\system32\Drivers\TVALZFL.sys DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\Windows\system32\Drivers\vdrvroot.sys DRV - R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\Windows\system32\Drivers\WFPLWFS.sys DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys DRV - R1 - [beep] - Beep - C:\Windows\system32\Drivers\Beep.sys DRV - R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys DRV - S0 - [WdBoot] - Windows Defender Boot Driver - C:\Windows\system32\Drivers\WdBoot.sys DRV - S3 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys ==================== SvcHost - White Listed ==================================== All Ok WOW - All Ok ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== SigCheck x64 Fast ========================================= Fast Scan All ok ==================== Job tasks ================================================= There are no .job files found. ==================== End scanning at vr 21 nov 2014 17:50 (0 Min 20 Sec ) ====== En owkidokie, zie wel weer online poppen. Iig alvast super bedankt voor alle hulp tot hier toe! -
Er is wat mis en ik vind niet wat, hoe, waar.
Tchii reageerde op Tchii's topic in Archief Bestrijding malware & virussen
Alleen die firefox en flash dat soms raar doen, runtime error visual iets, maar dat is misschien normaal? Verder merk ik niet meteen iets. Dus van de log view errors moet ik me niets aantrekken? (Heb eigenlijk geen idee wat dat zijn) -
Er is wat mis en ik vind niet wat, hoe, waar.
Tchii reageerde op Tchii's topic in Archief Bestrijding malware & virussen
Dan zou dit het logje moeten zijn denk ik? Stond igg open na een reboot Zoek.exe v5.0.0.0 Updated 20-November-2014 Tool run by Tchii on vr 21/11/2014 at 16:27:03,75. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tchii\Downloads\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 21/11/2014 16:28:49 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Users\Tchii\AppData\Local\Adobe deleted successfully C:\Users\Tchii\AppData\Local\PackageStaging deleted successfully C:\Users\Tchii\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA Gesture Controller deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Windows\wininit.ini deleted "C:\Windows\Installer\23e9a.msi" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-11-20 01:48:04 63DC38C3E4564B2405D562855643ABA2 2328872 ----a-w- C:\Windows\explorer.exe ====== C:\Users\Tchii\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-11-20 05:25:18 CA2F560921B7B8BE1CF555A5A18D54C3 348160 ----a-w- C:\Windows\SysWOW64\msvcr71.dll 2014-11-20 05:25:18 1FD3F9722119BDF7B8CFF0ECD1E84EA6 1060864 ----a-w- C:\Windows\SysWOW64\mfc71.dll 2014-11-20 02:06:33 07B5CC5559ED3F55A3F940B3211D89C2 124416 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2014-11-20 02:05:53 0C81FB54D859FA2BA2680C7803A77CB6 17073152 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-11-20 02:05:47 94DB8DB7088D8AB9E33C34D00DA680A7 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-11-20 02:05:24 5200C5F299CBE2079C393306BCC43B75 18644072 ----a-w- C:\Windows\SysWOW64\shell32.dll 2014-11-20 02:04:02 ECEBFCEF5799B57BFF242D24B27E4FE4 2143960 ----a-w- C:\Windows\SysWOW64\mfcore.dll 2014-11-20 02:04:02 2A3626E0B7F5A5317902EBDAF2B4CCE0 1371824 ----a-w- C:\Windows\SysWOW64\combase.dll 2014-11-20 02:04:01 34823DAA381423CAE81FEE7C2EEE52F4 669352 ----a-w- C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2014-11-20 02:04:00 D34CE666D9BA3D5232609D3C15075B70 5770752 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2014-11-20 02:03:59 FCD51A3EB7E47FBCE17382A95FD3AB35 2873344 ----a-w- C:\Windows\SysWOW64\dbgeng.dll 2014-11-20 02:03:58 F5033F3C6F8E706D78ACB9351EBF7B3E 1238016 ----a-w- C:\Windows\SysWOW64\dbghelp.dll 2014-11-20 02:03:58 249DE8C6F690646CC8EC53D49ABC6BE9 408480 ----a-w- C:\Windows\SysWOW64\WerFault.exe 2014-11-20 02:03:58 17500825FE6C7094ACC6E7DC6B578399 369280 ----a-w- C:\Windows\SysWOW64\Faultrep.dll 2014-11-20 02:03:57 878B3C936C3C2850A57C24C6F104EBC5 208896 ----a-w- C:\Windows\SysWOW64\rdpencom.dll 2014-11-20 02:03:56 D4A17A8DEB194D77AD9651F0EE0C76EB 138752 ----a-w- C:\Windows\SysWOW64\DWWIN.EXE 2014-11-20 02:03:56 D0B6EB329D696A5C2122352EAE722290 855552 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll 2014-11-20 02:03:56 3DA5CD1E3B9BDAF79731CB6CB1029CB3 53248 ----a-w- C:\Windows\SysWOW64\tsgqec.dll 2014-11-20 02:03:19 AFA852563F2145C26B34F939487A86E9 835584 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2014-11-20 02:03:19 7F1FC7E98B7DD19BDBB4B2424F93DA8B 1036288 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2014-11-20 02:03:09 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-11-20 02:03:08 BD5E6C894130E7BB7ECE9A0925383068 2168320 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-11-20 02:03:08 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-20 02:03:07 A045DAE4D242A9A50FF6902774C55BE0 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-11-20 02:03:07 0FF358906F2333B26267BC0064DC02C4 1156096 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-11-20 02:03:04 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-11-20 02:03:04 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-11-20 02:03:03 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-11-20 02:03:03 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-11-20 02:03:02 4831AA1A6A112ACCEE240C9D5FA2108B 11266048 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-11-20 02:03:00 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-11-20 02:02:59 FC46FE32B043CA7251B1D707B91BA6A7 4244480 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-11-20 02:02:59 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-11-20 02:02:59 AAFEAB4FC9D70253F8C7E353E879E8A2 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-11-20 02:02:59 4605E0295C8E742B28FD63D255322795 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-11-20 02:01:58 F80E8CF9E4A051C2CC338C85088A046C 488448 ----a-w- C:\Windows\SysWOW64\qedit.dll 2014-11-20 02:01:44 9929F71938D9FCE4550BEB935071F0C8 13949440 ----a-w- C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2014-11-20 02:01:40 A99BB38E2EE260E166FFC0C51F0BB8DD 11688448 ----a-w- C:\Windows\SysWOW64\twinui.dll 2014-11-20 02:01:38 0B7CD30AB321B1AA0D553E31445FC4D6 830464 ----a-w- C:\Windows\SysWOW64\SearchFolder.dll 2014-11-20 02:01:36 DBB6B2FA462A5E7029766B09ED9CDA73 381168 ----a-w- C:\Windows\SysWOW64\mfsvr.dll 2014-11-20 02:01:36 65ACE54B8EDA937EE7706733D27F40A8 802816 ----a-w- C:\Windows\SysWOW64\MFMediaEngine.dll 2014-11-20 02:01:36 42433CDEC449D40F508752F2D487D8E4 478208 ----a-w- C:\Windows\SysWOW64\SettingSyncHost.exe 2014-11-20 02:01:35 D292652F380DFC23897CB31B1940E56C 588800 ----a-w- C:\Windows\SysWOW64\SettingSyncCore.dll 2014-11-20 02:01:35 CF8746715C1AA00C29F789825E321C7C 770560 ----a-w- C:\Windows\SysWOW64\ReAgent.dll 2014-11-20 02:01:34 A863A4DEF854D579C36EAA9DECF21C80 336896 ----a-w- C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-11-20 02:01:34 986ABF43F76F5B0E3557363FB4925C78 1472048 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2014-11-20 02:01:34 716046CF7941B176C18AA58785899A2D 174592 ----a-w- C:\Windows\SysWOW64\WSClient.dll 2014-11-20 02:01:33 EC308077E9BEEDF523AE3D6BA042E016 630272 ----a-w- C:\Windows\SysWOW64\MsSpellCheckingFacility.dll 2014-11-20 02:01:31 E2C1E49EBFB8EFA1AFF6966533BAD12B 140800 ----a-w- C:\Windows\SysWOW64\easwrt.dll 2014-11-20 02:01:31 A00970DBAD7034523CF9D2C395A944B8 103936 ----a-w- C:\Windows\SysWOW64\OEMLicense.dll 2014-11-20 02:01:30 A7DE6E0B69826D5B6F5FF68AABCF7035 218112 ----a-w- C:\Windows\SysWOW64\sti.dll 2014-11-20 01:59:58 ED8ED1CE6CAB56103230E2097763DC2B 695808 ----a-w- C:\Windows\SysWOW64\WSShared.dll 2014-11-20 01:58:04 9EA661DB9B393F46046D6181A3DDC4AD 2804528 ----a-w- C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-11-20 01:57:56 D11A05032C28EE7588C135ECF7B49E81 1204968 ----a-w- C:\Windows\SysWOW64\winmde.dll 2014-11-20 01:57:56 72B3380DA5EA53028501F3B94E421FBB 2295808 ----a-w- C:\Windows\SysWOW64\authui.dll 2014-11-20 01:57:54 92124EF7B1BF5492EFCA17B3A208E4F4 663680 ----a-w- C:\Windows\SysWOW64\mfmp4srcsnk.dll 2014-11-20 01:57:52 C85EA737B20BEDC46CBA748DCE115184 433664 ----a-w- C:\Windows\SysWOW64\mfds.dll 2014-11-20 01:57:51 FF73CDC3F09904D82B0CCC1CA750CD02 218112 ----a-w- C:\Windows\SysWOW64\Windows.Graphics.dll 2014-11-20 01:57:50 CF4C3815E577C7DC32BB8DB90F0B34C1 552624 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2014-11-20 01:57:49 06730D9C233B01E2F99C1BE2461629F7 980480 ----a-w- C:\Windows\SysWOW64\mispace.dll 2014-11-20 01:57:48 ECD4A3F754224C954D3D19B6ECBFE5AA 513536 ----a-w- C:\Windows\SysWOW64\rastls.dll 2014-11-20 01:57:48 4E556E5490191ED9B771576D9221A461 273920 ----a-w- C:\Windows\SysWOW64\msieftp.dll 2014-11-20 01:52:00 EF521F45ED9CD68D0DCEC26707B020E9 1765376 ----a-w- C:\Windows\SysWOW64\dwmcore.dll 2014-11-20 01:51:57 C035F8C95E6C43B6EF9C414F4CAB5C7A 225792 ----a-w- C:\Windows\SysWOW64\dcomp.dll 2014-11-20 01:51:55 53C44E56F2AA0780E15266451407EA98 2266624 ----a-w- C:\Windows\SysWOW64\msftedit.dll 2014-11-20 01:51:54 D51874F106BE779DDDB377C73F0EFFE7 198656 ----a-w- C:\Windows\SysWOW64\AppXDeploymentClient.dll 2014-11-20 01:51:54 6EB2DB0F493C5F2797597D77CF5466D4 1391104 ----a-w- C:\Windows\SysWOW64\WMPDMC.exe 2014-11-20 01:51:52 A4A91575D08F9835F6A5E94AF218B8FF 1765384 ----a-w- C:\Windows\SysWOW64\d3d11.dll 2014-11-20 01:51:52 00AF22B51F217DC4C536F6039577B28C 406400 ----a-w- C:\Windows\SysWOW64\dxgi.dll 2014-11-20 01:51:51 B3B07EB7F28D2A1E8379B8E6FB8560AD 544768 ----a-w- C:\Windows\SysWOW64\wlidcli.dll 2014-11-20 01:51:51 853A58B2A28BEECC9A2165E51B885D02 27136 ----a-w- C:\Windows\SysWOW64\CredentialMigrationHandler.dll 2014-11-20 01:51:51 0E7C4A6AB3B898DED89B7DFD99893265 1816576 ----a-w- C:\Windows\SysWOW64\Display.dll 2014-11-20 01:48:04 1A0BC9598E4A58FC84570FFF5A108E58 2065448 ----a-w- C:\Windows\SysWOW64\explorer.exe 2014-11-20 01:48:02 FD3E09530516FAE45770CE19160C238E 883184 ----a-w- C:\Windows\SysWOW64\mfasfsrcsnk.dll 2014-11-20 01:47:58 D85F310B0871AF13961D1C9A9695D756 1799944 ----a-w- C:\Windows\SysWOW64\d3d9.dll 2014-11-20 01:47:57 BBFD73042D7CB18120EEE089A9F761EE 920064 ----a-w- C:\Windows\SysWOW64\UIAutomationCore.dll 2014-11-20 01:47:55 C72456BFFE941714CF05B0AA0BEE5B45 1362944 ----a-w- C:\Windows\SysWOW64\user32.dll 2014-11-20 01:47:54 A973AAC70312A0ABA7801BA4E38B96D7 531968 ----a-w- C:\Windows\SysWOW64\comdlg32.dll 2014-11-20 01:47:53 B9562F200149C64CC53D47F969CEA6C3 518656 ----a-w- C:\Windows\SysWOW64\WWAHost.exe 2014-11-20 01:47:52 9145137B066F1C64B50C2536D73684FB 411648 ----a-w- C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2014-11-20 01:47:51 B909E02E709783E93109F5545C472A57 578952 ----a-w- C:\Windows\SysWOW64\d3d10level9.dll 2014-11-20 01:47:51 6D564E0DB29F7B0F1FD8C32047CB8EE0 888832 ----a-w- C:\Windows\SysWOW64\Windows.Media.dll 2014-11-20 01:47:51 2B9EED6835D269F35B310DC03D0F5768 492544 ----a-w- C:\Windows\SysWOW64\dnsapi.dll 2014-11-20 01:47:50 1202D1D41A6759EC8FD51DC9606BEED3 795648 ----a-w- C:\Windows\SysWOW64\TSWorkspace.dll 2014-11-20 01:47:49 88028A645052327CE652A4CFCA16DBC9 618496 ----a-w- C:\Windows\SysWOW64\apphelp.dll 2014-11-20 01:47:49 4DDA7D0CB7A973D0E096291D26A6E327 345552 ----a-w- C:\Windows\SysWOW64\tsmf.dll 2014-11-20 01:47:48 F093C6F81029B71569D635CF68DF9C12 88272 ----a-w- C:\Windows\SysWOW64\ncryptsslp.dll 2014-11-20 01:47:47 E947B141DAAC7CBCD7C59FE2E63AFBBE 235960 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2014-11-20 01:47:47 E0A9E2538A01364FBA8D180FD476FCC0 326024 ----a-w- C:\Windows\SysWOW64\AudioSes.dll 2014-11-20 01:47:47 37D9911C0FFC4E234AF3E5F169FF96A2 762368 ----a-w- C:\Windows\SysWOW64\Windows.Web.Http.dll 2014-11-20 01:47:47 2BBDCCE6D6A7E1C9EBD5F8F829EF8B56 262144 ----a-w- C:\Windows\SysWOW64\eapphost.dll 2014-11-20 01:47:43 C3066BB3A02BC393816DA1242C7B5286 94208 ----a-w- C:\Windows\SysWOW64\shsetup.dll 2014-11-20 01:47:42 36386EFA02920DDDC8F15EB7308C6389 245248 ----a-w- C:\Windows\SysWOW64\eapp3hst.dll 2014-11-20 01:47:41 28EDCDEBD23649FBE9627A5CA13B57C2 272896 ----a-w- C:\Windows\SysWOW64\eappcfg.dll 2014-11-20 01:47:41 0105603930454CADA61455FCF947802B 93184 ----a-w- C:\Windows\SysWOW64\eappgnui.dll 2014-11-20 01:47:38 1192C2CE6103199AE09A03910CB5BE65 49152 ----a-w- C:\Windows\SysWOW64\ftp.exe 2014-11-20 01:47:36 7AFFA3BF4D9EA756A697092A5C8A43D3 139776 ----a-w- C:\Windows\SysWOW64\AppxAllUserStore.dll 2014-11-20 01:47:36 548BA6942842C6A1E8B6A8BCFF04104F 621056 ----a-w- C:\Windows\SysWOW64\MrmCoreR.dll 2014-11-20 01:47:36 1FAAE696643867D549BAB66569040CEF 180224 ----a-w- C:\Windows\SysWOW64\miutils.dll 2014-11-20 01:46:42 8844286BBEEDD763B5B2DB17FCC5191A 869888 ----a-w- C:\Windows\SysWOW64\twinui.appcore.dll 2014-11-20 01:46:42 2E04D4A9D9D9033FC7F86FC48F329396 1019392 ----a-w- C:\Windows\SysWOW64\actxprxy.dll 2014-11-20 01:42:24 5254A52E0F354BC7955E309C4166CE0A 1317376 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-11-20 01:42:16 C9C0B562C7AA50A672766AAC8112DF05 3936256 ----a-w- C:\Windows\SysWOW64\d2d1.dll 2014-11-20 01:42:16 2754B116D797255B6A2F2F5DB1760238 2071552 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-11-20 01:42:07 5AA28997F6A30EB196A5AB09F684B7BE 70680 ----a-w- C:\Windows\SysWOW64\imagehlp.dll 2014-11-20 01:41:57 9FAC7693213C54B25D0DC48BC20686CF 1581968 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2014-11-20 01:38:36 77854ABDFA570601755D9D63F1F890DA 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-11-20 01:38:28 59D269E3F7ACEDC1A32142E2AB2E200C 156672 ----a-w- C:\Windows\SysWOW64\scrrun.dll 2014-11-20 01:38:20 E46E5AC5AFF7DB8E39E2405AD6083138 1067008 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2014-11-20 01:38:11 474B4EC7DEDCF2D046EDB6E262BF34BE 698232 ----a-w- C:\Windows\SysWOW64\mfplat.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-11-20 05:00:11 9CDB22EAB44FC064EAE9B30D1AF1ABB2 57096 ----a-w- C:\Windows\Sysnative\certsentry.dll 2014-11-20 02:46:06 D92FB5770CBDE049A4732B76A77F6864 103374192 ----a-w- C:\Windows\Sysnative\MRT.exe 2014-11-20 02:06:34 4A8D40E38BC2C57E5D630AD6994A85CB 139776 ----a-w- C:\Windows\Sysnative\poqexec.exe 2014-11-20 02:05:54 31121C313E2FF75BF4B1402B6B3B0842 23134208 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-11-20 02:05:46 FC5CBFCB53FD402CE4EF547234B1658B 84992 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-11-20 02:05:25 AD8C705077689862FC864F94987015EC 21186352 ----a-w- C:\Windows\Sysnative\shell32.dll 2014-11-20 02:04:04 C993A0B97BECD3AAF5158E3869878465 6353960 ----a-w- C:\Windows\Sysnative\sppsvc.exe 2014-11-20 02:04:03 977F77CE98456F6B115E5360A1160449 2133208 ----a-w- C:\Windows\Sysnative\mfcore.dll 2014-11-20 02:04:02 C039246195C736A602F581D29F18A43D 1928144 ----a-w- C:\Windows\Sysnative\combase.dll 2014-11-20 02:04:01 C7B69F90B823182CE6BE7C5374832DE5 764864 ----a-w- C:\Windows\Sysnative\mfmpeg2srcsnk.dll 2014-11-20 02:04:01 BAAD43360A7DF630ECC414671AEFA28C 6640640 ----a-w- C:\Windows\Sysnative\mstscax.dll 2014-11-20 02:04:00 C7DFBE21051D5E44B479CBF74B968335 1486848 ----a-w- C:\Windows\Sysnative\dbghelp.dll 2014-11-20 02:04:00 819A1E0F89B6AC222E9D95CA000A40B1 4175360 ----a-w- C:\Windows\Sysnative\dbgeng.dll 2014-11-20 02:03:59 C83AFB0B285F293EDECF5EBDEC074A94 458616 ----a-w- C:\Windows\Sysnative\WerFault.exe 2014-11-20 02:03:59 B5D2EBAD81739185A91D210F5F01824B 407024 ----a-w- C:\Windows\Sysnative\Faultrep.dll 2014-11-20 02:03:59 99453C649DC4B0BE6D062B701CD2917F 716288 ----a-w- C:\Windows\Sysnative\swprv.dll 2014-11-20 02:03:58 735CB57F806D292FB7ABE8BDFD3B5853 233920 ----a-w- C:\Windows\Sysnative\mfps.dll 2014-11-20 02:03:57 94D79382FB796B0A8C90270654A70563 1057280 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll 2014-11-20 02:03:57 724ADFEE7743C26C550ABFE04271DCFD 160256 ----a-w- C:\Windows\Sysnative\DWWIN.EXE 2014-11-20 02:03:57 3FFEC6927D4017829A82ECDB277BB23E 64512 ----a-w- C:\Windows\Sysnative\tsgqec.dll 2014-11-20 02:03:57 2684605E822359CBD1ED2BD2C8E76397 249856 ----a-w- C:\Windows\Sysnative\rdpencom.dll 2014-11-20 02:03:57 110BE5198A63D3FF3CE9C30F1DC12EC3 386722 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2014-11-20 02:03:56 AFCAB4DC692CCE37E283B00E2D7B438F 447488 ----a-w- C:\Windows\Sysnative\sppcomapi.dll 2014-11-20 02:03:20 82580BA9C29F7553FBB4FF6A80664157 1109424 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2014-11-20 02:03:19 AAC770C00645F25A6CE9CCB711F8E7ED 1287576 ----a-w- C:\Windows\Sysnative\kernel32.dll 2014-11-20 02:03:09 76862AAF77C049EC20217FDC209F7F13 2765824 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-11-20 02:03:08 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-11-20 02:03:07 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-11-20 02:03:04 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-11-20 02:03:03 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-11-20 02:03:03 BA0A21F761CE5001DF712C51BF11F953 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-11-20 02:03:02 E6ACA421DA3E50D7F0A31228F0C547B0 627200 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-11-20 02:03:01 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-11-20 02:03:00 D378AB3C9178424588B55AC7B652D7F9 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-11-20 02:03:00 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-11-20 02:02:58 9C5ADB26632D46919ABB231CF7DE98B9 13051904 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-11-20 02:02:57 CF1C73DE1FADE3D3C44FCAF254F57DB2 5768704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-11-20 02:02:57 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-11-20 02:02:57 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-11-20 02:02:56 DF79CE9B950C62677D232154E93A81C7 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-11-20 02:02:56 48ED94DA88F65684B28FCD87C01288A7 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-11-20 02:02:56 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-11-20 02:02:55 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-11-20 02:02:05 1A69D165DDA78A4329B854D4FEDAD132 4189184 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-11-20 02:01:58 05894DFC52A78C3B1DD5EF6F30FAD28C 586240 ----a-w- C:\Windows\Sysnative\qedit.dll 2014-11-20 02:01:47 04B5ADB034D17585D3BCFC6DE5CADFF8 18576384 ----a-w- C:\Windows\Sysnative\Windows.UI.Xaml.dll 2014-11-20 02:01:41 A44872D23B576F661C99B432D67B6B56 13192704 ----a-w- C:\Windows\Sysnative\twinui.dll 2014-11-20 02:01:39 30E3F8C4B4AB7E7FD3E8EB6F9D00B94F 1104896 ----a-w- C:\Windows\Sysnative\SearchFolder.dll 2014-11-20 02:01:38 A95838FFFAEAA7500263D491575F7E0C 1214976 ----a-w- C:\Windows\Sysnative\schedsvc.dll 2014-11-20 02:01:37 E80700EB046D0B82B694C98CF7231C08 481944 ----a-w- C:\Windows\Sysnative\mfsvr.dll 2014-11-20 02:01:37 E069B63DAD920D231FA8A141DFF43A8C 960512 ----a-w- C:\Windows\Sysnative\MFMediaEngine.dll 2014-11-20 02:01:37 43D0F8E593ABD37B5BC9573EDD71EFEB 628736 ----a-w- C:\Windows\Sysnative\SettingSyncHost.exe 2014-11-20 02:01:37 1D8F8BE07D2B06C32ADB4B08F0F2A357 749056 ----a-w- C:\Windows\Sysnative\SettingSyncCore.dll 2014-11-20 02:01:36 E287F157F7A0011D93179C64EF8ADCF2 376320 ----a-w- C:\Windows\Sysnative\pnrpsvc.dll 2014-11-20 02:01:36 968FB3BA8E7DF0933A1CF593BD503F4A 461312 ----a-w- C:\Windows\Sysnative\XpsGdiConverter.dll 2014-11-20 02:01:36 847CFF96ACB575CE73C0E2E86C6BA993 842752 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.dll 2014-11-20 02:01:35 D03BF756457B6A1EB305B26046BB9B4D 914944 ----a-w- C:\Windows\Sysnative\ReAgent.dll 2014-11-20 02:01:35 1FCA4E287F0ED13BF037A484AA2FE3B1 419160 ----a-w- C:\Windows\Sysnative\hal.dll 2014-11-20 02:01:34 C8ACFF60C553E63949A79DC370B516E4 947712 ----a-w- C:\Windows\Sysnative\reseteng.dll 2014-11-20 02:01:34 B88A70259DF2927787C0B766DD4CFB5C 206336 ----a-w- C:\Windows\Sysnative\WSClient.dll 2014-11-20 02:01:33 A0D3749BB1BC942C7D21C4D99E79A615 131160 ----a-w- C:\Windows\Sysnative\easinvoker.exe 2014-11-20 02:01:33 3D136E8D4C0407D9C40FD8BDD649B587 1720560 ----a-w- C:\Windows\Sysnative\ntdll.dll 2014-11-20 02:01:32 0B9FBEC5714523FF76DDFEB320FE2DF2 303616 ----a-w- C:\Windows\Sysnative\sti.dll 2014-11-20 02:01:31 68085A085DE8E3540EE8E02CAE575B2E 138240 ----a-w- C:\Windows\Sysnative\OEMLicense.dll 2014-11-20 02:01:31 66F214C9E446407D78048681394820A6 178176 ----a-w- C:\Windows\Sysnative\easwrt.dll 2014-11-20 02:00:08 695C842DAA76536CE44C336C9E27B25D 1507704 ----a-w- C:\Windows\Sysnative\winload.exe 2014-11-20 02:00:08 1A1DDFD4BA6523979C76BE188984C3AC 1643584 ----a-w- C:\Windows\Sysnative\winload.efi 2014-11-20 01:59:59 D8E3A4701376CCFD0BE542D745FA4809 3395920 ----a-w- C:\Windows\Sysnative\WSService.dll 2014-11-20 01:59:58 E3E168E733B0E8383BA5635542FDB96F 848384 ----a-w- C:\Windows\Sysnative\WSShared.dll 2014-11-20 01:59:57 3E245CCA42D78B9626A79FE77E111D7B 84480 ----a-w- C:\Windows\Sysnative\WSCollect.exe 2014-11-20 01:58:05 32370AF583EC8B24D790E1B9201D6811 3210528 ----a-w- C:\Windows\Sysnative\msmpeg2vdec.dll 2014-11-20 01:58:02 5905265F56C14E67D193DB4D53451154 4106240 ----a-w- C:\Windows\Sysnative\SyncEngine.dll 2014-11-20 01:57:59 D33E2A482C47ABFDD80185DD9C8C06F1 1399176 ----a-w- C:\Windows\Sysnative\winmde.dll 2014-11-20 01:57:58 EF276593AD1BDF5A99032F62D6272848 834048 ----a-w- C:\Windows\Sysnative\audiosrv.dll 2014-11-20 01:57:58 9FF95D589B5626852CECA2444C5C5A58 2617344 ----a-w- C:\Windows\Sysnative\authui.dll 2014-11-20 01:57:58 1A1B60D269F745C021F69564B5906AD0 1374384 ----a-w- C:\Windows\Sysnative\wmpmde.dll 2014-11-20 01:57:57 D65B1C952AEB864C2BAC7A770B17ECCE 282112 ----a-w- C:\Windows\Sysnative\SystemEventsBrokerServer.dll 2014-11-20 01:57:57 39435F4007F1CEDEF04356892B18D174 202240 ----a-w- C:\Windows\Sysnative\ubpm.dll 2014-11-20 01:57:56 A6207A88B596F726DE558425F3B7E592 263168 ----a-w- C:\Windows\Sysnative\bisrv.dll 2014-11-20 01:57:55 78AB9F5DC27E317F0B34C45D54ABB6B2 32088 ----a-w- C:\Windows\Sysnative\ploptin.dll 2014-11-20 01:57:55 728D3349FAB251B0265EFA55C67DCA2D 1503232 ----a-w- C:\Windows\Sysnative\wlansvc.dll 2014-11-20 01:57:55 40B228D05DB02F4A5F2452600999F53F 809872 ----a-w- C:\Windows\Sysnative\mfmp4srcsnk.dll 2014-11-20 01:57:54 B9FC41CEC711DC0E1BFE927EEDC49176 745336 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2014-11-20 01:57:54 660891FFB1B22FF39AADB3F45CE15D45 470016 ----a-w- C:\Windows\Sysnative\mfds.dll 2014-11-20 01:57:53 E18E9C9EBCFCA456B74BB6A80B1DB226 1415680 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2014-11-20 01:57:53 54A9F4AC86F2A4E7C3ADE47CAE5DE8E0 136704 ----a-w- C:\Windows\Sysnative\psmsrv.dll 2014-11-20 01:57:53 34F8F7A0B782798F6A9511157BCC3E32 273408 ----a-w- C:\Windows\Sysnative\Windows.Graphics.dll 2014-11-20 01:57:51 91433B44B1EF301E7DD696EB5281BC20 589824 ----a-w- C:\Windows\Sysnative\rastls.dll 2014-11-20 01:57:50 FF9F658A51CAD74C25AF83038DBD735D 306688 ----a-w- C:\Windows\Sysnative\msieftp.dll 2014-11-20 01:57:50 BDE4ABD3AB4171CECADFD38F392E656C 1227264 ----a-w- C:\Windows\Sysnative\mispace.dll 2014-11-20 01:57:49 CD45E3FE736150D45EFDC9145DA53757 24064 ----a-w- C:\Windows\Sysnative\bi.dll 2014-11-20 01:57:48 AD95F86C8D1843BE653F89FDE213F9E7 207872 ----a-w- C:\Windows\Sysnative\deviceregistration.dll 2014-11-20 01:56:32 2B76F592B005FE7CF89B87643FDAB47E 115712 ----a-w- C:\Windows\Sysnative\winbici.dll 2014-11-20 01:52:02 8B1ADEAB83B3D9AE1B4519A2DBAF0FCE 7399256 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2014-11-20 01:52:02 4E905C48CA38770B2C62508E32DB974B 2143744 ----a-w- C:\Windows\Sysnative\dwmcore.dll 2014-11-20 01:52:02 0B726D9ED75C787D6FFAF1E3873BCC70 1302528 ----a-w- C:\Windows\Sysnative\AppXDeploymentServer.dll 2014-11-20 01:52:01 A4F1FAB606C7C131615C1314E175688E 2570240 ----a-w- C:\Windows\Sysnative\SettingsHandlers.dll 2014-11-20 01:51:59 4CAC884D48FECDA9A319DD7895FAC5CE 565248 ----a-w- C:\Windows\Sysnative\SkyDrive.exe 2014-11-20 01:51:59 3095D55353A22224E7972F9B552AA69D 2896896 ----a-w- C:\Windows\Sysnative\msftedit.dll 2014-11-20 01:51:59 1A818AF9E4AFC277C19082B9B644C5E7 358896 ----a-w- C:\Windows\Sysnative\dcomp.dll 2014-11-20 01:51:58 CC9B5E86ACAE6E2006BCC2EB8EB18DD6 747008 ----a-w- C:\Windows\Sysnative\wlidcli.dll 2014-11-20 01:51:58 6E0F458EF535F3A04154C337A54B60F1 1756160 ----a-w- C:\Windows\Sysnative\WMPDMC.exe 2014-11-20 01:51:56 82DA00C5CA00040FDFF0737456E9B843 1345536 ----a-w- C:\Windows\Sysnative\winresume.exe 2014-11-20 01:51:56 6BC62C560C804622EA590C33CE3B0793 1476184 ----a-w- C:\Windows\Sysnative\winresume.efi 2014-11-20 01:51:55 56FCA8AA450BD181A0BA94F25E244C46 566784 ----a-w- C:\Windows\Sysnative\wpncore.dll 2014-11-20 01:51:55 1630521CA49271034F998B332F7F3469 254464 ----a-w- C:\Windows\Sysnative\AppXDeploymentClient.dll 2014-11-20 01:51:53 71F496BD6BEE4D82D68C6C0C08C445C0 922624 ----a-w- C:\Windows\Sysnative\AppXDeploymentExtensions.dll 2014-11-20 01:51:52 18102CA0EB09DCFE520E69152590EE93 2140888 ----a-w- C:\Windows\Sysnative\d3d11.dll 2014-11-20 01:51:51 EA73FD82772A15E33AC7C6237BC33B82 1843712 ----a-w- C:\Windows\Sysnative\Display.dll 2014-11-20 01:51:51 59575523BCA5E8555208621719A32F62 516496 ----a-w- C:\Windows\Sysnative\dxgi.dll 2014-11-20 01:51:51 418CE7366D46EB9F008DD8CEDE9A2CEC 30208 ----a-w- C:\Windows\Sysnative\CredentialMigrationHandler.dll 2014-11-20 01:48:05 86D0BF4F792053A50D6EE43DFA5837A5 3532288 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2014-11-20 01:48:03 E178371E493BF17EB90FE71ABA8BE643 1584128 ----a-w- C:\Windows\Sysnative\workfolderssvc.dll 2014-11-20 01:48:03 222D5E0C79E9C87EF0C4D02651EE765A 1067080 ----a-w- C:\Windows\Sysnative\mfasfsrcsnk.dll 2014-11-20 01:48:01 14D3EDC750DAA89D322743781755314C 2134120 ----a-w- C:\Windows\Sysnative\d3d9.dll 2014-11-20 01:47:59 A8AA0F50CE95FCD1CB9588DB0A961D98 1160704 ----a-w- C:\Windows\Sysnative\Windows.Web.Http.dll 2014-11-20 01:47:58 66A4E31B7F095ED862711B7152665EAC 708616 ----a-w- C:\Windows\Sysnative\iuilp.dll 2014-11-20 01:47:58 1503510900836FA6A0E4FE9662FE0768 1011712 ----a-w- C:\Windows\Sysnative\TSWorkspace.dll 2014-11-20 01:47:57 5A2020DDCCBB0ED08BAC2355A075F303 656384 ----a-w- C:\Windows\Sysnative\dnsapi.dll 2014-11-20 01:47:56 50327A0EC7B57B998A7EC6D03096EA14 1231360 ----a-w- C:\Windows\Sysnative\Windows.Media.dll 2014-11-20 01:47:56 03CC7C6D00212DF6D6CB5C93432410ED 1147904 ----a-w- C:\Windows\Sysnative\UIAutomationCore.dll 2014-11-20 01:47:55 7B5D275FBCFEBFC9960638F391CD4278 631296 ----a-w- C:\Windows\Sysnative\WWAHost.exe 2014-11-20 01:47:55 0FC25089426F313B1B271FEDCB0814DB 699840 ----a-w- C:\Windows\Sysnative\d3d10level9.dll 2014-11-20 01:47:54 0E8B08C379A79A78678D5045E4A68753 761856 ----a-w- C:\Windows\Sysnative\WorkfoldersControl.dll 2014-11-20 01:47:53 B953A10B98ED83C2EF7C7D9153F18924 578560 ----a-w- C:\Windows\Sysnative\Windows.Networking.BackgroundTransfer.dll 2014-11-20 01:47:53 7F9AEC82D7480068C6D444D4FD8FB36F 331776 ----a-w- C:\Windows\Sysnative\eapphost.dll 2014-11-20 01:47:52 2BEF4B9C1CD2E090C97C0937B859C0E7 171864 ----a-w- C:\Windows\Sysnative\kd_02_8086.dll 2014-11-20 01:47:51 DB5F0DFF669AB88296134F82258AEFB8 465960 ----a-w- C:\Windows\Sysnative\AudioSes.dll 2014-11-20 01:47:51 D920A92D7F103F7C424A16FBEF0AA790 391512 ----a-w- C:\Windows\Sysnative\tsmf.dll 2014-11-20 01:47:50 ABDD2AAA3C3842492FF11D68421D7648 558080 ----a-w- C:\Windows\Sysnative\apphelp.dll 2014-11-20 01:47:50 8ACE1F60D8C4E8209F25BF945A828D96 607744 ----a-w- C:\Windows\Sysnative\comdlg32.dll 2014-11-20 01:47:50 12BF0E1F71E2EA1A52B5D1723F87BD16 325120 ----a-w- C:\Windows\Sysnative\eapp3hst.dll 2014-11-20 01:47:50 05579A2C16277280E0FAD02245B80C2D 317616 ----a-w- C:\Windows\Sysnative\wintrust.dll 2014-11-20 01:47:48 CA56145B0F1FA54FA21C2E0A7AC9C119 132608 ----a-w- C:\Windows\Sysnative\msched.dll 2014-11-20 01:47:48 C5817E2699AA8048FD4D3869EE9A3CC0 104320 ----a-w- C:\Windows\Sysnative\ncryptsslp.dll 2014-11-20 01:47:48 8513A1E7AE4B9DC82C4B4F432C648A58 221184 ----a-w- C:\Windows\Sysnative\profsvc.dll 2014-11-20 01:47:48 4EFC6306A619F49A95FB83538C812461 286208 ----a-w- C:\Windows\Sysnative\pcsvDevice.dll 2014-11-20 01:47:46 DFC4050D58565ADBEE793A8D4AEBDAE6 903168 ----a-w- C:\Windows\Sysnative\iphlpsvc.dll 2014-11-20 01:47:46 C0F957C92D21EE003BF57DB6B8E77FE5 830464 ----a-w- C:\Windows\Sysnative\samsrv.dll 2014-11-20 01:47:45 F4414F57DF2CECB8FC969AA43A6B0D50 433664 ----a-w- C:\Windows\Sysnative\ipnathlp.dll 2014-11-20 01:47:45 63CB763FE4CEADFFF5F047332814E8F9 44936 ----a-w- C:\Windows\Sysnative\wldp.dll 2014-11-20 01:47:45 2F5076AA4F8195B0ED7D448EDC763D86 83968 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe 2014-11-20 01:47:44 BA37610D1CF1FBDEC0D0A7BC848A6C1C 184832 ----a-w- C:\Windows\Sysnative\dafWfdProvider.dll 2014-11-20 01:47:44 79754331FCCAA3AA9A23EA7A266034B6 92672 ----a-w- C:\Windows\Sysnative\dafBth.dll 2014-11-20 01:47:44 1D30B15A3296AD6C2DB4EB7F3DD5DD4D 54776 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2014-11-20 01:47:43 5BAF7714E68F93515A937A3FA8587EF9 255488 ----a-w- C:\Windows\Sysnative\dnsrslvr.dll 2014-11-20 01:47:43 3685882880A2F60671F727433CE4DA99 113152 ----a-w- C:\Windows\Sysnative\shsetup.dll 2014-11-20 01:47:43 0208D2B1B21C4F7BCC8A91537045B82D 381952 ----a-w- C:\Windows\Sysnative\WUSettingsProvider.dll 2014-11-20 01:47:42 9F309FB487DBA2D53EEC8418029D1784 103424 ----a-w- C:\Windows\Sysnative\WiFiDisplay.dll 2014-11-20 01:47:42 5C8EE485EF4AEA9BCECD36A46599E5C9 335360 ----a-w- C:\Windows\Sysnative\eappcfg.dll 2014-11-20 01:47:41 053445AED2A855477496965B8EA16A6B 101888 ----a-w- C:\Windows\Sysnative\eappgnui.dll 2014-11-20 01:47:38 FA196834A5350CDA7A5C3D02D3758E31 1704448 ----a-w- C:\Windows\Sysnative\wucltux.dll 2014-11-20 01:47:38 5DCC1BAB9A9DB133274082488F7A0F53 186880 ----a-w- C:\Windows\Sysnative\WorkFoldersShell.dll 2014-11-20 01:47:37 4082B1F66087FC1D8B4759569A194391 338944 ----a-w- C:\Windows\Sysnative\rdpclip.exe 2014-11-20 01:47:36 E8E50E7703204AE06C6B5FEFE2F701E7 226304 ----a-w- C:\Windows\Sysnative\miutils.dll 2014-11-20 01:47:36 8744BDDA941E77B6402C91D220EFD4F9 160768 ----a-w- C:\Windows\Sysnative\AppxAllUserStore.dll 2014-11-20 01:47:36 504092E4BA97FCEB53912BB6CD156547 53248 ----a-w- C:\Windows\Sysnative\ftp.exe 2014-11-20 01:47:36 285F776B002DA6E3FEE357022A54413A 909312 ----a-w- C:\Windows\Sysnative\MrmCoreR.dll 2014-11-20 01:46:42 D8E54AB89C84C0AD065EE0BDEBD50A99 1085952 ----a-w- C:\Windows\Sysnative\twinui.appcore.dll 2014-11-20 01:46:42 202016CEE2780960BD0146626FB5E9F6 2801664 ----a-w- C:\Windows\Sysnative\actxprxy.dll 2014-11-20 01:42:24 AC7C39F7A866BF81103042244CE85827 2152448 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-11-20 01:42:17 053472337FDD116BD010C88DB0C34DF1 4604416 ----a-w- C:\Windows\Sysnative\d2d1.dll 2014-11-20 01:42:16 389C4E97E3A498159B625A7A13EA4560 2397184 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-11-20 01:42:07 447CB6699A8EAD2BC516991738A16277 75360 ----a-w- C:\Windows\Sysnative\imagehlp.dll 2014-11-20 01:41:57 6EFAF0D87291F9FBD7C0ED3BD56511AA 1943536 ----a-w- C:\Windows\Sysnative\crypt32.dll 2014-11-20 01:41:13 B82255670D270B75D2D2F0F8747D1443 1104384 ----a-w- C:\Windows\Sysnative\IKEEXT.DLL 2014-11-20 01:41:13 6468B696C65775D51A06615830E0E79D 828416 ----a-w- C:\Windows\Sysnative\BFE.DLL 2014-11-20 01:38:36 22B4875CBDFA96BEF911F5A79FFA56EA 548864 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-11-20 01:38:29 41E3F3C1E24549BBB94C53692333D3BE 197120 ----a-w- C:\Windows\Sysnative\scrrun.dll 2014-11-20 01:38:20 C49981A2AD6B2793891075FD514F5728 1341288 ----a-w- C:\Windows\Sysnative\gdi32.dll 2014-11-20 01:38:11 029D89926A1C52C785B4F2E697FD7105 872840 ----a-w- C:\Windows\Sysnative\mfplat.dll ====== C:\Windows\Sysnative\drivers ===== 2014-11-20 04:56:29 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-11-20 04:54:17 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-11-20 04:54:17 D1F2D4DF0A5D3B700794E26356A55B44 64216 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-11-20 04:54:17 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2014-11-20 02:04:03 ECC68BD5347BDE9631EE68274858A41F 2543960 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-11-20 02:03:57 C85C075DE5B6D0FE116043054DE8EE02 311640 ----a-w- C:\Windows\Sysnative\drivers\volsnap.sys 2014-11-20 02:03:28 725EF69B2DBEB7B33280019A556201BC 2008408 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-11-20 02:03:27 B8B663BE41827211737F627473D6D192 377176 ----a-w- C:\Windows\Sysnative\drivers\clfs.sys 2014-11-20 02:01:38 13B160C1913F012BD1615EB1398D3779 1530712 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2014-11-20 02:01:35 22EDC0DE06A0272DFA4C7B47B5D8E377 382808 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys 2014-11-20 02:01:33 A1A5E79C0D1352AFDC08328A623DA051 408576 ----a-w- C:\Windows\Sysnative\drivers\rdbss.sys 2014-11-20 02:01:31 D22EB844EB57D016CC34178AC86456DF 325464 ----a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS 2014-11-20 01:59:34 C52148456E0F6EAD9E903020A79207FC 236888 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys 2014-11-20 01:59:31 241895E8A9C158DF86E12FDD21033A32 35856 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys 2014-11-20 01:59:28 57F22324FAAF92ADF957B281E88F1743 124760 ----a-w- C:\Windows\Sysnative\drivers\WdNisDrv.sys 2014-11-20 01:57:58 ED39D676080A1AEA755F1DEC1A8DF1A4 1119064 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2014-11-20 01:57:57 79B6F3DF7CDFD12159871FF71464F0CE 403456 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2014-11-20 01:57:52 4628B415A84EA9D4D396A56F1D0CB6C6 142680 ----a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS 2014-11-20 01:57:50 B7342B3C58E91107F6E946A93D9D4EFD 142848 ----a-w- C:\Windows\Sysnative\drivers\ipnat.sys 2014-11-20 01:57:49 1C89EF529DB7DCA98E801EFDCC8437DE 19456 ----a-w- C:\Windows\Sysnative\drivers\BtaMPM.sys 2014-11-20 01:51:55 F6EBE514D13ECE7EDC23440039CDF9AB 372568 ----a-w- C:\Windows\Sysnative\drivers\spaceport.sys 2014-11-20 01:51:54 139CFCDCD36B1B1782FD8C0014AC9B0E 39768 ----a-w- C:\Windows\Sysnative\drivers\intelpep.sys 2014-11-20 01:51:53 B9D968D8E2B0F9C6301CEB39CFC9B9E4 86872 ----a-w- C:\Windows\Sysnative\drivers\pdc.sys 2014-11-20 01:51:53 0044B31F93946D5D41982314381FE431 146776 ----a-w- C:\Windows\Sysnative\drivers\SerCx2.sys 2014-11-20 01:47:52 3D30878A269D934100FA5F972E53AF39 523096 ----a-w- C:\Windows\Sysnative\drivers\acpi.sys 2014-11-20 01:47:49 2B78788A1485F9B99A578A299DF42C02 454656 ----a-w- C:\Windows\Sysnative\drivers\srv.sys 2014-11-20 01:47:47 433ECDE01A52691FA7ACA51C10C09B70 155480 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2014-11-20 01:47:47 0E7FA34B975764C33B5DBC6F8C401627 81920 ----a-w- C:\Windows\Sysnative\drivers\BTHUSB.SYS 2014-11-20 01:47:46 847C6A08912C3515807049C93E526D65 258904 ----a-w- C:\Windows\Sysnative\drivers\rdyboost.sys 2014-11-20 01:47:45 6B06E2D11E604BE2B1A406C4CB3B90DE 57176 ----a-w- C:\Windows\Sysnative\drivers\stornvme.sys 2014-11-20 01:47:45 10EDF9E0838BA4578FFFFF274632D454 1200640 ----a-w- C:\Windows\Sysnative\drivers\bthport.sys 2014-11-20 01:41:13 2E3E82D7B1076B90F4E228A8EF17B261 136536 ----a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys 2014-11-20 00:13:50 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_wpdcomp_01_11_00.Wdf 2014-11-20 00:13:48 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-11-19 23:16:11 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf ====== C:\Windows\Tasks ====== 2014-11-19 23:27:39 0CDD62775F24D1FD5994CD31DB96BB1E 3718 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2014-11-19 23:27:38 F65059CC29DB4374D99C85AAD192C5A6 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-19 22:56:56 C37809AF6F352EF637A1D5FB92DED267 3598 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3854993087-1331283222-3804681286-1001 2014-11-19 22:55:33 FAECCDCC71133CACC50AB5B81751D7BD 3914 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{23483F07-AF2B-4EA3-894F-DCCF822DA1FC} 2014-11-19 22:49:15 -------- d-----w- C:\Windows\Sysnative\Tasks\WPD ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-11-20 05:00:22 -------- d-----w- C:\Program Files\COMODO ======= C:\PROGRA~2 ===== 2014-11-20 20:05:15 -------- d-----w- C:\PROGRA~2\E Dev 2014-11-19 22:57:32 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service ======= C: ===== 2014-11-20 07:37:54 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Recovery.txt ====== C:\Users\Tchii\AppData\Roaming ====== 2014-11-21 14:02:24 -------- d-----w- C:\Users\Tchii\AppData\Roaming\Uninstaller Tool(Comodo Forums) 2014-11-20 15:59:53 E63DAE89CAA83A1C5180CD522CC60550 7597 ----a-w- C:\Users\Tchii\AppData\Local\Resmon.ResmonCfg 2014-11-20 05:29:08 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\COMODO 2014-11-20 05:28:52 -------- d-----w- C:\Users\Tchii\AppData\Locallow\COMODO 2014-11-20 05:26:15 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Comodo 2014-11-20 05:06:40 -------- d-----w- C:\Users\Tchii\AppData\Roaming\Comodo 2014-11-20 05:00:42 -------- d-s---w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft 2014-11-20 05:00:41 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\COMODO 2014-11-20 05:00:14 -------- d-----w- C:\Users\Tchii\AppData\Local\Comodo 2014-11-20 04:53:57 -------- d-----w- C:\Users\Tchii\AppData\Local\Programs 2014-11-19 23:30:47 -------- d-----w- C:\Users\Tchii\AppData\Roaming\Unity 2014-11-19 23:30:10 -------- d-----w- C:\Users\Tchii\AppData\Local\Unity 2014-11-19 23:30:06 -------- d-----w- C:\Users\Tchii\AppData\Locallow\Unity 2014-11-19 23:11:48 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2014-11-19 22:57:44 -------- d-----w- C:\Users\Tchii\AppData\Roaming\Mozilla 2014-11-19 22:57:44 -------- d-----w- C:\Users\Tchii\AppData\Local\Mozilla 2014-11-19 22:52:59 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2014-11-19 22:51:25 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-11-19 22:51:20 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2014-11-19 22:49:28 -------- d-----w- C:\Users\Tchii\AppData\Local\TOSHIBA 2014-11-19 22:48:28 -------- d-----r- C:\Users\Tchii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-11-19 22:48:28 -------- d-----r- C:\Users\Tchii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-11-19 22:48:09 -------- d-----w- C:\Users\Tchii\AppData\Roaming\Adobe 2014-11-19 22:48:08 -------- d-----w- C:\Users\Tchii\AppData\Local\Packages 2014-11-19 22:46:02 -------- d-s---w- C:\Users\Tchii\AppData\Locallow\Microsoft 2014-11-19 22:46:00 -------- d-s---w- C:\Users\Tchii\AppData\Roaming\Microsoft 2014-11-19 22:46:00 -------- d-----w- C:\Users\Tchii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-19 22:46:00 -------- d-----w- C:\Users\Tchii\AppData\Local\Temp 2014-11-19 22:46:00 -------- d-----w- C:\Users\Tchii\AppData\Local\Microsoft 2014-11-19 22:46:00 -------- d-----r- C:\Users\Tchii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-19 22:46:00 -------- d-----r- C:\Users\Tchii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-19 22:46:00 -------- d-----r- C:\Users\Tchii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility ====== C:\Users\Tchii ====== 2014-11-21 14:42:06 1B4994A72B4C06A7FEF1D1BD61B9392F 109 ----a-w- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2014-11-21 14:41:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Peek 2014-11-21 14:41:22 52F3595C268713100C7EEBA6F3730743 3298307 ----a-w- C:\Users\Tchii\Desktop\E-PeekSetup.exe 2014-11-21 14:23:41 5EB6BC9FC4ECB129F7397CA8E8B8F5AF 48622091 ----a-w- C:\Users\Tchii\Desktop\setup.exe 2014-11-20 19:53:59 6B9CFB243356186A70C6C87AB5BDBB42 3850104 ----a-w- C:\Users\Tchii\Downloads\ccsetup419_slim.exe 2014-11-20 19:28:47 6504113C2218667814D4F54847BA046A 2140160 ----a-w- C:\Users\Tchii\Desktop\adwcleaner_4.101.exe 2014-11-20 17:28:05 1AC91AB0DC51CD0B8258945CDED565DB 5006864 ----a-w- C:\Users\Tchii\Downloads\avast_free_antivirus_setup_online.exe 2014-11-20 07:42:38 -------- d--h--r- C:\Users\Public\AccountPictures 2014-11-20 05:29:08 -------- d-----w- C:\ProgramData\TOSHIBA Tempro 2014-11-20 05:29:08 -------- d-----w- C:\ProgramData\IsolatedStorage 2014-11-20 04:59:31 -------- d-----w- C:\ProgramData\Comodo 2014-11-19 22:57:35 -------- d-----w- C:\ProgramData\Mozilla 2014-11-19 22:54:19 -------- d-----w- C:\ProgramData\ToshibaEurope 2014-11-19 22:52:33 -------- d---a-r- C:\Users\Tchii\SkyDrive 2014-11-19 22:48:28 -------- d-----r- C:\Users\Tchii\Searches 2014-11-19 22:48:26 -------- d-----r- C:\Users\Tchii\Contacts 2014-11-19 22:46:00 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Tchii\ntuser.ini 2014-11-19 22:46:00 -------- d--h--w- C:\Users\Tchii\AppData 2014-11-19 22:46:00 -------- d-----r- C:\Users\Tchii\Documents 2014-11-19 22:46:00 -------- d-----r- C:\Users\Tchii\Desktop 2014-11-19 22:45:59 -------- d-----r- C:\Users\Tchii\Videos 2014-11-19 22:45:59 -------- d-----r- C:\Users\Tchii\Saved Games 2014-11-19 22:45:59 -------- d-----r- C:\Users\Tchii\Pictures 2014-11-19 22:45:59 -------- d-----r- C:\Users\Tchii\Music 2014-11-19 22:45:59 -------- d-----r- C:\Users\Tchii\Links 2014-11-19 22:45:59 -------- d-----r- C:\Users\Tchii\Favorites 2014-11-19 22:45:59 -------- d-----r- C:\Users\Tchii\Downloads ====== C: exe-files == 2014-11-20 20:05:17 A221333AC168B72F3284464809AD6F76 83787 ----a-w- C:\Program Files (x86)\E Dev\E-Peek\Uninstal.exe 2014-11-20 02:03:08 2E032281A818BCD191E3DD92000A8EAE 806064 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-11-20 02:03:05 9FBB2F038A2DDCE696BDEE7080241C0C 808112 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-11-20 02:03:04 9E8F9FDD407DDE997965EEFD9E635CCF 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-11-20 02:03:01 AFAB9B381886ABE3490689B7633A858F 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-11-19 22:57:35 E2A25E384F7ED676DBEC86DE5A70295C 103588 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2014-11-19 22:57:35 DFCD29AB147716CA72416FA7D2196D46 114288 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe === C: other files == 2014-11-20 04:56:29 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-11-20 04:54:17 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-11-20 04:54:17 D1F2D4DF0A5D3B700794E26356A55B44 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-11-20 04:54:17 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-11-20 02:04:03 ECC68BD5347BDE9631EE68274858A41F 2543960 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-11-20 02:03:57 C85C075DE5B6D0FE116043054DE8EE02 311640 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2014-11-20 02:03:28 725EF69B2DBEB7B33280019A556201BC 2008408 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2014-11-20 02:03:27 B8B663BE41827211737F627473D6D192 377176 ----a-w- C:\Windows\System32\drivers\clfs.sys 2014-11-20 02:02:05 1A69D165DDA78A4329B854D4FEDAD132 4189184 ----a-w- C:\Windows\System32\win32k.sys 2014-11-20 02:01:38 13B160C1913F012BD1615EB1398D3779 1530712 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-11-20 02:01:35 22EDC0DE06A0272DFA4C7B47B5D8E377 382808 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2014-11-20 02:01:33 A1A5E79C0D1352AFDC08328A623DA051 408576 ----a-w- C:\Windows\System32\drivers\rdbss.sys 2014-11-20 02:01:31 D22EB844EB57D016CC34178AC86456DF 325464 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS 2014-11-20 01:59:34 C52148456E0F6EAD9E903020A79207FC 236888 ----a-w- C:\Windows\System32\drivers\WdFilter.sys 2014-11-20 01:59:31 241895E8A9C158DF86E12FDD21033A32 35856 ----a-w- C:\Windows\System32\drivers\WdBoot.sys 2014-11-20 01:59:28 57F22324FAAF92ADF957B281E88F1743 124760 ----a-w- C:\Windows\System32\drivers\WdNisDrv.sys 2014-11-20 01:57:58 ED39D676080A1AEA755F1DEC1A8DF1A4 1119064 ----a-w- C:\Windows\System32\drivers\ndis.sys 2014-11-20 01:57:57 79B6F3DF7CDFD12159871FF71464F0CE 403456 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2014-11-20 01:57:52 4628B415A84EA9D4D396A56F1D0CB6C6 142680 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2014-11-20 01:57:50 B7342B3C58E91107F6E946A93D9D4EFD 142848 ----a-w- C:\Windows\System32\drivers\ipnat.sys 2014-11-20 01:57:49 1C89EF529DB7DCA98E801EFDCC8437DE 19456 ----a-w- C:\Windows\System32\drivers\BtaMPM.sys 2014-11-20 01:51:55 F6EBE514D13ECE7EDC23440039CDF9AB 372568 ----a-w- C:\Windows\System32\drivers\spaceport.sys 2014-11-20 01:51:54 139CFCDCD36B1B1782FD8C0014AC9B0E 39768 ----a-w- C:\Windows\System32\drivers\intelpep.sys 2014-11-20 01:51:53 B9D968D8E2B0F9C6301CEB39CFC9B9E4 86872 ----a-w- C:\Windows\System32\drivers\pdc.sys 2014-11-20 01:51:53 0044B31F93946D5D41982314381FE431 146776 ----a-w- C:\Windows\System32\drivers\SerCx2.sys 2014-11-20 01:47:52 3D30878A269D934100FA5F972E53AF39 523096 ----a-w- C:\Windows\System32\drivers\acpi.sys 2014-11-20 01:47:49 2B78788A1485F9B99A578A299DF42C02 454656 ----a-w- C:\Windows\System32\drivers\srv.sys 2014-11-20 01:47:47 433ECDE01A52691FA7ACA51C10C09B70 155480 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-11-20 01:47:47 0E7FA34B975764C33B5DBC6F8C401627 81920 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS 2014-11-20 01:47:46 847C6A08912C3515807049C93E526D65 258904 ----a-w- C:\Windows\System32\drivers\rdyboost.sys 2014-11-20 01:47:45 6B06E2D11E604BE2B1A406C4CB3B90DE 57176 ----a-w- C:\Windows\System32\drivers\stornvme.sys 2014-11-20 01:47:45 10EDF9E0838BA4578FFFFF274632D454 1200640 ----a-w- C:\Windows\System32\drivers\bthport.sys 2014-11-20 01:41:13 2E3E82D7B1076B90F4E228A8EF17B261 136536 ----a-w- C:\Windows\System32\drivers\wfplwfs.sys 2014-11-19 23:00:51 A1B1BC6A14B437C82AC830116979E9F6 979699 ----a-w- C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\1u4m7770.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3854993087-1331283222-3804681286-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TSVU"="c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" "SmartAudio"="C:\Program Files\CONEXANT\SAII\SACpl.exe /t" "TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe" "TSSSrv"="C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe " "TCrdMain"="C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [20/11/2014 00:27] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Resolution+ Setting Task" [C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe] "C:\Windows\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"] "C:\Windows\SysNative\tasks\UMonitor Task" [C:\Windows\SysWOW64\UMonit64.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{23483F07-AF2B-4EA3-894F-DCCF822DA1FC}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\TOSHIBA\CommonNotifier" [C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe] "C:\Windows\SysNative\tasks\TOSHIBA\Service Station" ["C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe"] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\1u4m7770.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Tchii\AppData\Roaming\Mozilla\Firefox\Profiles\1u4m7770.default 67D325B5AEB28E381B84E8DE1A90C7A8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll - Shockwave Flash A4FDD66D0DBF2CADF5B7D2F8187E24D1 - C:\Users\Tchii\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{C6882FE1-CC23-447D-A538-29AE1CBDBF14}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {C6882FE1-CC23-447D-A538-29AE1CBDBF14} Unknown Url="Not_Found" ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3854993087-1331283222-3804681286-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C6882FE1-CC23-447D-A538-29AE1CBDBF14} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF07604E-C860-40E9-A230-E37FA41F103A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tchii\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Tchii\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Tchii\AppData\Local\Mozilla\Firefox\Profiles\1u4m7770.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=28 folders=30 35692271 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Tchii\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Tchii\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 21/11/2014 at 16:56:12,93 ====================== -
Er is wat mis en ik vind niet wat, hoe, waar.
Tchii reageerde op Tchii's topic in Archief Bestrijding malware & virussen
Oh nou weet ik het weer, dit w - - - Updated - - - Sorry! Perongeluk enter geraakt denk ik. Iig dit was in event vieuwer denk ik? -
Er is wat mis en ik vind niet wat, hoe, waar.
Tchii reageerde op Tchii's topic in Archief Bestrijding malware & virussen
Domme Comodo, dan avast een keertje de kans geven. Nou de probleempjes waren er al wel voor Comodo, Hoge CPU rate bij spelletjes en firefox gebruik en mijn disk tab schiet ook vaak naar 99% Als ook systeem fouten, maar ben vergeten hoe je daar naartoe gaat, anders maakte ik even een print screen shotje voor u. -
Er is wat mis en ik vind niet wat, hoe, waar.
Tchii reageerde op Tchii's topic in Archief Bestrijding malware & virussen
E-Peek v 1.0.5.6 © Emphyrio/Onsia Patrick 2013-2014 Downloaded @ E Dev Run at vr 21 nov 2014 15:42 . Windows 8.1 (64 bits) C:\Windows [NTFS - Fixed] Default Browser: Firefox 33.1.1 (x86 nl) Boot mode: Normal boot User logged in: Tchii . Java x86: n/a Java x64: n/a . AV : Windows Defender [updated - Not Running] AS : Windows Defender [updated - Not Running] FW : Windows firewall . ==================== Files and Folders history ================================= Folders Created Last 7 days : 21/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Uninstaller Tool(Comodo Forums) 21/11/2014 ##### r-h+s+d+a- C:\Config.Msi 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Unity 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Macromedia 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Comodo 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Unity 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Programs 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Macromedia 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Comodo 20/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Adobe 20/11/2014 ##### r-h-s-d+a- C:\ProgramData\TOSHIBA Tempro 20/11/2014 ##### r-h-s-d+a- C:\ProgramData\Malwarebytes 20/11/2014 ##### r-h-s-d+a- C:\ProgramData\IsolatedStorage 20/11/2014 ##### r-h-s-d+a- C:\ProgramData\Comodo 20/11/2014 ##### r-h-s-d+a- C:\Program Files\Malwarebytes Anti-Malware 20/11/2014 ##### r-h-s-d+a- C:\Program Files\COMODO 20/11/2014 ##### r-h-s-d+a- C:\Program Files\CCleaner 20/11/2014 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware 20/11/2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev 20/11/2014 ##### r-h-s-d+a- C:\AdwCleaner 20/11/2014 ##### r-h+s+d+a- C:\System Volume Information 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Mozilla 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Roaming\Adobe 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\VirtualStore 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\TOSHIBA 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Temp 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\PackageStaging 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Packages 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Mozilla 19/11/2014 ##### r-h-s-d+a- C:\Users\Tchii\AppData\Local\Microsoft 19/11/2014 ##### r-h-s-d+a- C:\ProgramData\ToshibaEurope 19/11/2014 ##### r-h-s-d+a- C:\ProgramData\Mozilla 19/11/2014 ##### r-h-s-d+a- C:\Program Files (x86)\Mozilla Maintenance Service 19/11/2014 ##### r-h-s-d+a- C:\Program Files (x86)\Mozilla Firefox 19/11/2014 ##### r-h-s+d+a- C:\Users\Tchii\AppData\Roaming\Microsoft 19/11/2014 ##### r-h+s-d+a- C:\Users\Tchii\AppData 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Templates 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Start Menu 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\SendTo 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Recent 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\PrintHood 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\NetHood 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\My Documents 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Local Settings 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Cookies 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\Application Data 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\AppData\Local\Temporary Internet Files 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\AppData\Local\History 19/11/2014 ##### r-h+s+d+a- C:\Users\Tchii\AppData\Local\Application Data 19/11/2014 ##### r-h+s+d+a- C:\$RECYCLE.BIN 19/11/2014 ##### r+h-s-d+a+ C:\Users\Tchii\SkyDrive 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Videos 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Searches 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Saved Games 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Pictures 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Music 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Links 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Favorites 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Downloads 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Documents 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Desktop 19/11/2014 ##### r+h-s-d+a- C:\Users\Tchii\Contacts Files Modified Last 7 days : 20/11/2014 04646338 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI 20/11/2014 01060864 r-h-s-d-a+ C:\Windows\SysWOW64\mfc71.dll 20/11/2014 00806586 r-h-s-d-a+ C:\Windows\system32\perfh013.dat 20/11/2014 00801394 r-h-s-d-a+ C:\Windows\system32\perfh00C.dat 20/11/2014 00793160 r-h-s-d-a+ C:\Windows\system32\perfh010.dat 20/11/2014 00754248 r-h-s-d-a+ C:\Windows\system32\perfh007.dat 20/11/2014 00722476 r-h-s-d-a+ C:\Windows\system32\perfh009.dat 20/11/2014 00348160 r-h-s-d-a+ C:\Windows\SysWOW64\msvcr71.dll 20/11/2014 00336032 r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT 20/11/2014 00162126 r-h-s-d-a+ C:\Windows\system32\perfc013.dat 20/11/2014 00158900 r-h-s-d-a+ C:\Windows\system32\perfc007.dat 20/11/2014 00158846 r-h-s-d-a+ C:\Windows\system32\perfc00C.dat 20/11/2014 00156082 r-h-s-d-a+ C:\Windows\system32\perfc010.dat 20/11/2014 00135592 r-h-s-d-a+ C:\Windows\system32\perfc009.dat 20/11/2014 00057096 r-h-s-d-a+ C:\Windows\system32\certsentry.dll Files Created Last 7 days : 20/11/2014 23134208 r-h-s-d-a+ C:\Windows\system32\mshtml.dll 20/11/2014 21186352 r-h-s-d-a+ C:\Windows\system32\shell32.dll 20/11/2014 18644072 r-h-s-d-a+ C:\Windows\SysWOW64\shell32.dll 20/11/2014 18576384 r-h-s-d-a+ C:\Windows\system32\Windows.UI.Xaml.dll 20/11/2014 17073152 r-h-s-d-a+ C:\Windows\SysWOW64\mshtml.dll 20/11/2014 13949440 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.UI.Xaml.dll 20/11/2014 13192704 r-h-s-d-a+ C:\Windows\system32\twinui.dll 20/11/2014 13051904 r-h-s-d-a+ C:\Windows\system32\ieframe.dll 20/11/2014 11688448 r-h-s-d-a+ C:\Windows\SysWOW64\twinui.dll 20/11/2014 11266048 r-h-s-d-a+ C:\Windows\SysWOW64\ieframe.dll 20/11/2014 103374192 r-h-s-d-a+ C:\Windows\system32\MRT.exe 20/11/2014 07399256 r-h-s-d-a+ C:\Windows\system32\ntoskrnl.exe 20/11/2014 06640640 r-h-s-d-a+ C:\Windows\system32\mstscax.dll 20/11/2014 06353960 r-h-s-d-a+ C:\Windows\system32\sppsvc.exe 20/11/2014 05770752 r-h-s-d-a+ C:\Windows\SysWOW64\mstscax.dll 20/11/2014 05768704 r-h-s-d-a+ C:\Windows\system32\jscript9.dll 20/11/2014 04604416 r-h-s-d-a+ C:\Windows\system32\d2d1.dll 20/11/2014 04244480 r-h-s-d-a+ C:\Windows\SysWOW64\jscript9.dll 20/11/2014 04189184 r-h-s-d-a+ C:\Windows\system32\win32k.sys 20/11/2014 04175360 r-h-s-d-a+ C:\Windows\system32\dbgeng.dll 20/11/2014 04106240 r-h-s-d-a+ C:\Windows\system32\SyncEngine.dll 20/11/2014 03936256 r-h-s-d-a+ C:\Windows\SysWOW64\d2d1.dll 20/11/2014 03532288 r-h-s-d-a+ C:\Windows\system32\wuaueng.dll 20/11/2014 03395920 r-h-s-d-a+ C:\Windows\system32\WSService.dll 20/11/2014 03210528 r-h-s-d-a+ C:\Windows\system32\msmpeg2vdec.dll 20/11/2014 02896896 r-h-s-d-a+ C:\Windows\system32\msftedit.dll 20/11/2014 02873344 r-h-s-d-a+ C:\Windows\SysWOW64\dbgeng.dll 20/11/2014 02804528 r-h-s-d-a+ C:\Windows\SysWOW64\msmpeg2vdec.dll 20/11/2014 02801664 r-h-s-d-a+ C:\Windows\system32\actxprxy.dll 20/11/2014 02765824 r-h-s-d-a+ C:\Windows\system32\iertutil.dll 20/11/2014 02617344 r-h-s-d-a+ C:\Windows\system32\authui.dll 20/11/2014 02570240 r-h-s-d-a+ C:\Windows\system32\SettingsHandlers.dll 20/11/2014 02397184 r-h-s-d-a+ C:\Windows\system32\d3d10warp.dll 20/11/2014 02334208 r-h-s-d-a+ C:\Windows\system32\wininet.dll 20/11/2014 02295808 r-h-s-d-a+ C:\Windows\SysWOW64\authui.dll 20/11/2014 02266624 r-h-s-d-a+ C:\Windows\SysWOW64\msftedit.dll 20/11/2014 02168320 r-h-s-d-a+ C:\Windows\SysWOW64\iertutil.dll 20/11/2014 02152448 r-h-s-d-a+ C:\Windows\system32\msxml3.dll 20/11/2014 02143960 r-h-s-d-a+ C:\Windows\SysWOW64\mfcore.dll 20/11/2014 02143744 r-h-s-d-a+ C:\Windows\system32\dwmcore.dll 20/11/2014 02140888 r-h-s-d-a+ C:\Windows\system32\d3d11.dll 20/11/2014 02134120 r-h-s-d-a+ C:\Windows\system32\d3d9.dll 20/11/2014 02133208 r-h-s-d-a+ C:\Windows\system32\mfcore.dll 20/11/2014 02071552 r-h-s-d-a+ C:\Windows\SysWOW64\d3d10warp.dll 20/11/2014 02065448 r-h-s-d-a+ C:\Windows\SysWOW64\explorer.exe 20/11/2014 02041856 r-h-s-d-a+ C:\Windows\system32\inetcpl.cpl 20/11/2014 01964032 r-h-s-d-a+ C:\Windows\SysWOW64\inetcpl.cpl 20/11/2014 01943536 r-h-s-d-a+ C:\Windows\system32\crypt32.dll 20/11/2014 01928144 r-h-s-d-a+ C:\Windows\system32\combase.dll 20/11/2014 01843712 r-h-s-d-a+ C:\Windows\system32\Display.dll 20/11/2014 01820160 r-h-s-d-a+ C:\Windows\SysWOW64\wininet.dll 20/11/2014 01816576 r-h-s-d-a+ C:\Windows\SysWOW64\Display.dll 20/11/2014 01799944 r-h-s-d-a+ C:\Windows\SysWOW64\d3d9.dll 20/11/2014 01765384 r-h-s-d-a+ C:\Windows\SysWOW64\d3d11.dll 20/11/2014 01765376 r-h-s-d-a+ C:\Windows\SysWOW64\dwmcore.dll 20/11/2014 01756160 r-h-s-d-a+ C:\Windows\system32\WMPDMC.exe 20/11/2014 01720560 r-h-s-d-a+ C:\Windows\system32\ntdll.dll 20/11/2014 01704448 r-h-s-d-a+ C:\Windows\system32\wucltux.dll 20/11/2014 01643584 r-h-s-d-a+ C:\Windows\system32\winload.efi 20/11/2014 01584128 r-h-s-d-a+ C:\Windows\system32\workfolderssvc.dll 20/11/2014 01581968 r-h-s-d-a+ C:\Windows\SysWOW64\crypt32.dll 20/11/2014 01507704 r-h-s-d-a+ C:\Windows\system32\winload.exe 20/11/2014 01503232 r-h-s-d-a+ C:\Windows\system32\wlansvc.dll 20/11/2014 01486848 r-h-s-d-a+ C:\Windows\system32\dbghelp.dll 20/11/2014 01476184 r-h-s-d-a+ C:\Windows\system32\winresume.efi 20/11/2014 01472048 r-h-s-d-a+ C:\Windows\SysWOW64\ntdll.dll 20/11/2014 01415680 r-h-s-d-a+ C:\Windows\system32\lsasrv.dll 20/11/2014 01399176 r-h-s-d-a+ C:\Windows\system32\winmde.dll 20/11/2014 01393664 r-h-s-d-a+ C:\Windows\system32\urlmon.dll 20/11/2014 01391104 r-h-s-d-a+ C:\Windows\SysWOW64\WMPDMC.exe 20/11/2014 01374384 r-h-s-d-a+ C:\Windows\system32\wmpmde.dll 20/11/2014 01371824 r-h-s-d-a+ C:\Windows\SysWOW64\combase.dll 20/11/2014 01362944 r-h-s-d-a+ C:\Windows\SysWOW64\user32.dll 20/11/2014 01345536 r-h-s-d-a+ C:\Windows\system32\winresume.exe 20/11/2014 01341288 r-h-s-d-a+ C:\Windows\system32\gdi32.dll 20/11/2014 01317376 r-h-s-d-a+ C:\Windows\SysWOW64\msxml3.dll 20/11/2014 01302528 r-h-s-d-a+ C:\Windows\system32\AppXDeploymentServer.dll 20/11/2014 01287576 r-h-s-d-a+ C:\Windows\system32\kernel32.dll 20/11/2014 01238016 r-h-s-d-a+ C:\Windows\SysWOW64\dbghelp.dll 20/11/2014 01231360 r-h-s-d-a+ C:\Windows\system32\Windows.Media.dll 20/11/2014 01227264 r-h-s-d-a+ C:\Windows\system32\mispace.dll 20/11/2014 01214976 r-h-s-d-a+ C:\Windows\system32\schedsvc.dll 20/11/2014 01204968 r-h-s-d-a+ C:\Windows\SysWOW64\winmde.dll 20/11/2014 01160704 r-h-s-d-a+ C:\Windows\system32\Windows.Web.Http.dll 20/11/2014 01156096 r-h-s-d-a+ C:\Windows\SysWOW64\urlmon.dll 20/11/2014 01147904 r-h-s-d-a+ C:\Windows\system32\UIAutomationCore.dll 20/11/2014 01109424 r-h-s-d-a+ C:\Windows\system32\KernelBase.dll 20/11/2014 01104896 r-h-s-d-a+ C:\Windows\system32\SearchFolder.dll 20/11/2014 01104384 r-h-s-d-a+ C:\Windows\system32\IKEEXT.DLL 20/11/2014 01085952 r-h-s-d-a+ C:\Windows\system32\twinui.appcore.dll 20/11/2014 01067080 r-h-s-d-a+ C:\Windows\system32\mfasfsrcsnk.dll 20/11/2014 01067008 r-h-s-d-a+ C:\Windows\SysWOW64\gdi32.dll 20/11/2014 01060864 r-h-s-d-a+ C:\Windows\SysWOW64\mfc71.dll 20/11/2014 01057280 r-h-s-d-a+ C:\Windows\system32\rdvidcrl.dll 20/11/2014 01036288 r-h-s-d-a+ C:\Windows\SysWOW64\kernel32.dll 20/11/2014 01019392 r-h-s-d-a+ C:\Windows\SysWOW64\actxprxy.dll 20/11/2014 01011712 r-h-s-d-a+ C:\Windows\system32\TSWorkspace.dll 20/11/2014 00980480 r-h-s-d-a+ C:\Windows\SysWOW64\mispace.dll 20/11/2014 00960512 r-h-s-d-a+ C:\Windows\system32\MFMediaEngine.dll 20/11/2014 00947712 r-h-s-d-a+ C:\Windows\system32\reseteng.dll 20/11/2014 00922624 r-h-s-d-a+ C:\Windows\system32\AppXDeploymentExtensions.dll 20/11/2014 00920064 r-h-s-d-a+ C:\Windows\SysWOW64\UIAutomationCore.dll 20/11/2014 00914944 r-h-s-d-a+ C:\Windows\system32\ReAgent.dll 20/11/2014 00909312 r-h-s-d-a+ C:\Windows\system32\MrmCoreR.dll 20/11/2014 00903168 r-h-s-d-a+ C:\Windows\system32\iphlpsvc.dll 20/11/2014 00888832 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.Media.dll 20/11/2014 00883184 r-h-s-d-a+ C:\Windows\SysWOW64\mfasfsrcsnk.dll 20/11/2014 00872840 r-h-s-d-a+ C:\Windows\system32\mfplat.dll 20/11/2014 00869888 r-h-s-d-a+ C:\Windows\SysWOW64\twinui.appcore.dll 20/11/2014 00855552 r-h-s-d-a+ C:\Windows\SysWOW64\rdvidcrl.dll 20/11/2014 00848384 r-h-s-d-a+ C:\Windows\system32\WSShared.dll 20/11/2014 00842752 r-h-s-d-a+ C:\Windows\system32\MsSpellCheckingFacility.dll 20/11/2014 00835584 r-h-s-d-a+ C:\Windows\SysWOW64\KernelBase.dll 20/11/2014 00834048 r-h-s-d-a+ C:\Windows\system32\audiosrv.dll 20/11/2014 00830464 r-h-s-d-a+ C:\Windows\SysWOW64\SearchFolder.dll 20/11/2014 00830464 r-h-s-d-a+ C:\Windows\system32\samsrv.dll 20/11/2014 00828416 r-h-s-d-a+ C:\Windows\system32\BFE.DLL 20/11/2014 00817664 r-h-s-d-a+ C:\Windows\system32\ieapfltr.dll 20/11/2014 00809872 r-h-s-d-a+ C:\Windows\system32\mfmp4srcsnk.dll 20/11/2014 00802816 r-h-s-d-a+ C:\Windows\SysWOW64\MFMediaEngine.dll 20/11/2014 00795648 r-h-s-d-a+ C:\Windows\SysWOW64\TSWorkspace.dll 20/11/2014 00770560 r-h-s-d-a+ C:\Windows\SysWOW64\ReAgent.dll 20/11/2014 00764864 r-h-s-d-a+ C:\Windows\system32\mfmpeg2srcsnk.dll 20/11/2014 00762368 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.Web.Http.dll 20/11/2014 00761856 r-h-s-d-a+ C:\Windows\system32\WorkfoldersControl.dll 20/11/2014 00749056 r-h-s-d-a+ C:\Windows\system32\SettingSyncCore.dll 20/11/2014 00747008 r-h-s-d-a+ C:\Windows\system32\wlidcli.dll 20/11/2014 00745336 r-h-s-d-a+ C:\Windows\system32\oleaut32.dll 20/11/2014 00716288 r-h-s-d-a+ C:\Windows\system32\swprv.dll 20/11/2014 00708616 r-h-s-d-a+ C:\Windows\system32\iuilp.dll 20/11/2014 00708608 r-h-s-d-a+ C:\Windows\system32\jscript9diag.dll 20/11/2014 00703488 r-h-s-d-a+ C:\Windows\SysWOW64\ieapfltr.dll 20/11/2014 00699840 r-h-s-d-a+ C:\Windows\system32\d3d10level9.dll 20/11/2014 00698232 r-h-s-d-a+ C:\Windows\SysWOW64\mfplat.dll 20/11/2014 00695808 r-h-s-d-a+ C:\Windows\SysWOW64\WSShared.dll 20/11/2014 00669352 r-h-s-d-a+ C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 20/11/2014 00663680 r-h-s-d-a+ C:\Windows\SysWOW64\mfmp4srcsnk.dll 20/11/2014 00656384 r-h-s-d-a+ C:\Windows\system32\dnsapi.dll 20/11/2014 00631296 r-h-s-d-a+ C:\Windows\system32\WWAHost.exe 20/11/2014 00630272 r-h-s-d-a+ C:\Windows\SysWOW64\MsSpellCheckingFacility.dll 20/11/2014 00628736 r-h-s-d-a+ C:\Windows\system32\SettingSyncHost.exe 20/11/2014 00627200 r-h-s-d-a+ C:\Windows\system32\msfeeds.dll 20/11/2014 00621056 r-h-s-d-a+ C:\Windows\SysWOW64\MrmCoreR.dll 20/11/2014 00618496 r-h-s-d-a+ C:\Windows\SysWOW64\apphelp.dll 20/11/2014 00607744 r-h-s-d-a+ C:\Windows\system32\comdlg32.dll 20/11/2014 00589824 r-h-s-d-a+ C:\Windows\system32\rastls.dll 20/11/2014 00588800 r-h-s-d-a+ C:\Windows\SysWOW64\SettingSyncCore.dll 20/11/2014 00586240 r-h-s-d-a+ C:\Windows\system32\qedit.dll 20/11/2014 00578952 r-h-s-d-a+ C:\Windows\SysWOW64\d3d10level9.dll 20/11/2014 00578560 r-h-s-d-a+ C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 20/11/2014 00566784 r-h-s-d-a+ C:\Windows\system32\wpncore.dll 20/11/2014 00565248 r-h-s-d-a+ C:\Windows\system32\SkyDrive.exe 20/11/2014 00558080 r-h-s-d-a+ C:\Windows\system32\apphelp.dll 20/11/2014 00553472 r-h-s-d-a+ C:\Windows\SysWOW64\jscript9diag.dll 20/11/2014 00552624 r-h-s-d-a+ C:\Windows\SysWOW64\oleaut32.dll 20/11/2014 00548864 r-h-s-d-a+ C:\Windows\system32\vbscript.dll 20/11/2014 00544768 r-h-s-d-a+ C:\Windows\SysWOW64\wlidcli.dll 20/11/2014 00531968 r-h-s-d-a+ C:\Windows\SysWOW64\comdlg32.dll 20/11/2014 00524288 r-h-s-d-a+ C:\Windows\SysWOW64\msfeeds.dll 20/11/2014 00518656 r-h-s-d-a+ C:\Windows\SysWOW64\WWAHost.exe 20/11/2014 00516496 r-h-s-d-a+ C:\Windows\system32\dxgi.dll 20/11/2014 00513536 r-h-s-d-a+ C:\Windows\SysWOW64\rastls.dll 20/11/2014 00492544 r-h-s-d-a+ C:\Windows\SysWOW64\dnsapi.dll 20/11/2014 00488448 r-h-s-d-a+ C:\Windows\SysWOW64\qedit.dll 20/11/2014 00481944 r-h-s-d-a+ C:\Windows\system32\mfsvr.dll 20/11/2014 00478208 r-h-s-d-a+ C:\Windows\SysWOW64\SettingSyncHost.exe 20/11/2014 00470016 r-h-s-d-a+ C:\Windows\system32\mfds.dll 20/11/2014 00465960 r-h-s-d-a+ C:\Windows\system32\AudioSes.dll 20/11/2014 00461312 r-h-s-d-a+ C:\Windows\system32\XpsGdiConverter.dll 20/11/2014 00458616 r-h-s-d-a+ C:\Windows\system32\WerFault.exe 20/11/2014 00454656 r-h-s-d-a+ C:\Windows\SysWOW64\vbscript.dll 20/11/2014 00447488 r-h-s-d-a+ C:\Windows\system32\sppcomapi.dll 20/11/2014 00433664 r-h-s-d-a+ C:\Windows\SysWOW64\mfds.dll 20/11/2014 00433664 r-h-s-d-a+ C:\Windows\system32\ipnathlp.dll 20/11/2014 00419160 r-h-s-d-a+ C:\Windows\system32\hal.dll 20/11/2014 00411648 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 20/11/2014 00408480 r-h-s-d-a+ C:\Windows\SysWOW64\WerFault.exe 20/11/2014 00407024 r-h-s-d-a+ C:\Windows\system32\Faultrep.dll 20/11/2014 00406400 r-h-s-d-a+ C:\Windows\SysWOW64\dxgi.dll 20/11/2014 00391512 r-h-s-d-a+ C:\Windows\system32\tsmf.dll 20/11/2014 00386722 r-h-s-d-a+ C:\Windows\system32\ApnDatabase.xml 20/11/2014 00381952 r-h-s-d-a+ C:\Windows\system32\WUSettingsProvider.dll 20/11/2014 00381168 r-h-s-d-a+ C:\Windows\SysWOW64\mfsvr.dll 20/11/2014 00376320 r-h-s-d-a+ C:\Windows\system32\pnrpsvc.dll 20/11/2014 00369280 r-h-s-d-a+ C:\Windows\SysWOW64\Faultrep.dll 20/11/2014 00358896 r-h-s-d-a+ C:\Windows\system32\dcomp.dll 20/11/2014 00348160 r-h-s-d-a+ C:\Windows\SysWOW64\msvcr71.dll 20/11/2014 00345552 r-h-s-d-a+ C:\Windows\SysWOW64\tsmf.dll 20/11/2014 00338944 r-h-s-d-a+ C:\Windows\system32\rdpclip.exe 20/11/2014 00336896 r-h-s-d-a+ C:\Windows\SysWOW64\XpsGdiConverter.dll 20/11/2014 00335360 r-h-s-d-a+ C:\Windows\system32\eappcfg.dll 20/11/2014 00331776 r-h-s-d-a+ C:\Windows\system32\eapphost.dll 20/11/2014 00326024 r-h-s-d-a+ C:\Windows\SysWOW64\AudioSes.dll 20/11/2014 00325120 r-h-s-d-a+ C:\Windows\system32\eapp3hst.dll 20/11/2014 00317616 r-h-s-d-a+ C:\Windows\system32\wintrust.dll 20/11/2014 00306688 r-h-s-d-a+ C:\Windows\system32\msieftp.dll 20/11/2014 00303616 r-h-s-d-a+ C:\Windows\system32\sti.dll 20/11/2014 00286208 r-h-s-d-a+ C:\Windows\system32\pcsvDevice.dll 20/11/2014 00282112 r-h-s-d-a+ C:\Windows\system32\SystemEventsBrokerServer.dll 20/11/2014 00273920 r-h-s-d-a+ C:\Windows\SysWOW64\msieftp.dll 20/11/2014 00273408 r-h-s-d-a+ C:\Windows\system32\Windows.Graphics.dll 20/11/2014 00272896 r-h-s-d-a+ C:\Windows\SysWOW64\eappcfg.dll 20/11/2014 00263168 r-h-s-d-a+ C:\Windows\system32\bisrv.dll 20/11/2014 00262144 r-h-s-d-a+ C:\Windows\SysWOW64\eapphost.dll 20/11/2014 00255488 r-h-s-d-a+ C:\Windows\system32\dnsrslvr.dll 20/11/2014 00254464 r-h-s-d-a+ C:\Windows\system32\AppXDeploymentClient.dll 20/11/2014 00249856 r-h-s-d-a+ C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 20/11/2014 00249856 r-h-s-d-a+ C:\Windows\system32\rdpencom.dll 20/11/2014 00245248 r-h-s-d-a+ C:\Windows\SysWOW64\eapp3hst.dll 20/11/2014 00235960 r-h-s-d-a+ C:\Windows\SysWOW64\wintrust.dll 20/11/2014 00233920 r-h-s-d-a+ C:\Windows\system32\mfps.dll 20/11/2014 00226304 r-h-s-d-a+ C:\Windows\system32\miutils.dll 20/11/2014 00225792 r-h-s-d-a+ C:\Windows\SysWOW64\dcomp.dll 20/11/2014 00221184 r-h-s-d-a+ C:\Windows\system32\profsvc.dll 20/11/2014 00218624 r-h-s-d-a+ C:\Windows\system32\ie4uinit.exe 20/11/2014 00218112 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.Graphics.dll 20/11/2014 00218112 r-h-s-d-a+ C:\Windows\SysWOW64\sti.dll 20/11/2014 00208896 r-h-s-d-a+ C:\Windows\SysWOW64\rdpencom.dll 20/11/2014 00207872 r-h-s-d-a+ C:\Windows\system32\deviceregistration.dll 20/11/2014 00206336 r-h-s-d-a+ C:\Windows\system32\WSClient.dll 20/11/2014 00204408 r-h+s-d-a+ C:\Users\Tchii\AppData\Local\IconCache.db 20/11/2014 00202240 r-h-s-d-a+ C:\Windows\system32\ubpm.dll 20/11/2014 00198656 r-h-s-d-a+ C:\Windows\SysWOW64\AppXDeploymentClient.dll 20/11/2014 00197120 r-h-s-d-a+ C:\Windows\system32\scrrun.dll 20/11/2014 00195584 r-h-s-d-a+ C:\Windows\system32\msrating.dll 20/11/2014 00189952 r-h-s-d-a+ C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 20/11/2014 00186880 r-h-s-d-a+ C:\Windows\system32\WorkFoldersShell.dll 20/11/2014 00184832 r-h-s-d-a+ C:\Windows\system32\dafWfdProvider.dll 20/11/2014 00180224 r-h-s-d-a+ C:\Windows\SysWOW64\miutils.dll 20/11/2014 00178176 r-h-s-d-a+ C:\Windows\system32\easwrt.dll 20/11/2014 00174592 r-h-s-d-a+ C:\Windows\SysWOW64\WSClient.dll 20/11/2014 00171864 r-h-s-d-a+ C:\Windows\system32\kd_02_8086.dll 20/11/2014 00164864 r-h-s-d-a+ C:\Windows\SysWOW64\msrating.dll 20/11/2014 00160768 r-h-s-d-a+ C:\Windows\system32\AppxAllUserStore.dll 20/11/2014 00160256 r-h-s-d-a+ C:\Windows\system32\DWWIN.EXE 20/11/2014 00156672 r-h-s-d-a+ C:\Windows\SysWOW64\scrrun.dll 20/11/2014 00140800 r-h-s-d-a+ C:\Windows\SysWOW64\easwrt.dll 20/11/2014 00139776 r-h-s-d-a+ C:\Windows\SysWOW64\AppxAllUserStore.dll 20/11/2014 00139776 r-h-s-d-a+ C:\Windows\system32\poqexec.exe 20/11/2014 00139264 r-h-s-d-a+ C:\Windows\system32\ieUnatt.exe 20/11/2014 00138752 r-h-s-d-a+ C:\Windows\SysWOW64\DWWIN.EXE 20/11/2014 00138240 r-h-s-d-a+ C:\Windows\system32\OEMLicense.dll 20/11/2014 00136704 r-h-s-d-a+ C:\Windows\system32\psmsrv.dll 20/11/2014 00132608 r-h-s-d-a+ C:\Windows\system32\msched.dll 20/11/2014 00131160 r-h-s-d-a+ C:\Windows\system32\easinvoker.exe 20/11/2014 00124416 r-h-s-d-a+ C:\Windows\SysWOW64\poqexec.exe 20/11/2014 00115712 r-h-s-d-a+ C:\Windows\system32\winbici.dll 20/11/2014 00113152 r-h-s-d-a+ C:\Windows\system32\shsetup.dll 20/11/2014 00112128 r-h-s-d-a+ C:\Windows\SysWOW64\ieUnatt.exe 20/11/2014 00111616 r-h-s-d-a+ C:\Windows\system32\ieetwcollector.exe 20/11/2014 00104320 r-h-s-d-a+ C:\Windows\system32\ncryptsslp.dll 20/11/2014 00103936 r-h-s-d-a+ C:\Windows\SysWOW64\OEMLicense.dll 20/11/2014 00103424 r-h-s-d-a+ C:\Windows\system32\WiFiDisplay.dll 20/11/2014 00101888 r-h-s-d-a+ C:\Windows\system32\eappgnui.dll 20/11/2014 00094208 r-h-s-d-a+ C:\Windows\SysWOW64\shsetup.dll 20/11/2014 00093184 r-h-s-d-a+ C:\Windows\SysWOW64\eappgnui.dll 20/11/2014 00092672 r-h-s-d-a+ C:\Windows\system32\dafBth.dll 20/11/2014 00088272 r-h-s-d-a+ C:\Windows\SysWOW64\ncryptsslp.dll 20/11/2014 00084992 r-h-s-d-a+ C:\Windows\system32\mshtmled.dll 20/11/2014 00084480 r-h-s-d-a+ C:\Windows\system32\WSCollect.exe 20/11/2014 00083968 r-h-s-d-a+ C:\Windows\system32\TSWbPrxy.exe 20/11/2014 00075360 r-h-s-d-a+ C:\Windows\system32\imagehlp.dll 20/11/2014 00070680 r-h-s-d-a+ C:\Windows\SysWOW64\imagehlp.dll 20/11/2014 00069632 r-h-s-d-a+ C:\Windows\SysWOW64\mshtmled.dll 20/11/2014 00066048 r-h-s-d-a+ C:\Windows\system32\iesetup.dll 20/11/2014 00064512 r-h-s-d-a+ C:\Windows\system32\tsgqec.dll 20/11/2014 00061952 r-h-s-d-a+ C:\Windows\SysWOW64\iesetup.dll 20/11/2014 00057096 r-h-s-d-a+ C:\Windows\system32\certsentry.dll 20/11/2014 00054776 r-h-s-d-a+ C:\Windows\system32\wuauclt.exe 20/11/2014 00053760 r-h-s-d-a+ C:\Windows\system32\jsproxy.dll 20/11/2014 00053248 r-h-s-d-a+ C:\Windows\SysWOW64\tsgqec.dll 20/11/2014 00053248 r-h-s-d-a+ C:\Windows\system32\ftp.exe 20/11/2014 00051200 r-h-s-d-a+ C:\Windows\SysWOW64\ieetwproxystub.dll 20/11/2014 00049152 r-h-s-d-a+ C:\Windows\SysWOW64\ftp.exe 20/11/2014 00048640 r-h-s-d-a+ C:\Windows\system32\ieetwproxystub.dll 20/11/2014 00044936 r-h-s-d-a+ C:\Windows\system32\wldp.dll 20/11/2014 00043008 r-h-s-d-a+ C:\Windows\SysWOW64\jsproxy.dll 20/11/2014 00033792 r-h-s-d-a+ C:\Windows\system32\iernonce.dll 20/11/2014 00032768 r-h-s-d-a+ C:\Windows\SysWOW64\iernonce.dll 20/11/2014 00032088 r-h-s-d-a+ C:\Windows\system32\ploptin.dll 20/11/2014 00030208 r-h-s-d-a+ C:\Windows\system32\CredentialMigrationHandler.dll 20/11/2014 00027136 r-h-s-d-a+ C:\Windows\SysWOW64\CredentialMigrationHandler.dll 20/11/2014 00024064 r-h-s-d-a+ C:\Windows\system32\bi.dll 20/11/2014 00007605 r-h-s-d-a+ C:\Users\Tchii\AppData\Local\Resmon.ResmonCfg 20/11/2014 00004096 r-h-s-d-a+ C:\Windows\system32\ieetwcollectorres.dll 19/11/2014 01048576 r-h+s+d-a+ C:\Users\Tchii\NTUSER.DAT 19/11/2014 01044480 r-h+s+d-a+ C:\Users\Tchii\ntuser.dat.LOG1 19/11/2014 00585728 r-h+s+d-a+ C:\Users\Tchii\ntuser.dat.LOG2 19/11/2014 00524288 r-h+s+d-a+ C:\Users\Tchii\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000002.regtrans-ms 19/11/2014 00524288 r-h+s+d-a+ C:\Users\Tchii\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000001.regtrans-ms 19/11/2014 00065536 r-h+s+d-a+ C:\Users\Tchii\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TM.blf 19/11/2014 00000020 r-h+s+d-a- C:\Users\Tchii\ntuser.ini ==================== RUNNING PROCESSES ========================================= [dasHost] -LOCAL SERVICE- C:\Windows\system32\dashost.exe - (Microsoft Corporation) [dllhost] -Tchii- C:\Windows\system32\DllHost.exe - (Microsoft Corporation) [dts_apo_service] -SYSTEM- C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe - () [dwm] -DWM-1- C:\Windows\system32\dwm.exe - (Microsoft Corporation) [firefox] -Tchii- C:\Program Files (x86)\Mozilla Firefox\firefox.exe - (Mozilla Corporation) [igfxpers] -Tchii- C:\Windows\System32\igfxpers.exe - (Intel Corporation) [igfxtray] -Tchii- C:\Windows\System32\igfxtray.exe - (Intel Corporation) [jhi_service] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe - (Intel Corporation) [livecomm] -Tchii- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe - (Microsoft Corporation) [mbamscheduler] -SYSTEM- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe - (Malwarebytes Corporation) [searchFilterHost] -SYSTEM- C:\Windows\system32\SearchFilterHost.exe - (Microsoft Corporation) [searchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation) [settingSyncHost] -Tchii- C:\Windows\System32\SettingSyncHost.exe - (Microsoft Corporation) [skyDrive] -Tchii- C:\Windows\System32\skydrive.exe - (Microsoft Corporation) [synTPEnh] -Tchii- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - (Synaptics Incorporated) [taskhostex] -Tchii- C:\Windows\system32\taskhostex.exe - (Microsoft Corporation) [Taskmgr] -Tchii- C:\Windows\system32\taskmgr.exe - (Microsoft Corporation) [TecoService] -SYSTEM- C:\Program Files\Toshiba\Teco\TecoService.exe - (Toshiba Corporation) [TemproSvc] -SYSTEM- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe - (Toshiba Europe GmbH) [TMachInfo] -SYSTEM- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe - (TOSHIBA Corporation) [TODDSrv] -SYSTEM- C:\Windows\system32\TODDSrv.exe - (TOSHIBA Corporation) [Toshiba.Tempro.UI.CommonNotifier] -Tchii- C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe - (Toshiba Europe GmbH) [ToshibaServiceStation] -Tchii- C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe - (TOSHIBA Corporation) [TPCHSrv] -SYSTEM- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe - (TOSHIBA Corporation) [uMonit64] -Tchii- C:\Windows\SysWOW64\UMonit64.exe - () [winlogon] -SYSTEM- C:\Windows\system32\winlogon.exe - (Microsoft Corporation) [WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) ==================== IE PAGES ================================================== IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = about:blank IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {C6882FE1-CC23-447D-A538-29AE1CBDBF14} IE10 - HKLM\..\SearchScopes {C6882FE1-CC23-447D-A538-29AE1CBDBF14} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = about:blank IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB IE04 x64 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {C6882FE1-CC23-447D-A538-29AE1CBDBF14} IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {C6882FE1-CC23-447D-A538-29AE1CBDBF14} IE10 x64 - HKLM\..\SearchScopes {C6882FE1-CC23-447D-A538-29AE1CBDBF14} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB ==================== Auto Load ================================================= AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = userinit.exe AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe, AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe ==================== Firefox =================================================== FF - ProfilePath - C:\Users\Tchii\AppData\Roaming\Mozilla\firefox\Profiles\1u4m7770.default FF - Ext: [Default 33.1.1 ] - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} visible: True active: True FF - Ext: [Adblock Plus 2.6.6 ] - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} visible: True active: True FF - PlugIn: [Adobe® Flash® Player 15.0.0.223 Plugin] - C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ==================== Windows Host File ========================================= ==================== Auto Start Programs ======================================= ASP01 - HKLM\..\Run @ TSVU = "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe" ASP04 - HKCU\..\Run @ CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR ASP01 x64 - HKLM\..\Run @ TSVU = "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe" ASP04 x64 - HKCU\..\Run @ CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR ASP - Startup - C:\Users\Tchii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ==================== Extra Items IE ============================================ EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia ==================== Internet Default Prefix =================================== IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// ==================== Default Settings IE - DSIE ================================ DSIE - ieuinit.inf: START_PAGE= "http://go.microsoft.com/fwlink/p/?LinkId DSIE - ieuinit.inf: SEARCH_PAGE_URL= "http://go.microsoft.com/fwlink/?LinkId ==================== ShellServiceObjectDelayLoad - SSODL ======================= SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = ==================== Extra items - EXT (Torpig/ConduitSearch) ================== EXT00 - HKLM\SOFTWARE\AppDataLow\Software\Amazon EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Unity EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Unity EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe SERV - R2 - [CxAudMsg] - Conexant Audio Message Service - c:\windows\system32\cxaudmsg64.exe SERV - R2 - [dts_apo_service] - DTS APO Service - c:\program files (x86)\dts, inc\dts studio sound\dts_apo_service.exe SERV - R2 - [intel® Capability Licensing Service Interface] - Intel® Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe SERV - R2 - [intel® ME Service] - Intel® ME Service - c:\program files (x86)\intel\intel® management engine components\fwservice\intelmefwservice.exe SERV - R2 - [jhi_service] - Intel® Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel® management engine components\dal\jhi_service.exe SERV - R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe SERV - R2 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe SERV - R2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe SERV - R2 - [TODDSrv] - TOSHIBA Optical Disc Drive Service - c:\windows\system32\toddsrv.exe SERV - R2 - [TOSHIBA eco Utility Service] - TOSHIBA eco Utility Service - c:\program files\toshiba\teco\tecoservice.exe SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - R3 - [iCCS] - Intel® Integrated Clock Controller Service - Intel® ICCS - c:\program files (x86)\intel\intel® integrated clock controller service\iccproxy.exe SERV - R3 - [TemproMonitoringService] - TEMPRO Service - c:\program files (x86)\toshiba tempro\temprosvc.exe SERV - R3 - [TMachInfo] - TMachInfo - c:\program files\toshiba\toshiba service station\tmachinfo.exe SERV - R3 - [TPCHSrv] - TPCH Service - c:\program files\toshiba\tphm\tpchsrv.exe SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe SERV - S3 - [cphs] - Intel® Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe SERV - S3 - [GamesAppService] - GamesAppService - c:\program files (x86)\wildtangent games\app\gamesappservice.exe SERV - S3 - [iDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe SERV - S3 - [iEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe SERV - S3 - [intel® Capability Licensing Service TCP IP Interface] - Intel® Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe SERV - S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe SERV - S3 - [sNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe SERV - S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe *** Win32ShareProcess *** SERV - R2 - [samSs] - Security Accounts Manager - c:\windows\system32\lsass.exe SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [spooler] - Print Spooler - c:\windows\system32\spoolsv.exe SERV - S3 - [uI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe *** File System Driver *** DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys DRV - R0 - [disk] - Disk Driver - C:\Windows\system32\Drivers\disk.sys DRV - R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys DRV - R0 - [iaStorA] - iaStorA - C:\Windows\system32\Drivers\iaStorA.sys DRV - R0 - [intelpep] - Intel® Power Engine Plug-in Driver - C:\Windows\system32\Drivers\intelpep.sys DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys DRV - R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys DRV - R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys DRV - R0 - [pdc] - pdc - C:\Windows\system32\Drivers\pdc.sys DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys DRV - R0 - [spaceport] - Storage Spaces Driver - C:\Windows\system32\Drivers\spaceport.sys DRV - R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys DRV - R0 - [tos_sps64] - TOSHIBA tos_sps64 Service - C:\Windows\system32\Drivers\tos_sps64.sys DRV - R0 - [TVALZ] - TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver - C:\Windows\system32\Drivers\TVALZ.sys [x] DRV - R0 - [TVALZFL] - TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver - C:\Windows\system32\Drivers\TVALZFL.sys DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\Windows\system32\Drivers\vdrvroot.sys DRV - R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\Windows\system32\Drivers\WFPLWFS.sys DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys DRV - R1 - [beep] - Beep - C:\Windows\system32\Drivers\Beep.sys DRV - R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys DRV - S3 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys ==================== SvcHost - White Listed ==================================== All Ok WOW - All Ok ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== SigCheck x64 Fast ========================================= Fast Scan All ok ==================== Job tasks ================================================= There are no .job files found. ==================== End scanning at vr 21 nov 2014 15:42 (0 Min 15 Sec ) ====== -
Er is wat mis en ik vind niet wat, hoe, waar.
Tchii reageerde op Tchii's topic in Archief Bestrijding malware & virussen
Oef, wat een opluchting dattie nu wel opstart. Klopt het dat dit het logje is? ============================== E-Peek detection ... ============================== E Dev directory present, listing the subfolders: E-Peek Warning: E-Peek is present ============================== .Net detection ... ============================== Runtime Version: 4.0.30319.34011 Version = 2.0.50727.4927 Version = 3.0.30729.4926 Version = 3.5.30729.4926 Version = 4.5.51641 Version = 4.0.0.0 Version = v4.0.30319 .Net version is ok ============================== SQl CE 3.5 SP2 detection ... ============================== SQL Server CE key is not present SQL Server CE x86 is ok SQL Server CE key is not present SQL Server CE x64 is ok -
Er is wat mis en ik vind niet wat, hoe, waar.
Tchii reageerde op Tchii's topic in Archief Bestrijding malware & virussen
Dan krijg ik een pop upje: Windows cannot access the specified device, path or file. You may not have the appropriate permission to access the item. nogthans als admin uitgevoerd zoals gevraagd.
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!