Ga naar inhoud

search.claro-search.com probleem, startpagina veranderd steeds


Aanbevolen berichten

Ik krijg telkens het probleem dat mijn startpagina telkens veranderd.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 0:32:16, on 16/08/2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16447)

Boot mode: Normal

Running processes:

C:\Windows\PixArt\Pac207\Monitor.exe

C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe

C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Users\rwema\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [ulead Memory Card Detector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe

O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\rwema\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\rwema\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~3\browse~1\22565~1.25\{16cdf~1\browse~1.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11316 bytes

Link naar reactie
Delen op andere sites

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

ComboFix 12-08-16.01 - rwema 16/08/2012 15:15:20.13.2 - x64

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.4054.2250 [GMT 2:00]

Gestart vanuit: c:\users\rwema\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\DealPly

c:\program files (x86)\DealPly\DealPly.crx

c:\program files (x86)\DealPly\DealPly.xpi

c:\program files (x86)\DealPly\DealPlyTune.dll

c:\program files (x86)\DealPly\DealPlyUpdate.exe

c:\program files (x86)\DealPly\DealPlyUpdate.log

c:\program files (x86)\DealPly\DealPlyUpdateRun.exe

c:\program files (x86)\DealPly\icon.ico

c:\program files (x86)\DealPly\sqlite3.dll

c:\program files (x86)\DealPly\uninst.exe

c:\programdata\l_u0_0.pad

c:\windows\SysWow64\URTTemp

c:\windows\SysWow64\URTTemp\regtlib.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-16 to 2012-08-16 ))))))))))))))))))))))))))))))

.

.

2012-08-16 13:35 . 2012-08-16 13:35 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-08-16 13:35 . 2012-08-16 13:35 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-16 13:35 . 2012-08-16 13:35 -------- d-----w- c:\users\AppData\AppData\Local\temp

2012-08-15 22:08 . 2000-01-21 11:14 140288 ----a-w- c:\windows\SysWow64\COMDLG32.OCX

2012-08-15 22:08 . 2010-03-27 09:18 237568 ----a-w- c:\windows\SysWow64\FreeProxyDLL400.dll

2012-08-15 22:08 . 2012-08-15 22:08 -------- d-----w- c:\program files (x86)\Hand-Crafted Software

2012-08-15 17:14 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EF0BD76E-4EA3-46D1-8162-3A1345E43673}\mpengine.dll

2012-08-15 01:02 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB30A4.tmp

2012-08-15 01:02 . 2012-08-15 01:02 2332 ----a-w- c:\windows\MAN20BA.tmp

2012-08-15 01:02 . 2012-08-15 01:02 1472 ----a-w- c:\windows\VWL2186.tmp

2012-08-15 01:02 . 2012-08-15 01:02 32509482 ----a-w- c:\windows\WLF2187.tmp

2012-08-14 01:02 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDBF8C3.tmp

2012-08-14 01:02 . 2012-08-14 01:02 2332 ----a-w- c:\windows\MANE83D.tmp

2012-08-14 01:02 . 2012-08-14 01:02 1472 ----a-w- c:\windows\VWLE87C.tmp

2012-08-14 01:02 . 2012-08-14 01:02 32424012 ----a-w- c:\windows\WLFE88D.tmp

2012-08-13 13:32 . 2012-08-13 13:32 -------- d-----w- c:\programdata\Browser Manager

2012-08-13 13:32 . 2012-08-13 13:32 -------- d-----w- c:\program files (x86)\Claro LTD

2012-08-13 13:31 . 2012-08-13 13:31 -------- d-----w- c:\users\rwema\AppData\Roaming\ExpressFiles

2012-08-13 13:31 . 2012-08-13 13:31 -------- d-----w- c:\program files (x86)\ExpressFiles

2012-08-13 07:29 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB98B8.tmp

2012-08-13 07:29 . 2012-08-13 07:29 2332 ----a-w- c:\windows\MAN8A54.tmp

2012-08-13 07:29 . 2012-08-13 07:29 1472 ----a-w- c:\windows\VWL8B7D.tmp

2012-08-13 07:29 . 2012-08-13 07:29 32338530 ----a-w- c:\windows\WLF8B7E.tmp

2012-08-13 00:11 . 2012-08-13 00:11 -------- d-----w- c:\users\rwema\AppData\Roaming\Nero

2012-08-12 23:54 . 2012-08-12 23:57 -------- d-----w- c:\program files (x86)\Common Files\Nero

2012-08-12 23:53 . 2012-08-13 00:02 -------- d-----w- c:\programdata\Nero

2012-08-12 23:26 . 2011-12-01 09:42 15920 ----a-w- c:\windows\system32\drivers\NBVolUp.sys

2012-08-12 23:26 . 2011-12-01 09:42 72240 ----a-w- c:\windows\system32\drivers\NBVol.sys

2012-08-12 23:26 . 2012-08-13 00:02 -------- d-----w- c:\program files (x86)\Nero

2012-08-12 23:26 . 2012-08-12 23:26 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-12 23:25 . 2010-05-26 09:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll

2012-08-12 23:18 . 2010-05-26 09:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll

2012-08-12 23:17 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll

2012-08-12 23:16 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll

2012-08-12 23:15 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll

2012-08-12 20:30 . 2012-08-12 23:15 -------- d-----w- c:\users\rwema\AppData\Roaming\DVD Flick

2012-08-12 20:07 . 2003-01-26 11:41 40960 ----a-w- c:\windows\SysWow64\ssubtmr6.dll

2012-08-12 20:07 . 2012-08-12 20:07 -------- d-----w- c:\program files (x86)\DVD Flick

2012-08-12 20:07 . 2008-08-31 11:27 28672 ----a-w- c:\windows\SysWow64\mousewheel.ocx

2012-08-12 20:07 . 2007-08-31 16:36 36864 ----a-w- c:\windows\SysWow64\trayicon_handler.ocx

2012-08-12 20:07 . 2004-03-08 22:00 662288 ----a-w- c:\windows\SysWow64\mscomct2.ocx

2012-08-12 20:07 . 2004-03-08 22:00 609824 ----a-w- c:\windows\SysWow64\comctl32.ocx

2012-08-12 20:07 . 2004-03-08 22:00 212240 ----a-w- c:\windows\SysWow64\richtx32.ocx

2012-08-12 20:07 . 1998-06-23 22:00 164144 ----a-w- c:\windows\SysWow64\comct232.ocx

2012-08-12 17:43 . 2012-08-12 17:44 -------- d-----w- c:\users\rwema\AppData\Local\Facebook

2012-08-12 17:37 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB2954.tmp

2012-08-12 17:37 . 2012-08-12 17:37 1472 ----a-w- c:\windows\VWL18CE.tmp

2012-08-12 17:37 . 2012-08-12 17:37 32253084 ----a-w- c:\windows\WLF18CF.tmp

2012-08-12 17:37 . 2012-08-12 17:37 2332 ----a-w- c:\windows\MAN17F2.tmp

2012-08-11 01:02 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB9330.tmp

2012-08-11 01:02 . 2012-08-11 01:02 2332 ----a-w- c:\windows\MAN845E.tmp

2012-08-11 01:02 . 2012-08-11 01:02 1472 ----a-w- c:\windows\VWL849D.tmp

2012-08-11 01:02 . 2012-08-11 01:02 32167662 ----a-w- c:\windows\WLF849E.tmp

2012-08-10 01:02 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB455D.tmp

2012-08-10 01:02 . 2012-08-10 01:02 2332 ----a-w- c:\windows\MAN37E2.tmp

2012-08-10 01:02 . 2012-08-10 01:02 1472 ----a-w- c:\windows\VWL3841.tmp

2012-08-10 01:02 . 2012-08-10 01:02 32082216 ----a-w- c:\windows\WLF3842.tmp

2012-08-08 01:02 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDBAD14.tmp

2012-08-08 01:02 . 2012-08-08 01:02 2332 ----a-w- c:\windows\MAN9E62.tmp

2012-08-08 01:02 . 2012-08-08 01:02 1472 ----a-w- c:\windows\VWL9E72.tmp

2012-08-08 01:02 . 2012-08-08 01:02 31996746 ----a-w- c:\windows\WLF9E73.tmp

2012-08-07 14:53 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDBB31B.tmp

2012-08-07 14:52 . 2012-08-07 14:53 2332 ----a-w- c:\windows\MANA43A.tmp

2012-08-07 14:52 . 2012-08-07 14:53 1472 ----a-w- c:\windows\VWLA4A8.tmp

2012-08-07 14:52 . 2012-08-07 14:52 31911300 ----a-w- c:\windows\WLFA4B9.tmp

2012-08-06 11:35 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB605A.tmp

2012-08-06 11:35 . 2012-08-06 11:35 2332 ----a-w- c:\windows\MAN510C.tmp

2012-08-06 11:35 . 2012-08-06 11:35 1472 ----a-w- c:\windows\VWL513C.tmp

2012-08-06 11:35 . 2012-08-06 11:35 31825708 ----a-w- c:\windows\WLF513D.tmp

2012-08-05 11:48 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB85C5.tmp

2012-08-05 11:47 . 2012-08-05 11:48 2332 ----a-w- c:\windows\MAN7500.tmp

2012-08-05 11:47 . 2012-08-05 11:48 1472 ----a-w- c:\windows\VWL757E.tmp

2012-08-05 11:47 . 2012-08-05 11:47 31740202 ----a-w- c:\windows\WLF757F.tmp

2012-08-04 12:40 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB9C51.tmp

2012-08-04 12:40 . 2012-08-04 12:40 2332 ----a-w- c:\windows\MAN8F92.tmp

2012-08-04 12:40 . 2012-08-04 12:40 1472 ----a-w- c:\windows\VWL8FB2.tmp

2012-08-04 12:40 . 2012-08-04 12:40 31654720 ----a-w- c:\windows\WLF8FB3.tmp

2012-08-03 23:56 . 2012-08-03 23:56 -------- d-----w- c:\users\rwema\Thibo andere fotos

2012-08-03 01:02 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB75DA.tmp

2012-08-03 01:01 . 2012-08-03 01:02 2332 ----a-w- c:\windows\MAN6A24.tmp

2012-08-03 01:01 . 2012-08-03 01:02 1472 ----a-w- c:\windows\VWL6A63.tmp

2012-08-03 01:01 . 2012-08-03 01:01 31569262 ----a-w- c:\windows\WLF6A64.tmp

2012-08-02 13:52 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB7052.tmp

2012-08-02 13:52 . 2012-08-02 13:52 2332 ----a-w- c:\windows\MAN621C.tmp

2012-08-02 13:52 . 2012-08-02 13:52 1472 ----a-w- c:\windows\VWL626B.tmp

2012-08-02 13:52 . 2012-08-02 13:52 31483780 ----a-w- c:\windows\WLF626C.tmp

2012-08-01 08:43 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDBEF41.tmp

2012-08-01 08:43 . 2012-08-01 08:43 2332 ----a-w- c:\windows\MANE252.tmp

2012-08-01 08:43 . 2012-08-01 08:43 1472 ----a-w- c:\windows\VWLE2A1.tmp

2012-08-01 08:43 . 2012-08-01 08:43 31398310 ----a-w- c:\windows\WLFE2A2.tmp

2012-07-31 12:52 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB93B6.tmp

2012-07-31 12:52 . 2012-07-31 12:52 2332 ----a-w- c:\windows\MAN84D4.tmp

2012-07-31 12:52 . 2012-07-31 12:52 1472 ----a-w- c:\windows\VWL84F5.tmp

2012-07-31 12:52 . 2012-07-31 12:52 31312816 ----a-w- c:\windows\WLF8505.tmp

2012-07-30 16:30 . 2012-07-30 16:30 -------- d-----w- c:\windows\nl

2012-07-30 16:28 . 2012-07-30 16:28 -------- d-----w- c:\windows\en

2012-07-30 16:22 . 2012-03-08 16:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2012-07-30 16:14 . 2012-07-30 16:14 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\71e698401cd6e6e06\bingbarsetup.exe

2012-07-30 16:14 . 2012-07-30 16:14 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\6085ae601cd6e6e02\DSETUP.dll

2012-07-30 16:14 . 2012-07-30 16:14 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\6085ae601cd6e6e02\DXSETUP.exe

2012-07-30 16:14 . 2012-07-30 16:14 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\6085ae601cd6e6e02\dsetup32.dll

2012-07-30 16:14 . 2012-07-30 16:14 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\60f58f001cd6e6e03\MeshBetaRemover.exe

2012-07-30 11:34 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDBB75F.tmp

2012-07-30 11:34 . 2012-07-30 11:34 2332 ----a-w- c:\windows\MANAAEE.tmp

2012-07-30 11:34 . 2012-07-30 11:34 1472 ----a-w- c:\windows\VWLAB3D.tmp

2012-07-30 11:34 . 2012-07-30 11:34 31227334 ----a-w- c:\windows\WLFAB3E.tmp

2012-07-29 18:20 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDBA2A7.tmp

2012-07-29 18:20 . 2012-07-29 18:20 2332 ----a-w- c:\windows\MAN955C.tmp

2012-07-29 18:20 . 2012-07-29 18:20 1472 ----a-w- c:\windows\VWL95AB.tmp

2012-07-29 18:20 . 2012-07-29 18:20 31141840 ----a-w- c:\windows\WLF95AC.tmp

2012-07-28 08:41 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDBC7C4.tmp

2012-07-28 08:41 . 2012-07-28 08:41 2332 ----a-w- c:\windows\MANB911.tmp

2012-07-28 08:41 . 2012-07-28 08:41 1472 ----a-w- c:\windows\VWLB97F.tmp

2012-07-28 08:41 . 2012-07-28 08:41 31056298 ----a-w- c:\windows\WLFB990.tmp

2012-07-27 09:23 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDBD673.tmp

2012-07-27 09:23 . 2012-07-27 09:23 2332 ----a-w- c:\windows\MANCBA7.tmp

2012-07-27 09:23 . 2012-07-27 09:23 1472 ----a-w- c:\windows\VWLCBF6.tmp

2012-07-27 09:23 . 2012-07-27 09:23 30970840 ----a-w- c:\windows\WLFCBF7.tmp

2012-07-26 09:30 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB15E3.tmp

2012-07-26 09:30 . 2012-07-26 09:30 2330 ----a-w- c:\windows\MAN859.tmp

2012-07-26 09:30 . 2012-07-26 09:30 1470 ----a-w- c:\windows\VWL8E6.tmp

2012-07-26 09:30 . 2012-07-26 09:30 30885324 ----a-w- c:\windows\WLF8E7.tmp

2012-07-25 15:45 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB4F2C.tmp

2012-07-25 15:45 . 2012-07-25 15:45 2332 ----a-w- c:\windows\MAN427B.tmp

2012-07-25 15:45 . 2012-07-25 15:45 1472 ----a-w- c:\windows\VWL42BB.tmp

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-16 10:03 . 2006-11-02 12:35 62134624 ----a-w- c:\windows\system32\mrt.exe

2012-07-17 12:52 . 2012-07-17 12:52 2332 ----a-w- c:\windows\MANDD92.tmp

2012-07-17 12:52 . 2012-07-17 12:52 1472 ----a-w- c:\windows\VWLDDD1.tmp

2012-07-17 12:52 . 2012-07-17 12:52 30030774 ----a-w- c:\windows\WLFDDD2.tmp

2012-07-16 10:51 . 2012-07-16 10:51 2332 ----a-w- c:\windows\MANB116.tmp

2012-07-16 10:51 . 2012-07-16 10:51 1472 ----a-w- c:\windows\VWLB165.tmp

2012-07-16 10:51 . 2012-07-16 10:51 29945340 ----a-w- c:\windows\WLFB166.tmp

2012-07-15 11:39 . 2012-07-15 11:39 2332 ----a-w- c:\windows\MAN6132.tmp

2012-07-15 11:39 . 2012-07-15 11:39 1472 ----a-w- c:\windows\VWL6162.tmp

2012-07-15 11:39 . 2012-07-15 11:39 29859918 ----a-w- c:\windows\WLF6163.tmp

2012-07-14 08:37 . 2012-07-14 08:36 2332 ----a-w- c:\windows\MANE11A.tmp

2012-07-14 08:37 . 2012-07-14 08:36 1472 ----a-w- c:\windows\VWLE169.tmp

2012-07-14 08:36 . 2012-07-14 08:36 29764482 ----a-w- c:\windows\WLFE17A.tmp

2012-07-11 12:19 . 2012-07-11 12:19 2332 ----a-w- c:\windows\MANA4A7.tmp

2012-07-11 12:19 . 2012-07-11 12:19 1472 ----a-w- c:\windows\VWLA4E7.tmp

2012-07-11 12:19 . 2012-07-11 12:19 29670526 ----a-w- c:\windows\WLFA4F7.tmp

2012-07-10 15:08 . 2012-07-10 15:08 1472 ----a-w- c:\windows\VWLB895.tmp

2012-07-10 15:08 . 2012-07-10 15:08 2332 ----a-w- c:\windows\MANB7D9.tmp

2012-07-10 15:08 . 2012-07-10 15:08 29585020 ----a-w- c:\windows\WLFB896.tmp

2012-07-09 10:03 . 2012-07-09 10:03 2332 ----a-w- c:\windows\MANC4B5.tmp

2012-07-09 10:03 . 2012-07-09 10:03 1472 ----a-w- c:\windows\VWLC561.tmp

2012-07-09 10:03 . 2012-07-09 10:03 29499442 ----a-w- c:\windows\WLFC562.tmp

2012-07-08 09:49 . 2012-07-08 09:49 2332 ----a-w- c:\windows\MANCFBC.tmp

2012-07-08 09:49 . 2012-07-08 09:49 1472 ----a-w- c:\windows\VWLCFEC.tmp

2012-07-08 09:49 . 2012-07-08 09:49 29413996 ----a-w- c:\windows\WLFCFED.tmp

2012-07-07 09:06 . 2012-07-07 09:06 2332 ----a-w- c:\windows\MAN2126.tmp

2012-07-07 09:06 . 2012-07-07 09:06 1472 ----a-w- c:\windows\VWL2194.tmp

2012-07-07 09:06 . 2012-07-07 09:06 29328562 ----a-w- c:\windows\WLF21A5.tmp

2012-07-06 11:46 . 2012-07-06 11:46 2332 ----a-w- c:\windows\MAN694D.tmp

2012-07-06 11:46 . 2012-07-06 11:46 1472 ----a-w- c:\windows\VWL698C.tmp

2012-07-06 11:46 . 2012-07-06 11:46 29243104 ----a-w- c:\windows\WLF698D.tmp

2012-07-05 20:42 . 2012-07-05 20:42 2332 ----a-w- c:\windows\MANBC14.tmp

2012-07-05 20:42 . 2012-07-05 20:42 1472 ----a-w- c:\windows\VWLBC34.tmp

2012-07-05 20:42 . 2012-07-05 20:42 29156252 ----a-w- c:\windows\WLFBC45.tmp

2012-07-05 14:40 . 2012-07-05 14:40 2332 ----a-w- c:\windows\MANCFAD.tmp

2012-07-05 14:40 . 2012-07-05 14:40 1472 ----a-w- c:\windows\VWLD02B.tmp

2012-07-05 14:40 . 2012-07-05 14:40 29068982 ----a-w- c:\windows\WLFD02C.tmp

2012-07-04 13:40 . 2012-07-04 13:40 1472 ----a-w- c:\windows\VWL8A84.tmp

2012-07-04 13:40 . 2012-07-04 13:40 2332 ----a-w- c:\windows\MAN89F6.tmp

2012-07-04 13:40 . 2012-07-04 13:40 28975410 ----a-w- c:\windows\WLF8A85.tmp

2012-07-03 18:12 . 2012-07-03 18:12 2332 ----a-w- c:\windows\MAN3EB4.tmp

2012-07-03 18:12 . 2012-07-03 18:12 1472 ----a-w- c:\windows\VWL3EF4.tmp

2012-07-03 18:12 . 2012-07-03 18:12 28883402 ----a-w- c:\windows\WLF3F04.tmp

2012-07-03 16:21 . 2012-01-28 16:42 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-07-03 16:21 . 2012-01-28 16:42 44272 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2012-07-03 16:21 . 2012-01-28 16:42 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-07-03 16:21 . 2012-01-28 16:42 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-07-03 16:21 . 2012-01-28 16:42 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-07-03 16:21 . 2012-01-28 16:42 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-07-03 16:21 . 2012-01-28 16:41 41224 ----a-w- c:\windows\avastSS.scr

2012-07-03 16:21 . 2012-01-28 16:41 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe

2012-07-03 16:21 . 2011-05-26 13:09 285328 ----a-w- c:\windows\system32\aswBoot.exe

2012-07-03 11:46 . 2011-04-30 16:05 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-02 10:09 . 2012-07-02 10:09 2332 ----a-w- c:\windows\MAN72CE.tmp

2012-07-02 10:09 . 2012-07-02 10:09 1472 ----a-w- c:\windows\VWL737B.tmp

2012-07-02 10:09 . 2012-07-02 10:09 28797932 ----a-w- c:\windows\WLF737C.tmp

2012-07-01 12:07 . 2012-07-01 12:07 2332 ----a-w- c:\windows\MANFF7.tmp

2012-07-01 12:07 . 2012-07-01 12:07 1470 ----a-w- c:\windows\VWL1094.tmp

2012-07-01 12:07 . 2012-07-01 12:07 28712440 ----a-w- c:\windows\WLF10A4.tmp

2012-06-30 20:15 . 2012-06-30 20:15 2332 ----a-w- c:\windows\MANA801.tmp

2012-06-30 20:15 . 2012-06-30 20:15 1472 ----a-w- c:\windows\VWLA86F.tmp

2012-06-30 20:15 . 2012-06-30 20:15 28626900 ----a-w- c:\windows\WLFA870.tmp

2012-06-28 01:03 . 2012-06-28 01:03 2332 ----a-w- c:\windows\MANA769.tmp

2012-06-28 01:03 . 2012-06-28 01:03 1472 ----a-w- c:\windows\VWLA7A9.tmp

2012-06-28 01:03 . 2012-06-28 01:03 28541454 ----a-w- c:\windows\WLFA7B9.tmp

2012-06-27 07:17 . 2012-06-27 07:17 2332 ----a-w- c:\windows\MANC3DA.tmp

2012-06-27 07:17 . 2012-06-27 07:17 1472 ----a-w- c:\windows\VWLC41A.tmp

2012-06-27 07:17 . 2012-06-27 07:17 28455948 ----a-w- c:\windows\WLFC42A.tmp

2012-06-26 12:28 . 2012-06-26 12:28 2332 ----a-w- c:\windows\MAN52B1.tmp

2012-06-26 12:28 . 2012-06-26 12:28 1472 ----a-w- c:\windows\VWL52F0.tmp

2012-06-26 12:28 . 2012-06-26 12:28 28370478 ----a-w- c:\windows\WLF52F1.tmp

2012-06-25 13:43 . 2012-06-25 13:43 2332 ----a-w- c:\windows\MAN1209.tmp

2012-06-25 13:43 . 2012-06-25 13:43 1472 ----a-w- c:\windows\VWL1277.tmp

2012-06-25 13:43 . 2012-06-25 13:43 28284984 ----a-w- c:\windows\WLF1278.tmp

2012-06-24 11:05 . 2012-06-24 11:05 2332 ----a-w- c:\windows\MAN79EF.tmp

2012-06-24 11:05 . 2012-06-24 11:05 1472 ----a-w- c:\windows\VWL7A10.tmp

2012-06-24 11:05 . 2012-06-24 11:05 28199502 ----a-w- c:\windows\WLF7A11.tmp

2012-06-23 08:10 . 2012-06-23 08:09 2332 ----a-w- c:\windows\MANC14B.tmp

2012-06-23 08:10 . 2012-06-23 08:09 1472 ----a-w- c:\windows\VWLC18B.tmp

2012-06-23 08:09 . 2012-06-23 08:09 28114056 ----a-w- c:\windows\WLFC18C.tmp

2012-06-22 12:02 . 2012-06-22 12:02 2332 ----a-w- c:\windows\MAN83BF.tmp

2012-06-22 12:02 . 2012-06-22 12:02 1472 ----a-w- c:\windows\VWL83FE.tmp

2012-06-22 12:02 . 2012-06-22 12:02 28028586 ----a-w- c:\windows\WLF840F.tmp

2012-06-21 22:02 . 2012-06-21 22:02 2332 ----a-w- c:\windows\MAN3783.tmp

2012-06-21 22:02 . 2012-06-21 22:02 1472 ----a-w- c:\windows\VWL37C3.tmp

2012-06-21 22:02 . 2012-06-21 22:02 27943140 ----a-w- c:\windows\WLF37C4.tmp

2012-06-20 11:39 . 2012-06-20 11:39 2332 ----a-w- c:\windows\MAN4604.tmp

2012-06-20 11:39 . 2012-06-20 11:39 1472 ----a-w- c:\windows\VWL4624.tmp

2012-06-20 11:39 . 2012-06-20 11:39 27857658 ----a-w- c:\windows\WLF4625.tmp

2012-06-19 10:23 . 2012-06-19 10:23 2332 ----a-w- c:\windows\MANBC3C.tmp

2012-06-19 10:23 . 2012-06-19 10:23 1472 ----a-w- c:\windows\VWLBC8B.tmp

2012-06-19 10:23 . 2012-06-19 10:23 27772212 ----a-w- c:\windows\WLFBC9C.tmp

2012-06-18 17:25 . 2012-06-18 17:25 2332 ----a-w- c:\windows\MAN8007.tmp

2012-06-18 17:25 . 2012-06-18 17:25 1472 ----a-w- c:\windows\VWL8037.tmp

2012-06-18 17:25 . 2012-06-18 17:25 27686778 ----a-w- c:\windows\WLF8048.tmp

2012-06-17 06:32 . 2012-06-17 06:32 2332 ----a-w- c:\windows\MANCE56.tmp

2012-06-17 06:32 . 2012-06-17 06:32 1472 ----a-w- c:\windows\VWLCEE3.tmp

2012-06-17 06:32 . 2012-06-17 06:32 27601212 ----a-w- c:\windows\WLFCEF4.tmp

2012-06-16 11:38 . 2012-06-16 11:38 2332 ----a-w- c:\windows\MAN1D5F.tmp

2012-06-16 11:38 . 2012-06-16 11:38 1472 ----a-w- c:\windows\VWL1EA8.tmp

.

.

((((((((((((((((((((((((((((( SnapShot_2012-05-20_14.43.30 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-06-03 22:05 . 1999-05-29 08:08 45568 c:\windows\UniFish3.exe

+ 2012-06-21 21:59 . 2012-06-02 22:19 35864 c:\windows\SysWOW64\wups.dll

+ 2012-06-21 21:59 . 2012-06-02 22:12 88576 c:\windows\SysWOW64\wudriver.dll

+ 2012-06-21 21:58 . 2012-06-02 13:12 33792 c:\windows\SysWOW64\wuapp.exe

- 2009-10-27 17:39 . 2009-08-06 17:44 33792 c:\windows\SysWOW64\wuapp.exe

- 2011-05-13 15:03 . 2011-05-13 15:03 49016 c:\windows\SysWOW64\sirenacm.dll

+ 2012-03-08 16:50 . 2012-03-08 16:50 49016 c:\windows\SysWOW64\sirenacm.dll

+ 2012-07-11 12:24 . 2012-06-02 00:05 77312 c:\windows\SysWOW64\secur32.dll

- 2012-01-13 19:46 . 2011-11-16 16:24 77312 c:\windows\SysWOW64\secur32.dll

+ 2012-07-12 10:34 . 2012-06-02 08:17 73216 c:\windows\SysWOW64\mshtmled.dll

- 2012-04-12 10:49 . 2012-02-28 01:08 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll

+ 2012-07-12 10:34 . 2012-06-02 08:22 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll

- 2012-04-12 10:49 . 2012-02-28 01:08 65024 c:\windows\SysWOW64\jsproxy.dll

+ 2012-07-12 10:34 . 2012-06-02 08:21 65024 c:\windows\SysWOW64\jsproxy.dll

+ 2012-06-13 10:42 . 2012-04-23 16:00 98304 c:\windows\SysWOW64\cryptnet.dll

- 2008-01-21 03:20 . 2012-05-20 14:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2008-01-21 03:20 . 2012-08-16 09:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2008-01-21 03:20 . 2012-05-20 14:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2008-01-21 03:20 . 2012-08-16 09:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2008-01-21 03:20 . 2012-05-20 14:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2008-01-21 03:20 . 2012-08-16 09:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-06-21 21:59 . 2012-06-02 22:19 44056 c:\windows\system32\wups2.dll

+ 2012-06-21 21:59 . 2012-06-02 22:19 38424 c:\windows\system32\wups.dll

+ 2012-06-21 21:59 . 2012-06-02 22:15 99840 c:\windows\system32\wudriver.dll

+ 2012-06-21 21:59 . 2012-06-02 22:19 57880 c:\windows\system32\wuauclt.exe

+ 2012-06-21 21:58 . 2012-06-02 13:15 36864 c:\windows\system32\wuapp.exe

- 2009-10-27 17:39 . 2009-08-06 17:59 36864 c:\windows\system32\wuapp.exe

+ 2008-01-21 02:23 . 2012-08-16 09:59 83726 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-27 21:38 . 2012-08-16 09:59 25670 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3916401253-1491523390-1999398694-1000_UserData.bin

+ 2011-06-10 23:15 . 2011-06-10 23:15 57168 c:\windows\system32\vcomp100.dll

+ 2012-07-12 10:34 . 2012-06-02 11:57 96768 c:\windows\system32\mshtmled.dll

+ 2012-07-12 10:34 . 2012-06-02 12:03 86528 c:\windows\system32\migration\WininetPlugin.dll

- 2012-04-12 10:49 . 2012-02-28 06:47 86528 c:\windows\system32\migration\WininetPlugin.dll

- 2011-02-19 20:51 . 2011-02-19 20:51 93008 c:\windows\system32\mfcm100u.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 93008 c:\windows\system32\mfcm100u.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 93008 c:\windows\system32\mfcm100.dll

- 2011-02-19 20:51 . 2011-02-19 20:51 93008 c:\windows\system32\mfcm100.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 60752 c:\windows\system32\mfc100rus.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 43344 c:\windows\system32\mfc100kor.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 43856 c:\windows\system32\mfc100jpn.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 62288 c:\windows\system32\mfc100ita.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 64336 c:\windows\system32\mfc100fra.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 63824 c:\windows\system32\mfc100esn.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 55120 c:\windows\system32\mfc100enu.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 64336 c:\windows\system32\mfc100deu.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 36176 c:\windows\system32\mfc100cht.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 36176 c:\windows\system32\mfc100chs.dll

- 2012-04-12 10:49 . 2012-02-28 06:47 85504 c:\windows\system32\jsproxy.dll

+ 2012-07-12 10:34 . 2012-06-02 12:03 85504 c:\windows\system32\jsproxy.dll

+ 2012-08-12 23:26 . 2011-12-01 09:42 15920 c:\windows\system32\DRVSTORE\NBVolUp_60CF31F4D6EBDBE40CDCDADC58A3F2D12DB0693C\NBVolUp.sys

+ 2012-08-12 23:26 . 2011-12-01 09:42 72240 c:\windows\system32\DRVSTORE\NBVol_2091D51A8D60B4F32D55FE1573D5153887559771\NBVol.sys

+ 2012-07-30 16:22 . 2012-03-08 16:40 48488 c:\windows\system32\DRVSTORE\fssfltr_F81BFAB31A96EBC51D97A2D005244F41BE442B43\fssfltr.sys

+ 2009-07-27 22:34 . 2012-08-13 12:54 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-27 22:34 . 2012-05-19 15:55 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-27 22:34 . 2012-08-13 12:54 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-27 22:34 . 2012-05-19 15:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-27 22:34 . 2012-08-13 12:54 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-27 22:34 . 2012-05-19 15:55 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-06-14 08:19 . 2012-06-14 08:19 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

- 2012-05-12 14:44 . 2012-05-12 14:44 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

- 2012-05-12 14:44 . 2012-05-12 14:44 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2012-06-14 08:18 . 2012-06-14 08:18 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2012-06-14 08:18 . 2012-06-14 08:18 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2012-07-14 08:36 . 2012-07-14 08:36 22016 c:\windows\Installer\a128d.msi

+ 2012-07-30 16:19 . 2012-07-30 16:19 24576 c:\windows\Installer\10da76e.msp

+ 2012-07-30 16:30 . 2012-07-30 16:30 38912 c:\windows\Installer\10da767.msi

+ 2012-07-30 16:30 . 2012-07-30 16:30 21504 c:\windows\Installer\10da75c.msi

+ 2012-07-30 16:19 . 2012-07-30 16:19 31232 c:\windows\Installer\10da757.msp

+ 2012-07-30 16:30 . 2012-07-30 16:30 22528 c:\windows\Installer\10da752.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 23552 c:\windows\Installer\10da74d.msp

+ 2012-07-30 16:30 . 2012-07-30 16:30 21504 c:\windows\Installer\10da748.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 64512 c:\windows\Installer\10da742.msp

+ 2012-07-30 16:30 . 2012-07-30 16:30 21504 c:\windows\Installer\10da73d.msi

+ 2012-07-30 16:30 . 2012-07-30 16:30 23552 c:\windows\Installer\10da72c.msi

+ 2012-07-30 16:29 . 2012-07-30 16:29 22528 c:\windows\Installer\10da717.msi

+ 2012-07-30 16:29 . 2012-07-30 16:29 23552 c:\windows\Installer\10da707.msi

+ 2012-07-30 16:29 . 2012-07-30 16:29 22528 c:\windows\Installer\10da6f4.msi

+ 2012-07-30 16:29 . 2012-07-30 16:29 29184 c:\windows\Installer\10da6e7.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 29696 c:\windows\Installer\10da6e2.msp

+ 2012-07-30 16:29 . 2012-07-30 16:29 22016 c:\windows\Installer\10da6dc.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 24576 c:\windows\Installer\10da6d7.msp

+ 2012-07-30 16:29 . 2012-07-30 16:29 38912 c:\windows\Installer\10da6d0.msi

+ 2012-07-30 16:29 . 2012-07-30 16:29 99840 c:\windows\Installer\10da6c2.msi

+ 2012-07-30 16:29 . 2012-07-30 16:29 20992 c:\windows\Installer\10da6b6.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 30720 c:\windows\Installer\10da6b1.msp

+ 2012-07-30 16:29 . 2012-07-30 16:29 22016 c:\windows\Installer\10da6ac.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 23552 c:\windows\Installer\10da63f.msp

+ 2012-07-30 16:28 . 2012-07-30 16:28 21504 c:\windows\Installer\10da63a.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 60416 c:\windows\Installer\10da623.msp

+ 2012-07-30 16:28 . 2012-07-30 16:28 21504 c:\windows\Installer\10da61e.msi

+ 2012-07-30 16:27 . 2012-07-30 16:27 23552 c:\windows\Installer\10da60d.msi

+ 2012-07-30 16:27 . 2012-07-30 16:27 74752 c:\windows\Installer\10da5fe.msi

+ 2012-07-30 16:26 . 2012-07-30 16:26 22528 c:\windows\Installer\10da5af.msi

+ 2012-07-30 16:26 . 2012-07-30 16:26 23552 c:\windows\Installer\10da562.msi

+ 2012-07-30 16:25 . 2012-07-30 16:25 22528 c:\windows\Installer\10da553.msi

+ 2012-07-30 16:25 . 2012-07-30 16:25 29184 c:\windows\Installer\10da545.msi

+ 2012-07-30 16:15 . 2012-07-30 16:15 29184 c:\windows\Installer\10da540.msp

+ 2012-07-30 16:25 . 2012-07-30 16:25 22016 c:\windows\Installer\10da53a.msi

+ 2012-07-30 16:24 . 2012-07-30 16:24 30720 c:\windows\Installer\10da4e4.msi

+ 2012-07-30 16:23 . 2012-07-30 16:23 23040 c:\windows\Installer\10da4cf.msi

+ 2012-07-30 16:23 . 2012-07-30 16:23 58880 c:\windows\Installer\10da4c2.msi

+ 2012-07-30 16:14 . 2012-07-30 16:14 39936 c:\windows\Installer\10da47f.msp

+ 2012-07-30 16:22 . 2012-07-30 16:22 25600 c:\windows\Installer\10da47a.msi

+ 2012-07-30 16:22 . 2012-07-30 16:22 23040 c:\windows\Installer\10da471.msi

+ 2012-07-30 16:25 . 2012-07-30 16:25 80395 c:\windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe

- 2012-01-05 19:56 . 2012-01-05 19:56 80395 c:\windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe

+ 2012-08-13 00:00 . 2012-08-13 00:00 75048 c:\windows\Installer\{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}\ScWaveEditorStartM_3939FC794F8E448CB7E44465B4F58E0D.exe

+ 2012-08-13 00:00 . 2012-08-13 00:00 75048 c:\windows\Installer\{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}\ScWaveEditorStartM_26B4783C804B4FB5A3F971DB42EFCAE3.exe

+ 2012-08-13 00:00 . 2012-08-13 00:00 75048 c:\windows\Installer\{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}\ARPPRODUCTICON.exe

+ 2012-08-13 00:02 . 2012-08-13 00:02 69632 c:\windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe

+ 2011-06-06 10:55 . 2011-06-06 10:55 73624 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\wow_helper.exe

+ 2011-06-06 10:55 . 2011-06-06 10:55 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\ViewerPS.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 35736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\reader_sl.exe

+ 2011-06-06 10:55 . 2011-06-06 10:55 88992 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\PDFPrevHndlr.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 94608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\eula.exe

+ 2011-06-06 10:55 . 2011-06-06 10:55 64952 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\armsvc.exe

+ 2011-06-06 10:55 . 2011-06-06 10:55 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\acrotextextractor.exe

+ 2011-06-06 10:55 . 2011-06-06 10:55 17824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroRd32Info.exe

+ 2011-06-06 10:55 . 2011-06-06 10:55 63912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\acroiehelpershim.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroIEHelper.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\Acrofx32.dll

+ 2012-06-14 08:22 . 2012-06-14 08:22 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_060e1aae\System.Drawing.Design.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\45cea41d795fbfd7e085a8ad6671b7c8\System.Web.DynamicData.Design.ni.dll

+ 2012-07-30 18:00 . 2012-07-30 18:00 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\049e3678413f406a0beca6d54c317ac9\WindowsLiveWriter.ni.exe

+ 2012-07-30 18:01 . 2012-07-30 18:01 80896 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7a5f80d4e68dea33548c5fb8fc50a645\WindowsLive.Writer.Passport.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3e2877309499e4ab661dc95252da9e39\System.Web.DynamicData.Design.ni.dll

+ 2012-08-04 12:35 . 2012-08-04 20:01 1510 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3916401253-1491523390-1999398694-1003_UserData.bin

+ 2012-08-16 10:10 . 2012-08-16 10:14 2490 c:\windows\SoftwareDistribution\PostRebootEventCache\{88FDF4BA-4277-491B-B772-040634643C47}.bin

- 2012-05-20 14:39 . 2012-05-20 14:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-16 09:56 . 2012-08-16 09:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-16 09:56 . 2012-08-16 09:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-05-20 14:39 . 2012-05-20 14:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2010-10-23 17:11 . 2012-08-16 10:15 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe

- 2011-05-13 14:42 . 2011-05-13 14:42 302448 c:\windows\WLXPGSS.SCR

+ 2012-03-08 16:37 . 2012-03-08 16:37 302448 c:\windows\WLXPGSS.SCR

+ 2012-06-21 21:58 . 2012-06-02 13:19 171904 c:\windows\SysWOW64\wuwebv.dll

+ 2012-06-21 21:59 . 2012-06-02 22:19 577048 c:\windows\SysWOW64\wuapi.dll

+ 2012-07-12 10:34 . 2012-06-02 08:23 231936 c:\windows\SysWOW64\url.dll

- 2012-04-12 10:49 . 2012-02-28 01:09 231936 c:\windows\SysWOW64\url.dll

+ 2009-09-14 17:05 . 2009-09-14 17:05 374064 c:\windows\SysWOW64\twnlib4.dll

- 2012-01-13 19:46 . 2011-11-16 16:23 278528 c:\windows\SysWOW64\schannel.dll

+ 2012-07-11 12:24 . 2012-06-02 00:04 278528 c:\windows\SysWOW64\schannel.dll

+ 2012-07-11 12:24 . 2012-06-02 00:03 204288 c:\windows\SysWOW64\ncrypt.dll

- 2009-12-03 16:27 . 2009-04-11 06:28 204288 c:\windows\SysWOW64\ncrypt.dll

+ 2012-08-12 23:26 . 2012-08-12 23:26 247968 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe

+ 2012-08-12 23:26 . 2012-08-12 23:26 335520 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.dll

+ 2012-07-12 10:34 . 2012-06-02 08:19 716800 c:\windows\SysWOW64\jscript.dll

- 2012-04-12 10:49 . 2012-02-28 01:06 716800 c:\windows\SysWOW64\jscript.dll

+ 2009-09-14 17:05 . 2009-09-14 17:05 808240 c:\windows\SysWOW64\imagxra7.dll

+ 2009-09-14 17:05 . 2009-09-14 17:05 263472 c:\windows\SysWOW64\imagxr7.dll

+ 2009-09-14 17:04 . 2009-09-14 17:04 497296 c:\windows\SysWOW64\imagxpr7.dll

- 2011-07-19 18:27 . 2011-07-19 18:27 142848 c:\windows\SysWOW64\ieUnatt.exe

+ 2012-07-12 10:34 . 2012-06-02 08:20 142848 c:\windows\SysWOW64\ieUnatt.exe

+ 2012-07-12 10:34 . 2012-06-02 08:14 176640 c:\windows\SysWOW64\ieui.dll

- 2012-04-12 10:49 . 2012-02-28 00:59 176640 c:\windows\SysWOW64\ieui.dll

+ 2012-06-13 10:42 . 2012-04-23 16:00 133120 c:\windows\SysWOW64\cryptsvc.dll

+ 2012-06-13 10:42 . 2012-04-23 16:00 984064 c:\windows\SysWOW64\crypt32.dll

+ 2012-06-21 21:58 . 2012-06-02 13:19 186752 c:\windows\system32\wuwebv.dll

+ 2012-06-21 21:59 . 2012-06-02 22:19 701976 c:\windows\system32\wuapi.dll

+ 2009-07-29 00:57 . 2012-08-13 11:37 338916 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin

+ 2009-07-30 04:31 . 2012-08-16 12:08 427640 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin

+ 2006-11-02 15:45 . 2012-08-16 09:59 105866 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin

+ 2012-07-12 10:34 . 2012-06-02 12:04 237056 c:\windows\system32\url.dll

- 2012-04-12 10:49 . 2012-02-28 06:48 237056 c:\windows\system32\url.dll

- 2012-01-13 19:46 . 2011-11-16 16:42 347136 c:\windows\system32\schannel.dll

+ 2012-07-11 12:24 . 2012-06-02 00:22 347136 c:\windows\system32\schannel.dll

- 2006-11-02 12:46 . 2012-05-20 13:53 668428 c:\windows\system32\perfh009.dat

+ 2006-11-02 12:46 . 2012-08-16 10:04 668428 c:\windows\system32\perfh009.dat

- 2006-11-02 12:46 . 2012-05-20 13:53 134026 c:\windows\system32\perfc009.dat

+ 2006-11-02 12:46 . 2012-08-16 10:04 134026 c:\windows\system32\perfc009.dat

+ 2012-07-11 12:24 . 2012-06-02 00:22 254464 c:\windows\system32\ncrypt.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 829264 c:\windows\system32\msvcr100.dll

- 2011-02-18 22:52 . 2011-02-18 22:52 829264 c:\windows\system32\msvcr100.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 608080 c:\windows\system32\msvcp100.dll

- 2011-02-19 20:51 . 2011-02-19 20:51 608080 c:\windows\system32\msvcp100.dll

+ 2011-05-26 13:01 . 2012-05-31 10:25 279656 c:\windows\system32\MpSigStub.exe

- 2011-05-26 13:01 . 2012-02-23 08:18 279656 c:\windows\system32\MpSigStub.exe

+ 2012-07-12 10:34 . 2012-06-02 12:00 818688 c:\windows\system32\jscript.dll

- 2012-04-12 10:49 . 2012-02-28 06:45 818688 c:\windows\system32\jscript.dll

+ 2012-07-12 10:34 . 2012-06-02 12:01 173056 c:\windows\system32\ieUnatt.exe

- 2011-07-19 18:27 . 2011-07-19 18:27 173056 c:\windows\system32\ieUnatt.exe

+ 2012-07-12 10:34 . 2012-06-02 11:54 248320 c:\windows\system32\ieui.dll

- 2012-04-12 10:49 . 2012-02-28 06:39 248320 c:\windows\system32\ieui.dll

+ 2006-11-02 15:21 . 2012-07-20 10:56 335824 c:\windows\system32\FNTCACHE.DAT

+ 2012-06-19 15:57 . 2012-06-19 15:57 834544 c:\windows\system32\drivers\sptd.sys

+ 2012-06-13 10:43 . 2012-05-01 14:29 209920 c:\windows\system32\drivers\rdpwd.sys

- 2012-03-14 11:07 . 2012-01-09 14:27 209920 c:\windows\system32\drivers\rdpwd.sys

+ 2012-07-11 12:24 . 2012-06-04 15:29 516480 c:\windows\system32\drivers\ksecdd.sys

+ 2012-06-13 10:42 . 2012-04-23 16:25 174592 c:\windows\system32\cryptsvc.dll

+ 2012-06-13 10:42 . 2012-04-23 16:25 132096 c:\windows\system32\cryptnet.dll

- 2011-02-19 20:51 . 2011-02-19 20:51 158536 c:\windows\system32\atl100.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 158536 c:\windows\system32\atl100.dll

+ 2011-02-18 11:35 . 2012-08-04 00:42 747816 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2010-10-23 14:47 . 2012-08-16 00:01 322232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2012-08-04 00:42 . 2012-08-04 18:33 614852 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1003-8192.dat

+ 2012-04-21 09:03 . 2012-04-21 09:03 616024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll

+ 2012-06-13 10:42 . 2012-04-23 11:01 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll

- 2012-04-11 10:56 . 2012-01-26 11:00 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll

+ 2012-04-21 09:03 . 2012-04-21 09:03 616024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll

- 2012-04-11 10:56 . 2012-01-26 11:00 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll

+ 2012-06-13 10:42 . 2012-04-23 11:01 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll

- 2012-01-27 15:35 . 2012-01-27 15:35 471040 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll

+ 2012-04-25 15:45 . 2012-04-25 15:45 471040 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2012-06-14 08:18 . 2012-06-14 08:18 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2012-06-14 08:18 . 2012-06-14 08:18 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

+ 2012-08-12 17:44 . 2012-08-12 17:44 112640 c:\windows\Installer\a9d6c.msi

+ 2012-05-20 21:33 . 2012-05-20 21:33 359936 c:\windows\Installer\2214eb.msi

+ 2012-08-13 00:02 . 2012-08-13 00:02 656896 c:\windows\Installer\17926e.msi

+ 2012-08-13 00:02 . 2012-08-13 00:02 873984 c:\windows\Installer\179267.msi

+ 2012-08-13 00:01 . 2012-08-13 00:01 873984 c:\windows\Installer\17925f.msi

+ 2012-08-13 00:01 . 2012-08-13 00:01 873984 c:\windows\Installer\179257.msi

+ 2012-08-13 00:01 . 2012-08-13 00:01 874496 c:\windows\Installer\17924f.msi

+ 2012-08-13 00:01 . 2012-08-13 00:01 873984 c:\windows\Installer\179247.msi

+ 2012-08-13 00:01 . 2012-08-13 00:01 913920 c:\windows\Installer\17923f.msi

+ 2012-08-13 00:01 . 2012-08-13 00:01 874496 c:\windows\Installer\179237.msi

+ 2012-08-13 00:01 . 2012-08-13 00:01 873984 c:\windows\Installer\17922f.msi

+ 2012-08-13 00:01 . 2012-08-13 00:01 877568 c:\windows\Installer\179227.msi

+ 2012-08-13 00:01 . 2012-08-13 00:01 874496 c:\windows\Installer\17921f.msi

+ 2012-08-13 00:00 . 2012-08-13 00:00 874496 c:\windows\Installer\179217.msi

+ 2012-08-12 23:15 . 2012-08-12 23:15 174592 c:\windows\Installer\13b7b2f.msi

+ 2012-08-12 23:14 . 2012-08-12 23:14 228352 c:\windows\Installer\13b7b29.msi

+ 2012-08-12 23:13 . 2012-08-12 23:13 424960 c:\windows\Installer\13b7b23.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 513024 c:\windows\Installer\10da726.msp

+ 2012-07-30 16:30 . 2012-07-30 16:30 201216 c:\windows\Installer\10da721.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 665088 c:\windows\Installer\10da71c.msp

+ 2012-07-30 16:16 . 2012-07-30 16:16 468992 c:\windows\Installer\10da6fe.msp

+ 2012-07-30 16:16 . 2012-07-30 16:16 630272 c:\windows\Installer\10da6ef.msp

+ 2012-07-30 16:28 . 2012-07-30 16:28 277504 c:\windows\Installer\10da69b.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 276480 c:\windows\Installer\10da694.msp

+ 2012-07-30 16:28 . 2012-07-30 16:28 139264 c:\windows\Installer\10da657.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 205824 c:\windows\Installer\10da635.msp

+ 2012-07-30 16:28 . 2012-07-30 16:28 187904 c:\windows\Installer\10da62b.msi

+ 2012-07-30 16:27 . 2012-07-30 16:27 216064 c:\windows\Installer\10da5cb.msi

+ 2012-07-30 16:15 . 2012-07-30 16:15 509952 c:\windows\Installer\10da5bf.msp

+ 2012-07-30 16:26 . 2012-07-30 16:26 201216 c:\windows\Installer\10da5ba.msi

+ 2012-07-30 16:15 . 2012-07-30 16:15 635904 c:\windows\Installer\10da5b5.msp

+ 2012-07-30 16:26 . 2012-07-30 16:26 205312 c:\windows\Installer\10da590.msi

+ 2012-07-30 16:26 . 2012-07-30 16:26 714240 c:\windows\Installer\10da574.msi

+ 2012-07-30 16:15 . 2012-07-30 16:15 468480 c:\windows\Installer\10da55d.msp

+ 2012-07-30 16:15 . 2012-07-30 16:15 625664 c:\windows\Installer\10da54e.msp

+ 2012-07-30 16:24 . 2012-07-30 16:24 417792 c:\windows\Installer\10da521.msi

+ 2012-07-30 16:24 . 2012-07-30 16:24 200192 c:\windows\Installer\10da500.msi

+ 2012-07-30 16:14 . 2012-07-30 16:14 715264 c:\windows\Installer\10da4ca.msp

+ 2012-07-30 16:23 . 2012-07-30 16:23 212992 c:\windows\Installer\10da4b1.msi

+ 2012-07-30 16:13 . 2012-07-30 16:13 136704 c:\windows\Installer\10da4ac.msp

+ 2012-07-30 16:22 . 2012-07-30 16:22 238080 c:\windows\Installer\10da4a7.msi

+ 2012-08-12 23:57 . 2012-08-12 23:57 587048 c:\windows\Installer\{FF44BCE5-5A18-4051-85F0-BC172D7B4695}\NeroCoverDesigner_EF89736D5D4B4006B5966729E642699E.exe

+ 2012-08-12 23:57 . 2012-08-12 23:57 587048 c:\windows\Installer\{FF44BCE5-5A18-4051-85F0-BC172D7B4695}\ARPPRODUCTICON.exe

+ 2012-08-12 23:53 . 2012-08-12 23:53 300368 c:\windows\Installer\{FC18AB8F-9BA3-423B-91F2-622990F57978}\ARPPRODUCTICON.exe

+ 2012-08-12 23:58 . 2012-08-12 23:58 582952 c:\windows\Installer\{FAF448F1-4460-440C-9280-07F66A63D6F5}\ScKwikMediaStar_594597E2768645E1995B7F203ACC4488.exe

+ 2012-08-12 23:58 . 2012-08-12 23:58 582952 c:\windows\Installer\{FAF448F1-4460-440C-9280-07F66A63D6F5}\ScKwikMediaDesk_DAE4ED9540AC4C38962344CC52ED8A73.exe

+ 2012-08-12 23:58 . 2012-08-12 23:58 582952 c:\windows\Installer\{FAF448F1-4460-440C-9280-07F66A63D6F5}\NeroKwikMedia._63C8A7B0BBE5459F9AC436392B2FF50D.exe

+ 2012-08-12 23:54 . 2012-08-12 23:54 312616 c:\windows\Installer\{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}\ARPPRODUCTICON.exe

+ 2012-08-12 23:54 . 2012-08-12 23:54 312616 c:\windows\Installer\{F3743A2C-5D5F-4456-8F98-5DF36A954C50}\ARPPRODUCTICON.exe

- 2012-05-06 18:10 . 2012-05-06 18:10 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe

+ 2012-07-21 21:35 . 2012-07-21 21:35 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe

+ 2012-08-12 23:55 . 2012-08-12 23:55 312616 c:\windows\Installer\{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}\ARPPRODUCTICON.exe

+ 2012-08-12 23:57 . 2012-08-12 23:57 587048 c:\windows\Installer\{E10AAE4A-98B8-420A-BD93-E0520C23D624}\NeroExpress.exe_81A8FD91A6494AD5B4998149EAAC7E7C.exe

+ 2012-08-12 23:57 . 2012-08-12 23:57 587048 c:\windows\Installer\{E10AAE4A-98B8-420A-BD93-E0520C23D624}\ARPPRODUCTICON.exe

+ 2012-08-12 23:26 . 2012-08-12 23:26 587048 c:\windows\Installer\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}\ARPPRODUCTICON.exe

+ 2012-08-12 23:55 . 2012-08-12 23:55 587048 c:\windows\Installer\{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}\ScBurningROMStartM_FF88F478D1E748AC86035D457D563142.exe

+ 2012-08-12 23:55 . 2012-08-12 23:55 587048 c:\windows\Installer\{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}\ScBurningROMStartM_7533AE23D677474387D2A66427FA7052.exe

+ 2012-08-12 23:55 . 2012-08-12 23:55 587048 c:\windows\Installer\{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}\ARPPRODUCTICON.exe

+ 2012-08-12 23:56 . 2012-08-12 23:56 587048 c:\windows\Installer\{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}\BackItUp._AB9F1F47710540918A47B78D2BED5DAD.exe

+ 2012-08-12 23:56 . 2012-08-12 23:56 587048 c:\windows\Installer\{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}\BackItUp._6DE631547FD24BC5962A4E5F07A1BE20.exe

+ 2012-08-12 23:56 . 2012-08-12 23:56 587048 c:\windows\Installer\{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}\ARPPRODUCTICON.exe

+ 2012-08-12 23:54 . 2012-08-12 23:54 300328 c:\windows\Installer\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}\ARPPRODUCTICON.exe

+ 2012-08-12 23:54 . 2012-08-12 23:54 300328 c:\windows\Installer\{9193490D-5229-4FC4-9BB9-A6D63C09574A}\ARPPRODUCTICON.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe

+ 2010-10-23 17:11 . 2012-08-16 10:15 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe

- 2010-10-23 17:11 . 2012-05-12 14:27 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe

+ 2012-08-12 23:54 . 2012-08-12 23:54 312616 c:\windows\Installer\{5A212B2D-140D-46F4-B625-2D1CA5A00594}\ARPPRODUCTICON.exe

+ 2012-08-12 23:56 . 2012-08-12 23:56 296232 c:\windows\Installer\{51865D9D-8F63-46F2-87AB-9E72F93B618C}\NewShortcut1_424DC20E837745D1ACA9F2C02A4DFBD9.exe

+ 2012-08-12 23:55 . 2012-08-12 23:55 312616 c:\windows\Installer\{2CA7225D-CB12-462A-9DD1-50319E158BA5}\ARPPRODUCTICON.exe

+ 2012-08-12 23:56 . 2012-08-12 23:56 300328 c:\windows\Installer\{2432E589-6256-4513-B0BF-EFA8E325D5F0}\ARPPRODUCTICON.exe

+ 2012-08-12 23:53 . 2012-08-12 23:53 587048 c:\windows\Installer\{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}\ScControlCenterSta_FC2653898C5047A6A872CAF6433C43A8.exe

+ 2012-08-12 23:53 . 2012-08-12 23:53 587048 c:\windows\Installer\{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}\ARPPRODUCTICON.exe

+ 2012-08-12 23:59 . 2012-08-12 23:59 587048 c:\windows\Installer\{0D7A4289-99CF-4B8D-B812-86BE50A54552}\NewShortcut1_28CF345AD4354131AA47B77D4165D813.exe

+ 2012-08-12 23:59 . 2012-08-12 23:59 587048 c:\windows\Installer\{0D7A4289-99CF-4B8D-B812-86BE50A54552}\NeroVision.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe

+ 2012-08-12 23:59 . 2012-08-12 23:59 587048 c:\windows\Installer\{0D7A4289-99CF-4B8D-B812-86BE50A54552}\ARPPRODUCTICON.exe

+ 2012-08-13 00:00 . 2012-08-13 00:00 587048 c:\windows\Installer\{0713D1F9-DD77-42C1-8C7D-54D479E2E743}\ScSoundTraxStartMe_92F39C657A3840139A47B92C3EFBBBBB.exe

+ 2012-08-13 00:00 . 2012-08-13 00:00 587048 c:\windows\Installer\{0713D1F9-DD77-42C1-8C7D-54D479E2E743}\ARPPRODUCTICON.exe

+ 2012-08-12 23:58 . 2012-08-12 23:58 587048 c:\windows\Installer\{034DCAF9-96E7-4936-9A07-712F80B5181E}\NeroRescueAgent.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe

+ 2012-08-12 23:58 . 2012-08-12 23:58 587048 c:\windows\Installer\{034DCAF9-96E7-4936-9A07-712F80B5181E}\ARPPRODUCTICON.exe

+ 2012-08-12 23:59 . 2012-08-12 23:59 300328 c:\windows\Installer\{0320AB41-0926-4218-A8A6-68AC84E6BB93}\ScRecodeStartMenu_563A75F05683422E8C558ED3B6DA617D.exe

+ 2012-08-12 23:59 . 2012-08-12 23:59 300328 c:\windows\Installer\{0320AB41-0926-4218-A8A6-68AC84E6BB93}\ARPPRODUCTICON.exe

+ 2012-08-12 23:55 . 2012-08-12 23:55 300328 c:\windows\Installer\{01E9B2FF-DAF4-4529-9CC9-2101625517C7}\ARPPRODUCTICON.exe

+ 2011-06-06 10:55 . 2011-06-06 10:55 249232 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\sqlite.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 394136 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\pdfshell.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 183696 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\nppdf32.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 104344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AiodLite.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 937920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\adobearm.exe

+ 2011-06-06 10:55 . 2011-06-06 10:55 102808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroRdIF.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 755088 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroPDF.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 296344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\acrobroker.exe

+ 2011-06-06 10:55 . 2011-06-06 10:55 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\a3dutils.dll

+ 2012-06-14 08:23 . 2012-06-14 08:23 843776 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_122a5d3a\System.Drawing.dll

+ 2012-06-14 08:23 . 2012-06-14 08:23 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_4091c432\System.Drawing.Design.dll

+ 2012-06-14 09:16 . 2012-06-14 09:16 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\08becdcc9bd647c4e4d07ceea7fe4895\WindowsFormsIntegration.ni.dll

+ 2012-06-14 09:16 . 2012-06-14 09:16 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ca5505a49a075ee7ad2535f89d9ea992\System.ServiceProcess.ni.dll

+ 2012-06-14 09:16 . 2012-06-14 09:16 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\0d8257087be3e57b071d1d5ccd705c2f\System.Messaging.ni.dll

+ 2012-06-14 09:16 . 2012-06-14 09:16 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\52792a7ce63196551c29f5201562c1ae\System.Configuration.Install.ni.dll

+ 2012-06-14 09:12 . 2012-06-14 09:12 421888 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\6a1782662138a76ec3b70ff7b8ae05c7\Microsoft.VisualBasic.Compatibility.Data.ni.dll

+ 2012-06-14 09:06 . 2012-06-14 09:06 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\db6668b547e7504d74c3f345e2519b65\WindowsFormsIntegration.ni.dll

+ 2012-06-14 09:05 . 2012-06-14 09:05 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\9ae3a257c347602d42ab80bb7a5ca3bb\System.ServiceProcess.ni.dll

+ 2012-06-14 09:05 . 2012-06-14 09:05 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\7a5371c272b4008457a3af780bf65ae5\System.Messaging.ni.dll

+ 2012-06-14 09:05 . 2012-06-14 09:05 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\0a0d6610975706aee94ec9f44191bab8\System.Configuration.Install.ni.dll

+ 2012-06-14 09:05 . 2012-06-14 09:05 302592 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\b8b1c59a57ff2f3106b896bb4f69aa42\Microsoft.VisualBasic.Compatibility.Data.ni.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\80961515d3044ea901548167c32a5098\WindowsFormsIntegration.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 472576 c:\windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\26ac30b6544a62cf03995c31f8b8d687\VistaBridgeLibrary.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 736768 c:\windows\assembly\NativeImages_v2.0.50727_64\VDialog\744070fc836405905ef9b8e8333b1235\VDialog.ni.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 290304 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\3b418c7263e7bee8431e453c3d656213\TaskScheduler.ni.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\7ed738c9e6e9fd019aefaac8f56c8369\System.Web.Routing.ni.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 449536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\00a0903af7c1c11be3cca7a98cb6ce18\System.Web.Entity.ni.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\51ee514bc742cadcb78b85f0380db9df\System.Web.Entity.Design.ni.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 754176 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\c2380ec5280efd702bfe2e25715d3c11\System.Web.DynamicData.ni.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\2ed431cbe077cfcd288ecda76d4b96a0\System.Web.Abstractions.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\3684a5e85850ee745803ade3c6280f2d\System.ServiceProcess.ni.dll

+ 2012-06-14 09:08 . 2012-06-14 09:08 782848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\f16066c5217b2bae461d1c3a36b6675a\System.Messaging.ni.dll

+ 2012-06-14 08:50 . 2012-06-14 08:50 289280 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\bf139e01549b7cab9fab5bf9da914194\System.Drawing.Design.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 191488 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\576f9dcaf73e3e48cb4bd57f88e44c33\System.Configuration.Install.ni.dll

+ 2012-06-14 09:10 . 2012-06-14 09:10 852992 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\e9bd06b6e8d13de7688a7b8d9caae4be\napsnap.ni.dll

+ 2012-06-14 09:10 . 2012-06-14 09:10 154112 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\d18aaabc1ed8e516fd6e15673ced499f\napinit.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 401408 c:\windows\assembly\NativeImages_v2.0.50727_64\MyDock.Util\7d3b152578100e421eae378e5b6ab680\MyDock.Util.ni.dll

+ 2012-06-14 09:09 . 2012-06-14 09:09 414720 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\d5f4f13114a618bff85ea70be9060c28\MMCFxCommon.ni.dll

+ 2012-06-14 09:08 . 2012-06-14 09:08 933376 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\571c66f0a8ca17316e9b6e1a7f71640b\Microsoft.MediaCenter.ni.dll

+ 2012-06-14 09:09 . 2012-06-14 09:09 794624 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\a4de1bbf800bcc9e700b80d51f26f91e\Microsoft.ManagementConsole.ni.dll

+ 2012-06-14 09:09 . 2012-06-14 09:09 645120 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\cbaec0147fffacc1c80d7b03a74a7f9f\EventViewer.ni.dll

+ 2012-06-14 09:08 . 2012-06-14 09:08 368640 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\b2ae3bbc46f1352799b35d8674a9f993\ehExtHost.ni.exe

+ 2012-07-30 18:01 . 2012-07-30 18:01 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\c66eb7c6e495b6a4fc008b2cb7a71664\WindowsLiveLocal.WriterPlugin.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e554972c10af1f48e3e446a266b282fd\WindowsLive.Writer.Interop.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d826bef886460c5013ccb1d95721318e\WindowsLive.Writer.Api.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c9fa12d3a28da541e04c8d17a50ce134\WindowsLive.Writer.Instrumentation.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 156672 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a8377d16883ed56f06324dab826528fb\WindowsLive.Writer.HtmlParser.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 890880 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a7bd0c8151e42189390e8eb23d3724a5\WindowsLive.Writer.HtmlEditor.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 871936 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8135f87905ee1e3a4c93a6aa3498d0ad\WindowsLive.Writer.BlogClient.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 325632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6dfce38fa28c3768cf3a9f0b67c08d9d\WindowsLive.Writer.SpellChecker.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 780288 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5aaccb27b7edbe0d4944d25bcaa6ee97\WindowsLive.Writer.Controls.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 121856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3f7ecb3f4293b490824bd0594c5421a1\WindowsLive.Writer.Extensibility.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\36b3f969ceb32fbc0beefa2e0cfe8400\WindowsLive.Writer.FileDestinations.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 374272 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0fb9633875554a47a15e8f889195103d\WindowsLive.Writer.Interop.Mshtml.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\06eecd96de56386ad5efe0936529b357\WindowsLive.Writer.Mshtml.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0101b07f7d0a3698d2f4ac092eefea88\WindowsLive.Writer.BrowserControl.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\584fa11c7c16b330d5c23201e3baaf1e\WindowsLive.Client.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\9104e78d8897df008eed3a2af3bda6a2\WindowsFormsIntegration.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 235520 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\dff98b9115ba5b0f796550c3604f3ac2\TaskScheduler.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\4d73bbe950309d7589e392c07e767981\System.Web.Routing.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c1a4d33fc32145339a8d6ecce8814a82\System.Web.Extensions.Design.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\f8313d1191728d85c9a2c28995421886\System.Web.Entity.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\c332e16f64df41792d0cc94eff9a40cc\System.Web.Entity.Design.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3acd7d1f09834f8ad2b6f7c97f12d275\System.Web.DynamicData.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6308ea7dcc6abd9aea29b448a03f0af3\System.Web.Abstractions.ni.dll

+ 2012-06-14 09:02 . 2012-06-14 09:02 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll

+ 2012-06-14 09:02 . 2012-06-14 09:02 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\8ad39a1c48ba36b5210abe02ef03bc2a\System.Messaging.ni.dll

+ 2012-06-14 08:48 . 2012-06-14 08:48 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\86d95330e670761c503f6f2e8cbe66b9\System.Drawing.Design.ni.dll

+ 2012-06-14 09:02 . 2012-06-14 09:02 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\559eb472944e19bca4d034eda4bdfcb7\System.Configuration.Install.ni.dll

+ 2012-06-14 09:03 . 2012-06-14 09:03 724992 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\2840f96c0590375ed722b20354bcd554\napsnap.ni.dll

+ 2012-06-14 09:03 . 2012-06-14 09:03 110080 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\e1de44dda528f5126f251f146f30487a\napinit.ni.dll

+ 2012-06-14 09:02 . 2012-06-14 09:02 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\9621076f8f44240e769dd03177d0c47f\MMCFxCommon.ni.dll

+ 2012-06-14 08:27 . 2012-06-14 08:27 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\f22e7365e7527cd3c3f707218d8e3a10\Microsoft.MediaCenter.ni.dll

+ 2012-06-14 09:02 . 2012-06-14 09:02 558592 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\ef6a66d52d531be206ac416483aed2b8\Microsoft.ManagementConsole.ni.dll

+ 2012-06-14 09:02 . 2012-06-14 09:02 543744 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\11804905535690869865532b52f0454a\EventViewer.ni.dll

+ 2012-06-14 08:27 . 2012-06-14 08:27 243200 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\dd7fe12b0ee02626a53b9053f8669141\ehExtHost32.ni.exe

- 2012-04-11 10:56 . 2012-01-26 11:00 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2012-06-13 10:42 . 2012-04-23 11:01 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

- 2012-04-12 10:42 . 2012-04-12 10:42 471040 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2012-06-14 08:22 . 2012-06-14 08:22 471040 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2012-07-12 10:34 . 2012-06-02 08:25 1129472 c:\windows\SysWOW64\wininet.dll

+ 2012-07-12 10:34 . 2012-06-02 08:26 1103872 c:\windows\SysWOW64\urlmon.dll

- 2009-11-24 20:50 . 2009-08-11 16:44 1401856 c:\windows\SysWOW64\msxml6.dll

+ 2012-07-11 12:24 . 2012-06-05 16:47 1401856 c:\windows\SysWOW64\msxml6.dll

+ 2012-07-11 12:24 . 2012-06-05 16:47 1248768 c:\windows\SysWOW64\msxml3.dll

- 2010-08-13 06:38 . 2010-06-11 16:15 1248768 c:\windows\SysWOW64\msxml3.dll

+ 2012-07-12 10:34 . 2012-06-02 08:33 1800192 c:\windows\SysWOW64\jscript9.dll

+ 2009-09-14 17:05 . 2009-09-14 17:05 1762608 c:\windows\SysWOW64\imagx7.dll

+ 2012-07-12 10:34 . 2012-06-02 08:19 1793024 c:\windows\SysWOW64\iertutil.dll

+ 2012-07-12 10:34 . 2012-06-02 08:43 9737728 c:\windows\SysWOW64\ieframe.dll

+ 2012-06-21 21:59 . 2012-06-02 22:15 2622464 c:\windows\system32\wucltux.dll

+ 2012-06-21 21:59 . 2012-06-02 22:19 2428952 c:\windows\system32\wuaueng.dll

+ 2012-07-12 10:34 . 2012-06-02 12:05 1392128 c:\windows\system32\wininet.dll

+ 2012-07-12 10:33 . 2012-06-13 13:58 2769408 c:\windows\system32\win32k.sys

+ 2012-07-12 10:34 . 2012-06-02 12:05 1346048 c:\windows\system32\urlmon.dll

+ 2012-07-11 12:24 . 2012-06-05 16:22 1797120 c:\windows\system32\msxml6.dll

- 2009-11-24 20:50 . 2009-08-11 17:06 1797120 c:\windows\system32\msxml6.dll

+ 2012-07-11 12:24 . 2012-06-05 16:22 1869824 c:\windows\system32\msxml3.dll

- 2010-08-13 06:38 . 2010-06-11 16:38 1869824 c:\windows\system32\msxml3.dll

- 2011-02-19 20:51 . 2011-02-19 20:51 5601616 c:\windows\system32\mfc100u.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 5601616 c:\windows\system32\mfc100u.dll

+ 2011-06-10 23:15 . 2011-06-10 23:15 5574984 c:\windows\system32\mfc100.dll

+ 2012-07-12 10:34 . 2012-06-02 12:12 2311680 c:\windows\system32\jscript9.dll

+ 2012-07-12 10:34 . 2012-06-02 11:59 2144768 c:\windows\system32\iertutil.dll

+ 2012-06-13 10:42 . 2012-04-23 16:25 1267200 c:\windows\system32\crypt32.dll

+ 2010-10-23 17:14 . 2012-08-16 00:01 8820292 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-8192.dat

+ 2011-03-25 22:32 . 2012-08-13 23:40 1563904 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-12288.dat

+ 2012-03-15 11:17 . 2012-03-15 11:17 5029672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll

- 2012-05-10 11:49 . 2012-01-03 10:57 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll

+ 2012-06-13 10:43 . 2012-03-22 11:02 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll

+ 2012-06-13 10:43 . 2012-03-22 11:02 5062656 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll

- 2009-12-03 16:28 . 2009-03-30 04:39 5062656 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll

+ 2012-03-15 11:17 . 2012-03-15 11:17 5029672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll

+ 2012-06-13 10:43 . 2012-03-22 11:02 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll

- 2012-05-10 11:49 . 2012-01-03 10:58 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll

- 2009-12-03 16:28 . 2009-03-30 04:42 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll

+ 2012-06-13 10:43 . 2012-03-22 11:02 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll

- 2012-01-31 02:46 . 2012-01-31 02:46 6385664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp

+ 2012-04-26 00:32 . 2012-04-26 00:32 6385664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp

+ 2012-06-14 08:19 . 2012-06-14 08:19 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 5029672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll

- 2012-05-12 14:44 . 2012-05-12 14:45 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll

- 2012-05-12 14:45 . 2012-05-12 14:45 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll

+ 2012-06-14 08:18 . 2012-06-14 08:18 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2012-06-14 08:18 . 2012-06-14 08:18 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll

- 2012-05-12 14:44 . 2012-05-12 14:44 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll

+ 2012-06-14 08:19 . 2012-06-14 08:19 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll

+ 2012-06-29 12:33 . 2012-06-29 12:33 6063616 c:\windows\Installer\ed34a.msp

+ 2012-04-25 17:32 . 2012-04-25 17:32 7069184 c:\windows\Installer\bd86d.msp

+ 2012-04-22 20:46 . 2012-04-22 20:46 1187328 c:\windows\Installer\bd863.msp

+ 2012-03-15 12:26 . 2012-03-15 12:26 4212736 c:\windows\Installer\bd85b.msp

+ 2012-07-17 08:11 . 2012-07-17 08:11 6145024 c:\windows\Installer\b6f70.msp

+ 2012-08-02 08:29 . 2012-08-02 08:29 5521920 c:\windows\Installer\b6f5a.msp

+ 2012-08-12 17:42 . 2012-08-12 17:42 2309120 c:\windows\Installer\a9c70.msi

+ 2011-06-28 19:21 . 2011-06-28 19:21 4637184 c:\windows\Installer\3e9998.msp

+ 2012-07-19 18:34 . 2012-07-19 18:34 1410560 c:\windows\Installer\17d2278.msi

+ 2012-08-13 00:00 . 2012-08-13 00:00 1953280 c:\windows\Installer\17920f.msi

+ 2012-08-13 00:00 . 2012-08-13 00:00 8612352 c:\windows\Installer\179207.msi

+ 2012-08-12 23:59 . 2012-08-12 23:59 3264512 c:\windows\Installer\1791ff.msi

+ 2012-08-12 23:59 . 2012-08-12 23:59 1473024 c:\windows\Installer\1791f3.msi

+ 2012-08-12 23:58 . 2012-08-12 23:58 1958912 c:\windows\Installer\1791eb.msi

+ 2012-08-12 23:58 . 2012-08-12 23:58 4491264 c:\windows\Installer\1791e2.msi

+ 2012-08-12 23:57 . 2012-08-12 23:57 8236544 c:\windows\Installer\1791d9.msi

+ 2012-08-12 23:56 . 2012-08-12 23:56 2848768 c:\windows\Installer\1791d1.msi

+ 2012-08-12 23:56 . 2012-08-12 23:56 6207488 c:\windows\Installer\1791c9.msi

+ 2012-08-12 23:56 . 2012-08-12 23:56 1070592 c:\windows\Installer\1791c1.msi

+ 2012-08-12 23:56 . 2012-08-12 23:56 1064960 c:\windows\Installer\1791b9.msi

+ 2012-08-12 23:55 . 2012-08-12 23:55 1060864 c:\windows\Installer\1791b1.msi

+ 2012-08-12 23:55 . 2012-08-12 23:55 1202176 c:\windows\Installer\1791a9.msi

+ 2012-08-12 23:55 . 2012-08-12 23:55 1195008 c:\windows\Installer\1791a1.msi

+ 2012-08-12 23:54 . 2012-08-12 23:54 1610240 c:\windows\Installer\179191.msi

+ 2012-08-12 23:54 . 2012-08-12 23:54 1198592 c:\windows\Installer\179189.msi

+ 2012-08-12 23:54 . 2012-08-12 23:54 1182208 c:\windows\Installer\179181.msi

+ 2012-08-12 23:54 . 2012-08-12 23:54 2820608 c:\windows\Installer\179179.msi

+ 2012-08-12 23:54 . 2012-08-12 23:54 1062912 c:\windows\Installer\179171.msi

+ 2012-08-12 23:54 . 2012-08-12 23:54 2504192 c:\windows\Installer\179169.msi

+ 2012-08-12 23:53 . 2012-08-12 23:53 2035200 c:\windows\Installer\179161.msi

+ 2012-07-21 21:35 . 2012-07-21 21:35 1648640 c:\windows\Installer\1484001.msi

+ 2012-08-12 23:26 . 2012-08-12 23:26 1863680 c:\windows\Installer\1475eec.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 2146816 c:\windows\Installer\10da737.msp

+ 2012-07-30 16:16 . 2012-07-30 16:16 4302336 c:\windows\Installer\10da711.msp

+ 2012-07-30 16:16 . 2012-07-30 16:16 1829376 c:\windows\Installer\10da6cb.msp

+ 2012-07-30 16:16 . 2012-07-30 16:16 3105792 c:\windows\Installer\10da6a7.msp

+ 2012-07-30 16:16 . 2012-07-30 16:16 2146304 c:\windows\Installer\10da618.msp

+ 2012-07-30 16:16 . 2012-07-30 16:16 3734016 c:\windows\Installer\10da607.msp

+ 2012-07-30 16:15 . 2012-07-30 16:15 2957312 c:\windows\Installer\10da5aa.msp

+ 2012-07-30 16:15 . 2012-07-30 16:15 5868544 c:\windows\Installer\10da58b.msp

+ 2012-07-30 16:15 . 2012-07-30 16:15 5124096 c:\windows\Installer\10da56c.msp

+ 2012-07-30 16:15 . 2012-07-30 16:15 5535744 c:\windows\Installer\10da534.msp

+ 2012-07-30 16:15 . 2012-07-30 16:15 3312128 c:\windows\Installer\10da51c.msp

+ 2012-07-30 16:14 . 2012-07-30 16:14 2932224 c:\windows\Installer\10da4f8.msp

+ 2012-07-30 16:14 . 2012-07-30 16:14 4426240 c:\windows\Installer\10da4de.msp

+ 2012-07-30 16:13 . 2012-07-30 16:13 1139712 c:\windows\Installer\10da4bd.msp

+ 2012-07-30 16:22 . 2012-07-30 16:22 1358336 c:\windows\Installer\10da48f.msi

+ 2011-06-06 10:55 . 2011-06-06 10:55 2215312 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\rt3d.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 6543768 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\authplay.dll

+ 2011-06-06 10:55 . 2011-06-06 10:55 1240992 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AdobeCollabSync.exe

+ 2011-06-06 10:55 . 2011-06-06 10:55 1480600 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroRd32.exe

+ 2012-06-14 08:23 . 2012-06-14 08:23 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_d0b21a59\System.Windows.Forms.dll

+ 2012-06-14 08:22 . 2012-06-14 08:22 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_591c3276\System.Windows.Forms.dll

+ 2012-06-14 08:23 . 2012-06-14 08:23 2252800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_79d06063\System.Drawing.dll

+ 2012-06-14 08:23 . 2012-06-14 08:23 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f1c97bc5\System.Design.dll

+ 2012-06-14 08:22 . 2012-06-14 08:22 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_1606972f\System.Design.dll

+ 2012-06-14 09:12 . 2012-06-14 09:12 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e286701acf74012d3aa4a21953f03b6b\WindowsBase.ni.dll

+ 2012-06-14 09:16 . 2012-06-14 09:16 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\950f64ba9fb22ca06c5b2b9cf6f5f4b4\System.Windows.Forms.DataVisualization.ni.dll

+ 2012-06-14 09:15 . 2012-06-14 09:15 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\d2de16284459454472a6875185c64d08\System.Printing.ni.dll

+ 2012-06-14 09:14 . 2012-06-14 09:14 2305024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1225ef41527a975de83f22328d0a3b93\System.Drawing.ni.dll

+ 2012-06-14 09:14 . 2012-06-14 09:14 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\ad9ff5d55f7ea22e80c39e0ff0240984\System.Deployment.ni.dll

+ 2012-06-14 09:16 . 2012-06-14 09:16 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\707f90689caf41ad429bf3ad373503cb\System.Activities.Presentation.ni.dll

+ 2012-06-14 09:15 . 2012-06-14 09:15 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\16c9569b75a9f47c38b60ba733936e1a\ReachFramework.ni.dll

+ 2012-06-14 09:14 . 2012-06-14 09:14 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\9c3d6b3ddef66cac069b6ab1fec514f8\PresentationUI.ni.dll

+ 2012-06-14 09:12 . 2012-06-14 09:12 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\e4d308f69077903e24de92fe4fc06d29\Microsoft.VisualBasic.Compatibility.ni.dll

+ 2012-06-14 09:12 . 2012-06-14 09:12 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\70e2694fe050bd480b9f61f935ca2da5\Microsoft.VisualBasic.ni.dll

+ 2012-06-14 08:21 . 2012-06-14 08:21 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\1d3c2d83da69c30ba8edf5cfea3c0057\WindowsBase.ni.dll

+ 2012-06-14 09:05 . 2012-06-14 09:05 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\0927d75b05e9d3bfdae478155e8c0742\System.Windows.Forms.DataVisualization.ni.dll

+ 2012-06-14 09:05 . 2012-06-14 09:05 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\71e3d9751ca6679c5ce2d707ca173373\System.Printing.ni.dll

+ 2012-06-14 08:21 . 2012-06-14 08:21 1666048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\29e48cb144e24a7b4335d1360cc06642\System.Drawing.ni.dll

+ 2012-06-14 09:05 . 2012-06-14 09:05 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\e642f8e9415d53aa2bc08fc3af938236\System.Deployment.ni.dll

+ 2012-06-14 09:05 . 2012-06-14 09:05 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\4ff694358b3796883fea64e500c27169\System.Activities.Presentation.ni.dll

+ 2012-06-14 09:05 . 2012-06-14 09:05 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\47f8023bf6e24604f908ebc472dbe3b6\ReachFramework.ni.dll

+ 2012-06-14 09:05 . 2012-06-14 09:05 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\de8350e990fc1123d26665588c7d68c7\PresentationUI.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 1139712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e3be750f68ac84f84240e86a5e1020af\Microsoft.VisualBasic.Compatibility.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\4cd09961cd45c4c3d3a079f3e81686f5\Microsoft.VisualBasic.ni.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 1754112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\5ef2b0292d6ef8f7a0b885a593aca44b\System.WorkflowServices.ni.dll

+ 2012-06-14 08:51 . 2012-06-14 08:51 2702848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\4b016f3679666af12f1ce0179765f22e\System.Workflow.Runtime.ni.dll

+ 2012-06-14 08:51 . 2012-06-14 08:51 5956096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\fe1ea6e5fd659ba3677c06282b0d636d\System.Workflow.ComponentModel.ni.dll

+ 2012-06-14 08:51 . 2012-06-14 08:51 3893248 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\5416c21395744eef4c834dc561775b3c\System.Workflow.Activities.ni.dll

+ 2012-06-14 09:06 . 2012-06-14 09:06 2291712 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\19c7bfd896bfd1b6e732d650da6e91b4\System.Web.Services.ni.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 3335680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\3b1523f87594c367b5020cf5913c078d\System.Web.Mobile.ni.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 1154560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\c175d1ec8877250db87759686218afbf\System.Web.Extensions.Design.ni.dll

+ 2012-06-14 09:11 . 2012-06-14 09:11 3046912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\5409d4a63b335ff02d51d50095e62288\System.Web.Extensions.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 1453056 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\6039d7884009694683589bc23a7ee995\System.Printing.ni.dll

+ 2012-06-14 07:40 . 2012-06-14 07:40 2319872 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\9efc0ccf635c1ce30d2981108e17b00f\System.Drawing.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 2433024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\4a6752662cb45753081058a4e848dc4b\System.Deployment.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 3101184 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\aedc7938e0a1ef8854e378f1224dfa7d\ReachFramework.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 2109440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\50abd377da62b8a687f7b41499a9db75\PresentationUI.ni.dll

+ 2012-06-14 09:10 . 2012-06-14 09:10 3482112 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\c2f138d6fe09a7a865698e2070350263\Narrator.ni.exe

+ 2012-06-14 09:10 . 2012-06-14 09:10 2314240 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\5151cc16597c8f407d97883a8cfa4a50\MMCEx.ni.dll

+ 2012-06-14 09:09 . 2012-06-14 09:09 7836672 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\b03b526fba0766ed6ada91d393e7a6fa\MIGUIControls.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 2173952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\96b6285fda67be4d456d2f6a4d75ab52\Microsoft.VisualBasic.ni.dll

+ 2012-06-14 09:10 . 2012-06-14 09:10 5346816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\cdc5230f1a47ff0aa945f267fb2bac71\Microsoft.PowerShell.Editor.ni.dll

+ 2012-06-14 09:10 . 2012-06-14 09:10 2101248 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\af22d8142f2dad659d4647792f9a5197\Microsoft.PowerShell.Commands.Utility.ni.dll

+ 2012-06-14 09:10 . 2012-06-14 09:10 2104832 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\97cd884f6f751cdd2d9e32d5b123744a\Microsoft.PowerShell.GPowerShell.ni.dll

+ 2012-06-14 09:08 . 2012-06-14 09:08 7721472 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\20a7e859ee7ee6b6037466a0d8a8be2f\Microsoft.MediaCenter.UI.ni.dll

+ 2012-06-14 09:10 . 2012-06-14 09:10 2357248 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\d565b0fb0bb312d5ca28046e25876645\Microsoft.Ink.ni.dll

+ 2012-06-14 09:09 . 2012-06-14 09:09 2575872 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\85a4473926ef1f94380ee9be95832772\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2012-06-14 09:09 . 2012-06-14 09:09 2217984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\1b9d195833c5a57fab2ed4060df8e82f\Microsoft.Build.Tasks.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 3373568 c:\windows\assembly\NativeImages_v2.0.50727_64\DellDock\838d7e9efeb69e070b689a8640d4c4e9\DellDock.ni.exe

+ 2012-07-30 18:01 . 2012-07-30 18:01 7023616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9788028815669c594293f322915b924a\WindowsLive.Writer.PostEditor.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9465825d905601288e1e7e8cc9166c23\WindowsLive.Writer.CoreServices.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 1285120 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\394bbde8617e713e874b80b393956af8\WindowsLive.Writer.ApplicationFramework.ni.dll

+ 2012-07-30 18:01 . 2012-07-30 18:01 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1fdf364b8ce8b5e3990532b0bb2014ef\WindowsLive.Writer.Localization.ni.dll

+ 2012-06-14 08:29 . 2012-06-14 08:29 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP427C.tmp\System.Web.Extensions.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 1316864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\b0c68df1300f0542e7284d2bbcd63258\System.WorkflowServices.ni.dll

+ 2012-06-14 08:49 . 2012-06-14 08:49 1911296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\e5b517ac742be27954c3093cfe6d1dd6\System.Workflow.Runtime.ni.dll

+ 2012-06-14 08:49 . 2012-06-14 08:49 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\865be11ce86f1882176810a3f909511b\System.Workflow.ComponentModel.ni.dll

+ 2012-06-14 08:49 . 2012-06-14 08:49 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\57a2f3b78edc0f5f088b210fabfe3bdc\System.Workflow.Activities.ni.dll

+ 2012-06-14 09:02 . 2012-06-14 09:02 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\663112d3002034cf5126be253efff60d\System.Web.Services.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0b90f82645cbd8de45ef8f5e467af156\System.Web.Mobile.ni.dll

+ 2012-06-14 09:04 . 2012-06-14 09:04 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\89d6ce3139daecdd517135b90e93498b\System.Web.Extensions.ni.dll

+ 2012-06-14 08:28 . 2012-06-14 08:28 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\36fbb8064216ef11bd87afae6ee774dd\System.Printing.ni.dll

+ 2012-06-14 08:11 . 2012-06-14 08:11 1592320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll

+ 2012-06-14 09:01 . 2012-06-14 09:01 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\18050fc0ebf2c4835d05ffd337aa1616\System.Deployment.ni.dll

+ 2012-06-14 08:28 . 2012-06-14 08:28 2146816 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3b1507e086784fb78e3d5e671aab1b0d\ReachFramework.ni.dll

+ 2012-06-14 09:03 . 2012-06-14 09:03 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\f42d14201dfb29938d5c07468ae91df6\PresentationUI.ni.dll

+ 2012-06-14 09:03 . 2012-06-14 09:03 2538496 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\ab99814c8ea65f32eb9be47c99323a5e\Narrator.ni.exe

+ 2012-06-14 09:03 . 2012-06-14 09:03 1536512 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\cb2db8c862e11358d3bb1b92f85d86bd\MMCEx.ni.dll

+ 2012-06-14 09:02 . 2012-06-14 09:02 6340096 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\82a54c1a86466437495ab3dd91c58b63\MIGUIControls.ni.dll

+ 2012-06-14 09:03 . 2012-06-14 09:03 1711616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\2467a133aee73396c830b9b0a9c7ec0d\Microsoft.VisualBasic.ni.dll

+ 2012-06-14 08:28 . 2012-06-14 08:28 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\cf16c88f8fbb1020031774cf9134c045\Microsoft.PowerShell.Commands.Utility.ni.dll

+ 2012-06-14 09:03 . 2012-06-14 09:03 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\16dc159df194ef2fbb4ae593623dea73\Microsoft.PowerShell.GPowerShell.ni.dll

+ 2012-06-14 09:03 . 2012-06-14 09:03 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\09d3142890c6ef56f7c742be21421fc2\Microsoft.PowerShell.Editor.ni.dll

+ 2012-06-14 08:27 . 2012-06-14 08:27 5486080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\cf100c0c1510f5c7bb1e17f2f359883c\Microsoft.MediaCenter.UI.ni.dll

+ 2012-06-14 09:03 . 2012-06-14 09:03 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\c420edef488501ffe0a8bd56d9756955\Microsoft.Ink.ni.dll

+ 2012-06-14 09:03 . 2012-06-14 09:03 1873408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\db447c03dfb2f740c7eff1137b76341e\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2012-06-14 09:02 . 2012-06-14 09:02 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\304acbf276a1820a1c11f6f923d52745\Microsoft.Build.Tasks.ni.dll

- 2012-05-10 11:49 . 2012-01-03 10:58 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2012-06-13 10:43 . 2012-03-22 11:02 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

- 2009-12-03 16:28 . 2009-03-30 04:42 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2012-06-13 10:43 . 2012-03-22 11:02 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

- 2011-02-09 15:43 . 2011-01-21 16:35 11586048 c:\windows\SysWOW64\shell32.dll

+ 2012-07-11 12:24 . 2012-06-08 17:47 11586048 c:\windows\SysWOW64\shell32.dll

+ 2012-07-12 10:34 . 2012-06-02 09:07 12314624 c:\windows\SysWOW64\mshtml.dll

- 2006-11-02 12:33 . 2012-05-12 22:12 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat

+ 2006-11-02 12:33 . 2012-08-16 10:10 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat

+ 2012-07-11 12:24 . 2012-06-08 17:59 12899840 c:\windows\system32\shell32.dll

- 2011-02-09 15:43 . 2011-01-21 16:50 12899840 c:\windows\system32\shell32.dll

+ 2012-07-12 10:34 . 2012-06-02 12:49 17807360 c:\windows\system32\mshtml.dll

+ 2012-07-12 10:34 . 2012-06-02 12:17 10924032 c:\windows\system32\ieframe.dll

+ 2010-10-23 14:47 . 2012-07-04 22:39 54040864 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-4096.dat

+ 2012-07-17 08:17 . 2012-07-17 08:17 22363136 c:\windows\Installer\b6f86.msp

+ 2012-04-04 13:32 . 2012-04-04 13:32 16613376 c:\windows\Installer\a9d66.msp

+ 2012-08-12 23:55 . 2012-08-12 23:55 10683904 c:\windows\Installer\179199.msi

+ 2012-08-12 23:53 . 2012-08-12 23:53 15670272 c:\windows\Installer\17915a.msi

+ 2012-07-30 16:16 . 2012-07-30 16:16 14624256 c:\windows\Installer\10da5f6.msp

+ 2011-06-06 10:55 . 2011-06-06 10:55 24731544 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\AcroRd32.dll

+ 2012-08-16 13:08 . 2012-08-16 13:08 10944512 c:\windows\ERDNT\Hiv-backup\schema.dat

+ 2012-06-14 09:15 . 2012-06-14 09:15 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e883d90a0210bf99ca88f3b4ade53a24\System.Windows.Forms.ni.dll

+ 2012-06-14 09:14 . 2012-06-14 09:14 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\a3c3789d54894008501ce5891f1eeb40\PresentationFramework.ni.dll

+ 2012-06-14 09:13 . 2012-06-14 09:13 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\9d69a7a407bbc43a1bcb2da603af5840\PresentationCore.ni.dll

+ 2012-06-14 08:21 . 2012-06-14 08:21 13198336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c06946b464ae8dd22151e0a6f310c976\System.Windows.Forms.ni.dll

+ 2012-06-14 08:21 . 2012-06-14 08:21 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\bcec0e7db1d027328cc8cd702185fa66\PresentationFramework.ni.dll

+ 2012-06-14 08:21 . 2012-06-14 08:21 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b460188cf6862491550a006c3660e2e6\PresentationCore.ni.dll

+ 2012-06-14 08:50 . 2012-06-14 08:50 17380352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\9e0a0b099890de9edadbf6d021aa7576\System.Windows.Forms.ni.dll

+ 2012-06-14 09:07 . 2012-06-14 09:07 15245824 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\5ded60c9ec9be6b40e91234e7af20647\System.Web.ni.dll

+ 2012-06-14 08:49 . 2012-06-14 08:49 13718528 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\efa17c5d88fbdaddabd553ec285cf7d9\System.Design.ni.dll

+ 2012-06-14 07:39 . 2012-06-14 07:39 19179520 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\55afb0f9be76fd75182e8db465ecfc2b\PresentationFramework.ni.dll

+ 2012-06-14 07:37 . 2012-06-14 07:37 16516608 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\254dd327ade27917470bcdd76d0999d5\PresentationCore.ni.dll

+ 2012-06-14 09:08 . 2012-06-14 09:08 22171136 c:\windows\assembly\NativeImages_v2.0.50727_64\MenuSkinning\05ba95fa4ef6cb7ec0207595df9169fb\MenuSkinning.ni.dll

+ 2012-06-14 09:09 . 2012-06-14 09:09 15825920 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\9d036f354de56bea373e1f122ba4d389\ehshell.ni.dll

+ 2012-06-14 08:48 . 2012-06-14 08:48 12433920 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll

+ 2012-06-14 09:02 . 2012-06-14 09:02 11820032 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll

+ 2012-06-14 08:48 . 2012-06-14 08:48 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\02ccd8236a942b3f89411fab5d2b594a\System.Design.ni.dll

+ 2012-06-14 08:10 . 2012-06-14 08:10 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll

+ 2012-06-14 08:10 . 2012-06-14 08:10 12219392 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll

.

-- Snapshot teruggezet naar huidige datum --

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]

"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-03-17 842048]

"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]

"Facebook Update"="c:\users\rwema\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-08-12 138096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Ulead Memory Card Detector"="c:\program files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe" [2002-09-10 28672]

"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-11-11 442536]

"TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-07-17 202256]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]

"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2012-01-13 1493288]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~3\browse~1\22565~1.25\{16cdf~1\browse~1.dll c:\progra~3\browse~1\22565~1.25\{16cdf~1\browsemngr.dll

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

.

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [2009-03-20 89600]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - Lavasoft Kernexplorer

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

Themes

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000Core.job

- c:\users\rwema\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-12 17:43]

.

2012-08-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000UA.job

- c:\users\rwema\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-12 17:43]

.

2012-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29]

.

2012-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29]

.

2012-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000Core.job

- c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59]

.

2012-08-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000UA.job

- c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="c:\program files (x86)\IDT\WDM\sttray64.exe" [bU]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-11-26 1657128]

"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 4119552]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]

"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 182784]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - c:\users\rwema\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

LSP: c:\windows\system32\wpclsp.dll

TCP: DhcpNameServer = 195.130.130.5 195.130.131.5

CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll

FF - ProfilePath - c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\o4pcq729.default\

FF - prefs.js: browser.search.selectedEngine - Claro Search

FF - prefs.js: browser.startup.homepage - hxxp://isearch.claro-search.com/?affID=114166&tt=120812_bandext_3312_1&babsrc=HP_iclro&mntrId=e4804fa200000000000000225fb82e71

user_pref('extensions.dealply.partner', 'iron');

user_pref('extensions.dealply.channel', 'iron3');

user_pref('extensions.dealply.installId', 'v23600250690413664744642012031600095826');

user_pref('extensions.dealply.installIdSource', 'inst');

user_pref('extensions.dealply.sampleGroup', '6');

FF - user.js: extensions.BabylonToolbar_i.id - e4804fa200000000000000225fb82e71

FF - user.js: extensions.BabylonToolbar_i.hardId - e4804fa200000000000000225fb82e71

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15458

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:07

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.newTab - false

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110819

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

FF - user.js: extensions.claro.excTlbr - false

FF - user.js: extensions.claro.admin - false

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-10 - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)

WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)

AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]

@Denied: (A 2) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]

@="Shockwave Flash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]

@Denied: (A 2) (Everyone)

@=""

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]

@="FlashBroker"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]

"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

Voltooingstijd: 2012-08-16 15:44:28

ComboFix-quarantined-files.txt 2012-08-16 13:44

ComboFix2.txt 2012-05-20 18:34

ComboFix3.txt 2012-05-20 14:52

ComboFix4.txt 2012-01-28 19:24

ComboFix5.txt 2012-08-16 13:08

.

Pre-Run: 100.858.085.376 bytes free

Post-Run: 102.632.742.912 bytes beschikbaar

.

- - End Of File - - E14A64482B7CC818649D62EF3CACB351

Link naar reactie
Delen op andere sites

Verwijder manueel alle bestanden van deze vorm c:\windows\VWL1EA8.tmp in de C:\Windows-map.

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\programdata\Browser Manager

Registry::

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=-

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

Firefox::

FF - ProfilePath - c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\o4pcq729.default\

FF - prefs.js: browser.search.selectedEngine -

FF - prefs.js: browser.startup.homepage -

user_pref('extensions.dealply.partner', 'iron');

user_pref('extensions.dealply.channel', 'iron3');

user_pref('extensions.dealply.installId', 'v23600250690413664744642012031600095826');

user_pref('extensions.dealply.installIdSource', 'inst');

user_pref('extensions.dealply.sampleGroup', '6');

FF - user.js: extensions.BabylonToolbar_i.id - e4804fa200000000000000225fb82e71

FF - user.js: extensions.BabylonToolbar_i.hardId - e4804fa200000000000000225fb82e71

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15458

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:07

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.newTab - false

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110819

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

FF - user.js: extensions.claro.excTlbr - false

FF - user.js: extensions.claro.admin – false

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

ComboFix 12-08-16.01 - rwema 16/08/2012 22:41:59.14.2 - x64

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.4054.1973 [GMT 2:00]

Gestart vanuit: C:\Users\rwema\Downloads\ComboFix.exe

gebruikte Opdracht switches :: C:\Users\rwema\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

c:\programdata\Browser Manager

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.settings

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\chrome.manifest

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-10.0.2.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-11.0.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-12.0.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-13.0.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-14.0.1.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-3.6.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-3.6.xpt

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-5.0.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-6.0.2.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-7.0.1.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-8.0.1.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-9.0.1.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\BrowserManager.js

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\overlay.xul

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\install.rdf

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_Browser Manager

-------\Service_Browser Manager

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-16 to 2012-08-16 ))))))))))))))))))))))))))))))

2012-08-16 21:00:28 . 2012-08-16 21:00:28 -------- d-----w- C:\Users\Public\AppData\Local\temp

2012-08-16 21:00:28 . 2012-08-16 21:00:28 -------- d-----w- C:\Users\Default\AppData\Local\temp

2012-08-16 21:00:28 . 2012-08-16 21:00:28 -------- d-----w- C:\Users\AppData\AppData\Local\temp

2012-08-15 22:08:30 . 2000-01-21 11:14:38 140288 ----a-w- C:\Windows\SysWow64\COMDLG32.OCX

2012-08-15 22:08:29 . 2010-03-27 09:18:42 237568 ----a-w- C:\Windows\SysWow64\FreeProxyDLL400.dll

2012-08-15 22:08:28 . 2012-08-15 22:08:28 -------- d-----w- C:\Program Files (x86)\Hand-Crafted Software

2012-08-15 01:02:06 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB30A4.tmp

2012-08-15 01:02:02 . 2012-08-15 01:02:06 2332 ----a-w- C:\Windows\MAN20BA.tmp

2012-08-15 01:02:02 . 2012-08-15 01:02:02 32509482 ----a-w- C:\Windows\WLF2187.tmp

2012-08-14 01:02:58 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBF8C3.tmp

2012-08-14 01:02:54 . 2012-08-14 01:02:58 2332 ----a-w- C:\Windows\MANE83D.tmp

2012-08-14 01:02:54 . 2012-08-14 01:02:54 32424012 ----a-w- C:\Windows\WLFE88D.tmp

2012-08-13 13:32:07 . 2012-08-13 13:32:07 -------- d-----w- C:\Program Files (x86)\Claro LTD

2012-08-13 13:31:18 . 2012-08-13 13:31:26 -------- d-----w- C:\Users\rwema\AppData\Roaming\ExpressFiles

2012-08-13 13:31:18 . 2012-08-13 13:31:19 -------- d-----w- C:\Program Files (x86)\ExpressFiles

2012-08-13 07:29:13 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB98B8.tmp

2012-08-13 07:29:09 . 2012-08-13 07:29:13 2332 ----a-w- C:\Windows\MAN8A54.tmp

2012-08-13 07:29:09 . 2012-08-13 07:29:09 32338530 ----a-w- C:\Windows\WLF8B7E.tmp

2012-08-13 00:11:30 . 2012-08-13 00:11:30 -------- d-----w- C:\Users\rwema\AppData\Roaming\Nero

2012-08-12 23:54:06 . 2012-08-12 23:57:49 -------- d-----w- C:\Program Files (x86)\Common Files\Nero

2012-08-12 23:53:35 . 2012-08-13 00:02:52 -------- d-----w- C:\ProgramData\Nero

2012-08-12 23:26:36 . 2011-12-01 09:42:44 15920 ----a-w- C:\Windows\system32\drivers\NBVolUp.sys

2012-08-12 23:26:12 . 2011-12-01 09:42:44 72240 ----a-w- C:\Windows\system32\drivers\NBVol.sys

2012-08-12 23:26:11 . 2012-08-13 00:02:06 -------- d-----w- C:\Program Files (x86)\Nero

2012-08-12 23:26:01 . 2012-08-12 23:26:01 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-12 23:25:11 . 2010-05-26 09:41:02 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll

2012-08-12 23:18:11 . 2010-05-26 09:41:02 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll

2012-08-12 23:17:29 . 2010-05-26 09:41:02 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll

2012-08-12 23:16:46 . 2010-05-26 09:41:02 1868128 ----a-w- C:\Windows\SysWow64\d3dcsx_43.dll

2012-08-12 23:15:59 . 2010-05-26 09:41:02 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll

2012-08-12 20:30:26 . 2012-08-12 23:15:21 -------- d-----w- C:\Users\rwema\AppData\Roaming\DVD Flick

2012-08-12 20:07:46 . 2003-01-26 11:41:24 40960 ----a-w- C:\Windows\SysWow64\ssubtmr6.dll

2012-08-12 20:07:45 . 2012-08-12 20:07:54 -------- d-----w- C:\Program Files (x86)\DVD Flick

2012-08-12 20:07:45 . 2008-08-31 11:27:26 28672 ----a-w- C:\Windows\SysWow64\mousewheel.ocx

2012-08-12 20:07:45 . 2007-08-31 16:36:28 36864 ----a-w- C:\Windows\SysWow64\trayicon_handler.ocx

2012-08-12 20:07:45 . 2004-03-08 22:00:00 662288 ----a-w- C:\Windows\SysWow64\mscomct2.ocx

2012-08-12 20:07:45 . 2004-03-08 22:00:00 609824 ----a-w- C:\Windows\SysWow64\comctl32.ocx

2012-08-12 20:07:45 . 2004-03-08 22:00:00 212240 ----a-w- C:\Windows\SysWow64\richtx32.ocx

2012-08-12 20:07:45 . 1998-06-23 22:00:00 164144 ----a-w- C:\Windows\SysWow64\comct232.ocx

2012-08-12 17:43:42 . 2012-08-12 17:44:02 -------- d-----w- C:\Users\rwema\AppData\Local\Facebook

2012-08-12 17:37:28 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB2954.tmp

2012-08-12 17:37:24 . 2012-08-12 17:37:23 32253084 ----a-w- C:\Windows\WLF18CF.tmp

2012-08-12 17:37:23 . 2012-08-12 17:37:28 2332 ----a-w- C:\Windows\MAN17F2.tmp

2012-08-11 01:02:29 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB9330.tmp

2012-08-11 01:02:26 . 2012-08-11 01:02:29 2332 ----a-w- C:\Windows\MAN845E.tmp

2012-08-11 01:02:26 . 2012-08-11 01:02:26 32167662 ----a-w- C:\Windows\WLF849E.tmp

2012-08-10 01:02:12 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB455D.tmp

2012-08-10 01:02:09 . 2012-08-10 01:02:12 2332 ----a-w- C:\Windows\MAN37E2.tmp

2012-08-10 01:02:09 . 2012-08-10 01:02:09 32082216 ----a-w- C:\Windows\WLF3842.tmp

2012-08-08 01:02:11 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBAD14.tmp

2012-08-08 01:02:08 . 2012-08-08 01:02:11 2332 ----a-w- C:\Windows\MAN9E62.tmp

2012-08-08 01:02:08 . 2012-08-08 01:02:08 31996746 ----a-w- C:\Windows\WLF9E73.tmp

2012-08-07 14:53:00 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBB31B.tmp

2012-08-07 14:52:56 . 2012-08-07 14:53:00 2332 ----a-w- C:\Windows\MANA43A.tmp

2012-08-07 14:52:56 . 2012-08-07 14:52:56 31911300 ----a-w- C:\Windows\WLFA4B9.tmp

2012-08-06 11:35:56 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB605A.tmp

2012-08-06 11:35:52 . 2012-08-06 11:35:56 2332 ----a-w- C:\Windows\MAN510C.tmp

2012-08-06 11:35:52 . 2012-08-06 11:35:52 31825708 ----a-w- C:\Windows\WLF513D.tmp

2012-08-05 11:48:01 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB85C5.tmp

2012-08-05 11:47:57 . 2012-08-05 11:48:01 2332 ----a-w- C:\Windows\MAN7500.tmp

2012-08-05 11:47:57 . 2012-08-05 11:47:57 31740202 ----a-w- C:\Windows\WLF757F.tmp

2012-08-04 12:40:25 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB9C51.tmp

2012-08-04 12:40:21 . 2012-08-04 12:40:25 2332 ----a-w- C:\Windows\MAN8F92.tmp

2012-08-04 12:40:21 . 2012-08-04 12:40:21 31654720 ----a-w- C:\Windows\WLF8FB3.tmp

2012-08-03 23:56:19 . 2012-08-03 23:56:38 -------- d-----w- C:\Users\rwema\Thibo andere fotos

2012-08-03 01:02:00 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB75DA.tmp

2012-08-03 01:01:57 . 2012-08-03 01:02:00 2332 ----a-w- C:\Windows\MAN6A24.tmp

2012-08-03 01:01:57 . 2012-08-03 01:01:57 31569262 ----a-w- C:\Windows\WLF6A64.tmp

2012-08-02 13:52:27 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB7052.tmp

2012-08-02 13:52:23 . 2012-08-02 13:52:27 2332 ----a-w- C:\Windows\MAN621C.tmp

2012-08-02 13:52:23 . 2012-08-02 13:52:23 31483780 ----a-w- C:\Windows\WLF626C.tmp

2012-08-01 08:43:39 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBEF41.tmp

2012-08-01 08:43:36 . 2012-08-01 08:43:39 2332 ----a-w- C:\Windows\MANE252.tmp

2012-08-01 08:43:36 . 2012-08-01 08:43:36 31398310 ----a-w- C:\Windows\WLFE2A2.tmp

2012-07-31 12:52:53 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB93B6.tmp

2012-07-31 12:52:50 . 2012-07-31 12:52:53 2332 ----a-w- C:\Windows\MAN84D4.tmp

2012-07-31 12:52:50 . 2012-07-31 12:52:50 31312816 ----a-w- C:\Windows\WLF8505.tmp

2012-07-30 16:30:11 . 2012-07-30 16:30:11 -------- d-----w- C:\Windows\nl

2012-07-30 16:28:02 . 2012-07-30 16:28:02 -------- d-----w- C:\Windows\en

2012-07-30 16:22:32 . 2012-03-08 16:40:52 48488 ----a-w- C:\Windows\system32\drivers\fssfltr.sys

2012-07-30 16:14:54 . 2012-07-30 16:14:54 7450888 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\71e698401cd6e6e06\bingbarsetup.exe

2012-07-30 16:14:21 . 2012-07-30 16:14:21 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6085ae601cd6e6e02\DSETUP.dll

2012-07-30 16:14:21 . 2012-07-30 16:14:21 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6085ae601cd6e6e02\DXSETUP.exe

2012-07-30 16:14:21 . 2012-07-30 16:14:21 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6085ae601cd6e6e02\dsetup32.dll

2012-07-30 16:14:21 . 2012-07-30 16:14:21 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\60f58f001cd6e6e03\MeshBetaRemover.exe

2012-07-30 11:34:49 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBB75F.tmp

2012-07-30 11:34:46 . 2012-07-30 11:34:49 2332 ----a-w- C:\Windows\MANAAEE.tmp

2012-07-30 11:34:46 . 2012-07-30 11:34:46 31227334 ----a-w- C:\Windows\WLFAB3E.tmp

2012-07-29 18:20:55 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBA2A7.tmp

2012-07-29 18:20:51 . 2012-07-29 18:20:55 2332 ----a-w- C:\Windows\MAN955C.tmp

2012-07-29 18:20:51 . 2012-07-29 18:20:51 31141840 ----a-w- C:\Windows\WLF95AC.tmp

2012-07-28 08:41:05 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBC7C4.tmp

2012-07-28 08:41:02 . 2012-07-28 08:41:05 2332 ----a-w- C:\Windows\MANB911.tmp

2012-07-28 08:41:02 . 2012-07-28 08:41:02 31056298 ----a-w- C:\Windows\WLFB990.tmp

2012-07-27 09:23:04 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBD673.tmp

2012-07-27 09:23:02 . 2012-07-27 09:23:04 2332 ----a-w- C:\Windows\MANCBA7.tmp

2012-07-27 09:23:02 . 2012-07-27 09:23:02 30970840 ----a-w- C:\Windows\WLFCBF7.tmp

2012-07-26 09:30:03 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB15E3.tmp

2012-07-26 09:30:00 . 2012-07-26 09:30:03 2330 ----a-w- C:\Windows\MAN859.tmp

2012-07-26 09:30:00 . 2012-07-26 09:30:00 30885324 ----a-w- C:\Windows\WLF8E7.tmp

2012-07-25 15:45:13 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB4F2C.tmp

2012-07-25 15:45:10 . 2012-07-25 15:45:13 2332 ----a-w- C:\Windows\MAN427B.tmp

2012-07-25 15:45:10 . 2012-07-25 15:45:10 30799892 ----a-w- C:\Windows\WLF42CB.tmp

2012-07-24 10:59:44 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBA2D6.tmp

2012-07-24 10:59:41 . 2012-07-24 10:59:44 2332 ----a-w- C:\Windows\MAN96B3.tmp

2012-07-24 10:59:41 . 2012-07-24 10:59:41 30714458 ----a-w- C:\Windows\WLF9722.tmp

2012-07-23 10:39:40 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB5208.tmp

2012-07-23 10:39:38 . 2012-07-23 10:39:37 30629036 ----a-w- C:\Windows\WLF47BB.tmp

2012-07-23 10:39:37 . 2012-07-23 10:39:40 2332 ----a-w- C:\Windows\MAN472D.tmp

2012-07-22 11:37:03 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBDF7.tmp

2012-07-22 11:37:00 . 2012-07-22 11:37:03 2328 ----a-w- C:\Windows\MAN2DD.tmp

2012-07-22 11:37:00 . 2012-07-22 11:37:00 30543592 ----a-w- C:\Windows\WLF34C.tmp

2012-07-21 10:07:57 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDB4F2B.tmp

2012-07-21 10:07:55 . 2012-07-21 10:07:57 2332 ----a-w- C:\Windows\MAN44DC.tmp

2012-07-21 10:07:55 . 2012-07-21 10:07:55 30458136 ----a-w- C:\Windows\WLF456A.tmp

2012-07-20 11:07:58 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBFD74.tmp

2012-07-20 11:07:56 . 2012-07-20 11:07:55 30372642 ----a-w- C:\Windows\WLFF336.tmp

2012-07-20 11:07:55 . 2012-07-20 11:07:58 2332 ----a-w- C:\Windows\MANF305.tmp

2012-07-19 18:34:40 . 2012-07-19 18:34:49 -------- d-----w- C:\Program Files (x86)\VirtualDJ

2012-07-19 11:46:38 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBED5D.tmp

2012-07-19 11:46:36 . 2012-07-19 11:46:38 2332 ----a-w- C:\Windows\MANE2A0.tmp

2012-07-19 11:46:36 . 2012-07-19 11:46:36 30287136 ----a-w- C:\Windows\WLFE2E1.tmp

2012-07-18 10:15:15 . 2008-10-25 04:47:42 28156 ----a-w- C:\Windows\SDBCD7E.tmp

2012-07-18 10:15:12 . 2012-07-18 10:15:15 2332 ----a-w- C:\Windows\MANC300.tmp

2012-07-18 10:15:12 . 2012-07-18 10:15:12 30201714 ----a-w- C:\Windows\WLFC331.tmp

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-08-16 10:03:30 . 2006-11-02 12:35:00 62134624 ----a-w- C:\Windows\system32\mrt.exe

2012-07-17 12:52:56 . 2012-07-17 12:52:53 2332 ----a-w- C:\Windows\MANDD92.tmp

2012-07-17 12:52:53 . 2012-07-17 12:52:53 30030774 ----a-w- C:\Windows\WLFDDD2.tmp

2012-07-16 10:51:17 . 2012-07-16 10:51:14 2332 ----a-w- C:\Windows\MANB116.tmp

2012-07-16 10:51:14 . 2012-07-16 10:51:14 29945340 ----a-w- C:\Windows\WLFB166.tmp

2012-07-15 11:39:13 . 2012-07-15 11:39:10 2332 ----a-w- C:\Windows\MAN6132.tmp

2012-07-15 11:39:10 . 2012-07-15 11:39:10 29859918 ----a-w- C:\Windows\WLF6163.tmp

2012-07-14 08:37:02 . 2012-07-14 08:36:59 2332 ----a-w- C:\Windows\MANE11A.tmp

2012-07-14 08:36:59 . 2012-07-14 08:36:59 29764482 ----a-w- C:\Windows\WLFE17A.tmp

2012-07-11 12:19:06 . 2012-07-11 12:19:03 2332 ----a-w- C:\Windows\MANA4A7.tmp

2012-07-11 12:19:03 . 2012-07-11 12:19:03 29670526 ----a-w- C:\Windows\WLFA4F7.tmp

2012-07-10 15:08:33 . 2012-07-10 15:08:28 2332 ----a-w- C:\Windows\MANB7D9.tmp

2012-07-10 15:08:28 . 2012-07-10 15:08:29 29585020 ----a-w- C:\Windows\WLFB896.tmp

2012-07-09 10:03:34 . 2012-07-09 10:03:31 2332 ----a-w- C:\Windows\MANC4B5.tmp

2012-07-09 10:03:31 . 2012-07-09 10:03:31 29499442 ----a-w- C:\Windows\WLFC562.tmp

2012-07-08 09:49:15 . 2012-07-08 09:49:12 2332 ----a-w- C:\Windows\MANCFBC.tmp

2012-07-08 09:49:12 . 2012-07-08 09:49:12 29413996 ----a-w- C:\Windows\WLFCFED.tmp

2012-07-07 09:06:07 . 2012-07-07 09:06:04 2332 ----a-w- C:\Windows\MAN2126.tmp

2012-07-07 09:06:04 . 2012-07-07 09:06:04 29328562 ----a-w- C:\Windows\WLF21A5.tmp

2012-07-06 11:46:29 . 2012-07-06 11:46:27 2332 ----a-w- C:\Windows\MAN694D.tmp

2012-07-06 11:46:27 . 2012-07-06 11:46:27 29243104 ----a-w- C:\Windows\WLF698D.tmp

2012-07-05 20:42:13 . 2012-07-05 20:42:10 2332 ----a-w- C:\Windows\MANBC14.tmp

2012-07-05 20:42:10 . 2012-07-05 20:42:10 29156252 ----a-w- C:\Windows\WLFBC45.tmp

2012-07-05 14:40:46 . 2012-07-05 14:40:44 2332 ----a-w- C:\Windows\MANCFAD.tmp

2012-07-05 14:40:44 . 2012-07-05 14:40:44 29068982 ----a-w- C:\Windows\WLFD02C.tmp

2012-07-04 13:40:51 . 2012-07-04 13:40:48 2332 ----a-w- C:\Windows\MAN89F6.tmp

2012-07-04 13:40:48 . 2012-07-04 13:40:49 28975410 ----a-w- C:\Windows\WLF8A85.tmp

2012-07-03 18:12:34 . 2012-07-03 18:12:32 2332 ----a-w- C:\Windows\MAN3EB4.tmp

2012-07-03 18:12:32 . 2012-07-03 18:12:32 28883402 ----a-w- C:\Windows\WLF3F04.tmp

2012-07-03 16:21:52 . 2012-01-28 16:42:28 355856 ----a-w- C:\Windows\system32\drivers\aswSP.sys

2012-07-03 16:21:52 . 2012-01-28 16:42:23 44272 ----a-w- C:\Windows\system32\drivers\aswRdr.sys

2012-07-03 16:21:52 . 2012-01-28 16:42:22 59728 ----a-w- C:\Windows\system32\drivers\aswTdi.sys

2012-07-03 16:21:52 . 2012-01-28 16:42:21 958400 ----a-w- C:\Windows\system32\drivers\aswSnx.sys

2012-07-03 16:21:52 . 2012-01-28 16:42:20 71064 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys

2012-07-03 16:21:51 . 2012-01-28 16:42:29 25232 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys

2012-07-03 16:21:32 . 2012-01-28 16:41:44 41224 ----a-w- C:\Windows\avastSS.scr

2012-07-03 16:21:28 . 2012-01-28 16:41:44 227648 ----a-w- C:\Windows\SysWow64\aswBoot.exe

2012-07-03 16:21:18 . 2011-05-26 13:09:16 285328 ----a-w- C:\Windows\system32\aswBoot.exe

2012-07-03 11:46:44 . 2011-04-30 16:05:43 24904 ----a-w- C:\Windows\system32\drivers\mbam.sys

2012-07-02 10:09:24 . 2012-07-02 10:09:22 2332 ----a-w- C:\Windows\MAN72CE.tmp

2012-07-02 10:09:22 . 2012-07-02 10:09:22 28797932 ----a-w- C:\Windows\WLF737C.tmp

2012-07-01 12:07:21 . 2012-07-01 12:07:19 2332 ----a-w- C:\Windows\MANFF7.tmp

2012-07-01 12:07:19 . 2012-07-01 12:07:19 28712440 ----a-w- C:\Windows\WLF10A4.tmp

2012-06-30 20:15:43 . 2012-06-30 20:15:41 2332 ----a-w- C:\Windows\MANA801.tmp

2012-06-30 20:15:41 . 2012-06-30 20:15:41 28626900 ----a-w- C:\Windows\WLFA870.tmp

2012-06-29 10:04:29 . 2012-08-15 17:14:11 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF0BD76E-4EA3-46D1-8162-3A1345E43673}\mpengine.dll

2012-06-28 01:03:16 . 2012-06-28 01:03:14 2332 ----a-w- C:\Windows\MANA769.tmp

2012-06-28 01:03:14 . 2012-06-28 01:03:14 28541454 ----a-w- C:\Windows\WLFA7B9.tmp

2012-06-27 07:17:22 . 2012-06-27 07:17:20 2332 ----a-w- C:\Windows\MANC3DA.tmp

2012-06-27 07:17:20 . 2012-06-27 07:17:20 28455948 ----a-w- C:\Windows\WLFC42A.tmp

2012-06-26 12:28:16 . 2012-06-26 12:28:14 2332 ----a-w- C:\Windows\MAN52B1.tmp

2012-06-26 12:28:14 . 2012-06-26 12:28:14 28370478 ----a-w- C:\Windows\WLF52F1.tmp

2012-06-25 13:43:54 . 2012-06-25 13:43:52 2332 ----a-w- C:\Windows\MAN1209.tmp

2012-06-25 13:43:52 . 2012-06-25 13:43:52 28284984 ----a-w- C:\Windows\WLF1278.tmp

2012-06-24 11:05:22 . 2012-06-24 11:05:20 2332 ----a-w- C:\Windows\MAN79EF.tmp

2012-06-24 11:05:20 . 2012-06-24 11:05:20 28199502 ----a-w- C:\Windows\WLF7A11.tmp

2012-06-23 08:10:00 . 2012-06-23 08:09:58 2332 ----a-w- C:\Windows\MANC14B.tmp

2012-06-23 08:09:58 . 2012-06-23 08:09:58 28114056 ----a-w- C:\Windows\WLFC18C.tmp

2012-06-22 12:02:40 . 2012-06-22 12:02:38 2332 ----a-w- C:\Windows\MAN83BF.tmp

2012-06-22 12:02:38 . 2012-06-22 12:02:38 28028586 ----a-w- C:\Windows\WLF840F.tmp

2012-06-21 22:02:08 . 2012-06-21 22:02:06 2332 ----a-w- C:\Windows\MAN3783.tmp

2012-06-21 22:02:06 . 2012-06-21 22:02:06 27943140 ----a-w- C:\Windows\WLF37C4.tmp

2012-06-20 11:39:18 . 2012-06-20 11:39:16 2332 ----a-w- C:\Windows\MAN4604.tmp

2012-06-20 11:39:16 . 2012-06-20 11:39:16 27857658 ----a-w- C:\Windows\WLF4625.tmp

2012-06-19 10:23:20 . 2012-06-19 10:23:19 2332 ----a-w- C:\Windows\MANBC3C.tmp

2012-06-19 10:23:19 . 2012-06-19 10:23:19 27772212 ----a-w- C:\Windows\WLFBC9C.tmp

2012-06-18 17:25:04 . 2012-06-18 17:25:02 2332 ----a-w- C:\Windows\MAN8007.tmp

2012-06-18 17:25:02 . 2012-06-18 17:25:02 27686778 ----a-w- C:\Windows\WLF8048.tmp

2012-06-17 06:32:22 . 2012-06-17 06:32:20 2332 ----a-w- C:\Windows\MANCE56.tmp

2012-06-17 06:32:20 . 2012-06-17 06:32:20 27601212 ----a-w- C:\Windows\WLFCEF4.tmp

2012-06-16 11:38:21 . 2012-06-16 11:38:18 2332 ----a-w- C:\Windows\MAN1D5F.tmp

2012-06-16 11:38:18 . 2012-06-16 11:38:18 27515790 ----a-w- C:\Windows\WLF1EB8.tmp

2012-06-14 08:25:51 . 2012-06-14 08:25:49 2332 ----a-w- C:\Windows\MANCE78.tmp

2012-06-14 08:25:49 . 2012-06-14 08:25:49 27430320 ----a-w- C:\Windows\WLFCE99.tmp

2012-06-13 13:58:27 . 2012-07-12 10:33:30 2769408 ----a-w- C:\Windows\system32\win32k.sys

2012-06-12 09:12:20 . 2012-06-12 09:12:18 2332 ----a-w- C:\Windows\MANC073.tmp

2012-06-12 09:12:18 . 2012-06-12 09:12:18 27344850 ----a-w- C:\Windows\WLFC0C3.tmp

2012-06-11 13:21:18 . 2012-06-11 13:21:17 2332 ----a-w- C:\Windows\MANACA5.tmp

2012-06-11 13:21:17 . 2012-06-11 13:21:17 27259344 ----a-w- C:\Windows\WLFACF5.tmp

2012-06-10 08:53:46 . 2012-06-10 08:53:43 2332 ----a-w- C:\Windows\MANB636.tmp

2012-06-10 08:53:43 . 2012-06-10 08:53:43 27173814 ----a-w- C:\Windows\WLFB6A5.tmp

2012-06-09 07:28:40 . 2012-06-09 07:28:39 2332 ----a-w- C:\Windows\MANF883.tmp

2012-06-09 07:28:39 . 2012-06-09 07:28:39 27088320 ----a-w- C:\Windows\WLFF8A4.tmp

2012-06-08 17:59:03 . 2012-07-11 12:24:43 12899840 ----a-w- C:\Windows\system32\shell32.dll

2012-06-08 15:47:08 . 2012-06-08 15:47:06 2332 ----a-w- C:\Windows\MAN5E09.tmp

2012-06-08 15:47:06 . 2012-06-08 15:47:06 27002790 ----a-w- C:\Windows\WLF5E78.tmp

2012-06-07 10:59:28 . 2012-06-07 10:59:25 2332 ----a-w- C:\Windows\MANCEF4.tmp

2012-06-07 10:59:25 . 2012-06-07 10:59:25 26917344 ----a-w- C:\Windows\WLFCFFF.tmp

2012-06-06 12:50:17 . 2012-06-06 12:50:16 2332 ----a-w- C:\Windows\MANDFA6.tmp

2012-06-06 12:50:16 . 2012-06-06 12:50:16 26831826 ----a-w- C:\Windows\WLFE025.tmp

2012-06-05 16:47:28 . 2012-07-11 12:24:55 1401856 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-05 16:47:27 . 2012-07-11 12:24:54 1248768 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-05 16:22:47 . 2012-07-11 12:24:56 1797120 ----a-w- C:\Windows\system32\msxml6.dll

2012-06-05 16:22:46 . 2012-07-11 12:24:56 1869824 ----a-w- C:\Windows\system32\msxml3.dll

2012-06-04 15:29:59 . 2012-07-11 12:24:51 516480 ----a-w- C:\Windows\system32\drivers\ksecdd.sys

2012-06-04 13:01:52 . 2012-06-04 13:01:50 2332 ----a-w- C:\Windows\MAN9ABA.tmp

2012-06-04 13:01:50 . 2012-06-04 13:01:50 26746332 ----a-w- C:\Windows\WLF9AFB.tmp

2012-06-03 11:39:22 . 2012-06-03 11:39:20 2330 ----a-w- C:\Windows\MAND89.tmp

2012-06-03 11:39:20 . 2012-06-03 11:39:20 26660840 ----a-w- C:\Windows\WLFDD9.tmp

2012-06-02 22:19:46 . 2012-06-21 21:59:00 38424 ----a-w- C:\Windows\system32\wups.dll

((((((((((((((((((((((((((((( SnapShot_2012-08-16_13.38.26 )))))))))))))))))))))))))))))))))))))))))

+ 2008-01-21 03:20:35 . 2012-08-16 21:05:22 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2008-01-21 03:20:35 . 2012-08-16 09:56:41 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2008-01-21 03:20:34 . 2012-08-16 09:56:41 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2008-01-21 03:20:34 . 2012-08-16 21:05:22 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2008-01-21 03:20:35 . 2012-08-16 21:05:22 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2008-01-21 03:20:35 . 2012-08-16 09:56:41 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-27 21:38:00 . 2012-08-16 09:59:04 25670 C:\Windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3916401253-1491523390-1999398694-1000_UserData.bin

+ 2009-07-27 21:38:00 . 2012-08-16 21:04:59 25670 C:\Windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3916401253-1491523390-1999398694-1000_UserData.bin

- 2012-08-16 10:10:04 . 2012-08-16 10:14:00 2490 C:\Windows\SoftwareDistribution\PostRebootEventCache\{88FDF4BA-4277-491B-B772-040634643C47}.bin

+ 2012-08-16 10:10:04 . 2012-08-16 21:01:24 2490 C:\Windows\SoftwareDistribution\PostRebootEventCache\{88FDF4BA-4277-491B-B772-040634643C47}.bin

+ 2012-08-16 21:02:45 . 2012-08-16 21:02:45 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-08-16 09:56:31 . 2012-08-16 09:56:31 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-16 21:02:45 . 2012-08-16 21:02:45 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-08-16 09:56:31 . 2012-08-16 09:56:31 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-30 04:31:19 . 2012-08-16 19:43:58 428232 C:\Windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin

+ 2006-11-02 15:45:30 . 2012-08-16 21:04:59 105882 C:\Windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin

- 2010-10-23 14:47:35 . 2012-08-16 00:01:04 322232 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-10-23 14:47:35 . 2012-08-16 21:01:26 322232 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2010-10-23 17:14:51 . 2012-08-16 00:01:10 8820292 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-8192.dat

+ 2010-10-23 17:14:51 . 2012-08-16 21:01:31 8820292 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-8192.dat

+ 2006-11-02 12:33:39 . 2012-08-16 21:00:47 10944512 C:\Windows\system32\SMI\Store\Machine\schema.dat

+ 2012-08-16 21:00:47 . 2012-08-16 21:00:47 10944512 C:\Windows\ERDNT\subs\schema.dat

+ 2012-08-16 13:08:19 . 2012-08-16 20:39:12 10944512 C:\Windows\ERDNT\Hiv-backup\schema.dat

- 2012-08-16 13:08:19 . 2012-08-16 13:08:19 10944512 C:\Windows\ERDNT\Hiv-backup\schema.dat

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 07:10:53 1555968]

"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 02:51:33 138240]

"DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-03-17 08:15:04 842048]

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 04:43:08 247728]

"Facebook Update"="C:\Users\rwema\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-08-12 17:43:40 138096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Ulead Memory Card Detector"="C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe" [2002-09-10 08:54:56 28672]

"PDVDDXSrv"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 19:06:08 128296]

"Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-11-11 16:07:00 442536]

"TkBellExe"="C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-07-17 16:45:22 202256]

"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2012-07-03 16:21:30 4273976]

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 13:02:04 254696]

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 05:53:50 843712]

"NBAgent"="C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2012-01-13 14:22:10 1493288]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 05:53:50 63928]

S2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [2009-03-20 08:25:42 89600]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - LAVASOFT_KERNEXPLORER

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

Themes

Inhoud van de 'Gedeelde Taken' map

2012-08-16 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000Core.job

- C:\Users\rwema\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-12 17:43:46 . 2012-08-12 17:43:40]

2012-08-16 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000UA.job

- C:\Users\rwema\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-12 17:43:46 . 2012-08-12 17:43:40]

2012-08-16 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29:07 . 2010-04-16 10:29:00]

2012-08-16 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29:07 . 2010-04-16 10:29:00]

2012-08-16 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000Core.job

- C:\Users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59:08 . 2009-11-07 14:59:07]

2012-08-16 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000UA.job

- C:\Users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59:08 . 2009-11-07 14:59:07]

--------- X64 Entries -----------

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-07-03 16:21:16 133400 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="C:\Program Files (x86)\IDT\WDM\sttray64.exe" [bU]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-11-26 06:57:02 1657128]

"Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe" [2006-11-03 09:01:16 319488]

"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [2008-12-22 10:35:14 4119552]

"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2010-08-25 18:45:04 161304]

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2010-08-25 18:44:54 386584]

"Persistence"="C:\Windows\system32\igfxpers.exe" [2010-08-25 18:45:00 415256]

"WPCUMI"="C:\Windows\system32\WpcUmi.exe" [2006-11-02 15:03:48 182784]

"combofix"="C:\ComboFix\CF11035.3XE" [2008-01-21 02:50:37 363008]

------- Bijkomende Scan -------

uLocal Page = C:\Windows\system32\blank.htm

mLocal Page = C:\Windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - C:\Users\rwema\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 195.130.130.5 195.130.131.5

CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll

FF - ProfilePath - C:\Users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\o4pcq729.default\

user_pref('extensions.dealply.partner', 'iron');

user_pref('extensions.dealply.channel', 'iron3');

user_pref('extensions.dealply.installId', 'v23600250690413664744642012031600095826');

user_pref('extensions.dealply.installIdSource', 'inst');

user_pref('extensions.dealply.sampleGroup', '6');

FF - user.js: extensions.claro.admin - false

- - - - ORPHANS VERWIJDERD - - - -

Toolbar-10 - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)

WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)

AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe

Dit heb ik gedaan zonder die andere bestanden, ik ga ze nu verwijderen moet ik alles terug herdoen of is dit okay nu?

Link naar reactie
Delen op andere sites

Typ in de URL-balk van Firefox de opdracht about:config. Bevestig dat je voorzichtig zal zijn. Typ in de zoekbalk browser.newtab.url. Indien op die locatie Claro Search aanwezig is, vervang je dat door een eigen gekozen zoekmachine.

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Firefox::

FF - ProfilePath - C:\Users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\o4pcq729.default\

user_pref('extensions.dealply.partner', 'iron');

user_pref('extensions.dealply.channel', 'iron3');

user_pref('extensions.dealply.installId', 'v23600250690413664744642012031600095826');

user_pref('extensions.dealply.installIdSource', 'inst');

user_pref('extensions.dealply.sampleGroup', '6');

FF - user.js: extensions.claro.admin – false

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

aangepast door kape
Link naar reactie
Delen op andere sites

sorry voor wat late reactie.

hier de gevraagde combofix log:

ComboFix 12-08-18.03 - rwema 19/08/2012 23:54:28.15.2 - x64

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.4054.2423 [GMT 2:00]

Gestart vanuit: c:\users\rwema\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\rwema\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Voorgaande Run -------

.

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.settings

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\chrome.manifest

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-10.0.2.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-11.0.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-12.0.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-13.0.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-14.0.1.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-3.6.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-3.6.xpt

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-5.0.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-6.0.2.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-7.0.1.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-8.0.1.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\BrowserManager-9.0.1.dll

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\BrowserManager.js

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\overlay.xul

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\install.rdf

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22

c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_Browser Manager

-------\Service_Browser Manager

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-19 to 2012-08-19 ))))))))))))))))))))))))))))))

.

.

2012-08-19 22:12 . 2012-08-19 22:12 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-08-19 22:12 . 2012-08-19 22:12 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-19 22:12 . 2012-08-19 22:12 -------- d-----w- c:\users\AppData\AppData\Local\temp

2012-08-19 21:48 . 2012-08-19 21:50 -------- d-----w- C:\32788R22FWJFW

2012-08-19 09:05 . 2008-10-25 04:47 28156 ----a-w- c:\windows\SDB2C21.tmp

2012-08-19 09:05 . 2012-08-19 09:05 1472 ----a-w- c:\windows\VWL1CE3.tmp

2012-08-19 09:05 . 2012-08-19 09:05 32594940 ----a-w- c:\windows\WLF1CE4.tmp

2012-08-19 09:05 . 2012-08-19 09:05 2332 ----a-w- c:\windows\MAN1C75.tmp

2012-08-15 22:08 . 2012-08-15 22:08 -------- d-----w- c:\program files (x86)\Hand-Crafted Software

2012-08-15 17:14 . 2012-06-29 10:04 9133488 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EF0BD76E-4EA3-46D1-8162-3A1345E43673}\mpengine.dll

2012-08-13 13:32 . 2012-08-13 13:32 -------- d-----w- c:\program files (x86)\Claro LTD

2012-08-13 13:31 . 2012-08-13 13:31 -------- d-----w- c:\users\rwema\AppData\Roaming\ExpressFiles

2012-08-13 13:31 . 2012-08-13 13:31 -------- d-----w- c:\program files (x86)\ExpressFiles

2012-08-13 00:11 . 2012-08-13 00:11 -------- d-----w- c:\users\rwema\AppData\Roaming\Nero

2012-08-12 23:54 . 2012-08-12 23:57 -------- d-----w- c:\program files (x86)\Common Files\Nero

2012-08-12 23:53 . 2012-08-13 00:02 -------- d-----w- c:\programdata\Nero

2012-08-12 23:26 . 2011-12-01 09:42 15920 ----a-w- c:\windows\system32\drivers\NBVolUp.sys

2012-08-12 23:26 . 2011-12-01 09:42 72240 ----a-w- c:\windows\system32\drivers\NBVol.sys

2012-08-12 23:26 . 2012-08-13 00:02 -------- d-----w- c:\program files (x86)\Nero

2012-08-12 23:26 . 2012-08-12 23:26 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-12 23:25 . 2010-05-26 09:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll

2012-08-12 23:18 . 2010-05-26 09:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll

2012-08-12 23:17 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll

2012-08-12 23:16 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\SysWow64\d3dcsx_43.dll

2012-08-12 23:15 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll

2012-08-12 20:30 . 2012-08-12 23:15 -------- d-----w- c:\users\rwema\AppData\Roaming\DVD Flick

2012-08-12 20:07 . 2003-01-26 11:41 40960 ----a-w- c:\windows\SysWow64\ssubtmr6.dll

2012-08-12 20:07 . 2012-08-12 20:07 -------- d-----w- c:\program files (x86)\DVD Flick

2012-08-12 20:07 . 2008-08-31 11:27 28672 ----a-w- c:\windows\SysWow64\mousewheel.ocx

2012-08-12 20:07 . 2007-08-31 16:36 36864 ----a-w- c:\windows\SysWow64\trayicon_handler.ocx

2012-08-12 20:07 . 2004-03-08 22:00 662288 ----a-w- c:\windows\SysWow64\mscomct2.ocx

2012-08-12 20:07 . 2004-03-08 22:00 609824 ----a-w- c:\windows\SysWow64\comctl32.ocx

2012-08-12 20:07 . 2004-03-08 22:00 212240 ----a-w- c:\windows\SysWow64\richtx32.ocx

2012-08-12 20:07 . 1998-06-23 22:00 164144 ----a-w- c:\windows\SysWow64\comct232.ocx

2012-08-12 17:43 . 2012-08-12 17:44 -------- d-----w- c:\users\rwema\AppData\Local\Facebook

2012-08-03 23:56 . 2012-08-03 23:56 -------- d-----w- c:\users\rwema\Thibo andere fotos

2012-07-30 16:30 . 2012-07-30 16:30 -------- d-----w- c:\windows\nl

2012-07-30 16:28 . 2012-07-30 16:28 -------- d-----w- c:\windows\en

2012-07-30 16:22 . 2012-03-08 16:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2012-07-30 16:14 . 2012-07-30 16:14 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\71e698401cd6e6e06\bingbarsetup.exe

2012-07-30 16:14 . 2012-07-30 16:14 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\6085ae601cd6e6e02\DSETUP.dll

2012-07-30 16:14 . 2012-07-30 16:14 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\6085ae601cd6e6e02\DXSETUP.exe

2012-07-30 16:14 . 2012-07-30 16:14 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\6085ae601cd6e6e02\dsetup32.dll

2012-07-30 16:14 . 2012-07-30 16:14 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\60f58f001cd6e6e03\MeshBetaRemover.exe

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-16 10:03 . 2006-11-02 12:35 62134624 ----a-w- c:\windows\system32\mrt.exe

2012-07-03 16:21 . 2012-01-28 16:42 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-07-03 16:21 . 2012-01-28 16:42 44272 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2012-07-03 16:21 . 2012-01-28 16:42 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-07-03 16:21 . 2012-01-28 16:42 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-07-03 16:21 . 2012-01-28 16:42 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-07-03 16:21 . 2012-01-28 16:42 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-07-03 16:21 . 2012-01-28 16:41 41224 ----a-w- c:\windows\avastSS.scr

2012-07-03 16:21 . 2012-01-28 16:41 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe

2012-07-03 16:21 . 2011-05-26 13:09 285328 ----a-w- c:\windows\system32\aswBoot.exe

2012-07-03 11:46 . 2011-04-30 16:05 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-13 13:58 . 2012-07-12 10:33 2769408 ----a-w- c:\windows\system32\win32k.sys

2012-06-08 17:59 . 2012-07-11 12:24 12899840 ----a-w- c:\windows\system32\shell32.dll

2012-06-05 16:47 . 2012-07-11 12:24 1401856 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-05 16:47 . 2012-07-11 12:24 1248768 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-05 16:22 . 2012-07-11 12:24 1797120 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 16:22 . 2012-07-11 12:24 1869824 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 15:29 . 2012-07-11 12:24 516480 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 22:19 . 2012-06-21 21:59 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-21 21:59 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-21 21:59 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-21 21:59 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-21 21:59 35864 ----a-w- c:\windows\SysWow64\wups.dll

2012-06-02 22:19 . 2012-06-21 21:59 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:19 . 2012-06-21 21:59 577048 ----a-w- c:\windows\SysWow64\wuapi.dll

2012-06-02 22:15 . 2012-06-21 21:59 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-21 21:59 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 22:12 . 2012-06-21 21:59 88576 ----a-w- c:\windows\SysWow64\wudriver.dll

2012-06-02 13:19 . 2012-06-21 21:58 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:19 . 2012-06-21 21:58 171904 ----a-w- c:\windows\SysWow64\wuwebv.dll

2012-06-02 13:15 . 2012-06-21 21:58 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 13:12 . 2012-06-21 21:58 33792 ----a-w- c:\windows\SysWow64\wuapp.exe

2012-06-02 12:49 . 2012-07-12 10:34 17807360 ----a-w- c:\windows\system32\mshtml.dll

2012-06-02 12:17 . 2012-07-12 10:34 10924032 ----a-w- c:\windows\system32\ieframe.dll

2012-06-02 12:12 . 2012-07-12 10:34 2311680 ----a-w- c:\windows\system32\jscript9.dll

2012-06-02 12:05 . 2012-07-12 10:34 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-06-02 12:05 . 2012-07-12 10:34 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-06-02 12:04 . 2012-07-12 10:34 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-02 12:04 . 2012-07-12 10:34 237056 ----a-w- c:\windows\system32\url.dll

2012-06-02 12:03 . 2012-07-12 10:34 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-06-02 12:01 . 2012-07-12 10:34 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-02 12:00 . 2012-07-12 10:34 818688 ----a-w- c:\windows\system32\jscript.dll

2012-06-02 11:59 . 2012-07-12 10:34 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-06-02 11:57 . 2012-07-12 10:34 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-06-02 11:57 . 2012-07-12 10:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-06-02 11:54 . 2012-07-12 10:34 248320 ----a-w- c:\windows\system32\ieui.dll

2012-06-02 08:33 . 2012-07-12 10:34 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-06-02 08:25 . 2012-07-12 10:34 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-06-02 08:25 . 2012-07-12 10:34 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-06-02 08:20 . 2012-07-12 10:34 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-06-02 08:16 . 2012-07-12 10:35 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-06-02 00:22 . 2012-07-11 12:24 347136 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 00:22 . 2012-07-11 12:24 254464 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 00:05 . 2012-07-11 12:24 77312 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 00:04 . 2012-07-11 12:24 278528 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 00:03 . 2012-07-11 12:24 204288 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-05-31 10:25 . 2011-05-26 13:01 279656 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((( SnapShot_2012-08-16_13.38.26 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-01-21 03:20 . 2012-08-16 09:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2008-01-21 03:20 . 2012-08-19 20:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2008-01-21 03:20 . 2012-08-16 09:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2008-01-21 03:20 . 2012-08-19 20:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2008-01-21 03:20 . 2012-08-19 20:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2008-01-21 03:20 . 2012-08-16 09:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2008-01-21 02:23 . 2012-08-19 20:41 83894 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-27 21:38 . 2012-08-19 20:41 25702 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3916401253-1491523390-1999398694-1000_UserData.bin

+ 2009-07-27 22:34 . 2012-08-16 21:09 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-27 22:34 . 2012-08-13 12:54 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-27 22:34 . 2012-08-16 21:09 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-27 22:34 . 2012-08-13 12:54 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-27 22:34 . 2012-08-16 21:09 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-27 22:34 . 2012-08-13 12:54 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-08-19 20:39 . 2012-08-19 20:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-08-16 09:56 . 2012-08-16 09:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-19 20:39 . 2012-08-19 20:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-08-16 09:56 . 2012-08-16 09:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-29 00:57 . 2012-08-19 11:37 339772 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin

+ 2009-07-30 04:31 . 2012-08-18 22:25 430942 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin

+ 2006-11-02 15:45 . 2012-08-19 20:41 106026 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin

- 2006-11-02 12:46 . 2012-08-16 10:04 668428 c:\windows\system32\perfh009.dat

+ 2006-11-02 12:46 . 2012-08-19 20:44 668428 c:\windows\system32\perfh009.dat

+ 2006-11-02 12:46 . 2012-08-19 20:44 134026 c:\windows\system32\perfc009.dat

- 2006-11-02 12:46 . 2012-08-16 10:04 134026 c:\windows\system32\perfc009.dat

- 2010-10-23 14:47 . 2012-08-16 00:01 322232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-10-23 14:47 . 2012-08-19 16:39 322232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-10-23 17:14 . 2012-08-19 16:39 8820292 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-8192.dat

- 2010-10-23 17:14 . 2012-08-16 00:01 8820292 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-8192.dat

+ 2006-11-02 12:33 . 2012-08-19 20:43 10944512 c:\windows\system32\SMI\Store\Machine\schema.dat

+ 2012-08-16 21:00 . 2012-08-16 21:00 10944512 c:\windows\ERDNT\subs\schema.dat

+ 2012-08-16 13:08 . 2012-08-19 21:50 10944512 c:\windows\ERDNT\Hiv-backup\schema.dat

- 2012-08-16 13:08 . 2012-08-16 13:08 10944512 c:\windows\ERDNT\Hiv-backup\schema.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]

"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-03-17 842048]

"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]

"Facebook Update"="c:\users\rwema\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-08-12 138096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Ulead Memory Card Detector"="c:\program files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe" [2002-09-10 28672]

"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-11-11 442536]

"TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-07-17 202256]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]

"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2012-01-13 1493288]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

.

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [2009-03-20 89600]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - Lavasoft Kernexplorer

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

Themes

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000Core.job

- c:\users\rwema\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-12 17:43]

.

2012-08-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000UA.job

- c:\users\rwema\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-12 17:43]

.

2012-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29]

.

2012-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29]

.

2012-08-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000Core.job

- c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59]

.

2012-08-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000UA.job

- c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="c:\program files (x86)\IDT\WDM\sttray64.exe" [bU]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-11-26 1657128]

"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 4119552]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]

"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 182784]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - c:\users\rwema\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 195.130.130.5 195.130.131.5

CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll

FF - ProfilePath - c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\o4pcq729.default\

FF - prefs.js: browser.startup.homepage - about:home

user_pref('extensions.dealply.partner', 'iron');

user_pref('extensions.dealply.channel', 'iron3');

user_pref('extensions.dealply.installId', 'v23600250690413664744642012031600095826');

user_pref('extensions.dealply.installIdSource', 'inst');

user_pref('extensions.dealply.sampleGroup', '6');

FF - user.js: extensions.claro.admin - false

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-10 - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)

WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)

HKLM-Run-combofix - c:\combofix\CF11035.3XE

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]

@Denied: (A 2) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]

@="Shockwave Flash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]

@Denied: (A 2) (Everyone)

@=""

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]

@="FlashBroker"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]

"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

Voltooingstijd: 2012-08-20 00:16:57

ComboFix-quarantined-files.txt 2012-08-19 22:16

ComboFix2.txt 2012-08-16 13:44

ComboFix3.txt 2012-05-20 18:34

ComboFix4.txt 2012-05-20 14:52

ComboFix5.txt 2012-08-16 20:39

.

Pre-Run: 106.231.574.528 bytes free

Post-Run: 106.152.800.256 bytes beschikbaar

.

- - End Of File - - 135ABD0B3014A86BA766F49ABA90F12D

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.