Hoe weet ik of mijn computer geinfecteerd is?

Kees Draaihuis · 26 december 2013

Dag beste mensen,

een vraagje, ik heb vandaag mijn computer opnieuw willen installeren. Direct na de installatie van Windows 7 heb ik als eerste een virusscanner, een firewall en Malwarebytes geinstalleerd. Voor de zekerheid heb ik ze ook laten lopen en Malwarebytes vond al heel snel een Trojan.loader genaamd "Windows7Loader.exe". Ik heb 'm via Malwarebytes verwijderd en mijn computer opnieuw opgestart. Maar toch maak ik me een beetje zorgen, want tijdens de installatie van Windows7 zag ik op een gegeven ogenblik iets op mijn scherm met "Windows7Loader". Ik ging er vanuit dat dat bij de installatie hoorde, maar omdat Malwarebytes daarna aangaf dat het om een trojan gaat, ben ik toch bang dat mijn computer nu geinfecteerd is. Hoe kan ik dit nu weten? Want zowel Avast Antivirus alsook Malwarebytes geven nu geen meldingen op mijn C-Schijf als ik ze daarop laat controleren.

Bij voorbaat dank.

Hensyr · 26 december 2013

Dag Kees,

Ik vrees dat men jou een illegale copy van Windows 7 heeft gegeven, aangezien Windows 7Loader.exe een programmaatje is om Windows te activeren.

Het wordt dan ook door de meeste virusscanners aanzien als kwaadaardige software.

Kees Draaihuis · 27 december 2013

Dag Hensyr,

'Gegeven' is een groot woord, ik heb 'm op Marktplaats gekocht waarbij aangegeven is dat het om een legale versie gaat. Ik heb nog nagevraagd waarom deze versie goedkoper was dan een winkelversie maar de verkoopster gaf aan dat het ging om een studentenversie die door studenten tegen een veel lagere prijs gekocht kan worden. Dus ik heb nu een besmette computer? Ik heb het exe-bestandje er af gegooit met Malwarebytes, en een nieuwe scan geeft aan dat het bestandje niet meer aanwezig is. Maar ik kan dus nu toch besmet zijn?

kape · 27 december 2013

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

RSIT 32 bit (RSIT.exe)
RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Kees Draaihuis · 29 december 2013

Dag Kape,

Hierbij het logbestandje.

Logfile of random's system information tool 1.09 (written by random/random)

Run by ZET at 2013-12-29 18:48:30

Microsoft Windows 7 Ultimate Service Pack 1

System drive C: has 55 GB (50%) free of 110 GB

Total RAM: 12286 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:48:42, on 29-12-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

D:\Program Files (x86)\SABnzbd\SABnzbd.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

d:\Program Files (x86)\QuickTime\QTTask.exe

C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\ZET.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: [Ewido.TrackingCookie.Googleadservices]

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"

O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "d:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe

--

End of file - 9020 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

"C:\Program Files\Sandboxie\SbieSvc.exe"

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service

atieclxx

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files\Sandboxie\SbieCtrl.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe"

"taskhost.exe"

"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ae810033-e5d7-4344-b228-45cb722583af -SystemEventPortName:HostProcess-c81e905c-d74d-4840-8b88-7d5bf63f6f88 -IoCancelEventPortName:HostProcess-80558e89-d0ae-4c4c-a49b-adfa8eaec086 -NonStateChangingEventPortName:HostProcess-637d167a-686a-45a4-a8b9-676d9e66503d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fd03e180-5f93-4beb-831e-e557c96fe815 -DeviceGroupId:WpdFsGroup

C:\Windows\System32\svchost.exe -k secsvcs

"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"taskhost.exe"

"D:\Program Files (x86)\SABnzbd\SABnzbd.exe" "D:\Program Files (x86)\SABnzbd\SABnzbd.exe"

"C:\Program Files\Sandboxie\SbieSvc.exe" Sandboxie_GuiProxy_00000001,1120

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2324.0.975669937\1684371587" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --reduce-gpu-sandbox --gpu-vendor-id=0x1002 --gpu-device-id=0x9442 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.632.1.2000 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_71/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="2324.1.1100140650\1458390922" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_71/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2324.2.410725047\1613930434" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_71/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2324.3.1465196383\305433153" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_71/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="2324.4.299564902\404299903" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_71/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="2324.5.1157439389\2134341952" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_71/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="2324.6.5010933\1543730293" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_71/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2324.8.705406114\2113927252" /prefetch:673131151

"d:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"D:\Program Files\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe"

"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" "-launchedbycsxs"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_71/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2324.25.594600551\778995175" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_71/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="2324.27.1688838630\1750148145" /prefetch:673131151

"C:\Users\ZET\Desktop\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-26 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-26 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-26 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-26 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2013-10-16 759496]

"DAEMON Tools Lite"=D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-26 3764024]

"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-12-16 73832]

"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

"QuickTime Task"=d:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"ConsentPromptBehaviorUser"=0

"EnableLUA"=0

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

"NoResolveSearch"=1

"NoResolveTrack"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"VIDC.LAGS"=lagarith.dll

"VIDC.X264"=x264vfw64.dll

"VIDC.XVID"=xvidvfw.dll

"VIDC.FFDS"=ff_vfw.dll

"msacm.ac3acm"=ac3acm.acm

"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-29 18:48:30 ----D---- C:\rsit

2013-12-29 18:48:30 ----D---- C:\Program Files\trend micro

2013-12-29 16:44:25 ----D---- C:\ProgramData\TEMP

2013-12-29 16:36:22 ----D---- C:\Users\ZET\AppData\Roaming\MPC-HC

2013-12-29 16:35:28 ----A---- C:\Windows\system32\ff_vfw.dll

2013-12-29 16:35:25 ----A---- C:\Windows\SYSWOW64\lagarith.dll

2013-12-29 16:35:25 ----A---- C:\Windows\system32\x264vfw64.dll

2013-12-29 16:35:25 ----A---- C:\Windows\system32\lagarith.dll

2013-12-29 16:35:24 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll

2013-12-29 16:35:24 ----A---- C:\Windows\SYSWOW64\xvidcore.dll

2013-12-29 16:35:24 ----A---- C:\Windows\SYSWOW64\x264vfw.dll

2013-12-29 16:35:24 ----A---- C:\Windows\system32\xvidvfw.dll

2013-12-29 16:35:24 ----A---- C:\Windows\system32\xvidcore.dll

2013-12-29 16:35:23 ----A---- C:\Windows\SYSWOW64\unrar.dll

2013-12-29 16:35:23 ----A---- C:\Windows\system32\unrar64.dll

2013-12-29 16:35:19 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll

2013-12-29 16:35:17 ----D---- C:\Program Files (x86)\K-Lite Codec Pack

2013-12-29 16:32:31 ----D---- C:\ProgramData\Apple Computer

2013-12-29 16:26:39 ----D---- C:\ProgramData\QuickTime

2013-12-29 15:38:09 ----D---- C:\Softwarenetz

2013-12-29 15:08:38 ----A---- C:\Windows\snui.exe

2013-12-29 14:48:27 ----D---- C:\Program Files\Unlocker

2013-12-29 14:25:58 ----D---- C:\ProgramData\Spotnet

2013-12-29 14:25:58 ----D---- C:\Program Files (x86)\Spotnet

2013-12-29 14:18:39 ----D---- C:\Users\ZET\AppData\Roaming\Foxit Software

2013-12-29 13:14:46 ----D---- C:\Users\ZET\AppData\Roaming\Foxit Advanced PDF Editor

2013-12-29 13:14:46 ----D---- C:\ProgramData\Foxit Advanced PDF Editor

2013-12-29 13:14:46 ----D---- C:\ProgramData\Aspell

2013-12-29 13:13:08 ----D---- C:\Users\ZET\AppData\Roaming\Google

2013-12-29 13:06:15 ----D---- C:\ProgramData\Google

2013-12-29 13:06:05 ----D---- C:\Program Files (x86)\GUM35D.tmp

2013-12-29 12:37:34 ----D---- C:\Users\ZET\AppData\Roaming\ePaperPress

2013-12-29 11:19:08 ----D---- C:\Users\ZET\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2013-12-29 11:19:08 ----D---- C:\Users\ZET\AppData\Roaming\Adobe Mini Bridge CS5

2013-12-28 15:34:47 ----D---- C:\ProgramData\Nikon

2013-12-28 15:26:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2013-12-28 15:26:06 ----D---- C:\Windows\system32\Macromed

2013-12-28 15:11:46 ----D---- C:\Program Files (x86)\Microsoft Works

2013-12-28 15:11:10 ----D---- C:\Program Files (x86)\Microsoft Visual Studio

2013-12-28 15:10:54 ----D---- C:\Windows\PCHEALTH

2013-12-28 15:08:46 ----D---- C:\Program Files\Microsoft Office

2013-12-28 15:08:26 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8

2013-12-28 15:07:36 ----D---- C:\Program Files (x86)\Microsoft Office

2013-12-28 15:06:35 ----RHD---- C:\MSOCache

2013-12-28 14:41:47 ----D---- C:\ProgramData\Microsoft Help

2013-12-28 14:33:25 ----D---- C:\ProgramData\boost_interprocess

2013-12-28 14:32:51 ----D---- C:\ProgramData\Printer Icons

2013-12-28 14:26:36 ----D---- C:\Windows\system32\appmgmt

2013-12-28 14:17:54 ----D---- C:\Users\ZET\AppData\Roaming\Nikon

2013-12-28 14:17:47 ----D---- C:\Program Files (x86)\Nikon

2013-12-28 13:39:48 ----D---- C:\Program Files\Common Files\Nikon

2013-12-28 13:38:07 ----H---- C:\ProgramData\PKP_DLbx.DAT

2013-12-28 13:38:07 ----D---- C:\ProgramData\Ultima_T15

2013-12-28 13:38:07 ----D---- C:\ProgramData\EnterNHelp

2013-12-28 13:36:29 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2013-12-28 13:33:29 ----D---- C:\Program Files (x86)\Microsoft.NET

2013-12-28 13:13:13 ----D---- C:\Users\ZET\AppData\Roaming\Apple Computer

2013-12-28 13:08:05 ----D---- C:\Windows\WICCodecs

2013-12-28 12:55:36 ----A---- C:\Windows\SurCode.INI

2013-12-28 12:55:35 ----D---- C:\Users\ZET\AppData\Roaming\PACE Anti-Piracy

2013-12-28 12:55:35 ----D---- C:\ProgramData\PACE Anti-Piracy

2013-12-28 12:55:35 ----D---- C:\Program Files\Common Files\PACE Anti-Piracy

2013-12-28 12:38:38 ----D---- C:\ProgramData\Apple

2013-12-28 12:38:38 ----D---- C:\Program Files (x86)\Apple Software Update

2013-12-28 12:30:03 ----D---- C:\Users\ZET\AppData\Roaming\dvdcss

2013-12-28 12:26:23 ----D---- C:\Users\ZET\AppData\Roaming\vlc

2013-12-28 12:01:07 ----D---- C:\Users\ZET\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1

2013-12-28 11:56:28 ----D---- C:\ProgramData\regid.1986-12.com.adobe

2013-12-28 11:45:18 ----D---- C:\ProgramData\ALM

2013-12-28 11:36:01 ----D---- C:\Program Files (x86)\Adobe Media Player

2013-12-28 11:35:46 ----N---- C:\Windows\system32\drivers\PxHlpa64.sys

2013-12-28 11:35:46 ----N---- C:\Windows\system32\drivers\cdralw2k.sys

2013-12-28 11:35:46 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys

2013-12-28 11:35:46 ----D---- C:\Program Files (x86)\My Company Name

2013-12-28 11:34:16 ----D---- C:\Program Files\Common Files\Adobe

2013-12-28 11:34:15 ----D---- C:\Program Files\Adobe

2013-12-28 11:33:43 ----D---- C:\Windows\SYSWOW64\Macromed

2013-12-28 11:33:37 ----D---- C:\Program Files (x86)\Adobe

2013-12-28 11:27:07 ----D---- C:\Users\ZET\AppData\Roaming\Macromedia

2013-12-28 11:27:06 ----D---- C:\ProgramData\Adobe

2013-12-27 13:34:50 ----RD---- C:\Sandbox

2013-12-27 13:34:29 ----D---- C:\Users\ZET\AppData\Roaming\WinRAR

2013-12-27 13:24:08 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys

2013-12-27 13:24:05 ----D---- C:\Users\ZET\AppData\Roaming\DAEMON Tools Lite

2013-12-27 13:23:31 ----D---- C:\ProgramData\DAEMON Tools Lite

2013-12-27 13:20:50 ----A---- C:\Windows\Sandboxie.ini

2013-12-27 13:20:41 ----D---- C:\Program Files\Sandboxie

2013-12-26 21:20:22 ----D---- C:\Users\ZET\AppData\Roaming\Thunderbird

2013-12-26 21:20:22 ----D---- C:\Users\ZET\AppData\Roaming\Mozilla

2013-12-26 21:20:17 ----D---- C:\ProgramData\Mozilla

2013-12-26 21:20:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2013-12-26 21:20:13 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

2013-12-26 21:16:54 ----D---- C:\Users\ZET\AppData\Roaming\Malwarebytes

2013-12-26 21:16:41 ----D---- C:\ProgramData\Malwarebytes

2013-12-26 21:16:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-26 21:16:39 ----A---- C:\Windows\system32\drivers\mbam.sys

2013-12-26 21:15:46 ----D---- C:\Program Files (x86)\Check Point Software Technologies LTD

2013-12-26 21:15:44 ----D---- C:\Program Files (x86)\Mozilla Firefox

2013-12-26 21:15:43 ----D---- C:\Users\ZET\AppData\Roaming\Check Point Software Technologies LTD

2013-12-26 21:15:39 ----D---- C:\Program Files (x86)\CheckPoint

2013-12-26 21:15:17 ----D---- C:\ProgramData\CheckPoint

2013-12-26 21:15:03 ----SHD---- C:\Windows\Installer

2013-12-26 21:14:58 ----D---- C:\Users\ZET\AppData\Roaming\AVAST Software

2013-12-26 21:14:16 ----A---- C:\Windows\system32\drivers\aswstm.sys

2013-12-26 21:14:15 ----A---- C:\Windows\system32\drivers\aswVmm.sys

2013-12-26 21:14:15 ----A---- C:\Windows\system32\drivers\aswSnx.sys

2013-12-26 21:14:15 ----A---- C:\Windows\system32\drivers\aswRvrt.sys

2013-12-26 21:14:14 ----A---- C:\Windows\system32\drivers\aswSP.sys

2013-12-26 21:14:14 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys

2013-12-26 21:14:13 ----A---- C:\Windows\system32\drivers\aswRdr2.sys

2013-12-26 21:14:12 ----A---- C:\Windows\system32\aswBoot.exe

2013-12-26 21:14:10 ----A---- C:\Windows\avastSS.scr

2013-12-26 21:13:43 ----D---- C:\Program Files\AVAST Software

2013-12-26 21:13:19 ----D---- C:\ProgramData\AVAST Software

2013-12-26 21:10:47 ----D---- C:\Program Files (x86)\Google

2013-12-26 21:04:14 ----A---- C:\Windows\system32\wups2.dll

2013-12-26 21:04:14 ----A---- C:\Windows\system32\wucltux.dll

2013-12-26 21:04:14 ----A---- C:\Windows\system32\wuauclt.exe

2013-12-26 21:04:13 ----A---- C:\Windows\system32\wuaueng.dll

2013-12-26 21:04:03 ----A---- C:\Windows\system32\wups.dll

2013-12-26 21:04:03 ----A---- C:\Windows\system32\wudriver.dll

2013-12-26 21:04:03 ----A---- C:\Windows\system32\wuapi.dll

2013-12-26 21:03:56 ----A---- C:\Windows\system32\wuwebv.dll

2013-12-26 21:03:56 ----A---- C:\Windows\system32\wuapp.exe

2013-12-26 21:01:02 ----D---- C:\Users\ZET\AppData\Roaming\Adobe

2013-12-26 21:00:52 ----D---- C:\Users\ZET\AppData\Roaming\Identities

2013-12-26 21:00:36 ----SD---- C:\Users\ZET\AppData\Roaming\Microsoft

2013-12-26 21:00:36 ----D---- C:\Users\ZET\AppData\Roaming\Media Center Programs

2013-12-26 20:58:51 ----SHD---- C:\Recovery

2013-12-26 20:58:51 ----SHD---- C:\ProgramData\Sjablonen

2013-12-26 20:58:51 ----SHD---- C:\ProgramData\Menu Start

2013-12-26 20:58:51 ----SHD---- C:\ProgramData\Favorieten

2013-12-26 20:58:51 ----SHD---- C:\ProgramData\Documenten

2013-12-26 20:58:51 ----SHD---- C:\ProgramData\Bureaublad

2013-12-26 20:51:20 ----D---- C:\Windows\Prefetch

2013-12-26 20:50:30 ----ASH---- C:\pagefile.sys

2013-12-26 20:50:28 ----SHD---- C:\System Volume Information

2013-12-26 20:49:30 ----D---- C:\Windows\Panther

2013-12-18 18:33:23 ----A---- C:\Windows\SYSWOW64\elshyph.dll

2013-12-18 18:33:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2013-12-18 18:33:22 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-12-18 18:33:22 ----A---- C:\Windows\SYSWOW64\jsIntl.dll

2013-12-18 18:33:22 ----A---- C:\Windows\system32\elshyph.dll

2013-12-18 18:33:21 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-12-18 18:33:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-12-18 18:33:21 ----A---- C:\Windows\SYSWOW64\msrating.dll

2013-12-18 18:33:21 ----A---- C:\Windows\SYSWOW64\msls31.dll

2013-12-18 18:33:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-12-18 18:33:21 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-12-18 18:33:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\wextract.exe

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\url.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\licmgr10.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\inseng.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\iexpress.exe

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\icardie.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2013-12-18 18:33:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2013-12-18 18:33:19 ----A---- C:\Windows\SYSWOW64\webcheck.dll

2013-12-18 18:33:19 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2013-12-18 18:33:19 ----A---- C:\Windows\SYSWOW64\pngfilt.dll

2013-12-18 18:33:19 ----A---- C:\Windows\SYSWOW64\occache.dll

2013-12-18 18:33:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2013-12-18 18:33:19 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2013-12-18 18:33:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-12-18 18:33:19 ----A---- C:\Windows\SYSWOW64\mshta.exe

2013-12-18 18:33:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-12-18 18:33:19 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\mshtmler.dll

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\imgutil.dll

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\iepeers.dll

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2013-12-18 18:33:18 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll

2013-12-18 18:33:18 ----A---- C:\Windows\system32\jsIntl.dll

2013-12-18 18:33:17 ----A---- C:\Windows\system32\wininet.dll

2013-12-18 18:33:17 ----A---- C:\Windows\system32\urlmon.dll

2013-12-18 18:33:17 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2013-12-18 18:33:17 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-12-18 18:33:17 ----A---- C:\Windows\system32\msrating.dll

2013-12-18 18:33:17 ----A---- C:\Windows\system32\msls31.dll

2013-12-18 18:33:17 ----A---- C:\Windows\system32\msfeedssync.exe

2013-12-18 18:33:17 ----A---- C:\Windows\system32\msfeedsbs.dll

2013-12-18 18:33:17 ----A---- C:\Windows\system32\jsproxy.dll

2013-12-18 18:33:17 ----A---- C:\Windows\system32\jscript9diag.dll

2013-12-18 18:33:17 ----A---- C:\Windows\system32\iertutil.dll

2013-12-18 18:33:17 ----A---- C:\Windows\system32\IEAdvpack.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\mshtmler.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\jscript9.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\ieui.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\iesysprep.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\iesetup.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\iernonce.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\ieframe.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\ieapfltr.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\ieapfltr.dat

2013-12-18 18:33:16 ----A---- C:\Windows\system32\ie4uinit.exe

2013-12-18 18:33:16 ----A---- C:\Windows\system32\icardie.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\dxtrans.dll

2013-12-18 18:33:16 ----A---- C:\Windows\system32\dxtmsft.dll

2013-12-18 18:33:15 ----A---- C:\Windows\system32\wextract.exe

2013-12-18 18:33:15 ----A---- C:\Windows\system32\webcheck.dll

2013-12-18 18:33:15 ----A---- C:\Windows\system32\vbscript.dll

2013-12-18 18:33:15 ----A---- C:\Windows\system32\url.dll

2013-12-18 18:33:15 ----A---- C:\Windows\system32\mshtmlmedia.dll

2013-12-18 18:33:15 ----A---- C:\Windows\system32\mshtmled.dll

2013-12-18 18:33:15 ----A---- C:\Windows\system32\msfeeds.dll

2013-12-18 18:33:15 ----A---- C:\Windows\system32\licmgr10.dll

2013-12-18 18:33:15 ----A---- C:\Windows\system32\inseng.dll

2013-12-18 18:33:15 ----A---- C:\Windows\system32\iexpress.exe

2013-12-18 18:33:15 ----A---- C:\Windows\system32\iedkcs32.dll

2013-12-18 18:33:14 ----A---- C:\Windows\system32\pngfilt.dll

2013-12-18 18:33:14 ----A---- C:\Windows\system32\occache.dll

2013-12-18 18:33:14 ----A---- C:\Windows\system32\MshtmlDac.dll

2013-12-18 18:33:14 ----A---- C:\Windows\system32\mshtml.dll

2013-12-18 18:33:14 ----A---- C:\Windows\system32\mshta.exe

2013-12-18 18:33:14 ----A---- C:\Windows\system32\jscript.dll

2013-12-18 18:33:14 ----A---- C:\Windows\system32\imgutil.dll

2013-12-18 18:33:14 ----A---- C:\Windows\system32\ieUnatt.exe

2013-12-18 18:33:14 ----A---- C:\Windows\system32\iepeers.dll

2013-12-18 18:33:14 ----A---- C:\Windows\system32\ieetwproxystub.dll

2013-12-18 18:33:14 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2013-12-18 18:33:14 ----A---- C:\Windows\system32\ieetwcollector.exe

2013-12-18 18:31:26 ----A---- C:\Windows\SYSWOW64\fsutil.exe

2013-12-18 18:31:26 ----A---- C:\Windows\SYSWOW64\esent.dll

2013-12-18 18:31:26 ----A---- C:\Windows\system32\fsutil.exe

2013-12-18 18:31:26 ----A---- C:\Windows\system32\esent.dll

2013-12-18 18:31:26 ----A---- C:\Windows\system32\drivers\nvstor.sys

2013-12-18 18:31:26 ----A---- C:\Windows\system32\drivers\nvraid.sys

2013-12-18 18:31:26 ----A---- C:\Windows\system32\drivers\iaStorV.sys

2013-12-18 18:31:26 ----A---- C:\Windows\system32\drivers\amdxata.sys

2013-12-18 18:31:26 ----A---- C:\Windows\system32\drivers\amdsata.sys

2013-12-18 18:31:15 ----A---- C:\Windows\winhlp32.exe

2013-12-18 18:31:15 ----A---- C:\Windows\SYSWOW64\ftsrch.dll

2013-12-18 18:31:15 ----A---- C:\Windows\SYSWOW64\ftlx041e.dll

2013-12-18 18:31:15 ----A---- C:\Windows\SYSWOW64\ftlx0411.dll

2013-12-18 18:31:15 ----A---- C:\Windows\system32\ftsrch.dll

2013-12-18 18:31:15 ----A---- C:\Windows\system32\ftlx041e.dll

2013-12-18 18:31:15 ----A---- C:\Windows\system32\ftlx0411.dll

2013-12-18 18:31:08 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll

2013-12-18 18:31:08 ----A---- C:\Windows\system32\WMPhoto.dll

2013-12-18 18:31:00 ----A---- C:\Windows\SYSWOW64\tzres.dll

2013-12-18 18:31:00 ----A---- C:\Windows\system32\tzres.dll

2013-12-18 18:30:42 ----A---- C:\Windows\system32\win32k.sys

2013-12-18 18:30:34 ----A---- C:\Windows\system32\authui.dll

2013-12-18 18:30:33 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll

2013-12-18 18:30:33 ----A---- C:\Windows\SYSWOW64\credui.dll

2013-12-18 18:30:33 ----A---- C:\Windows\SYSWOW64\authui.dll

2013-12-18 18:30:33 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll

2013-12-18 18:30:33 ----A---- C:\Windows\system32\credui.dll

2013-12-18 18:30:24 ----A---- C:\Windows\SYSWOW64\imagehlp.dll

2013-12-18 18:30:24 ----A---- C:\Windows\system32\imagehlp.dll

2013-12-18 18:30:17 ----A---- C:\Windows\SYSWOW64\wscript.exe

2013-12-18 18:30:17 ----A---- C:\Windows\SYSWOW64\scrrun.dll

2013-12-18 18:30:17 ----A---- C:\Windows\SYSWOW64\cscript.exe

2013-12-18 18:30:17 ----A---- C:\Windows\system32\wscript.exe

2013-12-18 18:30:17 ----A---- C:\Windows\system32\scrrun.dll

2013-12-18 18:30:17 ----A---- C:\Windows\system32\cscript.exe

2013-12-18 18:30:10 ----A---- C:\Windows\SYSWOW64\msieftp.dll

2013-12-18 18:30:10 ----A---- C:\Windows\system32\msieftp.dll

2013-12-18 18:30:02 ----A---- C:\Windows\SYSWOW64\mswsock.dll

2013-12-18 18:30:02 ----A---- C:\Windows\system32\mswsock.dll

2013-12-18 18:30:02 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-12-18 18:30:02 ----A---- C:\Windows\system32\drivers\netio.sys

2013-12-18 18:30:02 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS

2013-12-18 18:29:55 ----A---- C:\Windows\system32\drivers\portcls.sys

2013-12-18 18:29:55 ----A---- C:\Windows\system32\drivers\drmk.sys

2013-12-18 18:29:25 ----A---- C:\Windows\system32\wow64.dll

2013-12-18 18:29:25 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-12-18 18:29:25 ----A---- C:\Windows\system32\csrsrv.dll

2013-12-18 18:29:24 ----A---- C:\Windows\SYSWOW64\wow32.dll

2013-12-18 18:29:24 ----A---- C:\Windows\SYSWOW64\user.exe

2013-12-18 18:29:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2013-12-18 18:29:24 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2013-12-18 18:29:24 ----A---- C:\Windows\SYSWOW64\instnm.exe

2013-12-18 18:29:24 ----A---- C:\Windows\SYSWOW64\appidapi.dll

2013-12-18 18:29:24 ----A---- C:\Windows\SYSWOW64\apisetschema.dll

2013-12-18 18:29:24 ----A---- C:\Windows\system32\tdh.dll

2013-12-18 18:29:24 ----A---- C:\Windows\system32\smss.exe

2013-12-18 18:29:24 ----A---- C:\Windows\system32\ntdll.dll

2013-12-18 18:29:24 ----A---- C:\Windows\system32\drivers\appid.sys

2013-12-18 18:29:24 ----A---- C:\Windows\system32\appidsvc.dll

2013-12-18 18:29:24 ----A---- C:\Windows\system32\appidpolicyconverter.exe

2013-12-18 18:29:24 ----A---- C:\Windows\system32\appidcertstorecheck.exe

2013-12-18 18:29:24 ----A---- C:\Windows\system32\appidapi.dll

2013-12-18 18:29:24 ----A---- C:\Windows\system32\apisetschema.dll

2013-12-18 18:29:24 ----A---- C:\Windows\system32\advapi32.dll

2013-12-18 18:29:23 ----A---- C:\Windows\SYSWOW64\tdh.dll

2013-12-18 18:29:23 ----A---- C:\Windows\SYSWOW64\setup16.exe

2013-12-18 18:29:23 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2013-12-18 18:29:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2013-12-18 18:29:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll

2013-12-18 18:29:12 ----A---- C:\Windows\SYSWOW64\gdi32.dll

2013-12-18 18:29:12 ----A---- C:\Windows\system32\gdi32.dll

2013-12-18 18:29:05 ----A---- C:\Windows\system32\drivers\dxgmms1.sys

2013-12-18 18:29:05 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2013-12-18 18:29:05 ----A---- C:\Windows\system32\cdd.dll

2013-12-18 18:28:59 ----A---- C:\Windows\system32\drivers\afd.sys

2013-12-18 18:28:46 ----A---- C:\Windows\system32\winsrv.dll

2013-12-18 18:28:46 ----A---- C:\Windows\system32\KernelBase.dll

2013-12-18 18:28:46 ----A---- C:\Windows\system32\kernel32.dll

2013-12-18 18:28:46 ----A---- C:\Windows\system32\conhost.exe

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll

2013-12-18 18:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll

2013-12-18 18:28:44 ----A---- C:\Windows\SYSWOW64\KernelBase.dll

2013-12-18 18:28:44 ----A---- C:\Windows\SYSWOW64\kernel32.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2013-12-18 18:28:43 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2013-12-18 18:28:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll

2013-12-18 18:28:30 ----A---- C:\Windows\SYSWOW64\secur32.dll

2013-12-18 18:28:30 ----A---- C:\Windows\SYSWOW64\schannel.dll

2013-12-18 18:28:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll

2013-12-18 18:28:30 ----A---- C:\Windows\system32\sspisrv.dll

2013-12-18 18:28:30 ----A---- C:\Windows\system32\sspicli.dll

2013-12-18 18:28:30 ----A---- C:\Windows\system32\secur32.dll

2013-12-18 18:28:30 ----A---- C:\Windows\system32\schannel.dll

2013-12-18 18:28:30 ----A---- C:\Windows\system32\ncrypt.dll

2013-12-18 18:28:30 ----A---- C:\Windows\system32\lsass.exe

2013-12-18 18:28:30 ----A---- C:\Windows\system32\lsasrv.dll

2013-12-18 18:28:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys

2013-12-18 18:28:30 ----A---- C:\Windows\system32\drivers\ksecdd.sys

2013-12-18 18:28:30 ----A---- C:\Windows\system32\drivers\cng.sys

2013-12-18 18:28:19 ----A---- C:\Windows\SYSWOW64\crypt32.dll

2013-12-18 18:28:19 ----A---- C:\Windows\system32\crypt32.dll

2013-12-18 18:27:38 ----A---- C:\Windows\SYSWOW64\shdocvw.dll

2013-12-18 18:27:38 ----A---- C:\Windows\system32\shdocvw.dll

2013-12-18 18:27:37 ----A---- C:\Windows\SYSWOW64\shell32.dll

2013-12-18 18:27:36 ----A---- C:\Windows\system32\shell32.dll

2013-12-18 18:27:22 ----A---- C:\Windows\system32\drivers\usbcir.sys

2013-12-18 18:27:15 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-12-18 18:27:09 ----A---- C:\Windows\system32\comctl32.dll

2013-12-18 18:27:08 ----A---- C:\Windows\SYSWOW64\comctl32.dll

2013-12-18 18:26:42 ----A---- C:\Windows\SYSWOW64\wintrust.dll

2013-12-18 18:26:42 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll

2013-12-18 18:26:42 ----A---- C:\Windows\SYSWOW64\cryptnet.dll

2013-12-18 18:26:42 ----A---- C:\Windows\system32\wintrust.dll

2013-12-18 18:26:42 ----A---- C:\Windows\system32\cryptsvc.dll

2013-12-18 18:26:42 ----A---- C:\Windows\system32\cryptnet.dll

2013-12-18 18:26:25 ----A---- C:\Windows\system32\drivers\hidparse.sys

2013-12-18 18:26:25 ----A---- C:\Windows\system32\drivers\hidclass.sys

2013-12-18 18:26:11 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2013-12-18 18:26:11 ----A---- C:\Windows\system32\drivers\usbport.sys

2013-12-18 18:26:11 ----A---- C:\Windows\system32\drivers\usbohci.sys

2013-12-18 18:26:11 ----A---- C:\Windows\system32\drivers\usbhub.sys

2013-12-18 18:26:11 ----A---- C:\Windows\system32\drivers\usbehci.sys

2013-12-18 18:26:11 ----A---- C:\Windows\system32\drivers\usbd.sys

2013-12-18 18:26:10 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2013-12-18 18:26:03 ----A---- C:\Windows\SYSWOW64\nshwfp.dll

2013-12-18 18:26:03 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL

2013-12-18 18:26:03 ----A---- C:\Windows\system32\nshwfp.dll

2013-12-18 18:26:03 ----A---- C:\Windows\system32\IKEEXT.DLL

2013-12-18 18:26:03 ----A---- C:\Windows\system32\FWPUCLNT.DLL

2013-12-18 18:26:03 ----A---- C:\Windows\system32\BFE.DLL

2013-12-18 18:25:57 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2013-12-18 18:25:43 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-12-18 18:25:43 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-12-18 18:25:25 ----A---- C:\Windows\system32\drivers\ataport.sys

2013-12-18 18:25:18 ----A---- C:\Windows\system32\scavengeui.dll

2013-12-18 18:25:11 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll

2013-12-18 18:25:11 ----A---- C:\Windows\system32\rpcrt4.dll

2013-12-18 18:24:57 ----A---- C:\Windows\system32\atmfd.dll

2013-12-18 18:24:56 ----A---- C:\Windows\SYSWOW64\lpk.dll

2013-12-18 18:24:56 ----A---- C:\Windows\SYSWOW64\fontsub.dll

2013-12-18 18:24:56 ----A---- C:\Windows\SYSWOW64\dciman32.dll

2013-12-18 18:24:56 ----A---- C:\Windows\SYSWOW64\atmlib.dll

2013-12-18 18:24:56 ----A---- C:\Windows\SYSWOW64\atmfd.dll

2013-12-18 18:24:56 ----A---- C:\Windows\system32\lpk.dll

2013-12-18 18:24:56 ----A---- C:\Windows\system32\fontsub.dll

2013-12-18 18:24:56 ----A---- C:\Windows\system32\dciman32.dll

2013-12-18 18:24:56 ----A---- C:\Windows\system32\atmlib.dll

2013-12-18 18:24:48 ----A---- C:\Windows\SYSWOW64\wmploc.DLL

2013-12-18 18:24:47 ----A---- C:\Windows\SYSWOW64\wmp.dll

2013-12-18 18:24:47 ----A---- C:\Windows\system32\wmploc.DLL

2013-12-18 18:24:47 ----A---- C:\Windows\system32\wmp.dll

2013-12-18 18:24:35 ----A---- C:\Windows\SYSWOW64\WebClnt.dll

2013-12-18 18:24:35 ----A---- C:\Windows\SYSWOW64\davclnt.dll

2013-12-18 18:24:35 ----A---- C:\Windows\system32\WebClnt.dll

2013-12-18 18:24:35 ----A---- C:\Windows\system32\drivers\mrxdav.sys

2013-12-18 18:24:35 ----A---- C:\Windows\system32\davclnt.dll

2013-12-18 18:24:29 ----A---- C:\Windows\SYSWOW64\qedit.dll

2013-12-18 18:24:29 ----A---- C:\Windows\system32\qedit.dll

2013-12-18 18:24:07 ----A---- C:\Windows\system32\drivers\ntfs.sys

2013-12-18 18:24:00 ----A---- C:\Windows\SYSWOW64\win32spl.dll

2013-12-18 18:24:00 ----A---- C:\Windows\system32\win32spl.dll

2013-12-18 18:23:36 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll

2013-12-18 18:23:36 ----A---- C:\Windows\system32\WindowsCodecs.dll

2013-12-18 18:23:21 ----A---- C:\Windows\SYSWOW64\DWrite.dll

2013-12-18 18:23:21 ----A---- C:\Windows\system32\DWrite.dll

2013-12-18 18:23:04 ----A---- C:\Windows\SYSWOW64\d3d11.dll

2013-12-18 18:23:04 ----A---- C:\Windows\system32\d3d11.dll

2013-12-18 18:22:32 ----A---- C:\Windows\system32\usp10.dll

2013-12-18 18:22:31 ----A---- C:\Windows\SYSWOW64\usp10.dll

2013-12-18 18:22:12 ----A---- C:\Windows\system32\wwansvc.dll

2013-12-18 18:22:12 ----A---- C:\Windows\system32\wwanprotdim.dll

2013-12-18 18:22:04 ----A---- C:\Windows\system32\certutil.exe

2013-12-18 18:22:04 ----A---- C:\Windows\system32\certenc.dll

2013-12-18 18:22:03 ----A---- C:\Windows\SYSWOW64\certutil.exe

2013-12-18 18:22:03 ----A---- C:\Windows\SYSWOW64\certenc.dll

2013-12-18 18:21:38 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll

2013-12-18 18:21:38 ----A---- C:\Windows\system32\cryptdlg.dll

2013-12-18 18:21:28 ----A---- C:\Windows\system32\drivers\usb8023.sys

2013-12-18 18:21:22 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL

2013-12-18 18:21:22 ----A---- C:\Windows\system32\WMVDECOD.DLL

2013-12-18 18:21:16 ----A---- C:\Windows\system32\drivers\fvevol.sys

2013-12-18 18:20:44 ----A---- C:\Windows\system32\consent.exe

2013-12-18 18:20:44 ----A---- C:\Windows\system32\appinfo.dll

2013-12-18 18:20:03 ----A---- C:\Windows\system32\taskhost.exe

2013-12-18 18:19:05 ----A---- C:\Windows\SYSWOW64\tcpmib.dll

2013-12-18 18:19:05 ----A---- C:\Windows\system32\rpcss.dll

2013-12-18 18:19:05 ----A---- C:\Windows\system32\nlasvc.dll

2013-12-18 18:19:05 ----A---- C:\Windows\system32\nlaapi.dll

2013-12-18 18:19:05 ----A---- C:\Windows\system32\netlogon.dll

2013-12-18 18:19:05 ----A---- C:\Windows\system32\ncsi.dll

2013-12-18 18:19:05 ----A---- C:\Windows\system32\gpsvc.dll

2013-12-18 18:19:05 ----A---- C:\Windows\system32\drivers\dfsc.sys

2013-12-18 18:19:04 ----A---- C:\Windows\system32\svchost.exe

2013-12-18 18:19:04 ----A---- C:\Windows\system32\SessEnv.dll

2013-12-18 18:19:04 ----A---- C:\Windows\system32\rdpdd.dll

2013-12-18 18:19:04 ----A---- C:\Windows\system32\profsvc.dll

2013-12-18 18:19:04 ----A---- C:\Windows\system32\drivers\storport.sys

2013-12-18 18:19:04 ----A---- C:\Windows\system32\drivers\srv2.sys

2013-12-18 18:19:04 ----A---- C:\Windows\system32\drivers\srv.sys

2013-12-18 18:19:04 ----A---- C:\Windows\system32\drivers\rdbss.sys

2013-12-18 18:19:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys

2013-12-18 18:19:04 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys

2013-12-18 18:19:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys

2013-12-18 18:19:04 ----A---- C:\Windows\system32\cscdll.dll

2013-12-18 18:19:04 ----A---- C:\Windows\system32\cscapi.dll

2013-12-18 18:19:03 ----A---- C:\Windows\SYSWOW64\netlogon.dll

2013-12-18 18:19:02 ----A---- C:\Windows\SYSWOW64\sscore.dll

2013-12-18 18:19:02 ----A---- C:\Windows\system32\wpnpinst.exe

2013-12-18 18:19:02 ----A---- C:\Windows\system32\umrdp.dll

2013-12-18 18:19:02 ----A---- C:\Windows\system32\umpo.dll

2013-12-18 18:19:02 ----A---- C:\Windows\system32\srvsvc.dll

2013-12-18 18:19:02 ----A---- C:\Windows\system32\RDVGHelper.exe

2013-12-18 18:19:02 ----A---- C:\Windows\system32\rdpshell.exe

2013-12-18 18:19:02 ----A---- C:\Windows\system32\rdpinit.exe

2013-12-18 18:19:02 ----A---- C:\Windows\system32\PrintBrmUi.exe

2013-12-18 18:19:01 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll

2013-12-18 18:19:01 ----A---- C:\Windows\SYSWOW64\nlaapi.dll

2013-12-18 18:19:01 ----A---- C:\Windows\SYSWOW64\ncsi.dll

2013-12-18 18:19:01 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll

2013-12-18 18:19:01 ----A---- C:\Windows\SYSWOW64\dot3msm.dll

2013-12-18 18:19:01 ----A---- C:\Windows\SYSWOW64\dot3gpclnt.dll

2013-12-18 18:19:01 ----A---- C:\Windows\SYSWOW64\dot3dlg.dll

2013-12-18 18:19:01 ----A---- C:\Windows\SYSWOW64\dot3api.dll

2013-12-18 18:19:01 ----A---- C:\Windows\SYSWOW64\Display.dll

2013-12-18 18:19:01 ----A---- C:\Windows\SYSWOW64\cscobj.dll

2013-12-18 18:19:01 ----A---- C:\Windows\SYSWOW64\appmgmts.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\tcpmonui.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\tcpmib.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\spoolsv.exe

2013-12-18 18:19:01 ----A---- C:\Windows\system32\localspl.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\inetpp.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\gpprefcl.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\drivers\ndisuio.sys

2013-12-18 18:19:01 ----A---- C:\Windows\system32\drivers\csc.sys

2013-12-18 18:19:01 ----A---- C:\Windows\system32\dot3svc.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\dot3msm.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\dot3gpclnt.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\Display.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\cscsvc.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\cscobj.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\CscMig.dll

2013-12-18 18:19:01 ----A---- C:\Windows\system32\appmgmts.dll

2013-12-18 18:19:00 ----A---- C:\Windows\SYSWOW64\svchost.exe

2013-12-18 18:19:00 ----A---- C:\Windows\SYSWOW64\SessEnv.dll

2013-12-18 18:19:00 ----A---- C:\Windows\SYSWOW64\gpprnext.dll

2013-12-18 18:19:00 ----A---- C:\Windows\SYSWOW64\gpapi.dll

2013-12-18 18:19:00 ----A---- C:\Windows\SYSWOW64\cscdll.dll

2013-12-18 18:19:00 ----A---- C:\Windows\SYSWOW64\cscapi.dll

2013-12-18 18:19:00 ----A---- C:\Windows\system32\sysmain.dll

2013-12-18 18:19:00 ----A---- C:\Windows\system32\gpprnext.dll

2013-12-18 18:19:00 ----A---- C:\Windows\system32\drivers\vwifimp.sys

2013-12-18 18:19:00 ----A---- C:\Windows\system32\drivers\vwififlt.sys

2013-12-18 18:19:00 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS

2013-12-18 18:19:00 ----A---- C:\Windows\system32\drivers\rdyboost.sys

2013-12-18 18:18:59 ----A---- C:\Windows\system32\drivers\volsnap.sys

2013-12-18 18:18:35 ----A---- C:\Windows\SYSWOW64\Wpc.dll

2013-12-18 18:18:35 ----A---- C:\Windows\SYSWOW64\gameux.dll

2013-12-18 18:18:35 ----A---- C:\Windows\system32\Wpc.dll

2013-12-18 18:18:35 ----A---- C:\Windows\system32\gameux.dll

2013-12-18 18:18:18 ----A---- C:\Windows\SYSWOW64\dpnet.dll

2013-12-18 18:18:18 ----A---- C:\Windows\system32\dpnet.dll

2013-12-18 18:17:48 ----A---- C:\Windows\SYSWOW64\dnscmmc.dll

2013-12-18 18:17:48 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll

2013-12-18 18:17:48 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll

2013-12-18 18:17:48 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll

2013-12-18 18:17:48 ----A---- C:\Windows\system32\dnscmmc.dll

2013-12-18 18:17:48 ----A---- C:\Windows\system32\dhcpcsvc6.dll

2013-12-18 18:17:48 ----A---- C:\Windows\system32\dhcpcore6.dll

2013-12-18 18:17:48 ----A---- C:\Windows\system32\dhcpcore.dll

2013-12-18 18:17:18 ----A---- C:\Windows\SYSWOW64\msxml6.dll

2013-12-18 18:17:18 ----A---- C:\Windows\SYSWOW64\msxml3.dll

2013-12-18 18:17:18 ----A---- C:\Windows\system32\msxml6.dll

2013-12-18 18:17:18 ----A---- C:\Windows\system32\msxml3.dll

2013-12-18 18:16:54 ----A---- C:\Windows\SYSWOW64\netevent.dll

2013-12-18 18:16:54 ----A---- C:\Windows\SYSWOW64\netcorehc.dll

2013-12-18 18:16:54 ----A---- C:\Windows\system32\netevent.dll

2013-12-18 18:16:54 ----A---- C:\Windows\system32\netcorehc.dll

2013-12-18 18:16:54 ----A---- C:\Windows\system32\iphlpsvc.dll

2013-12-18 18:16:54 ----A---- C:\Windows\system32\drivers\tcpipreg.sys

2013-12-18 18:16:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll

2013-12-18 18:16:45 ----A---- C:\Windows\system32\kerberos.dll

2013-12-18 18:16:12 ----A---- C:\Windows\SYSWOW64\srclient.dll

2013-12-18 18:16:12 ----A---- C:\Windows\system32\srcore.dll

2013-12-18 18:16:00 ----A---- C:\Windows\system32\OxpsConverter.exe

2013-12-18 18:15:34 ----A---- C:\Windows\SYSWOW64\synceng.dll

2013-12-18 18:15:33 ----A---- C:\Windows\system32\synceng.dll

2013-12-18 18:15:26 ----A---- C:\Windows\system32\wow64cpu.dll

2013-12-18 18:15:25 ----A---- C:\Windows\system32\wow64win.dll

2013-12-18 18:15:25 ----A---- C:\Windows\system32\ntvdm64.dll

2013-12-18 18:15:03 ----A---- C:\Windows\SYSWOW64\msxml3r.dll

2013-12-18 18:15:03 ----A---- C:\Windows\system32\msxml3r.dll

2013-12-18 18:14:56 ----A---- C:\Windows\system32\drivers\RNDISMP.sys

2013-12-18 18:14:56 ----A---- C:\Windows\system32\drivers\ndis.sys

2013-12-18 18:14:39 ----A---- C:\Windows\SYSWOW64\qdvd.dll

2013-12-18 18:14:39 ----A---- C:\Windows\system32\qdvd.dll

2013-12-18 18:14:22 ----A---- C:\Windows\SYSWOW64\netapi32.dll

2013-12-18 18:14:22 ----A---- C:\Windows\SYSWOW64\browcli.dll

2013-12-18 18:14:22 ----A---- C:\Windows\system32\netapi32.dll

2013-12-18 18:14:22 ----A---- C:\Windows\system32\browser.dll

2013-12-18 18:14:22 ----A---- C:\Windows\system32\browcli.dll

2013-12-18 18:14:16 ----A---- C:\Windows\SYSWOW64\msi.dll

2013-12-18 18:14:16 ----A---- C:\Windows\system32\msi.dll

2013-12-18 18:14:08 ----A---- C:\Windows\SYSWOW64\cdosys.dll

2013-12-18 18:14:08 ----A---- C:\Windows\system32\cdosys.dll

2013-12-18 18:13:29 ----A---- C:\Windows\system32\drivers\partmgr.sys

2013-12-18 18:13:24 ----A---- C:\Windows\system32\drivers\rdpwd.sys

2013-12-18 18:13:18 ----A---- C:\Windows\system32\WUDFx.dll

2013-12-18 18:13:18 ----A---- C:\Windows\system32\WUDFSvc.dll

2013-12-18 18:13:18 ----A---- C:\Windows\system32\WUDFPlatform.dll

2013-12-18 18:13:18 ----A---- C:\Windows\system32\WUDFHost.exe

2013-12-18 18:13:18 ----A---- C:\Windows\system32\WUDFCoinstaller.dll

2013-12-18 18:13:18 ----A---- C:\Windows\system32\drivers\WUDFRd.sys

2013-12-18 18:13:18 ----A---- C:\Windows\system32\drivers\WUDFPf.sys

2013-12-18 18:13:09 ----A---- C:\Windows\system32\Wdfres.dll

2013-12-18 18:13:09 ----A---- C:\Windows\system32\drivers\WdfLdr.sys

2013-12-18 18:12:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-12-18 18:12:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-12-18 18:12:30 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll

2013-12-18 18:12:30 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll

2013-12-18 18:12:30 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll

2013-12-18 18:12:30 ----A---- C:\Windows\system32\XpsPrint.dll

2013-12-18 18:12:30 ----A---- C:\Windows\system32\XpsGdiConverter.dll

2013-12-18 18:12:30 ----A---- C:\Windows\system32\msmpeg2vdec.dll

2013-12-18 18:12:30 ----A---- C:\Windows\system32\d2d1.dll

2013-12-18 18:12:29 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll

2013-12-18 18:12:29 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll

2013-12-18 18:12:29 ----A---- C:\Windows\SYSWOW64\d3d10core.dll

2013-12-18 18:12:29 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll

2013-12-18 18:12:29 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll

2013-12-18 18:12:29 ----A---- C:\Windows\SYSWOW64\d3d10.dll

2013-12-18 18:12:29 ----A---- C:\Windows\SYSWOW64\d2d1.dll

2013-12-18 18:12:29 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2013-12-18 18:12:29 ----A---- C:\Windows\system32\FntCache.dll

2013-12-18 18:12:29 ----A---- C:\Windows\system32\dxgi.dll

2013-12-18 18:12:29 ----A---- C:\Windows\system32\d3d10warp.dll

2013-12-18 18:12:29 ----A---- C:\Windows\system32\d3d10core.dll

2013-12-18 18:12:29 ----A---- C:\Windows\system32\d3d10_1core.dll

2013-12-18 18:12:29 ----A---- C:\Windows\system32\d3d10_1.dll

2013-12-18 18:12:29 ----A---- C:\Windows\system32\d3d10.dll

2013-12-18 18:12:28 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll

2013-12-18 18:12:28 ----A---- C:\Windows\SYSWOW64\dxgi.dll

2013-12-18 18:12:28 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll

2013-12-18 18:12:28 ----A---- C:\Windows\system32\UIAnimation.dll

2013-12-18 18:12:28 ----A---- C:\Windows\system32\d3d10level9.dll

2013-12-18 18:12:07 ----A---- C:\Windows\system32\rdrmemptylst.exe

2013-12-18 18:12:07 ----A---- C:\Windows\system32\rdpwsx.dll

2013-12-18 18:12:07 ----A---- C:\Windows\system32\rdpcorekmts.dll

2013-12-18 18:11:28 ----A---- C:\Windows\SYSWOW64\msvcrt.dll

2013-12-18 18:11:28 ----A---- C:\Windows\system32\msvcrt.dll

2013-12-18 18:11:23 ----A---- C:\Windows\SYSWOW64\wmi.dll

2013-12-18 18:11:23 ----A---- C:\Windows\system32\wmi.dll

2013-12-18 18:11:23 ----A---- C:\Windows\system32\drivers\fs_rec.sys

2013-12-18 18:11:17 ----A---- C:\Windows\splwow64.exe

2013-12-18 18:10:25 ----A---- C:\Windows\SYSWOW64\ntshrui.dll

2013-12-18 18:10:25 ----A---- C:\Windows\system32\ntshrui.dll

2013-12-18 18:10:05 ----A---- C:\Windows\SYSWOW64\quartz.dll

2013-12-18 18:10:05 ----A---- C:\Windows\system32\quartz.dll

2013-12-18 18:09:54 ----A---- C:\Windows\SYSWOW64\rdpcore.dll

2013-12-18 18:09:54 ----A---- C:\Windows\system32\rdpcore.dll

2013-12-18 18:09:54 ----A---- C:\Windows\system32\drivers\tdtcp.sys

2013-12-18 18:09:40 ----A---- C:\Windows\SYSWOW64\EncDec.dll

2013-12-18 18:09:40 ----A---- C:\Windows\system32\EncDec.dll

2013-12-18 18:09:31 ----A---- C:\Windows\system32\drivers\modem.sys

2013-12-18 18:08:43 ----A---- C:\Windows\SYSWOW64\tsgqec.dll

2013-12-18 18:08:43 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll

2013-12-18 18:08:43 ----A---- C:\Windows\SYSWOW64\mstscax.dll

2013-12-18 18:08:43 ----A---- C:\Windows\SYSWOW64\mstsc.exe

2013-12-18 18:08:43 ----A---- C:\Windows\SYSWOW64\aaclient.dll

2013-12-18 18:08:43 ----A---- C:\Windows\system32\TSWbPrxy.exe

2013-12-18 18:08:43 ----A---- C:\Windows\system32\rdpudd.dll

2013-12-18 18:08:43 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll

2013-12-18 18:08:43 ----A---- C:\Windows\system32\rdpendp_winip.dll

2013-12-18 18:08:43 ----A---- C:\Windows\system32\rdpcorets.dll

2013-12-18 18:08:43 ----A---- C:\Windows\system32\mstsc.exe

2013-12-18 18:08:43 ----A---- C:\Windows\system32\MsRdpWebAccess.dll

2013-12-18 18:08:43 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys

2013-12-18 18:08:42 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll

2013-12-18 18:08:42 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll

2013-12-18 18:08:42 ----A---- C:\Windows\system32\wksprtPS.dll

2013-12-18 18:08:42 ----A---- C:\Windows\system32\wksprt.exe

2013-12-18 18:08:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2013-12-18 18:08:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2013-12-18 18:08:42 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll

2013-12-18 18:08:42 ----A---- C:\Windows\system32\tsgqec.dll

2013-12-18 18:08:42 ----A---- C:\Windows\system32\mstscax.dll

2013-12-18 18:08:42 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys

2013-12-18 18:08:42 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys

2013-12-18 18:08:42 ----A---- C:\Windows\system32\drivers\terminpt.sys

2013-12-18 18:08:42 ----A---- C:\Windows\system32\aaclient.dll

2013-12-18 18:08:34 ----A---- C:\Windows\system32\webio.dll

2013-12-18 18:08:33 ----A---- C:\Windows\SYSWOW64\webio.dll

2013-12-18 18:08:28 ----A---- C:\Windows\SYSWOW64\packager.dll

2013-12-18 18:08:28 ----A---- C:\Windows\system32\packager.dll

2013-12-18 18:08:23 ----A---- C:\Windows\SYSWOW64\psisdecd.dll

2013-12-18 18:08:23 ----A---- C:\Windows\system32\psisdecd.dll

2013-12-18 18:08:04 ----A---- C:\Windows\SYSWOW64\oleaut32.dll

2013-12-18 18:08:04 ----A---- C:\Windows\SYSWOW64\oleacc.dll

2013-12-18 18:08:04 ----A---- C:\Windows\system32\oleaut32.dll

2013-12-18 18:08:04 ----A---- C:\Windows\system32\oleacc.dll

2013-12-18 18:07:59 ----A---- C:\Windows\SYSWOW64\xmllite.dll

2013-12-18 18:07:59 ----A---- C:\Windows\system32\xmllite.dll

2013-12-18 18:07:54 ----A---- C:\Windows\SYSWOW64\odbctrac.dll

2013-12-18 18:07:54 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll

2013-12-18 18:07:54 ----A---- C:\Windows\SYSWOW64\odbccu32.dll

2013-12-18 18:07:54 ----A---- C:\Windows\SYSWOW64\odbccr32.dll

2013-12-18 18:07:54 ----A---- C:\Windows\SYSWOW64\odbccp32.dll

2013-12-18 18:07:54 ----A---- C:\Windows\system32\odbctrac.dll

2013-12-18 18:07:54 ----A---- C:\Windows\system32\odbccu32.dll

2013-12-18 18:07:54 ----A---- C:\Windows\system32\odbccr32.dll

2013-12-18 18:07:54 ----A---- C:\Windows\system32\odbccp32.dll

2013-12-18 18:07:39 ----A---- C:\Windows\SYSWOW64\drvinst.exe

2013-12-18 18:07:39 ----A---- C:\Windows\SYSWOW64\devrtl.dll

2013-12-18 18:07:39 ----A---- C:\Windows\SYSWOW64\devobj.dll

2013-12-18 18:07:39 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll

2013-12-18 18:07:39 ----A---- C:\Windows\system32\umpnpmgr.dll

2013-12-18 18:07:34 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe

2013-12-18 18:07:33 ----A---- C:\Windows\SYSWOW64\tquery.dll

2013-12-18 18:07:33 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe

2013-12-18 18:07:33 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe

2013-12-18 18:07:33 ----A---- C:\Windows\SYSWOW64\mssvp.dll

2013-12-18 18:07:33 ----A---- C:\Windows\SYSWOW64\mssrch.dll

2013-12-18 18:07:33 ----A---- C:\Windows\SYSWOW64\mssphtb.dll

2013-12-18 18:07:33 ----A---- C:\Windows\SYSWOW64\mssph.dll

2013-12-18 18:07:33 ----A---- C:\Windows\SYSWOW64\msscntrs.dll

2013-12-18 18:07:33 ----A---- C:\Windows\system32\tquery.dll

2013-12-18 18:07:33 ----A---- C:\Windows\system32\SearchProtocolHost.exe

2013-12-18 18:07:33 ----A---- C:\Windows\system32\SearchIndexer.exe

2013-12-18 18:07:33 ----A---- C:\Windows\system32\SearchFilterHost.exe

2013-12-18 18:07:33 ----A---- C:\Windows\system32\mssvp.dll

2013-12-18 18:07:33 ----A---- C:\Windows\system32\mssrch.dll

2013-12-18 18:07:33 ----A---- C:\Windows\system32\mssphtb.dll

2013-12-18 18:07:33 ----A---- C:\Windows\system32\mssph.dll

2013-12-18 18:07:33 ----A---- C:\Windows\system32\msscntrs.dll

2013-12-18 18:07:21 ----A---- C:\Windows\SYSWOW64\inetcomm.dll

2013-12-18 18:07:21 ----A---- C:\Windows\system32\inetcomm.dll

2013-12-18 18:07:17 ----A---- C:\Windows\system32\drivers\Diskdump.sys

2013-12-18 18:07:09 ----A---- C:\Windows\system32\drivers\srvnet.sys

2013-12-18 18:06:27 ----A---- C:\Windows\SYSWOW64\explorer.exe

2013-12-18 18:06:26 ----A---- C:\Windows\explorer.exe

2013-12-18 18:06:22 ----A---- C:\Windows\system32\drivers\bowser.sys

2013-12-18 18:06:13 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe

2013-12-18 18:06:13 ----A---- C:\Windows\SYSWOW64\dnsapi.dll

2013-12-18 18:06:13 ----A---- C:\Windows\system32\dnsrslvr.dll

2013-12-18 18:06:13 ----A---- C:\Windows\system32\dnscacheugc.exe

2013-12-18 18:06:13 ----A---- C:\Windows\system32\dnsapi.dll

2013-12-18 18:06:08 ----A---- C:\Windows\SYSWOW64\prevhost.exe

2013-12-18 18:06:08 ----A---- C:\Windows\system32\prevhost.exe

2013-12-18 18:06:00 ----A---- C:\Windows\SYSWOW64\mfc42u.dll

2013-12-18 18:06:00 ----A---- C:\Windows\SYSWOW64\mfc42.dll

2013-12-18 18:06:00 ----A---- C:\Windows\system32\mfc42u.dll

2013-12-18 18:06:00 ----A---- C:\Windows\system32\mfc42.dll

2013-12-18 18:05:55 ----A---- C:\Windows\system32\winresume.exe

2013-12-18 18:05:55 ----A---- C:\Windows\system32\winload.exe

2013-12-18 18:05:55 ----A---- C:\Windows\system32\kdusb.dll

2013-12-18 18:05:55 ----A---- C:\Windows\system32\kdcom.dll

2013-12-18 18:05:55 ----A---- C:\Windows\system32\kd1394.dll

2013-12-18 18:05:38 ----A---- C:\Windows\SYSWOW64\KBDINDEV.DLL

2013-12-18 18:05:38 ----A---- C:\Windows\SYSWOW64\KBDINBEN.DLL

2013-12-18 18:05:38 ----A---- C:\Windows\system32\KBDINEN.DLL

2013-12-18 18:05:38 ----A---- C:\Windows\system32\KBDINDEV.DLL

2013-12-18 18:05:38 ----A---- C:\Windows\system32\KBDINBEN.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINTEL.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINTAM.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINPUN.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINORI.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINMAR.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINMAL.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINKAN.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINHIN.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINGUJ.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINBE2.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINBE1.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\SYSWOW64\KBDINASA.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINTEL.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINTAM.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINPUN.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINORI.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINMAR.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINMAL.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINKAN.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINHIN.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINGUJ.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINBE2.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINBE1.DLL

2013-12-18 18:05:37 ----A---- C:\Windows\system32\KBDINASA.DLL

2013-12-18 18:05:26 ----A---- C:\Windows\system32\FXSCOVER.exe

2013-12-18 18:04:46 ----A---- C:\Windows\SYSWOW64\sbe.dll

2013-12-18 18:04:46 ----A---- C:\Windows\SYSWOW64\CPFilters.dll

2013-12-18 18:04:46 ----A---- C:\Windows\system32\sbe.dll

2013-12-18 18:04:46 ----A---- C:\Windows\system32\CPFilters.dll

2013-12-18 18:02:08 ----A---- C:\Windows\system32\mrt.exe

2013-12-18 18:02:07 ----A---- C:\Windows\system32\delnext.exe

2013-12-18 18:02:07 ----A---- C:\Windows\system32\cmdow.exe

2013-12-18 18:02:04 ----D---- C:\Windows\SoftwareDistribution

======List of files/folders modified in the last 1 month======

2013-12-29 18:48:39 ----D---- C:\Windows\Temp

2013-12-29 18:48:30 ----RD---- C:\Program Files

2013-12-29 16:44:25 ----HD---- C:\ProgramData

2013-12-29 16:35:30 ----D---- C:\Windows\System32

2013-12-29 16:35:25 ----D---- C:\Windows\SysWOW64

2013-12-29 16:35:17 ----RD---- C:\Program Files (x86)

2013-12-29 16:32:33 ----D---- C:\Windows

2013-12-29 14:23:43 ----D---- C:\Windows\inf

2013-12-29 14:23:43 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-12-29 13:17:38 ----D---- C:\Windows\system32\config

2013-12-29 13:07:30 ----D---- C:\Windows\winsxs

2013-12-29 12:37:47 ----ASD---- C:\ProgramData\Microsoft

2013-12-29 10:43:15 ----D---- C:\Windows\system32\drivers

2013-12-29 10:43:13 ----D---- C:\Windows\system32\drivers\UMDF

2013-12-28 17:24:37 ----D---- C:\Windows\system32\wdi

2013-12-28 15:48:36 ----RSD---- C:\Windows\assembly

2013-12-28 15:48:36 ----D---- C:\Windows\Microsoft.NET

2013-12-28 15:26:11 ----D---- C:\Windows\Tasks

2013-12-28 15:26:11 ----D---- C:\Windows\system32\Tasks

2013-12-28 15:25:35 ----D---- C:\Windows\ShellNew

2013-12-28 15:25:26 ----A---- C:\Windows\win.ini

2013-12-28 15:18:17 ----D---- C:\Windows\system32\catroot

2013-12-28 15:18:10 ----RSD---- C:\Windows\Fonts

2013-12-28 15:18:09 ----D---- C:\Windows\system32\DriverStore

2013-12-28 15:16:41 ----D---- C:\Windows\system32\NDF

2013-12-28 15:11:26 ----D---- C:\Program Files (x86)\MSBuild

2013-12-28 15:11:10 ----D---- C:\Program Files (x86)\Common Files

2013-12-28 15:09:59 ----AD---- C:\Program Files\Common Files\Microsoft Shared

2013-12-28 15:00:36 ----D---- C:\Program Files\Common Files

2013-12-28 13:37:11 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-12-28 13:37:11 ----D---- C:\Windows\system32\nl-NL

2013-12-28 13:35:03 ----D---- C:\Windows\system32\LogFiles

2013-12-28 13:33:29 ----D---- C:\Windows\SYSWOW64\en-US

2013-12-28 13:33:29 ----D---- C:\Windows\system32\en-US

2013-12-28 13:32:01 ----D---- C:\Windows\Logs

2013-12-28 13:08:05 ----HD---- C:\Windows\system32\GroupPolicy

2013-12-28 13:08:05 ----D---- C:\Windows\SYSWOW64\GroupPolicy

2013-12-28 13:08:01 ----D---- C:\Windows\system32\catroot2

2013-12-28 12:39:38 ----D---- C:\Program Files\Internet Explorer

2013-12-28 11:55:02 ----D---- C:\Windows\system32\drivers\etc

2013-12-27 19:21:14 ----D---- C:\Windows\rescache

2013-12-26 21:10:14 ----D---- C:\Windows\system32\CodeIntegrity

2013-12-26 21:03:43 ----D---- C:\Windows\system32\restore

2013-12-26 21:00:46 ----SHD---- C:\$Recycle.Bin

2013-12-26 21:00:36 ----RD---- C:\Users

2013-12-26 20:58:51 ----D---- C:\Windows\system32\Recovery

2013-12-26 20:58:51 ----D---- C:\Program Files\Windows NT

2013-12-26 20:58:08 ----D---- C:\Windows\debug

2013-12-26 20:54:56 ----D---- C:\Windows\system32\sysprep

2013-12-26 20:51:14 ----D---- C:\Windows\CSC

2013-12-18 18:33:39 ----D---- C:\Windows\SYSWOW64\wbem

2013-12-18 18:33:39 ----D---- C:\Windows\SYSWOW64\migration

2013-12-18 18:33:39 ----D---- C:\Program Files (x86)\Internet Explorer

2013-12-18 18:33:38 ----D---- C:\Windows\system32\wbem

2013-12-18 18:33:38 ----D---- C:\Windows\system32\migration

2013-12-18 18:33:38 ----D---- C:\Windows\PolicyDefinitions

2013-12-18 18:31:19 ----D---- C:\Windows\nl-NL

2013-12-18 18:29:36 ----D---- C:\Windows\AppPatch

2013-12-18 18:25:08 ----D---- C:\Program Files\Windows Defender

2013-12-18 18:25:08 ----D---- C:\Program Files (x86)\Windows Defender

2013-12-18 18:24:54 ----D---- C:\Program Files (x86)\Windows Media Player

2013-12-18 18:24:53 ----D---- C:\Program Files\Windows Media Player

2013-12-18 18:23:34 ----D---- C:\Program Files\Windows Journal

2013-12-18 18:13:14 ----D---- C:\Windows\system32\drivers\nl-NL

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\zh-TW

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\zh-HK

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\zh-CN

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\tr-TR

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\sv-SE

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\ru-RU

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\pt-PT

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\pt-BR

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\pl-PL

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\nb-NO

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\ko-KR

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\ja-JP

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\it-IT

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\hu-HU

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\fr-FR

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\fi-FI

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\es-ES

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\el-GR

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\de-DE

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\da-DK

2013-12-18 18:12:40 ----D---- C:\Windows\SYSWOW64\cs-CZ

2013-12-18 18:12:40 ----D---- C:\Windows\system32\zh-TW

2013-12-18 18:12:40 ----D---- C:\Windows\system32\zh-HK

2013-12-18 18:12:40 ----D---- C:\Windows\system32\zh-CN

2013-12-18 18:12:40 ----D---- C:\Windows\system32\tr-TR

2013-12-18 18:12:40 ----D---- C:\Windows\system32\sv-SE

2013-12-18 18:12:40 ----D---- C:\Windows\system32\ru-RU

2013-12-18 18:12:40 ----D---- C:\Windows\system32\pt-PT

2013-12-18 18:12:40 ----D---- C:\Windows\system32\pt-BR

2013-12-18 18:12:40 ----D---- C:\Windows\system32\pl-PL

2013-12-18 18:12:40 ----D---- C:\Windows\system32\nb-NO

2013-12-18 18:12:40 ----D---- C:\Windows\system32\ko-KR

2013-12-18 18:12:40 ----D---- C:\Windows\system32\ja-JP

2013-12-18 18:12:40 ----D---- C:\Windows\system32\it-IT

2013-12-18 18:12:40 ----D---- C:\Windows\system32\hu-HU

2013-12-18 18:12:40 ----D---- C:\Windows\system32\fr-FR

2013-12-18 18:12:40 ----D---- C:\Windows\system32\fi-FI

2013-12-18 18:12:40 ----D---- C:\Windows\system32\es-ES

2013-12-18 18:12:40 ----D---- C:\Windows\system32\el-GR

2013-12-18 18:12:40 ----D---- C:\Windows\system32\de-DE

2013-12-18 18:12:40 ----D---- C:\Windows\system32\da-DK

2013-12-18 18:12:40 ----D---- C:\Windows\system32\cs-CZ

2013-12-18 18:10:08 ----D---- C:\Windows\ehome

2013-12-18 18:09:47 ----D---- C:\Program Files\Common Files\System

2013-12-18 18:05:58 ----D---- C:\Windows\system32\Boot

2013-12-18 18:01:50 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-26 65776]

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-26 207904]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2013-12-18 213848]

R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-26 92544]

R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-26 1034464]

R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-26 422216]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2013-12-18 516096]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-27 283064]

R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2013-10-23 454168]

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-26 78648]

R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2013-12-26 79672]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]

R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2013-10-16 200552]

S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-18 19456]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]

S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]

S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2013-12-18 29696]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-12-18 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-12-18 30208]

S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]

S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []

S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-26 50344]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2013-12-18 27136]

R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2013-10-16 186056]

R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-12-16 2445816]

R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-10-15 50704]

R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2013-12-18 27136]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-26 116648]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-28 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-26 116648]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-12-18 111616]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-06 119408]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2013-12-18 27136]

S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2013-12-18 27136]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

kape · 30 december 2013

Dit ziet er niet echt problematisch uit. Dit mag je wel even doen:

Download Zoek.zip naar het bureaublad.

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
C:\Program Files (x86)\GUM35D.tmp;f
autoclean;
resethosts;

De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.

Kees Draaihuis · 31 december 2013

Hierbij het log-bestandje van ZOEK:

Zoek.exe v5.0.0.0 Updated 28-December-2013

Tool run by ZET on di 31-12-2013 at 10:28:13,27.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\ZET\Desktop\zoek\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

31-12-2013 10:29:39 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.

127.0.0.1 localhost

::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\GUM35D.tmp deleted

C:\PROGRA~2\Check Point Software Technologies LTD deleted

C:\ProgramData\boost_interprocess deleted

C:\Users\ZET\AppData\Local\Programs deleted

C:\Users\ZET\AppData\Local\Software deleted

C:\Users\ZET\AppData\Local\PackageAware deleted

"C:\Users\ZET\AppData\Roaming\Internet Services" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[26-12-2013 21:14]

kgdcapepedmpopjkmdbjnmmmfgllnfek - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.28.13\zonealarm.crx[]

Google Docs - ZET - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - ZET - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - ZET - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Last updated at time on date - ZET - Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Google Search - ZET - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

AdBlock - ZET - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

avast Online Security - ZET - Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

New Tab Redirect - ZET - Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna

ZoneAlarm Chrome Toolbar - ZET - Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek

Google Wallet - ZET - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - ZET - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\ZET\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

"Search Page"="http://www.google.nl"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://search.zonealarm.com/?src=nt&tbid=HFA5&Lan=en&gu=118f94d53e1e4d618920c5e6705e3e6b&tu=10G9y00Bh2C01u0&sku=&tstsId=&ver=&"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://search.zonealarm.com/?src=nt&tbid=HFA5&Lan=en&gu=118f94d53e1e4d618920c5e6705e3e6b&tu=10G9y00Bh2C01u0&sku=&tstsId=&ver=&"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.google.nl/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3850095883-2758723386-658833389-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ZET\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\ZET\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=93 folders=34 6913570 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\ZET\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\ZET\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on di 31-12-2013 at 10:39:23,92 ======================

kape · 31 december 2013

Dit ziet er netjes uit. Laat - als laatste controle - nog eventjes volgende online-scanner op de PC los:

Ga naar de site van ESET Online Scanner.

Klik op de knop “Run ESET Online Scanner”

In een apart scherm krijg je de vraag om EsetSmartInstaller te downloaden

Klik op de link van esetsmartinstaller_enu.exe en dan start de download automatisch op.

Kies voor “Download” van dit bestand.

Klik op “uitvoeren” van dit bestand esetsmartinstaller_enu.exe

Zet een vinkje bij “YES, I accept the Terms of Use”

Klik op “Start”

Klik op "Advanced settings"

Zet een vinkje bij de volgende opties:

Remove found threats
Scan archives
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology

Klik op “Start”

De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.

Je mag het venster sluiten wanneer de scan klaar is.

Gebruik Kladblok om het logje te openen. Dit logje vind je op de locatie C:\\Program Files\\Eset\\EsetOnlineScanner\\log.txt

Kopieer en plak de inhoud van dit logje in je volgende bericht.

Kees Draaihuis · 1 januari 2014

Hallo Kape, allereerst natuurlijk de beste wensen.

Nou, ik heb ESET laten draaien (14 uur lang) en dit was het 'schokkende' resultaat. Hij vond echt vanalles. Wat me verbaast is dat hij ook iets vond in "C:\zoek-backup|..." en dat is toch een programmaatje wat ik via dit forum heb moeten gebruiken. Kan het zijn dat niet alle bestanden die hieronder vermeldt staan ook schadelijk zijn? En zo ja, hoe kom ik daarachter. En mijn tweede vraag, ik zie er ook zaken bij staan die ik heb geinstalleerd sinds mijn nieuwe installatie deze week. Dus dan moet mijn computer toch flink besmet zijn? Hoe kan het dan dat je hierboven aangeeft dat het allemaal wel redelijk goed er uit ziet?

C:\Program Files (x86)\CheckPoint\Install\zatb.exe multiple threats deleted - quarantined

C:\Users\NAAM\Desktop\Ae.rar a variant of MSIL/PSW.Agent.NFX trojan deleted - quarantined

C:\Users\NAAM\Desktop\DTLite4481-0347.exe multiple threats cleaned by deleting - quarantined

C:\zoek_backup\C_PROGRA~2_Check Point Software Technologies LTD\zonealarm\1.8.28.13\zonealarmApp.dll a variant of Win32/Toolbar.Montiera.A application cleaned by deleting - quarantined

C:\zoek_backup\C_PROGRA~2_Check Point Software Technologies LTD\zonealarm\1.8.28.13\zonealarmEng.dll probably a variant of Win32/Toolbar.Montiera.A application cleaned by deleting - quarantined

C:\zoek_backup\C_PROGRA~2_Check Point Software Technologies LTD\zonealarm\1.8.28.13\zonealarmsrv.exe a variant of Win32/Toolbar.Montiera.A application cleaned by deleting - quarantined

C:\zoek_backup\C_PROGRA~2_Check Point Software Technologies LTD\zonealarm\1.8.28.13\bh\zonealarm.dll a variant of Win32/Toolbar.Escort.A application cleaned by deleting - quarantined

I:\C oud\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmApp.dll a variant of Win32/Toolbar.Montiera.A application cleaned by deleting - quarantined

I:\C oud\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmEng.dll probably a variant of Win32/Toolbar.Montiera.A application cleaned by deleting - quarantined

I:\C oud\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmsrv.exe a variant of Win32/Toolbar.Montiera.A application cleaned by deleting - quarantined

I:\C oud\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmTlbr.dll a variant of Win32/Toolbar.Montiera.F application cleaned by deleting - quarantined

I:\C oud\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\bh\zonealarm.dll a variant of Win32/Toolbar.Escort.A application cleaned by deleting - quarantined

I:\C oud\Sandbox\NAAM\DefaultBox\user\current\AppData\Local\Temp\tsiVi032.dll a variant of Win32/CoinMiner.ID trojan cleaned by deleting - quarantined

I:\C oud\Users\NAAM\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 Win32/InstalleRex.L application cleaned by deleting - quarantined

I:\C oud\Users\NAAM\Desktop\cbsidlm-cbsi145-Wise_Data_Recovery-ORG-75715872.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined

I:\C oud\Users\NAAM\Desktop\chromepass.zip Win32/PSWTool.ChromePass.A application deleted - quarantined

I:\C oud\Users\NAAM\Desktop\chromepass\ChromePass.exe Win32/PSWTool.ChromePass.A application cleaned by deleting - quarantined

I:\D oud\Program Files (x86)\Photodex\ProShow Producer\Proshow.Producer.v5.0.3276-patch-REPT.exe a variant of Win32/HackTool.Patcher.AD application cleaned by deleting - quarantined

I:\F\Backup LiveMail 05 jan 2013\Backup firefox\Firefox 17.0.1 (nl) - 2013-01-05.pcv a variant of Win32/Toolbar.Visicom.C application deleted - quarantined

I:\F\_Programmas\cbsidlm-cbsi145-Wise_Data_Recovery-ORG-75715872.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined

I:\F\_Programmas\chromepass.zip Win32/PSWTool.ChromePass.A application deleted - quarantined

I:\F\_Programmas\cpu-z_1.58-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined

I:\F\_Programmas\FreeScreenVideoRecorder.exe Win32/OpenCandy application cleaned by deleting - quarantined

I:\F\_Programmas\chromepass\ChromePass.exe Win32/PSWTool.ChromePass.A application cleaned by deleting - quarantined

I:\F\_Programmas\Pliek Windows XP 3.06\Pliek Windows XP 3.06.iso Win32/Adware.ADON application deleted - quarantined

I:\F\_Programmas\Portraiture 233 BUILD 2330 FOR ADOBE PHOTOSHOP\Crack\xf-inport.7z a variant of Win32/Keygen.HA application deleted - quarantined

I:\F\_Programmas\Proshow Producer 5.0.3276\Proshow Producer 5.0.3276\Patch - REPT\Proshow.Producer.v5.0.3276-patch-REPT.exe a variant of Win32/HackTool.Patcher.AD application cleaned by deleting - quarantined

I:\F\_Programmas\_GETEST DEC 2013\Adobe Master Collection CS5\keygen.exe a variant of Win32/Keygen.BH application cleaned by deleting - quarantined

I:\F\_Programmas\_GETEST DEC 2013\Adobe Master Collection CS5\Master Collection CS5 Disk 1.iso BAT/HostsChanger.A application deleted - quarantined

I:\F\_Programmas\_GETEST DEC 2013\Foxit PDF\FoxitReader514.0104_enu_Setup.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined

I:\F\_Programmas\_GETEST DEC 2013\Unlocker v1.9.0 - x86 & x64 - Final\unlocker1.9.0-x64.exe Win32/Adware.ADON application cleaned by deleting - quarantined

I:\F\_Programmas\_GETEST DEC 2013\Windows 7 dec2013 nog geinstalleerd\Losse extra Software\Windows 7 Activator\Windows Loader.exe Win32/HackTool.WinActivator.I application cleaned by deleting - quarantined

I:\F\_Programmas\_WEBSITES\Websites\X\httpdocs\forms\include\jsfunctions.js JS/Kryptik.AD trojan cleaned by deleting - quarantined

kape · 1 januari 2014

De besmettingen ontdekt via ESET zitten op andere partities van je PC I:\C oud\ en I:\F\_Programmas ... dat zijn zaken die eerder niet gescand zijn. Even dubbelchecken met een andere online-scanner:

Download Emsisoft Anti-Malware naar het bureaublad.

Dubbelklik op "EmsisoftAntiMalwareSetup.exe" om Emsisoft Anti-Malware te installeren.
Kies in het volgende scherm de gewenste taal en klik op "OK"
Selecteer de optie "Ik accepteer de licentieovereenkomst" en klik op "Installeren"
Klik in het licentiescherm op de knop "Volgende" .
Vink in het volgende scherm de optie "Update extra talen uit" en klik op volgende.
Klik nu op de optie "Computer scannen" en kies de optie "Slim" en druk op de knop "scan"
Laat de gevonden items in quarantaine plaatsen en klik op "Rapport bekijken" plaats de inhoud hiervan in het volgende bericht.
klik op volgende nogmaals op volgende en daarna op voltooien.

Inloggen

Hoe weet ik of mijn computer geinfecteerd is?

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie