Lyricscontainer en Fakepic.gen terug gevonden op pc

thierry1 · 19 januari 2014

Beste,

Bij scan van de antivirus heb ik ontdekt dat op de pc JS/Lyricscontainer.A en DR/FakePic.Gen stonden.

Hieronder het logje van RSIT.

De antivirus heeft deze blijkbaar wel goed in quarantaine gezet want in het logje vind ik er niet direct nog iets van terug. Maar wel veel toolbars ed. Met Hijackthis wist ik hoe ik deze moest verwijderen, maar met RSIT niet. Hoe moet ik nu te werk gaan?

Logfile of random's system information tool 1.09 (written by random/random)

Run by steven at 2014-01-19 09:21:06

Microsoft® Windows Vista™ Home Basic Service Pack 2

System drive C: has 171 GB (75%) free of 228 GB

Total RAM: 1790 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:21:09, on 19/01/2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19489)

Boot mode: Normal

Running processes:

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Windows\system32\taskeng.exe

C:\Users\steven\AppData\Local\VNT\vntldr.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\steven\Desktop\RSIT.exe

C:\Windows\system32\msfeedssync.exe

C:\Program Files\trend micro\steven.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=hompag

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=hompag

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (file missing)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (file missing)

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [VNT] C:\Program Files\VNT\vntldr.exe

O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN17C4B57Z05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\steven\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 8382 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\HP Photo Creations Messager.job

C:\Windows\tasks\User_Feed_Synchronization-{E2CD1FAE-D5D5-46D8-9FD2-0744E2735DB0}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]

Avira SearchFree Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll [2013-12-20 12240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-15 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-15 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{41564952-412D-5637-4300-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll [2013-12-20 12240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]

"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]

"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]

"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-01-12 49208]

""= []

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-12-13 684600]

"VNT"=C:\Program Files\VNT\vntldr.exe [2013-12-20 202192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HP Deskjet 3050A J611 series (NET)"=C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2011-03-30 1721192]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-10-02 20472992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"msacm.l3codecp"=l3codecp.acm

"MSVideo8"=VfWWDM32.dll

"msacm.siren"=sirenacm.dll

"vidc.dvsd"=pdvcodec.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-19 09:15:25 ----D---- C:\Program Files\trend micro

2014-01-19 09:15:24 ----D---- C:\rsit

2014-01-19 05:13:09 ----D---- C:\Program Files\Windows Portable Devices

2014-01-19 04:19:49 ----A---- C:\Windows\system32\UIAnimation.dll

2014-01-19 04:19:48 ----A---- C:\Windows\system32\UIRibbonRes.dll

2014-01-19 04:19:48 ----A---- C:\Windows\system32\UIRibbon.dll

2014-01-19 04:18:34 ----A---- C:\Windows\system32\WMPhoto.dll

2014-01-19 04:18:31 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2014-01-19 04:18:31 ----A---- C:\Windows\system32\WindowsCodecs.dll

2014-01-19 04:18:31 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2014-01-19 04:18:31 ----A---- C:\Windows\system32\dxdiagn.dll

2014-01-19 04:18:31 ----A---- C:\Windows\system32\dxdiag.exe

2014-01-19 04:18:30 ----A---- C:\Windows\system32\d3d11.dll

2014-01-19 04:17:30 ----A---- C:\Windows\system32\WPDShextAutoplay.exe

2014-01-19 04:17:30 ----A---- C:\Windows\system32\wpdbusenum.dll

2014-01-19 04:17:30 ----A---- C:\Windows\system32\BthMtpContextHandler.dll

2014-01-19 04:17:27 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll

2014-01-19 04:17:25 ----A---- C:\Windows\system32\WpdMtpUS.dll

2014-01-19 04:17:25 ----A---- C:\Windows\system32\WpdConns.dll

2014-01-19 04:17:25 ----A---- C:\Windows\system32\drivers\WpdUsb.sys

2014-01-19 04:17:24 ----A---- C:\Windows\system32\WPDSp.dll

2014-01-19 04:17:24 ----A---- C:\Windows\system32\WPDShServiceObj.dll

2014-01-19 04:17:24 ----A---- C:\Windows\system32\wpdshext.dll

2014-01-19 04:17:24 ----A---- C:\Windows\system32\WpdMtp.dll

2014-01-19 04:17:24 ----A---- C:\Windows\system32\wpd_ci.dll

2014-01-19 04:17:24 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll

2014-01-19 04:17:24 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2014-01-19 04:17:24 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2014-01-19 04:17:24 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2014-01-19 03:21:31 ----A---- C:\Windows\system32\Wdfres.dll

2014-01-19 03:21:27 ----A---- C:\Windows\system32\winusb.dll

2014-01-19 03:21:27 ----A---- C:\Windows\system32\drivers\WUDFRd.sys

2014-01-19 03:21:27 ----A---- C:\Windows\system32\drivers\WUDFPf.sys

2014-01-19 03:21:26 ----A---- C:\Windows\system32\WUDFSvc.dll

2014-01-19 03:21:26 ----A---- C:\Windows\system32\WUDFPlatform.dll

2014-01-19 03:21:25 ----A---- C:\Windows\system32\drivers\WdfLdr.sys

2014-01-19 03:21:24 ----A---- C:\Windows\system32\WUDFHost.exe

2014-01-19 03:21:24 ----A---- C:\Windows\system32\WUDFCoinstaller.dll

2014-01-19 03:21:23 ----A---- C:\Windows\system32\WUDFx.dll

2014-01-19 03:09:06 ----SHD---- C:\Config.Msi

2014-01-19 00:46:44 ----A---- C:\Windows\system32\msshsq.dll

2014-01-19 00:46:40 ----A---- C:\Windows\system32\icaapi.dll

2014-01-19 00:46:40 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2014-01-19 00:46:36 ----A---- C:\Windows\system32\winmm.dll

2014-01-19 00:46:36 ----A---- C:\Windows\system32\mciseq.dll

2014-01-19 00:46:31 ----A---- C:\Windows\system32\shell32.dll

2014-01-19 00:46:25 ----A---- C:\Windows\system32\rpcrt4.dll

2014-01-19 00:46:11 ----A---- C:\Windows\system32\wmi.dll

2014-01-19 00:46:11 ----A---- C:\Windows\system32\imagehlp.dll

2014-01-19 00:46:11 ----A---- C:\Windows\system32\drivers\fs_rec.sys

2014-01-19 00:46:03 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2014-01-19 00:46:03 ----A---- C:\Windows\system32\cdd.dll

2014-01-19 00:45:58 ----A---- C:\Windows\system32\drivers\usb8023.sys

2014-01-19 00:45:49 ----A---- C:\Windows\system32\msfeedssync.exe

2014-01-19 00:45:48 ----A---- C:\Windows\system32\wininet.dll

2014-01-19 00:45:48 ----A---- C:\Windows\system32\msfeedsbs.dll

2014-01-19 00:45:48 ----A---- C:\Windows\system32\msfeeds.dll

2014-01-19 00:45:48 ----A---- C:\Windows\system32\jsproxy.dll

2014-01-19 00:45:48 ----A---- C:\Windows\system32\ieUnatt.exe

2014-01-19 00:45:48 ----A---- C:\Windows\system32\iertutil.dll

2014-01-19 00:45:48 ----A---- C:\Windows\system32\iernonce.dll

2014-01-19 00:45:48 ----A---- C:\Windows\system32\ie4uinit.exe

2014-01-19 00:45:47 ----A---- C:\Windows\system32\iesetup.dll

2014-01-19 00:45:47 ----A---- C:\Windows\system32\iedkcs32.dll

2014-01-19 00:45:46 ----A---- C:\Windows\system32\urlmon.dll

2014-01-19 00:45:44 ----A---- C:\Windows\system32\occache.dll

2014-01-19 00:45:43 ----A---- C:\Windows\system32\iesysprep.dll

2014-01-19 00:45:43 ----A---- C:\Windows\system32\ieframe.dll

2014-01-19 00:45:41 ----A---- C:\Windows\system32\mstime.dll

2014-01-19 00:45:41 ----A---- C:\Windows\system32\mshtmled.dll

2014-01-19 00:45:41 ----A---- C:\Windows\system32\licmgr10.dll

2014-01-19 00:45:41 ----A---- C:\Windows\system32\ieui.dll

2014-01-19 00:45:41 ----A---- C:\Windows\system32\corpol.dll

2014-01-19 00:45:40 ----A---- C:\Windows\system32\url.dll

2014-01-19 00:45:40 ----A---- C:\Windows\system32\iepeers.dll

2014-01-19 00:45:39 ----A---- C:\Windows\system32\mshtml.dll

2014-01-19 00:45:30 ----A---- C:\Windows\system32\psisdecd.dll

2014-01-19 00:45:26 ----A---- C:\Windows\system32\win32k.sys

2014-01-19 00:45:19 ----A---- C:\Windows\system32\localspl.dll

2014-01-19 00:43:39 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-01-19 00:42:53 ----A---- C:\Windows\system32\MFH264Dec.dll

2014-01-19 00:42:53 ----A---- C:\Windows\system32\dxgi.dll

2014-01-19 00:42:52 ----A---- C:\Windows\system32\XpsRasterService.dll

2014-01-19 00:42:52 ----A---- C:\Windows\system32\XpsPrint.dll

2014-01-19 00:42:51 ----A---- C:\Windows\system32\mfreadwrite.dll

2014-01-19 00:42:51 ----A---- C:\Windows\system32\MFHEAACdec.dll

2014-01-19 00:42:50 ----A---- C:\Windows\system32\mfmp4src.dll

2014-01-19 00:42:50 ----A---- C:\Windows\system32\mf.dll

2014-01-19 00:42:49 ----A---- C:\Windows\system32\shdocvw.dll

2014-01-19 00:42:49 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe

2014-01-19 00:42:49 ----A---- C:\Windows\system32\mfplat.dll

2014-01-19 00:42:48 ----A---- C:\Windows\system32\stobject.dll

2014-01-19 00:42:45 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll

2014-01-19 00:42:45 ----A---- C:\Windows\system32\mfps.dll

2014-01-19 00:42:18 ----A---- C:\Windows\system32\synceng.dll

2014-01-19 00:42:15 ----A---- C:\Windows\system32\drivers\tcpip.sys

2014-01-19 00:41:18 ----A---- C:\Windows\system32\EncDec.dll

2014-01-19 00:41:14 ----A---- C:\Windows\system32\tzres.dll

2014-01-19 00:40:26 ----A---- C:\Windows\system32\dpnet.dll

2014-01-19 00:40:25 ----A---- C:\Windows\system32\dpnsvr.exe

2014-01-19 00:40:21 ----A---- C:\Windows\system32\drivers\partmgr.sys

2014-01-19 00:40:17 ----A---- C:\Windows\system32\SysFxUI.dll

2014-01-19 00:40:17 ----A---- C:\Windows\system32\drivers\portcls.sys

2014-01-19 00:40:17 ----A---- C:\Windows\system32\drivers\drmk.sys

2014-01-19 00:40:12 ----A---- C:\Windows\system32\drivers\volsnap.sys

2014-01-19 00:40:09 ----A---- C:\Windows\system32\drivers\usbser.sys

2014-01-19 00:38:04 ----A---- C:\Windows\system32\netapi32.dll

2014-01-19 00:37:55 ----A---- C:\Windows\system32\d3d10warp.dll

2014-01-19 00:37:55 ----A---- C:\Windows\system32\d3d10_1.dll

2014-01-19 00:37:55 ----A---- C:\Windows\system32\d2d1.dll

2014-01-19 00:37:54 ----A---- C:\Windows\system32\FntCache.dll

2014-01-19 00:37:54 ----A---- C:\Windows\system32\d3d10.dll

2014-01-19 00:37:53 ----A---- C:\Windows\system32\xpsservices.dll

2014-01-19 00:37:53 ----A---- C:\Windows\system32\XpsGdiConverter.dll

2014-01-19 00:37:53 ----A---- C:\Windows\system32\OpcServices.dll

2014-01-19 00:37:53 ----A---- C:\Windows\system32\DWrite.dll

2014-01-19 00:37:53 ----A---- C:\Windows\system32\d3d10level9.dll

2014-01-19 00:37:53 ----A---- C:\Windows\system32\d3d10core.dll

2014-01-19 00:37:53 ----A---- C:\Windows\system32\d3d10_1core.dll

2014-01-19 00:37:34 ----A---- C:\Windows\system32\packager.dll

2014-01-19 00:35:58 ----A---- C:\Windows\system32\ncrypt.dll

2014-01-19 00:35:32 ----A---- C:\Windows\system32\drivers\ntfs.sys

2014-01-19 00:35:24 ----A---- C:\Windows\system32\drivers\usbhub.sys

2014-01-19 00:35:24 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2014-01-19 00:35:23 ----A---- C:\Windows\system32\drivers\usbport.sys

2014-01-19 00:35:23 ----A---- C:\Windows\system32\drivers\usbohci.sys

2014-01-19 00:35:23 ----A---- C:\Windows\system32\drivers\usbehci.sys

2014-01-19 00:35:23 ----A---- C:\Windows\system32\drivers\usbd.sys

2014-01-19 00:35:21 ----A---- C:\Windows\system32\msvcrt.dll

2014-01-19 00:35:17 ----A---- C:\Windows\system32\kernel32.dll

2014-01-19 00:35:14 ----A---- C:\Windows\system32\drivers\usbvideo.sys

2014-01-19 00:35:02 ----A---- C:\Windows\system32\jscript.dll

2014-01-19 00:35:00 ----A---- C:\Windows\system32\shlwapi.dll

2014-01-19 00:34:52 ----A---- C:\Windows\system32\quartz.dll

2014-01-19 00:34:49 ----A---- C:\Windows\system32\WMVDECOD.DLL

2014-01-19 00:34:44 ----A---- C:\Windows\system32\win32spl.dll

2014-01-19 00:34:44 ----A---- C:\Windows\system32\printcom.dll

2014-01-19 00:34:34 ----A---- C:\Windows\system32\wscript.exe

2014-01-19 00:34:33 ----A---- C:\Windows\system32\wshcon.dll

2014-01-19 00:34:33 ----A---- C:\Windows\system32\scrrun.dll

2014-01-19 00:34:33 ----A---- C:\Windows\system32\cscript.exe

2014-01-19 00:34:31 ----A---- C:\Windows\system32\gdi32.dll

2014-01-19 00:34:22 ----A---- C:\Windows\system32\certutil.exe

2014-01-19 00:34:20 ----A---- C:\Windows\system32\certenc.dll

2014-01-19 00:33:56 ----A---- C:\Windows\system32\crypt32.dll

2014-01-19 00:33:33 ----A---- C:\Windows\system32\msxml6.dll

2014-01-19 00:33:30 ----A---- C:\Windows\system32\qdvd.dll

2014-01-19 00:33:27 ----A---- C:\Windows\system32\IKEEXT.DLL

2014-01-19 00:33:27 ----A---- C:\Windows\system32\FWPUCLNT.DLL

2014-01-19 00:33:23 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2014-01-19 00:33:21 ----A---- C:\Windows\system32\themeui.dll

2014-01-19 00:33:17 ----A---- C:\Windows\system32\winhttp.dll

2014-01-19 00:33:15 ----A---- C:\Windows\system32\atmfd.dll

2014-01-19 00:33:14 ----A---- C:\Windows\system32\atmlib.dll

2014-01-19 00:33:08 ----A---- C:\Windows\system32\ntkrnlpa.exe

2014-01-19 00:33:07 ----A---- C:\Windows\system32\smss.exe

2014-01-19 00:33:07 ----A---- C:\Windows\system32\ntoskrnl.exe

2014-01-19 00:33:07 ----A---- C:\Windows\system32\ntdll.dll

2014-01-19 00:33:07 ----A---- C:\Windows\system32\csrsrv.dll

2014-01-19 00:32:59 ----A---- C:\Windows\system32\UIAutomationCore.dll

2014-01-19 00:32:59 ----A---- C:\Windows\system32\oleaut32.dll

2014-01-19 00:32:59 ----A---- C:\Windows\system32\oleaccrc.dll

2014-01-19 00:32:59 ----A---- C:\Windows\system32\oleacc.dll

2014-01-19 00:32:34 ----A---- C:\Windows\system32\qedit.dll

2014-01-19 00:32:31 ----A---- C:\Windows\system32\msxml3.dll

2014-01-19 00:31:55 ----A---- C:\Windows\system32\mstscax.dll

2014-01-19 00:31:52 ----A---- C:\Windows\system32\xmllite.dll

2014-01-19 00:31:50 ----A---- C:\Windows\system32\comctl32.dll

2014-01-19 00:31:47 ----A---- C:\Windows\system32\drivers\rdpwd.sys

2014-01-19 00:31:45 ----A---- C:\Windows\system32\winsrv.dll

2014-01-19 00:31:39 ----A---- C:\Windows\system32\cryptdlg.dll

2014-01-19 00:31:04 ----A---- C:\Windows\system32\drivers\usbscan.sys

2014-01-19 00:31:04 ----A---- C:\Windows\system32\drivers\hidparse.sys

2014-01-19 00:28:49 ----A---- C:\Windows\system32\schannel.dll

2014-01-19 00:28:49 ----A---- C:\Windows\system32\lsasrv.dll

2014-01-19 00:28:49 ----A---- C:\Windows\system32\drivers\ksecdd.sys

2014-01-19 00:28:48 ----A---- C:\Windows\system32\secur32.dll

2014-01-19 00:28:48 ----A---- C:\Windows\system32\lsass.exe

2014-01-18 23:50:02 ----A---- C:\Windows\system32\wintrust.dll

2014-01-18 23:50:02 ----A---- C:\Windows\system32\cryptsvc.dll

2014-01-18 23:50:02 ----A---- C:\Windows\system32\cryptnet.dll

2014-01-18 15:30:49 ----A---- C:\Windows\system32\wups2.dll

2014-01-18 15:30:49 ----A---- C:\Windows\system32\wuauclt.exe

2014-01-18 15:30:48 ----A---- C:\Windows\system32\wucltux.dll

2014-01-18 15:30:48 ----A---- C:\Windows\system32\wuaueng.dll

2014-01-18 15:29:50 ----A---- C:\Windows\system32\wups.dll

2014-01-18 15:29:50 ----A---- C:\Windows\system32\wudriver.dll

2014-01-18 15:29:49 ----A---- C:\Windows\system32\wuapi.dll

2014-01-18 15:29:31 ----A---- C:\Windows\system32\wuwebv.dll

2014-01-18 15:29:31 ----A---- C:\Windows\system32\wuapp.exe

2014-01-17 22:42:47 ----D---- C:\Program Files\VNT

2014-01-17 22:42:44 ----D---- C:\ProgramData\AskPartnerNetwork

2014-01-17 22:42:44 ----D---- C:\Program Files\AskPartnerNetwork

2014-01-17 22:41:27 ----D---- C:\ProgramData\APN

2014-01-17 22:41:23 ----D---- C:\Users\steven\AppData\Roaming\Avira

2014-01-17 22:37:22 ----A---- C:\Windows\system32\drivers\ssmdrv.sys

2014-01-17 22:37:13 ----A---- C:\Windows\system32\drivers\avkmgr.sys

2014-01-17 22:37:13 ----A---- C:\Windows\system32\drivers\avipbb.sys

2014-01-17 22:37:13 ----A---- C:\Windows\system32\drivers\avgntflt.sys

2014-01-17 22:36:53 ----D---- C:\ProgramData\Avira

2014-01-17 22:36:53 ----D---- C:\Program Files\Avira

2014-01-17 22:13:51 ----D---- C:\Windows\system32\eu-ES

2014-01-17 22:13:51 ----D---- C:\Windows\system32\ca-ES

2014-01-17 22:13:50 ----D---- C:\Windows\system32\vi-VN

2014-01-16 21:10:20 ----D---- C:\Users\steven\AppData\Roaming\Malwarebytes

2014-01-16 21:10:15 ----D---- C:\ProgramData\Malwarebytes

2014-01-16 21:10:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2014-01-16 21:10:14 ----A---- C:\Windows\system32\drivers\mbam.sys

2014-01-16 19:47:12 ----A---- C:\Program Files\5mUninstall MyFunCards.dll

2014-01-16 19:47:12 ----A---- C:\Program Files\5mres.dll

2014-01-16 19:43:19 ----D---- C:\Windows\pss

2014-01-16 19:35:34 ----D---- C:\Program Files\CCleaner

2014-01-15 21:31:44 ----D---- C:\AdwCleaner

2014-01-15 21:15:53 ----D---- C:\ProgramData\Oracle

2014-01-15 21:15:37 ----D---- C:\ProgramData\Sun

2014-01-15 21:15:33 ----D---- C:\Program Files\Common Files\Java

2014-01-15 21:15:10 ----A---- C:\Windows\system32\javaws.exe

2014-01-15 21:14:32 ----A---- C:\Windows\system32\WindowsAccessBridge.dll

2014-01-15 21:14:32 ----A---- C:\Windows\system32\javaw.exe

2014-01-15 21:14:32 ----A---- C:\Windows\system32\java.exe

2014-01-09 21:57:45 ----D---- C:\Windows\system32\log

======List of files/folders modified in the last 1 month======

2014-01-19 09:21:07 ----D---- C:\Windows\Temp

2014-01-19 09:15:37 ----D---- C:\Windows\Prefetch

2014-01-19 09:15:25 ----RD---- C:\Program Files

2014-01-19 09:14:30 ----D---- C:\Windows\system32\drivers

2014-01-19 08:50:40 ----D---- C:\Users\steven\AppData\Roaming\Skype

2014-01-19 08:50:18 ----D---- C:\Windows\system32\Tasks

2014-01-19 05:46:43 ----D---- C:\Windows\rescache

2014-01-19 05:43:16 ----D---- C:\Windows\winsxs

2014-01-19 05:41:13 ----D---- C:\Windows\Microsoft.NET

2014-01-19 05:41:11 ----RSD---- C:\Windows\assembly

2014-01-19 05:36:05 ----SHD---- C:\System Volume Information

2014-01-19 05:23:03 ----D---- C:\Windows\System32

2014-01-19 05:23:03 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-01-19 05:23:02 ----D---- C:\Windows\inf

2014-01-19 05:20:58 ----D---- C:\Windows\system32\catroot

2014-01-19 05:14:01 ----D---- C:\Windows

2014-01-19 05:13:11 ----D---- C:\Windows\system32\fr-FR

2014-01-19 05:13:10 ----D---- C:\Windows\system32\nl-NL

2014-01-19 05:13:10 ----D---- C:\Windows\system32\drivers\nl-NL

2014-01-19 05:13:10 ----D---- C:\Windows\system32\drivers\fr-FR

2014-01-19 05:13:09 ----D---- C:\Windows\system32\wbem

2014-01-19 05:13:07 ----D---- C:\Windows\system32\zh-TW

2014-01-19 05:13:07 ----D---- C:\Windows\system32\tr-TR

2014-01-19 05:13:07 ----D---- C:\Windows\system32\sr-Latn-CS

2014-01-19 05:13:07 ----D---- C:\Windows\system32\sk-SK

2014-01-19 05:13:07 ----D---- C:\Windows\system32\ro-RO

2014-01-19 05:13:07 ----D---- C:\Windows\system32\pt-PT

2014-01-19 05:13:07 ----D---- C:\Windows\system32\pt-BR

2014-01-19 05:13:07 ----D---- C:\Windows\system32\lv-LV

2014-01-19 05:13:07 ----D---- C:\Windows\system32\lt-LT

2014-01-19 05:13:07 ----D---- C:\Windows\system32\ja-JP

2014-01-19 05:13:07 ----D---- C:\Windows\system32\it-IT

2014-01-19 05:13:07 ----D---- C:\Windows\system32\fi-FI

2014-01-19 05:13:07 ----D---- C:\Windows\system32\el-GR

2014-01-19 05:13:07 ----D---- C:\Windows\system32\de-DE

2014-01-19 05:13:06 ----D---- C:\Windows\system32\zh-HK

2014-01-19 05:13:06 ----D---- C:\Windows\system32\zh-CN

2014-01-19 05:13:06 ----D---- C:\Windows\system32\uk-UA

2014-01-19 05:13:06 ----D---- C:\Windows\system32\th-TH

2014-01-19 05:13:06 ----D---- C:\Windows\system32\sv-SE

2014-01-19 05:13:06 ----D---- C:\Windows\system32\sl-SI

2014-01-19 05:13:06 ----D---- C:\Windows\system32\ru-RU

2014-01-19 05:13:06 ----D---- C:\Windows\system32\pl-PL

2014-01-19 05:13:06 ----D---- C:\Windows\system32\nb-NO

2014-01-19 05:13:06 ----D---- C:\Windows\system32\ko-KR

2014-01-19 05:13:06 ----D---- C:\Windows\system32\hu-HU

2014-01-19 05:13:06 ----D---- C:\Windows\system32\hr-HR

2014-01-19 05:13:06 ----D---- C:\Windows\system32\he-IL

2014-01-19 05:13:06 ----D---- C:\Windows\system32\et-EE

2014-01-19 05:13:06 ----D---- C:\Windows\system32\es-ES

2014-01-19 05:13:06 ----D---- C:\Windows\system32\en-US

2014-01-19 05:13:06 ----D---- C:\Windows\system32\da-DK

2014-01-19 05:13:06 ----D---- C:\Windows\system32\cs-CZ

2014-01-19 05:13:06 ----D---- C:\Windows\system32\bg-BG

2014-01-19 05:13:06 ----D---- C:\Windows\system32\ar-SA

2014-01-19 05:13:03 ----D---- C:\Program Files\Internet Explorer

2014-01-19 05:12:51 ----RSD---- C:\Windows\Fonts

2014-01-19 05:12:46 ----D---- C:\Windows\system32\XPSViewer

2014-01-19 05:12:42 ----D---- C:\Program Files\Windows Mail

2014-01-19 05:12:33 ----D---- C:\Program Files\Common Files\System

2014-01-19 05:12:25 ----D---- C:\Windows\system32\migration

2014-01-19 05:12:06 ----D---- C:\Windows\system32\drivers\UMDF

2014-01-19 04:51:47 ----SHD---- C:\Windows\Installer

2014-01-19 04:24:43 ----D---- C:\Windows\tracing

2014-01-19 04:20:08 ----D---- C:\Windows\system32\catroot2

2014-01-17 22:53:53 ----D---- C:\Program Files\Common Files

2014-01-17 22:42:44 ----HD---- C:\ProgramData

2014-01-17 22:27:21 ----A---- C:\ProgramData\hpqp.ini

2014-01-17 22:25:14 ----SHD---- C:\boot

2014-01-17 22:14:30 ----D---- C:\Program Files\Windows Sidebar

2014-01-17 22:14:30 ----D---- C:\Program Files\Windows Calendar

2014-01-17 22:14:30 ----D---- C:\Program Files\Movie Maker

2014-01-17 22:14:29 ----D---- C:\Program Files\Windows Media Player

2014-01-17 22:14:28 ----D---- C:\Program Files\Windows Photo Gallery

2014-01-17 22:14:28 ----D---- C:\Program Files\Windows Collaboration

2014-01-17 22:14:27 ----D---- C:\Windows\servicing

2014-01-17 22:14:27 ----D---- C:\Program Files\Windows Defender

2014-01-17 22:14:24 ----D---- C:\Windows\IME

2014-01-17 22:14:21 ----D---- C:\Windows\system32\oobe

2014-01-17 22:14:21 ----D---- C:\Windows\system32\fr

2014-01-17 22:14:19 ----D---- C:\Windows\system32\AdvancedInstallers

2014-01-17 22:14:16 ----D---- C:\Windows\system32\SLUI

2014-01-17 22:14:16 ----D---- C:\Windows\system32\setup

2014-01-17 22:14:15 ----D---- C:\Windows\system32\manifeststore

2014-01-17 22:14:13 ----D---- C:\Windows\system32\migwiz

2014-01-17 22:13:57 ----D---- C:\Windows\AppPatch

2014-01-17 22:13:50 ----D---- C:\Windows\system32\Boot

2014-01-17 22:07:22 ----D---- C:\ProgramData\NVIDIA

2014-01-17 22:01:38 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont

2014-01-16 20:41:49 ----D---- C:\Windows\panther

2014-01-16 20:41:42 ----D---- C:\Windows\Minidump

2014-01-16 20:41:42 ----D---- C:\Windows\Debug

2014-01-16 20:29:33 ----D---- C:\ProgramData\Norton

2014-01-16 20:29:33 ----D---- C:\Program Files\Google

2014-01-16 20:29:31 ----D---- C:\ProgramData\AVAST Software

2014-01-16 20:26:42 ----D---- C:\ProgramData\Apple Computer

2014-01-16 20:26:42 ----D---- C:\Program Files\iTunes

2014-01-16 20:26:41 ----D---- C:\Program Files\Common Files\Apple

2014-01-16 20:25:28 ----DC---- C:\Windows\system32\DRVSTORE

2014-01-16 20:14:48 ----HD---- C:\Program Files\InstallShield Installation Information

2014-01-16 20:14:04 ----D---- C:\ProgramData\CyberLink

2014-01-16 20:14:04 ----D---- C:\Program Files\CyberLink

2014-01-16 20:05:16 ----D---- C:\Program Files\QuickTime

2014-01-16 20:02:24 ----D---- C:\ProgramData\WildTangent

2014-01-16 20:02:24 ----D---- C:\Program Files\HP Games

2014-01-16 19:50:07 ----D---- C:\ProgramData\Microsoft Help

2014-01-16 19:47:33 ----D---- C:\Windows\system32\MRT

2014-01-16 19:38:22 ----A---- C:\Windows\system32\mrt.exe

2014-01-15 21:13:31 ----D---- C:\Program Files\Java

2014-01-15 21:10:18 ----D---- C:\Windows\Tasks

2014-01-15 20:52:46 ----D---- C:\Users\steven\AppData\Roaming\HpUpdate

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-07-03 18544]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-13 135648]

R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-13 37352]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2013-12-13 28520]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-13 90400]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]

R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-06-05 222208]

R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]

R3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]

R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-24 14848]

R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-09-19 61952]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]

R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

S3 cpuz132;cpuz132; \??\C:\Users\steven\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]

S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2008-12-13 36608]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]

S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]

S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM); C:\Windows\system32\DRIVERS\SE2Bbus.sys [2006-11-10 61600]

S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\SE2Bmdfl.sys [2006-11-10 9360]

S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\SE2Bmdm.sys [2006-11-10 97184]

S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]

S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]

S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]

S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys []

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]

S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 27648]

S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira Planner; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-12-13 440376]

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-12-13 440376]

R2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-12-13 1011768]

R2 APNMCP;Ask-updateservice; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-12-20 166352]

R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]

R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]

R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]

R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]

R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-29 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-14 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]

S3 fsssvc;De service Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-05 165416]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-29 136176]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

-----------------EOF-----------------

kape · 19 januari 2014

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie).

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
 {5C255C8A-E604-49b4-9D64-90988571CECB};c
 {41564952-412D-5637-4300-7A786E7484D7};c
 C:\Program Files\AskPartnerNetwork;fs
 APNMCP;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}];r
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
 ""=-;r
 C:\ProgramData\AskPartnerNetwork;fs
 C:\ProgramData\APN;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.

thierry1 · 19 januari 2014

Zoek.exe v5.0.0.0 Updated 18-Januari-2014

Tool run by steven on zo 19/01/2014 at 18:44:10,10.

Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\steven\Desktop\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

19/01/2014 18:45:59 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully

C:\Program Files\Samsung deleted successfully

C:\Program Files\Common Files\Apple deleted successfully

C:\ProgramData\AVAST Software deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\ProgramData\PCSettings deleted successfully

C:\Users\steven\AppData\Roaming\AdobeUM deleted successfully

C:\Users\steven\AppData\Roaming\PeerNetworking deleted successfully

C:\Users\steven\AppData\Roaming\Samsung deleted successfully

C:\Users\steven\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3209317974-2775747799-1048052603-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

==== Deleting Files \ Folders ======================

C:\Program Files\AskPartnerNetwork deleted

C:\ProgramData\AskPartnerNetwork deleted

C:\ProgramData\APN deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\steven\AppData\Local\Temp ====

2014-01-17 21:41:04 4E41301AB03814EABE37FCF194B728A6 1326512 ----a-w- C:\Users\steven\AppData\Local\Temp\Offercast_AVIRAV7_.exe

====== Java Cache =====

2014-01-16 18:25:02 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\steven\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-115141fd

====== C:\Windows\system32 =====

2014-01-19 03:19:49 D6BACADF83661F08F9E1515AAE74B03E 92672 ----a-w- C:\Windows\System32\UIAnimation.dll

2014-01-19 03:19:48 8C459CFAC2FB3DFB693BCFEC32F25407 3023360 ----a-w- C:\Windows\System32\UIRibbon.dll

2014-01-19 03:19:48 22C2646DD3ED24004F994D0DA9755955 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll

2014-01-19 03:18:34 8375E2BD58BFB375695135A511EBEE00 369664 ----a-w- C:\Windows\System32\WMPhoto.dll

2014-01-19 03:18:31 D1C47F951EA35073C97EF2E928CF9D6F 195584 ----a-w- C:\Windows\System32\dxdiagn.dll

2014-01-19 03:18:31 6836D001FC733F205ACB80A7986CB6C9 974848 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2014-01-19 03:18:31 60BBAF3F5A38D0274B0C46710A218051 252928 ----a-w- C:\Windows\System32\dxdiag.exe

2014-01-19 03:18:31 247609D2CD28A57BC1FE37FDA48AC0DB 321024 ----a-w- C:\Windows\System32\PhotoMetadataHandler.dll

2014-01-19 03:18:31 012A965F34414458075EF4F0EDC11536 189440 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll

2014-01-19 03:18:30 6E895BDCB3158E3860A49662332736BA 519680 ----a-w- C:\Windows\System32\d3d11.dll

2014-01-19 03:17:30 9B9108D3019C18BD6D38B860813E6E52 31232 ----a-w- C:\Windows\System32\BthMtpContextHandler.dll

2014-01-19 03:17:30 801FBDB89D472B3C467EB112A0FC9246 81920 ----a-w- C:\Windows\System32\wpdbusenum.dll

2014-01-19 03:17:30 1D7D7E32A80109D5C3167309265EAC83 30208 ----a-w- C:\Windows\System32\WPDShextAutoplay.exe

2014-01-19 03:17:27 B53BD9E63867CD9FD853F666CA172713 60928 ----a-w- C:\Windows\System32\PortableDeviceConnectApi.dll

2014-01-19 03:17:25 58E42DDB9F734E8DBDA17E806EF3F64A 33280 ----a-w- C:\Windows\System32\WpdConns.dll

2014-01-19 03:17:25 3501443C148C780E8CE6B5108CE6D95E 61952 ----a-w- C:\Windows\System32\WpdMtpUS.dll

2014-01-19 03:17:24 E92143D1B2E32FAF6CC56FD97B908F6A 2537472 ----a-w- C:\Windows\System32\wpdshext.dll

2014-01-19 03:17:24 C220FC95DA7AD00AB03C184AFDDC5314 196608 ----a-w- C:\Windows\System32\PortableDeviceWMDRM.dll

2014-01-19 03:17:24 B2B117BD8D1EA80536CDD91797EF4A0A 100864 ----a-w- C:\Windows\System32\PortableDeviceClassExtension.dll

2014-01-19 03:17:24 A8FB1B20C5ABD1817B7F96251293BFF9 226816 ----a-w- C:\Windows\System32\WpdMtp.dll

2014-01-19 03:17:24 883D02AB5D350BC45E0F60E8CFA97FDC 160256 ----a-w- C:\Windows\System32\PortableDeviceTypes.dll

2014-01-19 03:17:24 81072240917688254A55C1C568B2377B 546816 ----a-w- C:\Windows\System32\wpd_ci.dll

2014-01-19 03:17:24 6B5C53E0932C510606D700B7A896EF73 87552 ----a-w- C:\Windows\System32\WPDShServiceObj.dll

2014-01-19 03:17:24 49456BFE373D90B895795C5A1A13A7C8 350208 ----a-w- C:\Windows\System32\WPDSp.dll

2014-01-19 03:17:24 2205A220A264E8C8B86492BF3D112907 334848 ----a-w- C:\Windows\System32\PortableDeviceApi.dll

2014-01-19 02:21:31 2F0BC1FC6142DCB31C7D9804962A7011 9728 ----a-w- C:\Windows\System32\Wdfres.dll

2014-01-19 02:21:27 76FD230DEAB73D2826458617DBB56A63 16896 ----a-w- C:\Windows\System32\winusb.dll

2014-01-19 02:21:26 FE47B7BC8EA320C2D9B5E5BF6E303765 73216 ----a-w- C:\Windows\System32\WUDFSvc.dll

2014-01-19 02:21:26 D5CF1536137026ACDED95BF6CBF849F6 172032 ----a-w- C:\Windows\System32\WUDFPlatform.dll

2014-01-19 02:21:24 D689B2C2E69156D954C24810F4081C1E 38912 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll

2014-01-19 02:21:24 980B6A5F92B8DB235C4A26728C2BE732 196608 ----a-w- C:\Windows\System32\WUDFHost.exe

2014-01-19 02:21:23 A36F7A256E65D858A7039DB00ADEEBDD 613888 ----a-w- C:\Windows\System32\WUDFx.dll

2014-01-18 23:46:44 FF41E1AC301F51E16F61AD7C0F45467C 231424 ----a-w- C:\Windows\System32\msshsq.dll

2014-01-18 23:46:40 351FA1DF82CFFDEDA801604246E63E95 15872 ----a-w- C:\Windows\System32\icaapi.dll

2014-01-18 23:46:36 FF8FCDF1913016813AFB966A0F41B299 23552 ----a-w- C:\Windows\System32\mciseq.dll

2014-01-18 23:46:36 14FF750EFE13B0C21E5A06507C3A97B1 189952 ----a-w- C:\Windows\System32\winmm.dll

2014-01-18 23:46:31 AAF101900A23D75AE1AE00840FA6F3B8 11586048 ----a-w- C:\Windows\System32\shell32.dll

2014-01-18 23:46:25 E389C328AC7FE5673593ECAD269E7A54 783360 ----a-w- C:\Windows\System32\rpcrt4.dll

2014-01-18 23:46:11 87CDFFCBD09C1CA03A068343D5D93250 5120 ----a-w- C:\Windows\System32\wmi.dll

2014-01-18 23:46:11 09EA40F4DAD2EDB3587E5E0BAA9C3E15 158208 ----a-w- C:\Windows\System32\imagehlp.dll

2014-01-18 23:46:03 D6F0260D9051C0B60998F4CDBE9B2CC6 37376 ----a-w- C:\Windows\System32\cdd.dll

2014-01-18 23:45:49 66816B85E75821339644E9554B671CDB 13312 ----a-w- C:\Windows\System32\msfeedssync.exe

2014-01-18 23:45:48 D40C56B9338EA2C3B3891A6FCE5E51F7 916992 ----a-w- C:\Windows\System32\wininet.dll

2014-01-18 23:45:48 94E1042B7B5CC2D8E1AD035ABF636AB4 630272 ----a-w- C:\Windows\System32\msfeeds.dll

2014-01-18 23:45:48 84D82550510F29F1AA595AE2E4B60FAA 2005504 ----a-w- C:\Windows\System32\iertutil.dll

2014-01-18 23:45:48 736CFAD98B81F3B633EBC398C281A528 55808 ----a-w- C:\Windows\System32\iernonce.dll

2014-01-18 23:45:48 3B6D421884302E4E73B0C979F9803DB6 174080 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-01-18 23:45:48 1E9965743771AF3F9327BCD379169601 55296 ----a-w- C:\Windows\System32\msfeedsbs.dll

2014-01-18 23:45:48 15CD6BD3258338B67D731B2F1C7274E1 25600 ----a-w- C:\Windows\System32\jsproxy.dll

2014-01-18 23:45:48 067347D17DB31481B8633DC6DCC370A5 133632 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-01-18 23:45:47 E734BA46299B25A9182BC86C5CA94768 387584 ----a-w- C:\Windows\System32\iedkcs32.dll

2014-01-18 23:45:47 1C29FB39E957A4411B8B6F2C30A34318 71680 ----a-w- C:\Windows\System32\iesetup.dll

2014-01-18 23:45:46 1E5690ED49D4168D533A8337536A1CBF 1213440 ----a-w- C:\Windows\System32\urlmon.dll

2014-01-18 23:45:45 6603246062426425B743C1E415F30154 1469440 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-01-18 23:45:45 39D09AF0C2BAC30FA93B11B81315AE6B 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2014-01-18 23:45:44 60BCDFD06EA9F3AD96F74674226529D1 206848 ----a-w- C:\Windows\System32\occache.dll

2014-01-18 23:45:43 EE8397215DF5E9C8076AD636A57B969C 109056 ----a-w- C:\Windows\System32\iesysprep.dll

2014-01-18 23:45:43 E3AC8293BD30CD20D42A773AE3AAECB5 11111936 ----a-w- C:\Windows\System32\ieframe.dll

2014-01-18 23:45:41 F32ED4E70FCEB40177DCADFB35045400 385024 ----a-w- C:\Windows\System32\html.iec

2014-01-18 23:45:41 E4B28C016079059A298DB6392ECC4C83 43520 ----a-w- C:\Windows\System32\licmgr10.dll

2014-01-18 23:45:41 C10CEDD90CCB9ED5E704D2BC1E3697F0 67072 ----a-w- C:\Windows\System32\mshtmled.dll

2014-01-18 23:45:41 74B4D54B65D5B04CB522DE539765485F 18944 ----a-w- C:\Windows\System32\corpol.dll

2014-01-18 23:45:41 575D95E2750755F5EE6A630767DFC68F 164352 ----a-w- C:\Windows\System32\ieui.dll

2014-01-18 23:45:41 4CA40A2B506D0D5F9A20138FE1FADADC 611840 ----a-w- C:\Windows\System32\mstime.dll

2014-01-18 23:45:40 AAE48AD540B87D67251DBF51E77E016F 184320 ----a-w- C:\Windows\System32\iepeers.dll

2014-01-18 23:45:40 12ED779B51FBC68D7226D29C751A65BB 105984 ----a-w- C:\Windows\System32\url.dll

2014-01-18 23:45:39 EE11316C5398ED18AD63D91B86B8162B 6018560 ----a-w- C:\Windows\System32\mshtml.dll

2014-01-18 23:45:30 D1AE4D2D559C23CE9DE4B3B10A90B901 57856 ----a-w- C:\Windows\System32\MSDvbNP.ax

2014-01-18 23:45:30 959A4BC486951267EE6343A431A92B12 293376 ----a-w- C:\Windows\System32\psisdecd.dll

2014-01-18 23:45:30 3A78D48221D32BC99C4B11B112D6EADA 217088 ----a-w- C:\Windows\System32\psisrndr.ax

2014-01-18 23:45:30 1B45ED071775A5E8BF51682EC5B61231 69632 ----a-w- C:\Windows\System32\Mpeg2Data.ax

2014-01-18 23:45:26 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys

2014-01-18 23:45:19 63396CBB1365769D520E0FD89C2419F2 623616 ----a-w- C:\Windows\System32\localspl.dll

2014-01-18 23:43:39 E87F6492F5406287EDF05DF40BB86780 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll

2014-01-18 23:42:53 BC5E45CB2304AFB4D2EF2FD9C41299AF 979456 ----a-w- C:\Windows\System32\MFH264Dec.dll

2014-01-18 23:42:53 AAAE543C535ED596ECAD2AB8761C2C6F 478720 ----a-w- C:\Windows\System32\dxgi.dll

2014-01-18 23:42:52 759982EBE2B8DE1F4B50D14D0EFD6682 876032 ----a-w- C:\Windows\System32\XpsPrint.dll

2014-01-18 23:42:52 3439DFAD865BF24C3E3DE3BCB2F9C39F 135680 ----a-w- C:\Windows\System32\XpsRasterService.dll

2014-01-18 23:42:51 7BE8835CA7E2975F2E865CEEE8821EB6 261632 ----a-w- C:\Windows\System32\mfreadwrite.dll

2014-01-18 23:42:51 44CEE5264282105A89B650FDB07E40FF 357376 ----a-w- C:\Windows\System32\MFHEAACdec.dll

2014-01-18 23:42:50 743B1957729DE905DC44782A957FD284 302592 ----a-w- C:\Windows\System32\mfmp4src.dll

2014-01-18 23:42:50 67D16247C56C26A4F0D79D1A7F272B8F 2873344 ----a-w- C:\Windows\System32\mf.dll

2014-01-18 23:42:49 DFD714F1A410B32DA258423CF592A96E 667648 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe

2014-01-18 23:42:49 BF142D4F8C61ED3629A9CDD7BA867900 209920 ----a-w- C:\Windows\System32\mfplat.dll

2014-01-18 23:42:49 167AC31450C0C53A01FA1491E94D7678 1075712 ----a-w- C:\Windows\System32\shdocvw.dll

2014-01-18 23:42:48 B5950DF243837D8217F4E597919B224A 586240 ----a-w- C:\Windows\System32\stobject.dll

2014-01-18 23:42:45 E821547F853BF67CABE187B6FAA5D212 26112 ----a-w- C:\Windows\System32\printfilterpipelineprxy.dll

2014-01-18 23:42:45 B9103A56ACABDED3E87C2A8777B6456C 98816 ----a-w- C:\Windows\System32\mfps.dll

2014-01-18 23:42:45 5EC8FB83F31AA2D6F421F02C3F4F4475 258048 ----a-w- C:\Windows\System32\winspool.drv

2014-01-18 23:42:18 950343D413EEDC3A24472BB2046CFB59 75776 ----a-w- C:\Windows\System32\synceng.dll

2014-01-18 23:41:18 D0F138624B9B49F349C5D3D2341199A1 429056 ----a-w- C:\Windows\System32\EncDec.dll

2014-01-18 23:41:14 F1DBB1AC69239D292A9035032C5B4F00 2048 ----a-w- C:\Windows\System32\tzres.dll

2014-01-18 23:40:26 9258E6D71D65B90A9308978085B934AA 376320 ----a-w- C:\Windows\System32\dpnet.dll

2014-01-18 23:40:25 F189F4921D3C24AC96861AA27D329B9B 23040 ----a-w- C:\Windows\System32\dpnsvr.exe

2014-01-18 23:40:17 57390AF2F8939AB038FC4A5D10B50D52 335360 ----a-w- C:\Windows\System32\SysFxUI.dll

2014-01-18 23:38:04 98B656EAF128CD06F625B09C84D959E1 467968 ----a-w- C:\Windows\System32\netapi32.dll

2014-01-18 23:37:55 3DFEEC45E5F22993216083FB777719D5 683008 ----a-w- C:\Windows\System32\d2d1.dll

2014-01-18 23:37:55 33EBF5DCD45F878B3622AD82AB37AF3A 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll

2014-01-18 23:37:55 29E4EA31C6DEBE5EFB384EEFA4F1EF63 160768 ----a-w- C:\Windows\System32\d3d10_1.dll

2014-01-18 23:37:54 8CE364388C8ECA59B14B539179276D44 797696 ----a-w- C:\Windows\System32\FntCache.dll

2014-01-18 23:37:54 8B02D2ECC7EF6E1F6AF08459E3F741F6 1029120 ----a-w- C:\Windows\System32\d3d10.dll

2014-01-18 23:37:53 E607F9C6A2386647B572580CB147C7B3 1554432 ----a-w- C:\Windows\System32\xpsservices.dll

2014-01-18 23:37:53 A15ED03919107C2A6A3395EE02C7DD47 847360 ----a-w- C:\Windows\System32\OpcServices.dll

2014-01-18 23:37:53 9C7094F537782A82B6A29B4A7172E180 189952 ----a-w- C:\Windows\System32\d3d10core.dll

2014-01-18 23:37:53 6843926AFF733D46A04F9D4E1C1A6B14 1068544 ----a-w- C:\Windows\System32\DWrite.dll

2014-01-18 23:37:53 556F1CBE9BA19E2CCD6F8D9AF71AF5C7 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll

2014-01-18 23:37:53 1217AEB3DBED42C54ADD826EDDC21660 288768 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2014-01-18 23:37:53 04802864F51046E93471083A24469ACE 486400 ----a-w- C:\Windows\System32\d3d10level9.dll

2014-01-18 23:37:34 A520C77CFFABC96E32818451B60905C7 66560 ----a-w- C:\Windows\System32\packager.dll

2014-01-18 23:35:58 13CC59C1B04E9F20A87987C68CD4BE3F 204288 ----a-w- C:\Windows\System32\ncrypt.dll

2014-01-18 23:35:21 17AF64D727545F2804F6E6D998327E3F 680448 ----a-w- C:\Windows\System32\msvcrt.dll

2014-01-18 23:35:17 DC3105CC925A0D47F61B54E66AB730FC 892928 ----a-w- C:\Windows\System32\kernel32.dll

2014-01-18 23:35:02 4CA9275776D204BF25CE2B2561B17E44 726528 ----a-w- C:\Windows\System32\jscript.dll

2014-01-18 23:35:00 420B075CD71AB9E58D15DD258958FBA3 353280 ----a-w- C:\Windows\System32\shlwapi.dll

2014-01-18 23:34:52 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll

2014-01-18 23:34:49 C43A71C2845C88D7E5A8A26D3850BDFB 1548288 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2014-01-18 23:34:44 A4E7946B71BBDF8708C7AC97FD9E9008 443904 ----a-w- C:\Windows\System32\win32spl.dll

2014-01-18 23:34:44 2D3D47B93E0BE86EEBB261734AB5B6A1 37376 ----a-w- C:\Windows\System32\printcom.dll

2014-01-18 23:34:34 2497FD012104DFF64BF01DA98ECF6F75 131072 ----a-w- C:\Windows\System32\wshom.ocx

2014-01-18 23:34:34 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe

2014-01-18 23:34:33 F9D5C623E913CDAA198ECF0E6D2AA54A 36864 ----a-w- C:\Windows\System32\wshcon.dll

2014-01-18 23:34:33 DDEA43CDF00D6987F633F80AE4B7F2CE 172032 ----a-w- C:\Windows\System32\scrrun.dll

2014-01-18 23:34:33 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe

2014-01-18 23:34:31 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll

2014-01-18 23:34:22 84BDC77A844493FCD76858B52690F31B 812544 ----a-w- C:\Windows\System32\certutil.exe

2014-01-18 23:34:20 5827CF5BBA5AEBDB416556E076A19EAF 41984 ----a-w- C:\Windows\System32\certenc.dll

2014-01-18 23:33:56 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll

2014-01-18 23:33:33 0296DAEB5555A248E8ABF7E5012A37A6 1400832 ----a-w- C:\Windows\System32\msxml6.dll

2014-01-18 23:33:30 E1E52D56D266C2741058BA6611970D0C 497152 ----a-w- C:\Windows\System32\qdvd.dll

2014-01-18 23:33:27 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2014-01-18 23:33:27 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL

2014-01-18 23:33:27 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF

2014-01-18 23:33:21 DBD9448D06E67FE6F29261FFAD205B68 615936 ----a-w- C:\Windows\System32\themeui.dll

2014-01-18 23:33:17 DBD02E3E6F061EBBBF9B99A9D7CBA30B 377344 ----a-w- C:\Windows\System32\winhttp.dll

2014-01-18 23:33:15 A136094368CA45BA50BF4E2703E93B82 293376 ----a-w- C:\Windows\System32\atmfd.dll

2014-01-18 23:33:14 D1F8FE7C788C437DDE311E9F0C09005E 34304 ----a-w- C:\Windows\System32\atmlib.dll

2014-01-18 23:33:08 61E5B6E75A5E53D1052A6D18BF67B59A 3603904 ----a-w- C:\Windows\System32\ntkrnlpa.exe

2014-01-18 23:33:07 CB284FC56D12BF5D2503CB75B03FD40A 3551680 ----a-w- C:\Windows\System32\ntoskrnl.exe

2014-01-18 23:33:07 BE7480C91E89EB82FC080F772C220AE4 64000 ----a-w- C:\Windows\System32\smss.exe

2014-01-18 23:33:07 B9FDFF876B0E7B4FECBAA5708C6ED616 1205168 ----a-w- C:\Windows\System32\ntdll.dll

2014-01-18 23:33:07 33F84B64D4765BCDFA0AB8464122DA14 49152 ----a-w- C:\Windows\System32\csrsrv.dll

2014-01-18 23:32:59 DC15AB7168C0309D8F04FD95B6240422 238080 ----a-w- C:\Windows\System32\oleacc.dll

2014-01-18 23:32:59 CCE5E7C0F8AA13207E777C43F4DA80A3 555520 ----a-w- C:\Windows\System32\UIAutomationCore.dll

2014-01-18 23:32:59 B218342214D9BBA0F54EA12BA2E9278C 563712 ----a-w- C:\Windows\System32\oleaut32.dll

2014-01-18 23:32:59 7E38DA8C11833B99766A97CEE3F80F07 4096 ----a-w- C:\Windows\System32\oleaccrc.dll

2014-01-18 23:32:34 26B7512FAF33ECD0356874BBB20A9E20 505344 ----a-w- C:\Windows\System32\qedit.dll

2014-01-18 23:32:31 6ABD253226770EAE1292B4C945ED4B4B 1248768 ----a-w- C:\Windows\System32\msxml3.dll

2014-01-18 23:31:55 6A166182E32844369FD072057782A22B 2067968 ----a-w- C:\Windows\System32\mstscax.dll

2014-01-18 23:31:52 1908CC7673F72601AFFDCA022689CEDF 182784 ----a-w- C:\Windows\System32\xmllite.dll

2014-01-18 23:31:50 58035212AB7869A5FC3AF186ACBA8F09 532480 ----a-w- C:\Windows\System32\comctl32.dll

2014-01-18 23:31:45 A508314231C49AEE86987CEA3EAECAD1 376320 ----a-w- C:\Windows\System32\winsrv.dll

2014-01-18 23:31:39 4E07C27B4207ABB35F694E10ED609D2C 24576 ----a-w- C:\Windows\System32\cryptdlg.dll

2014-01-18 23:28:49 50E3E76B0901BB4FC029BB88BFA5CE79 278528 ----a-w- C:\Windows\System32\schannel.dll

2014-01-18 23:28:49 178FAC2B7C66E9A4400CE7AC37623E3F 1259008 ----a-w- C:\Windows\System32\lsasrv.dll

2014-01-18 23:28:48 D602FEDBD9155FC2DED6863FB60C950F 72704 ----a-w- C:\Windows\System32\secur32.dll

2014-01-18 23:28:48 A3E186B4B935905B829219502557314E 9728 ----a-w- C:\Windows\System32\lsass.exe

2014-01-18 22:50:02 D16A740186870C32941C0E61DF4F1298 172544 ----a-w- C:\Windows\System32\wintrust.dll

2014-01-18 22:50:02 71B479749F0F52C4FEC726C6FFA2CE1C 98304 ----a-w- C:\Windows\System32\cryptnet.dll

2014-01-18 22:50:02 684C130BBC6DB681BAD4920A4C944AA5 133120 ----a-w- C:\Windows\System32\cryptsvc.dll

2014-01-18 14:30:49 BDC0C99E472176C8C2C853A68ADC5073 45080 ----a-w- C:\Windows\System32\wups2.dll

2014-01-18 14:30:49 2E0B0A051FFAA86E358465BB0880D453 53784 ----a-w- C:\Windows\System32\wuauclt.exe

2014-01-18 14:30:48 FC3EC24FCE372C89423E015A2AC1A31E 1933848 ----a-w- C:\Windows\System32\wuaueng.dll

2014-01-18 14:30:48 285C594C4913FA9DC7BB6BA3AD6F101A 2422272 ----a-w- C:\Windows\System32\wucltux.dll

2014-01-18 14:29:50 C480F0E968ECA0D80D0299D7F204E33B 88576 ----a-w- C:\Windows\System32\wudriver.dll

2014-01-18 14:29:50 3458EDA96E30FBD0477A2800D3FB1909 35864 ----a-w- C:\Windows\System32\wups.dll

2014-01-18 14:29:49 1A617835452EEE5060976C9B9F5FE635 577048 ----a-w- C:\Windows\System32\wuapi.dll

2014-01-18 14:29:31 98F94089E9C549E223AB05BE54BAB2ED 171904 ----a-w- C:\Windows\System32\wuwebv.dll

2014-01-18 14:29:31 069385484EA57B663D688894C88975C5 33792 ----a-w- C:\Windows\System32\wuapp.exe

2014-01-15 20:15:10 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\System32\javaws.exe

2014-01-15 20:14:32 FD80D0AE205EC54D1A204DDBD6B766DA 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll

2014-01-15 20:14:32 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\System32\javaw.exe

2014-01-15 20:14:32 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\System32\java.exe

====== C:\Windows\system32\drivers =====

2014-01-19 04:12:07 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

2014-01-19 04:11:17 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf

2014-01-19 03:17:25 DE9D36F91A4DF3D911626643DEBF11EA 40448 ----a-w- C:\Windows\System32\drivers\WpdUsb.sys

2014-01-19 02:21:44 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

2014-01-19 02:21:27 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys

2014-01-19 02:21:27 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys

2014-01-19 02:21:25 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys

2014-01-18 23:46:40 F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 24064 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2014-01-18 23:46:11 B972A66758577E0BFD1DE0F91AAA27B5 12800 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2014-01-18 23:46:03 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2014-01-18 23:45:58 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2014-01-18 23:42:15 D18D53974FD715D50FC76F9FFE1C830D 905664 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2014-01-18 23:40:21 B9C2B89F08670E159F7181891E449CD9 53120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2014-01-18 23:40:17 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys

2014-01-18 23:40:17 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys

2014-01-18 23:40:12 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Windows\System32\drivers\volsnap.sys

2014-01-18 23:40:09 8E6C378A885D6FFDA8F05E8D27B95C0E 27648 ----a-w- C:\Windows\System32\drivers\usbser.sys

2014-01-18 23:35:32 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2014-01-18 23:35:24 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-01-18 23:35:24 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-18 23:35:23 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2014-01-18 23:35:23 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-18 23:35:23 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-18 23:35:23 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-18 23:35:14 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys

2014-01-18 23:33:23 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2014-01-18 23:31:47 C127EBD5AFAB31524662C48DFCEB773A 180736 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2014-01-18 23:31:04 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys

2014-01-18 23:31:04 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\drivers\usbscan.sys

2014-01-18 23:28:49 4A1445EFA932A3BAF5BDB02D7131EE20 440704 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2014-01-17 21:37:22 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Windows\System32\drivers\ssmdrv.sys

2014-01-17 21:37:13 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Windows\System32\drivers\avkmgr.sys

2014-01-17 21:37:13 B8C10FF9369394EB84993F331810CF29 90400 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2014-01-17 21:37:13 4189E5AB2CAD6F395D87DAAE73EB090F 135648 ----a-w- C:\Windows\System32\drivers\avipbb.sys

2014-01-16 20:10:14 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys

====== C:\Windows\Tasks ======

2014-01-19 07:50:18 -------- d-----w- C:\Windows\system32\Tasks\WPD

2014-01-16 19:07:28 A99B13816E2F923661CB3B78CCE5917B 3300 ----a-w- C:\Windows\system32\Tasks\4842

2014-01-16 19:07:26 E85597A4DA0E8AC8D4EC4F4E6C548955 3202 ----a-w- C:\Windows\system32\Tasks\0

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-19 08:15:25 -------- d-----w- C:\Program Files\trend micro

2014-01-19 04:13:09 -------- d-----w- C:\Program Files\Windows Portable Devices

2014-01-17 21:42:47 -------- d-----w- C:\Program Files\VNT

2014-01-17 21:36:53 -------- d-----w- C:\Program Files\Avira

2014-01-16 18:47:12 708168 ----a-w- C:\Program Files\5mUninstall MyFunCards.dll

2014-01-16 18:47:12 186744 ----a-w- C:\Program Files\5mres.dll

2014-01-15 20:15:33 -------- d-----w- C:\Program Files\Common Files\Java

======= C: =====

====== C:\Users\steven\AppData\Roaming ======

2014-01-17 21:43:05 -------- d-----w- C:\Users\steven\AppData\Local\VNT

2014-01-17 21:41:23 -------- d-----w- C:\Users\steven\AppData\Roaming\Avira

====== C:\Users\steven ======

2014-01-19 08:15:00 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\steven\Desktop\RSIT.exe

2014-01-17 21:37:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2014-01-17 21:36:53 -------- d-----w- C:\ProgramData\Avira

2014-01-17 21:35:21 -------- d-----w- C:\Users\Public\Downloads

2014-01-16 20:07:49 29B7410D1B5313E298094651A0C98530 129870080 ----a-w- C:\Users\steven\Downloads\avira_free_antivirus_nl.exe

2014-01-15 20:15:37 -------- d-----w- C:\ProgramData\Sun

2014-01-15 20:14:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==

2014-01-19 08:15:27 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\steven.exe

2014-01-19 08:15:00 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\steven\Desktop\RSIT.exe

2014-01-19 03:18:31 60BBAF3F5A38D0274B0C46710A218051 252928 ----a-w- C:\Windows\System32\dxdiag.exe

2014-01-19 03:17:30 1D7D7E32A80109D5C3167309265EAC83 30208 ----a-w- C:\Windows\System32\WPDShextAutoplay.exe

2014-01-19 02:21:24 980B6A5F92B8DB235C4A26728C2BE732 196608 ----a-w- C:\Windows\System32\WUDFHost.exe

2014-01-18 23:46:16 FC1CDF0AC20808719891DD6D965B8F99 299160 ----a-w- C:\Windows\System32\XPSViewer\XPSViewer.exe

2014-01-18 23:45:49 66816B85E75821339644E9554B671CDB 13312 ----a-w- C:\Windows\System32\msfeedssync.exe

2014-01-18 23:45:48 89ADB3737BA5D80146D012B5FB184C07 376320 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-01-18 23:45:48 3B6D421884302E4E73B0C979F9803DB6 174080 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-01-18 23:45:48 067347D17DB31481B8633DC6DCC370A5 133632 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-01-18 23:45:38 D66144C1BC885E523AD74BAD1EC6566D 638120 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-01-18 23:42:49 DFD714F1A410B32DA258423CF592A96E 667648 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe

2014-01-18 23:41:14 A41D107A42B7CFC4FD6C566CC6F37F23 19456 ----a-w- C:\Windows\servicing\GC32\tzupd.exe