tr/bho.zwangi.4890.a virus

[thierry1]

Mijn antivirus heeft tr/bho.zwangi.4890.a op mijn pc ontdekt maar ik krijg hem er niet echt af.

Ik heb al een GSIT logje

Logfile of random's system information tool 1.09 (written by random/random)

Run by cynthia at 2014-01-30 22:05:26

Microsoft® Windows Vista™ Home Basic Service Pack 2

System drive C: has 217 GB (74%) free of 292 GB

Total RAM: 2941 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:05:59, on 30/01/2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16526)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerTray.exe

C:\Users\cynthia\AppData\Local\Temp\RtkBtMnt.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Avira\AntiVir Desktop\avcenter.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\cynthia\Downloads\RSIT.exe

C:\Program Files\trend micro\cynthia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe

--

End of file - 7181 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-24 6789664]

"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe [2009-04-15 440864]

"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2009-02-12 862728]

"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-30 61440]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]

"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-02-24 1833504]

"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-12-13 684600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoWebCamera]

C:\Program Files\VideoWebCamera\VideoWebCamera.exe [2009-03-12 1552497]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"msacm.siren"=sirenacm.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-30 22:05:26 ----D---- C:\rsit

2014-01-30 22:05:26 ----D---- C:\Program Files\trend micro

2014-01-30 06:08:18 ----D---- C:\Program Files\Windows Portable Devices

2014-01-28 23:43:10 ----A---- C:\Windows\system32\UIAnimation.dll

2014-01-28 23:43:09 ----A---- C:\Windows\system32\UIRibbonRes.dll

2014-01-28 23:43:09 ----A---- C:\Windows\system32\UIRibbon.dll

2014-01-28 23:41:23 ----A---- C:\Windows\system32\WPDShextAutoplay.exe

2014-01-28 23:41:22 ----A---- C:\Windows\system32\wpdbusenum.dll

2014-01-28 23:41:22 ----A---- C:\Windows\system32\BthMtpContextHandler.dll

2014-01-28 23:41:18 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll

2014-01-28 23:41:15 ----A---- C:\Windows\system32\wpdshext.dll

2014-01-28 23:41:14 ----A---- C:\Windows\system32\WPDSp.dll

2014-01-28 23:41:14 ----A---- C:\Windows\system32\WPDShServiceObj.dll

2014-01-28 23:41:14 ----A---- C:\Windows\system32\wpd_ci.dll

2014-01-28 23:41:14 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll

2014-01-28 23:41:14 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2014-01-28 23:41:14 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2014-01-28 23:41:14 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2014-01-28 23:16:10 ----A---- C:\Windows\system32\wininet.dll

2014-01-28 23:16:10 ----A---- C:\Windows\system32\msrating.dll

2014-01-28 23:16:10 ----A---- C:\Windows\system32\msls31.dll

2014-01-28 23:16:10 ----A---- C:\Windows\system32\jsproxy.dll

2014-01-28 23:16:10 ----A---- C:\Windows\system32\iertutil.dll

2014-01-28 23:16:09 ----A---- C:\Windows\system32\urlmon.dll

2014-01-28 23:16:09 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2014-01-28 23:16:09 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2014-01-28 23:16:09 ----A---- C:\Windows\system32\mshtmler.dll

2014-01-28 23:16:09 ----A---- C:\Windows\system32\iesysprep.dll

2014-01-28 23:16:08 ----A---- C:\Windows\system32\ieui.dll

2014-01-28 23:16:08 ----A---- C:\Windows\system32\ieframe.dll

2014-01-28 23:16:07 ----A---- C:\Windows\system32\url.dll

2014-01-28 23:16:07 ----A---- C:\Windows\system32\iesetup.dll

2014-01-28 23:16:07 ----A---- C:\Windows\system32\iernonce.dll

2014-01-28 23:16:07 ----A---- C:\Windows\system32\ieapfltr.dll

2014-01-28 23:16:07 ----A---- C:\Windows\system32\ieapfltr.dat

2014-01-28 23:16:07 ----A---- C:\Windows\system32\ie4uinit.exe

2014-01-28 23:16:07 ----A---- C:\Windows\system32\icardie.dll

2014-01-28 23:16:07 ----A---- C:\Windows\system32\dxtrans.dll

2014-01-28 23:16:07 ----A---- C:\Windows\system32\dxtmsft.dll

2014-01-28 23:16:06 ----A---- C:\Windows\system32\webcheck.dll

2014-01-28 23:16:06 ----A---- C:\Windows\system32\mshtmled.dll

2014-01-28 23:16:06 ----A---- C:\Windows\system32\licmgr10.dll

2014-01-28 23:16:06 ----A---- C:\Windows\system32\inseng.dll

2014-01-28 23:16:06 ----A---- C:\Windows\system32\iedkcs32.dll

2014-01-28 23:16:05 ----A---- C:\Windows\system32\wextract.exe

2014-01-28 23:16:05 ----A---- C:\Windows\system32\vbscript.dll

2014-01-28 23:16:05 ----A---- C:\Windows\system32\mshtml.dll

2014-01-28 23:16:05 ----A---- C:\Windows\system32\msfeeds.dll

2014-01-28 23:16:05 ----A---- C:\Windows\system32\iexpress.exe

2014-01-28 23:16:04 ----A---- C:\Windows\system32\pngfilt.dll

2014-01-28 23:16:04 ----A---- C:\Windows\system32\occache.dll

2014-01-28 23:16:04 ----A---- C:\Windows\system32\mshta.exe

2014-01-28 23:16:04 ----A---- C:\Windows\system32\jscript9.dll

2014-01-28 23:16:04 ----A---- C:\Windows\system32\jscript.dll

2014-01-28 23:16:04 ----A---- C:\Windows\system32\imgutil.dll

2014-01-28 23:16:04 ----A---- C:\Windows\system32\ieUnatt.exe

2014-01-28 23:16:04 ----A---- C:\Windows\system32\iepeers.dll

2014-01-28 23:16:04 ----A---- C:\Windows\system32\ieakui.dll

2014-01-28 23:16:04 ----A---- C:\Windows\system32\ieaksie.dll

2014-01-28 23:16:04 ----A---- C:\Windows\system32\advpack.dll

2014-01-28 23:16:04 ----A---- C:\Windows\system32\admparse.dll

2014-01-28 23:16:03 ----A---- C:\Windows\system32\msfeedssync.exe

2014-01-28 23:16:03 ----A---- C:\Windows\system32\msfeedsbs.dll

2014-01-28 23:16:03 ----A---- C:\Windows\system32\ieakeng.dll

2014-01-28 23:16:03 ----A---- C:\Windows\system32\IEAdvpack.dll

2014-01-28 23:14:27 ----A---- C:\Windows\system32\mfreadwrite.dll

2014-01-28 23:14:27 ----A---- C:\Windows\system32\mfmp4src.dll

2014-01-28 23:14:27 ----A---- C:\Windows\system32\MFHEAACdec.dll

2014-01-28 23:14:27 ----A---- C:\Windows\system32\MFH264Dec.dll

2014-01-28 23:14:26 ----A---- C:\Windows\system32\mfps.dll

2014-01-28 23:14:26 ----A---- C:\Windows\system32\mfplat.dll

2014-01-28 23:14:26 ----A---- C:\Windows\system32\mf.dll

2014-01-28 23:14:25 ----A---- C:\Windows\system32\stobject.dll

2014-01-28 23:14:25 ----A---- C:\Windows\system32\shdocvw.dll

2014-01-28 23:14:22 ----A---- C:\Windows\system32\XpsRasterService.dll

2014-01-28 23:14:22 ----A---- C:\Windows\system32\d3d10level9.dll

2014-01-28 23:14:22 ----A---- C:\Windows\system32\d2d1.dll

2014-01-28 23:14:21 ----A---- C:\Windows\system32\dxgi.dll

2014-01-28 23:14:21 ----A---- C:\Windows\system32\d3d10warp.dll

2014-01-28 23:14:21 ----A---- C:\Windows\system32\d3d10core.dll

2014-01-28 23:14:21 ----A---- C:\Windows\system32\d3d10_1core.dll

2014-01-28 23:14:21 ----A---- C:\Windows\system32\d3d10_1.dll

2014-01-28 23:14:21 ----A---- C:\Windows\system32\d3d10.dll

2014-01-28 23:14:20 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe

2014-01-28 23:14:20 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll

2014-01-28 23:14:19 ----A---- C:\Windows\system32\xpsservices.dll

2014-01-28 23:14:19 ----A---- C:\Windows\system32\XpsPrint.dll

2014-01-28 23:14:19 ----A---- C:\Windows\system32\OpcServices.dll

2014-01-28 23:13:30 ----A---- C:\Windows\system32\WMPhoto.dll

2014-01-28 23:13:30 ----A---- C:\Windows\system32\dxdiagn.dll

2014-01-28 23:13:30 ----A---- C:\Windows\system32\dxdiag.exe

2014-01-28 23:13:30 ----A---- C:\Windows\system32\d3d11.dll

2014-01-28 23:13:29 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2014-01-28 23:13:29 ----A---- C:\Windows\system32\WindowsCodecs.dll

2014-01-28 23:13:29 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2014-01-28 22:52:24 ----A---- C:\Windows\system32\Wdfres.dll

2014-01-28 22:52:17 ----A---- C:\Windows\system32\winusb.dll

2014-01-28 22:52:17 ----A---- C:\Windows\system32\drivers\WUDFRd.sys

2014-01-28 22:52:17 ----A---- C:\Windows\system32\drivers\WUDFPf.sys

2014-01-28 22:52:16 ----A---- C:\Windows\system32\WUDFSvc.dll

2014-01-28 22:52:15 ----A---- C:\Windows\system32\WUDFPlatform.dll

2014-01-28 22:52:15 ----A---- C:\Windows\system32\drivers\WdfLdr.sys

2014-01-28 22:52:13 ----A---- C:\Windows\system32\WUDFCoinstaller.dll

2014-01-28 22:52:12 ----A---- C:\Windows\system32\WUDFx.dll

2014-01-28 22:52:12 ----A---- C:\Windows\system32\WUDFHost.exe

2014-01-28 21:44:48 ----A---- C:\Windows\system32\shlwapi.dll

2014-01-28 21:44:44 ----A---- C:\Windows\system32\dpnsvr.exe

2014-01-28 21:44:44 ----A---- C:\Windows\system32\dpnet.dll

2014-01-28 21:44:42 ----A---- C:\Windows\system32\drivers\partmgr.sys

2014-01-28 21:44:37 ----A---- C:\Windows\system32\tzres.dll

2014-01-28 21:44:08 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2014-01-28 21:44:08 ----A---- C:\Windows\system32\cdd.dll

2014-01-28 21:44:06 ----A---- C:\Windows\system32\psisdecd.dll

2014-01-28 21:44:03 ----A---- C:\Windows\system32\win32k.sys

2014-01-28 21:44:00 ----A---- C:\Windows\system32\icaapi.dll

2014-01-28 21:44:00 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2014-01-28 21:43:55 ----A---- C:\Windows\system32\winmm.dll

2014-01-28 21:43:55 ----A---- C:\Windows\system32\mciseq.dll

2014-01-28 21:43:50 ----A---- C:\Windows\system32\localspl.dll

2014-01-28 21:42:45 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-01-28 21:41:50 ----A---- C:\Windows\system32\synceng.dll

2014-01-28 21:41:47 ----A---- C:\Windows\system32\shell32.dll

2014-01-28 21:41:29 ----A---- C:\Windows\system32\drivers\tcpipreg.sys

2014-01-28 21:41:29 ----A---- C:\Windows\system32\drivers\tcpip.sys

2014-01-28 21:40:54 ----A---- C:\Windows\system32\EncDec.dll

2014-01-28 21:40:22 ----A---- C:\Windows\system32\SysFxUI.dll

2014-01-28 21:40:22 ----A---- C:\Windows\system32\drivers\portcls.sys

2014-01-28 21:40:22 ----A---- C:\Windows\system32\drivers\drmk.sys

2014-01-28 21:40:19 ----A---- C:\Windows\system32\rpcrt4.dll

2014-01-28 21:40:16 ----A---- C:\Windows\system32\drivers\volsnap.sys

2014-01-28 21:40:14 ----A---- C:\Windows\system32\netapi32.dll

2014-01-28 21:40:04 ----A---- C:\Windows\system32\FntCache.dll

2014-01-28 21:40:04 ----A---- C:\Windows\system32\DWrite.dll

2014-01-28 21:40:02 ----A---- C:\Windows\system32\XpsGdiConverter.dll

2014-01-28 21:39:40 ----A---- C:\Windows\system32\packager.dll

2014-01-28 21:38:06 ----A---- C:\Windows\system32\drivers\ntfs.sys

2014-01-28 21:38:03 ----A---- C:\Windows\system32\ncrypt.dll

2014-01-28 21:37:41 ----A---- C:\Windows\system32\msvcrt.dll

2014-01-28 21:37:36 ----A---- C:\Windows\system32\drivers\usbport.sys

2014-01-28 21:37:36 ----A---- C:\Windows\system32\drivers\usbhub.sys

2014-01-28 21:37:36 ----A---- C:\Windows\system32\drivers\usbehci.sys

2014-01-28 21:37:36 ----A---- C:\Windows\system32\drivers\usbd.sys

2014-01-28 21:37:36 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2014-01-28 21:37:35 ----A---- C:\Windows\system32\drivers\usbohci.sys

2014-01-28 21:37:26 ----A---- C:\Windows\system32\kernel32.dll

2014-01-28 21:37:23 ----A---- C:\Windows\system32\drivers\usbvideo.sys

2014-01-28 21:37:08 ----A---- C:\Windows\system32\quartz.dll

2014-01-28 21:37:05 ----A---- C:\Windows\system32\win32spl.dll

2014-01-28 21:37:05 ----A---- C:\Windows\system32\printcom.dll

2014-01-28 21:37:02 ----A---- C:\Windows\system32\WMVDECOD.DLL

2014-01-28 21:36:58 ----A---- C:\Windows\system32\wscript.exe

2014-01-28 21:36:58 ----A---- C:\Windows\system32\cscript.exe

2014-01-28 21:36:57 ----A---- C:\Windows\system32\wshcon.dll

2014-01-28 21:36:57 ----A---- C:\Windows\system32\scrrun.dll

2014-01-28 21:36:52 ----A---- C:\Windows\system32\gdi32.dll

2014-01-28 21:36:45 ----A---- C:\Windows\system32\certutil.exe

2014-01-28 21:36:44 ----A---- C:\Windows\system32\certenc.dll

2014-01-28 21:36:08 ----A---- C:\Windows\system32\crypt32.dll

2014-01-28 21:35:37 ----A---- C:\Windows\system32\msxml6.dll

2014-01-28 21:35:20 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2014-01-28 21:35:16 ----A---- C:\Windows\system32\IKEEXT.DLL

2014-01-28 21:35:15 ----A---- C:\Windows\system32\FWPUCLNT.DLL

2014-01-28 21:35:10 ----A---- C:\Windows\system32\wmi.dll

2014-01-28 21:35:10 ----A---- C:\Windows\system32\imagehlp.dll

2014-01-28 21:35:10 ----A---- C:\Windows\system32\drivers\fs_rec.sys

2014-01-28 21:35:05 ----A---- C:\Windows\system32\qdvd.dll

2014-01-28 21:35:00 ----A---- C:\Windows\system32\themeui.dll

2014-01-28 21:34:55 ----A---- C:\Windows\system32\winhttp.dll

2014-01-28 21:34:50 ----A---- C:\Windows\system32\atmlib.dll

2014-01-28 21:34:50 ----A---- C:\Windows\system32\atmfd.dll

2014-01-28 21:34:40 ----A---- C:\Windows\system32\ntkrnlpa.exe

2014-01-28 21:34:39 ----A---- C:\Windows\system32\ntoskrnl.exe

2014-01-28 21:34:38 ----A---- C:\Windows\system32\smss.exe

2014-01-28 21:34:38 ----A---- C:\Windows\system32\ntdll.dll

2014-01-28 21:34:38 ----A---- C:\Windows\system32\csrsrv.dll

2014-01-28 21:34:29 ----A---- C:\Windows\system32\UIAutomationCore.dll

2014-01-28 21:34:29 ----A---- C:\Windows\system32\oleaccrc.dll

2014-01-28 21:34:28 ----A---- C:\Windows\system32\oleaut32.dll

2014-01-28 21:34:28 ----A---- C:\Windows\system32\oleacc.dll

2014-01-28 21:33:41 ----A---- C:\Windows\system32\qedit.dll

2014-01-28 21:33:37 ----A---- C:\Windows\system32\msxml3.dll

2014-01-28 21:32:56 ----A---- C:\Windows\system32\mstscax.dll

2014-01-28 21:32:52 ----A---- C:\Windows\system32\xmllite.dll

2014-01-28 21:32:48 ----A---- C:\Windows\system32\comctl32.dll

2014-01-28 21:32:44 ----A---- C:\Windows\system32\drivers\rdpwd.sys

2014-01-28 21:32:40 ----A---- C:\Windows\system32\winsrv.dll

2014-01-28 21:32:31 ----A---- C:\Windows\system32\cryptdlg.dll

2014-01-28 21:31:54 ----A---- C:\Windows\system32\drivers\hidparse.sys

2014-01-28 21:29:40 ----A---- C:\Windows\system32\drivers\ksecdd.sys

2014-01-28 21:29:39 ----A---- C:\Windows\system32\schannel.dll

2014-01-28 21:29:39 ----A---- C:\Windows\system32\lsasrv.dll

2014-01-28 21:29:38 ----A---- C:\Windows\system32\secur32.dll

2014-01-28 21:29:38 ----A---- C:\Windows\system32\lsass.exe

2014-01-28 21:29:32 ----A---- C:\Windows\system32\msshsq.dll

2014-01-28 21:29:27 ----A---- C:\Windows\system32\drivers\usb8023.sys

2014-01-28 20:44:25 ----A---- C:\Windows\system32\wintrust.dll

2014-01-28 20:44:25 ----A---- C:\Windows\system32\cryptsvc.dll

2014-01-28 20:44:24 ----A---- C:\Windows\system32\cryptnet.dll

2014-01-28 20:40:38 ----A---- C:\Windows\system32\rdpencom.dll

2014-01-28 20:02:19 ----A---- C:\Windows\system32\wups2.dll

2014-01-28 20:02:19 ----A---- C:\Windows\system32\wuauclt.exe

2014-01-28 20:02:17 ----A---- C:\Windows\system32\wucltux.dll

2014-01-28 20:02:17 ----A---- C:\Windows\system32\wuaueng.dll

2014-01-28 20:01:34 ----A---- C:\Windows\system32\wups.dll

2014-01-28 20:01:33 ----A---- C:\Windows\system32\wudriver.dll

2014-01-28 20:01:33 ----A---- C:\Windows\system32\wuapi.dll

2014-01-28 20:01:15 ----A---- C:\Windows\system32\wuwebv.dll

2014-01-28 20:01:15 ----A---- C:\Windows\system32\wuapp.exe

2014-01-27 22:00:05 ----D---- C:\Users\cynthia\AppData\Roaming\Malwarebytes

2014-01-27 21:59:42 ----D---- C:\ProgramData\Malwarebytes

2014-01-27 21:59:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2014-01-27 21:59:39 ----A---- C:\Windows\system32\drivers\mbam.sys

2014-01-27 21:59:21 ----D---- C:\Users\cynthia\AppData\Roaming\Avira

2014-01-27 21:57:17 ----A---- C:\Windows\system32\drivers\ssmdrv.sys

2014-01-27 21:57:11 ----A---- C:\Windows\system32\drivers\avkmgr.sys

2014-01-27 21:57:11 ----A---- C:\Windows\system32\drivers\avipbb.sys

2014-01-27 21:57:11 ----A---- C:\Windows\system32\drivers\avgntflt.sys

2014-01-27 21:57:08 ----D---- C:\ProgramData\Avira

2014-01-27 21:57:08 ----D---- C:\Program Files\Avira

2014-01-27 21:40:41 ----A---- C:\Windows\system32\ShellManager310E2D762.dll

2014-01-27 21:40:41 ----A---- C:\Windows\system32\NEROINSTAEC43759.DB

2014-01-27 21:40:19 ----A---- C:\Windows\Irremote.ini

2014-01-27 21:40:17 ----D---- C:\Users\cynthia\AppData\Roaming\Nero

2014-01-27 21:09:49 ----D---- C:\Windows\system32\eu-ES

2014-01-27 21:09:49 ----D---- C:\Windows\system32\ca-ES

2014-01-27 21:09:36 ----D---- C:\Windows\system32\vi-VN

2014-01-27 20:33:56 ----D---- C:\AdwCleaner

2014-01-27 20:19:41 ----D---- C:\Windows\system32\EventProviders

2014-01-27 19:49:26 ----D---- C:\Program Files\Microsoft Security Client

2014-01-27 19:19:17 ----A---- C:\Windows\system32\drivers\netio.sys

2014-01-27 19:14:31 ----D---- C:\Windows\system32\MRT

2014-01-27 19:10:20 ----D---- C:\Program Files\CCleaner

2014-01-27 19:00:38 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of files/folders modified in the last 1 month======

2014-01-30 22:05:32 ----D---- C:\Windows\Temp

2014-01-30 22:05:26 ----RD---- C:\Program Files

2014-01-30 21:37:10 ----D---- C:\Windows\System32

2014-01-30 21:37:10 ----D---- C:\Windows\inf

2014-01-30 21:37:10 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-01-30 20:40:59 ----SHD---- C:\System Volume Information

2014-01-30 20:04:22 ----D---- C:\Windows\rescache

2014-01-30 20:04:09 ----D---- C:\Windows\winsxs

2014-01-30 19:58:41 ----D---- C:\Windows\Microsoft.NET

2014-01-30 19:57:40 ----RSD---- C:\Windows\assembly

2014-01-30 19:39:46 ----D---- C:\Windows\system32\catroot

2014-01-30 06:15:51 ----D---- C:\Windows\system32\Tasks

2014-01-30 06:15:22 ----D---- C:\Windows\Prefetch

2014-01-30 06:14:37 ----D---- C:\Windows\Panther

2014-01-30 06:09:02 ----D---- C:\Windows

2014-01-30 06:08:28 ----D---- C:\Windows\system32\en-US

2014-01-30 06:08:27 ----D---- C:\Windows\system32\drivers

2014-01-30 06:08:21 ----D---- C:\Windows\AppPatch

2014-01-30 06:08:21 ----D---- C:\Program Files\Internet Explorer

2014-01-30 06:08:18 ----D---- C:\Windows\system32\wbem

2014-01-30 06:08:15 ----D---- C:\Windows\system32\zh-TW

2014-01-30 06:08:15 ----D---- C:\Windows\system32\zh-HK

2014-01-30 06:08:15 ----D---- C:\Windows\system32\zh-CN

2014-01-30 06:08:15 ----D---- C:\Windows\system32\uk-UA

2014-01-30 06:08:15 ----D---- C:\Windows\system32\tr-TR

2014-01-30 06:08:15 ----D---- C:\Windows\system32\th-TH

2014-01-30 06:08:15 ----D---- C:\Windows\system32\sv-SE

2014-01-30 06:08:15 ----D---- C:\Windows\system32\sr-Latn-CS

2014-01-30 06:08:15 ----D---- C:\Windows\system32\sl-SI

2014-01-30 06:08:15 ----D---- C:\Windows\system32\sk-SK

2014-01-30 06:08:15 ----D---- C:\Windows\system32\ru-RU

2014-01-30 06:08:15 ----D---- C:\Windows\system32\ro-RO

2014-01-30 06:08:15 ----D---- C:\Windows\system32\pt-PT

2014-01-30 06:08:15 ----D---- C:\Windows\system32\pt-BR

2014-01-30 06:08:15 ----D---- C:\Windows\system32\pl-PL

2014-01-30 06:08:15 ----D---- C:\Windows\system32\nl-NL

2014-01-30 06:08:15 ----D---- C:\Windows\system32\nb-NO

2014-01-30 06:08:15 ----D---- C:\Windows\system32\lv-LV

2014-01-30 06:08:15 ----D---- C:\Windows\system32\lt-LT

2014-01-30 06:08:15 ----D---- C:\Windows\system32\ko-KR

2014-01-30 06:08:15 ----D---- C:\Windows\system32\ja-JP

2014-01-30 06:08:15 ----D---- C:\Windows\system32\it-IT

2014-01-30 06:08:15 ----D---- C:\Windows\system32\hu-HU

2014-01-30 06:08:15 ----D---- C:\Windows\system32\hr-HR

2014-01-30 06:08:15 ----D---- C:\Windows\system32\he-IL

2014-01-30 06:08:15 ----D---- C:\Windows\system32\fr-FR

2014-01-30 06:08:15 ----D---- C:\Windows\system32\fi-FI

2014-01-30 06:08:15 ----D---- C:\Windows\system32\et-EE

2014-01-30 06:08:15 ----D---- C:\Windows\system32\es-ES

2014-01-30 06:08:15 ----D---- C:\Windows\system32\el-GR

2014-01-30 06:08:15 ----D---- C:\Windows\system32\de-DE

2014-01-30 06:08:15 ----D---- C:\Windows\system32\da-DK

2014-01-30 06:08:15 ----D---- C:\Windows\system32\cs-CZ

2014-01-30 06:08:15 ----D---- C:\Windows\system32\bg-BG

2014-01-30 06:08:15 ----D---- C:\Windows\system32\ar-SA

2014-01-30 06:08:05 ----RSD---- C:\Windows\Fonts

2014-01-30 06:08:00 ----RD---- C:\Windows\Offline Web Pages

2014-01-30 06:08:00 ----D---- C:\Windows\PolicyDefinitions

2014-01-30 06:07:59 ----D---- C:\Windows\system32\migration

2014-01-30 06:07:51 ----SD---- C:\Windows\Downloaded Program Files

2014-01-30 06:07:47 ----D---- C:\Windows\system32\drivers\en-US

2014-01-30 06:07:38 ----D---- C:\Windows\system32\XPSViewer

2014-01-30 06:07:34 ----D---- C:\Program Files\Windows Mail

2014-01-30 06:07:23 ----D---- C:\Program Files\Common Files\System

2014-01-30 06:06:33 ----D---- C:\Windows\system32\drivers\UMDF

2014-01-30 06:06:07 ----D---- C:\Windows\system32\RTCOM

2014-01-30 05:50:13 ----SHD---- C:\Config.Msi

2014-01-30 05:49:37 ----D---- C:\Windows\Help

2014-01-29 00:08:03 ----SHD---- C:\Windows\Installer

2014-01-28 23:41:55 ----D---- C:\Windows\system32\catroot2

2014-01-27 21:59:42 ----HD---- C:\ProgramData

2014-01-27 21:41:48 ----A---- C:\Windows\system32\MsiExec.exe.log

2014-01-27 21:41:15 ----D---- C:\Program Files\Common Files\Nero

2014-01-27 21:41:14 ----D---- C:\ProgramData\Nero

2014-01-27 21:25:06 ----SHD---- C:\Boot

2014-01-27 21:18:24 ----D---- C:\Program Files\Google

2014-01-27 21:14:53 ----D---- C:\Program Files\Windows Calendar

2014-01-27 21:14:52 ----D---- C:\Program Files\Movie Maker

2014-01-27 21:14:50 ----D---- C:\Program Files\Windows Sidebar

2014-01-27 21:14:49 ----D---- C:\Program Files\Windows Media Player

2014-01-27 21:14:48 ----D---- C:\Program Files\Windows Collaboration

2014-01-27 21:14:47 ----D---- C:\Program Files\Windows Photo Gallery

2014-01-27 21:14:31 ----D---- C:\Windows\servicing

2014-01-27 21:14:31 ----D---- C:\Program Files\Windows Defender

2014-01-27 21:13:54 ----D---- C:\Windows\IME

2014-01-27 21:13:43 ----D---- C:\Windows\system32\oobe

2014-01-27 21:13:26 ----D---- C:\Windows\system32\AdvancedInstallers

2014-01-27 21:13:25 ----D---- C:\Windows\system32\setup

2014-01-27 21:13:23 ----D---- C:\Windows\system32\SLUI

2014-01-27 21:13:21 ----D---- C:\Windows\system32\manifeststore

2014-01-27 21:13:21 ----D---- C:\Windows\system32\en

2014-01-27 21:13:06 ----D---- C:\Windows\system32\migwiz

2014-01-27 21:09:36 ----D---- C:\Windows\system32\Boot

2014-01-27 20:52:34 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont

2014-01-27 20:17:30 ----D---- C:\ProgramData\Google

2014-01-27 20:16:50 ----SD---- C:\ProgramData\Microsoft

2014-01-27 20:16:49 ----D---- C:\Program Files\Microsoft

2014-01-27 20:11:06 ----D---- C:\Program Files\Microsoft Silverlight

2014-01-27 20:08:34 ----D---- C:\ProgramData\Microsoft Help

2014-01-27 19:49:24 ----D---- C:\Windows\Debug

2014-01-27 19:48:33 ----SD---- C:\Users\cynthia\AppData\Roaming\Microsoft

2014-01-27 19:06:54 ----D---- C:\Program Files\Microsoft Office

2014-01-27 19:04:29 ----D---- C:\Windows\system32\LogFiles

2014-01-27 19:02:26 ----A---- C:\Windows\NeroDigital.ini

2014-01-27 19:00:40 ----D---- C:\Windows\Tasks

2014-01-19 08:32:23 ----N---- C:\Windows\system32\MpSigStub.exe

2014-01-06 16:20:08 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ahcix86s;ahcix86s; C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-10-03 183312]

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-27 14352]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-03-24 43528]

R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-13 135648]

R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-13 37352]

R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2013-12-13 28520]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-13 90400]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2008-11-03 8704]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-06-23 1181184]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-02-09 4172800]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-24 2327968]

R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-09-03 223232]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\Drivers\NTIDrvr.sys [2008-01-30 14848]

R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-12-24 155808]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-02-06 205232]

R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-10-10 23096]

R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]

S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]

S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2008-01-21 10752]

S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]

S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]

S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]

R2 AntiVirSchedulerService;Avira Planner; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-12-13 440376]

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-12-13 440376]

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-02-09 724992]

R2 ePowerSvc;Acer ePower Service; C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe [2009-04-15 703008]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]

R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2009-03-10 44800]

R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]

S2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-27 257928]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-15 647680]

S3 fsssvc;De service Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

S4 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-12-13 1011768]

-----------------EOF-----------------

[kape]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  {5C255C8A-E604-49b4-9D64-90988571CECB};c
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}];r
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Deep Scan
  
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[thierry1]

Zoek.exe v5.0.0.0 Updated 29-January-2014

Tool run by cynthia on ven. 31/01/2014 at 6:07:23,60.

Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\cynthia\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

31/01/2014 6:09:17 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully

C:\Users\cynthia\AppData\Local\Acer ePower Management V4 deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1339676201-288736409-248646057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Running Processes ======================

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe

C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerTray.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\cynthia\AppData\Local\Temp\RtkBtMnt.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerEvent.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Users\cynthia\Desktop\zoek.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Microsoft Office\Office12\WINWORD.EXE

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

==== Deleting Files \ Folders ======================

C:\Windows\wininit.ini deleted

C:\Windows\system32\tasks\RunAsStdUser Task deleted

"C:\ProgramData\eb8ea2215036958e903194f3ebbd00e9_c" deleted

==== System Specs ======================

Windows: Windows Vista Home Basic Edition Service Pack 2 (Build 6002)

Memory (RAM): 2942 MB

CPU Info: AMD Athlon X2 Dual-Core QL-65

CPU Speed: 2097,9 MHz

Sound Card: Speakers (Realtek High Definiti |

Realtek Digital Output (Realtek |

Display Adapters: ATI Radeon HD 3200 Graphics | ATI Radeon HD 3200 Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver

Monitors: 1x; Generic PnP Monitor |

Screen Resolution: 1600 X 900 - 32 bit

Network: Network Present

Network Adapters: Atheros AR5B91 Wireless Network Adapter | Broadcom NetLink Gigabit Ethernet

CD / DVD Drives: 1x (E: | ) E: Optiarc DVD RW AD-7580S

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C: 285,1GB | D: 298,1GB

Hard Disks - Free: C: 209,5GB | D: 298,0GB

Manufacturer *: Packard Bell

BIOS Info: AT/AT COMPATIBLE | 04/02/09 | ACRSYS - 6040000

Time Zone: Romance Standard Time

Motherboard *: Packard Bell SJV70-PU

Country: Belgium

Language: FRB

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)

Anti-Virus: Avira Desktop On-access scanning disabled (Outdated)

Anti-Spyware: Avira Desktop disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: Microsoft Security Essentials disabled (Outdated)

Default Browser: Google Chrome 32.0.1700.76

Internet Explorer Version: 9.0.8112.16421

Google Chrome version: 32.0.1700.76

Adobe Reader version: 9.0.0.2008061200

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-01-27 20:40:19 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Irremote.ini

2014-01-27 18:54:53 2A66E81AE941E54A237490FC35D387C8 1945 ----a-w- C:\Windows\epplauncher.mif

====== C:\Users\cynthia\AppData\Local\Temp ====

2014-01-30 21:33:41 205BD86027A0A1C74EA2092395BE5BD3 3939840 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302233-000006b4-oifyllu3am\fssclient_x86.msi

2014-01-30 21:32:39 960BA1A7DFC8C7D4E6A611770CBF9C2A 6799872 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302232-000006b4-9om9kxrfhv\MovieMaker.msi

2014-01-30 21:31:58 762E01A46B2492D1AF14EDE863FB1758 18757632 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302231-000006b4-5tqxp5jucj\PhotoLibrary.msi

2014-01-30 21:30:29 F3E19FE4FB22AEAE56F8E9A575F26FA8 15521280 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302230-000006b4-bul3jf439y\Mail.msi

2014-01-30 21:30:17 40A69A0FFEF2E5332F7FD2340B3B0CB1 3279872 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302230-000006b4-wv9fociql0\SpamFilterData.msi

2014-01-30 21:29:49 CBF59DF6858D53B65CD9DB34D6966DF9 25276928 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302229-000006b4-vxcjwwnwzg\Messenger.msi

2014-01-30 21:29:18 4982E5BA667961095F3F7D5EF08FE2E5 964608 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302229-000006b4-j0mpgwj4o5\Contacts.msi

2014-01-30 21:28:25 F4E1D68B81FD9509E5B6CBCD1FF5070F 739328 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302228-000006b4-cx46cbu73o\WLXSuite.msi

2014-01-27 20:28:59 FCF35E1C0A7DDC52FE2A738600773C68 12344 ----a-w- C:\Users\cynthia\AppData\Local\Temp\avgnt.exe\Avira.OE.Communicator.Interface.dll

2014-01-27 20:28:55 8166E0A1348922A61AF1765755061A00 285240 ----a-w- C:\Users\cynthia\AppData\Local\Temp\avgnt.exe\Avira.OE.NativeCore.dll

2014-01-27 20:28:54 610C86FBC0483579DC35AA73DDADCE66 42040 ----a-w- C:\Users\cynthia\AppData\Local\Temp\avgnt.exe\Avira.OE.Wincore.Interface.dll

2014-01-27 20:28:52 74B324BDE763615318490FE1DF9DC32A 119352 ----a-w- C:\Users\cynthia\AppData\Local\Temp\avgnt.exe\Avira.OE.Wincore.dll

2014-01-27 20:28:25 9B88C214FC43E13D627862F8B0E8F89F 39480 ----a-w- C:\Users\cynthia\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll

2014-01-27 19:21:20 919160525DA7A3D5D09E0DD5A6B16454 264008 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes.dll

2014-01-27 19:21:19 8D15BBCBA2B1A6096C0D15E3D1893B5F 153280 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes_LD.dll

2014-01-27 19:21:18 EA77325B4FAF6EBC8ACEB42011747DA1 571472 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\McInstallerStartup.dll

2014-01-27 19:21:14 206A83BDC11D09FB1B3740236ED5E9EE 418568 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\mcbrwsr2.dll

2014-01-27 19:21:13 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\McUICnt.exe

====== C:\Windows\system32 =====

2014-01-30 21:25:17 8B01FB723F3B30AB3DEBDDBF97CFE577 515416 ----a-w- C:\Windows\System32\XAudio2_5.dll

2014-01-30 21:25:17 30686ECE80545E06D78D156EB9F7D463 69464 ----a-w- C:\Windows\System32\XAPOFX1_3.dll

2014-01-30 21:25:16 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\Windows\System32\d3dx10_42.dll

2014-01-30 21:22:38 E4783742790B2084EFCBF6AE8968A73D 754688 ----a-w- C:\Windows\System32\webservices.dll

2014-01-30 18:40:05 F64812456BD11244322F0B0F1B236841 486400 ----a-w- C:\Windows\System32\d3d10level9.dll

2014-01-30 18:40:05 52673DCDFA7687EABC0C779894D0F4FF 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll

2014-01-30 18:40:05 2434237DFBC70483B63A667B9573891E 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll

2014-01-30 18:40:04 E0F15C8A63D2FCC40D0A6F9354DF0118 1029120 ----a-w- C:\Windows\System32\d3d10.dll

2014-01-30 18:40:04 2067598D57CCD988A88BBBDDD6EAE13D 189952 ----a-w- C:\Windows\System32\d3d10core.dll

2014-01-30 18:40:04 1D1C3BBA2191F0F5B14555757DDB729A 160768 ----a-w- C:\Windows\System32\d3d10_1.dll

2014-01-30 18:40:03 E828C391BB999BD85C15DA20B51CDF9C 683008 ----a-w- C:\Windows\System32\d2d1.dll

2014-01-30 18:40:03 9BD443B52350D2784544B637F103EBCF 1069056 ----a-w- C:\Windows\System32\DWrite.dll

2014-01-30 18:40:03 2AFA3A46986AE935DAECEBC7E66314CF 798208 ----a-w- C:\Windows\System32\FntCache.dll

2014-01-30 18:39:56 9F3A1B7FB81A41C7C7AC82B3D07A1091 876032 ----a-w- C:\Windows\System32\XpsPrint.dll

2014-01-28 22:43:10 D6BACADF83661F08F9E1515AAE74B03E 92672 ----a-w- C:\Windows\System32\UIAnimation.dll

2014-01-28 22:43:09 8C459CFAC2FB3DFB693BCFEC32F25407 3023360 ----a-w- C:\Windows\System32\UIRibbon.dll

2014-01-28 22:43:09 22C2646DD3ED24004F994D0DA9755955 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll

2014-01-28 22:41:23 1D7D7E32A80109D5C3167309265EAC83 30208 ----a-w- C:\Windows\System32\WPDShextAutoplay.exe

2014-01-28 22:41:22 9B9108D3019C18BD6D38B860813E6E52 31232 ----a-w- C:\Windows\System32\BthMtpContextHandler.dll

2014-01-28 22:41:22 801FBDB89D472B3C467EB112A0FC9246 81920 ----a-w- C:\Windows\System32\wpdbusenum.dll

2014-01-28 22:41:18 B53BD9E63867CD9FD853F666CA172713 60928 ----a-w- C:\Windows\System32\PortableDeviceConnectApi.dll

2014-01-28 22:41:15 E92143D1B2E32FAF6CC56FD97B908F6A 2537472 ----a-w- C:\Windows\System32\wpdshext.dll

2014-01-28 22:41:14 C220FC95DA7AD00AB03C184AFDDC5314 196608 ----a-w- C:\Windows\System32\PortableDeviceWMDRM.dll

2014-01-28 22:41:14 B2B117BD8D1EA80536CDD91797EF4A0A 100864 ----a-w- C:\Windows\System32\PortableDeviceClassExtension.dll

2014-01-28 22:41:14 883D02AB5D350BC45E0F60E8CFA97FDC 160256 ----a-w- C:\Windows\System32\PortableDeviceTypes.dll

2014-01-28 22:41:14 81072240917688254A55C1C568B2377B 546816 ----a-w- C:\Windows\System32\wpd_ci.dll

2014-01-28 22:41:14 6B5C53E0932C510606D700B7A896EF73 87552 ----a-w- C:\Windows\System32\WPDShServiceObj.dll

2014-01-28 22:41:14 49456BFE373D90B895795C5A1A13A7C8 350208 ----a-w- C:\Windows\System32\WPDSp.dll

2014-01-28 22:41:14 2205A220A264E8C8B86492BF3D112907 334848 ----a-w- C:\Windows\System32\PortableDeviceApi.dll

2014-01-28 22:16:10 B787EE3F327ABAC1EC47313B3A673598 1796096 ----a-w- C:\Windows\System32\iertutil.dll

2014-01-28 22:16:10 822E4743E61687933629AE3A8DECABC2 65024 ----a-w- C:\Windows\System32\jsproxy.dll

2014-01-28 22:16:10 4CC9DF09C3D915BA0A101A11DB684F26 1129472 ----a-w- C:\Windows\System32\wininet.dll

2014-01-28 22:16:10 35AAE2E841AA1A949775168E119482C9 161792 ----a-w- C:\Windows\System32\msls31.dll

2014-01-28 22:16:10 0B8FE658BD033EC8B1F6FBC305CC65E7 162304 ----a-w- C:\Windows\System32\msrating.dll

2014-01-28 22:16:09 EE0AFCEE88098F754212F9069E80A766 86528 ----a-w- C:\Windows\System32\iesysprep.dll

2014-01-28 22:16:09 76E987D8CF0683337CF165363B6FDFD9 48640 ----a-w- C:\Windows\System32\mshtmler.dll

2014-01-28 22:16:09 736D1B28224F9DF8008BE8B0DEDFC9EF 76800 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe

2014-01-28 22:16:09 6B036492120E65C0C367DC31D01088A1 74752 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2014-01-28 22:16:09 5AAFA41F2A09D68F43741EF13937650A 1105408 ----a-w- C:\Windows\System32\urlmon.dll

2014-01-28 22:16:08 E8F37AF4D09972684D9EE1786901F540 176640 ----a-w- C:\Windows\System32\ieui.dll

2014-01-28 22:16:08 B231416DD7569B5C16F2DD2D2D64BB5A 9739264 ----a-w- C:\Windows\System32\ieframe.dll

2014-01-28 22:16:08 76EB0222590D5DCD050CF862237F414A 63488 ----a-w- C:\Windows\System32\tdc.ocx

2014-01-28 22:16:07 F83865A3007357A5E498EB9E3BED273D 31744 ----a-w- C:\Windows\System32\iernonce.dll

2014-01-28 22:16:07 EE9D715AF1B928982F417238B9914484 434176 ----a-w- C:\Windows\System32\ieapfltr.dll

2014-01-28 22:16:07 CA493A92DA9880B6F1A89C3DBD54BA5B 223232 ----a-w- C:\Windows\System32\dxtrans.dll

2014-01-28 22:16:07 C0B8B96D018849FD8CCF15FED84E8782 74240 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-01-28 22:16:07 BDA52464C16707EAA513C8A2920ACE1F 231936 ----a-w- C:\Windows\System32\url.dll

2014-01-28 22:16:07 83F5D4B41BB12CE146786E97F6AAD75E 3695416 ----a-w- C:\Windows\System32\ieapfltr.dat

2014-01-28 22:16:07 802B0229D904E28C1EA9A5274AB457FC 74752 ----a-w- C:\Windows\System32\iesetup.dll

2014-01-28 22:16:07 7AC9B18F1BE210702DA5E586224B1571 66048 ----a-w- C:\Windows\System32\icardie.dll

2014-01-28 22:16:07 4B333D3CC96AE66BD754329FD2989EE2 72822 ----a-w- C:\Windows\System32\ieuinit.inf

2014-01-28 22:16:07 4312DEBDACBE338F0B90E7F08E7672BE 353792 ----a-w- C:\Windows\System32\dxtmsft.dll

2014-01-28 22:16:07 09C9E7F477FB225FDB3B6DE8FED0AA9B 367104 ----a-w- C:\Windows\System32\html.iec

2014-01-28 22:16:06 F0FEFB0B5D25A75D478A4317139D937E 353584 ----a-w- C:\Windows\System32\iedkcs32.dll

2014-01-28 22:16:06 6B4701D3D9724812E8C3801E7BF87157 23552 ----a-w- C:\Windows\System32\licmgr10.dll

2014-01-28 22:16:06 60B4F624BB87A3B21D3EC68F38DA6B61 78848 ----a-w- C:\Windows\System32\inseng.dll

2014-01-28 22:16:06 5193DE33F3284C447E0D31DAFBF92570 203776 ----a-w- C:\Windows\System32\webcheck.dll

2014-01-28 22:16:06 2429485305BCCFB1014B19BFB512E8F9 73216 ----a-w- C:\Windows\System32\mshtmled.dll

2014-01-28 22:16:06 06FDA396980A0157469A334E1BFEAF17 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-01-28 22:16:05 C89906FA43A58FD4CFC7EA06D885A597 12344320 ----a-w- C:\Windows\System32\mshtml.dll

2014-01-28 22:16:05 ADB9477A9C95C79FDF5DC214225603B0 420864 ----a-w- C:\Windows\System32\vbscript.dll

2014-01-28 22:16:05 67BC2BA6F94D2D0C51213691FBFEEBB1 152064 ----a-w- C:\Windows\System32\wextract.exe

2014-01-28 22:16:05 51AF0A12CD86E22E1A027C38CC021AC6 150528 ----a-w- C:\Windows\System32\iexpress.exe

2014-01-28 22:16:05 36E4D129029784EE37A2C14393B6A4E8 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2014-01-28 22:16:04 DB754FF5F6ADBA2A25EC1B6672D1C91E 163840 ----a-w- C:\Windows\System32\ieakui.dll

2014-01-28 22:16:04 C2E35F6FCBD5B4DB2B52B32D1153EC04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2014-01-28 22:16:04 C05A60DB2ED385E9BB5CF7AE773A3D9B 717824 ----a-w- C:\Windows\System32\jscript.dll

2014-01-28 22:16:04 A0C6AFE2C9C74573F5C0776CDE1128B1 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-01-28 22:16:04 90A57CA422923286838AAC7DE2D41B92 118784 ----a-w- C:\Windows\System32\iepeers.dll

2014-01-28 22:16:04 795202EFA9ED73F99C96235C1DC6A1AC 1806848 ----a-w- C:\Windows\System32\jscript9.dll

2014-01-28 22:16:04 68563AC389F92EE79F1C714288BA1DCE 35840 ----a-w- C:\Windows\System32\imgutil.dll

2014-01-28 22:16:04 5B37190F79F5D63C1033ED88C006080C 123392 ----a-w- C:\Windows\System32\occache.dll

2014-01-28 22:16:04 49729570B7FD369BBDEC16D7683324A0 227840 ----a-w- C:\Windows\System32\ieaksie.dll

2014-01-28 22:16:04 3F7A8BCF37433A69CEEDE1E6AEE79784 101888 ----a-w- C:\Windows\System32\admparse.dll

2014-01-28 22:16:04 061CBB1058A10C0875D18CAFF835AE97 11776 ----a-w- C:\Windows\System32\mshta.exe

2014-01-28 22:16:04 04A8B2F67825380BC0C7C46D56776133 54272 ----a-w- C:\Windows\System32\pngfilt.dll

2014-01-28 22:16:04 031DA76A5A7DC13F015DD3491394865E 114176 ----a-w- C:\Windows\System32\advpack.dll

2014-01-28 22:16:03 ED6F6FBBCDEC95483B7351E23F4FCDF6 110592 ----a-w- C:\Windows\System32\IEAdvpack.dll

2014-01-28 22:16:03 4B80D1F847C0658977E1E8051A4DE002 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll

2014-01-28 22:16:03 1E7094AFAD0C369DD6D400C7047E4AB2 130560 ----a-w- C:\Windows\System32\ieakeng.dll

2014-01-28 22:16:03 1D3EE28BA231CBB9600F5D102EAF4EA7 10752 ----a-w- C:\Windows\System32\msfeedssync.exe

2014-01-28 22:14:27 BC5E45CB2304AFB4D2EF2FD9C41299AF 979456 ----a-w- C:\Windows\System32\MFH264Dec.dll

2014-01-28 22:14:27 7BE8835CA7E2975F2E865CEEE8821EB6 261632 ----a-w- C:\Windows\System32\mfreadwrite.dll

2014-01-28 22:14:27 743B1957729DE905DC44782A957FD284 302592 ----a-w- C:\Windows\System32\mfmp4src.dll

2014-01-28 22:14:27 44CEE5264282105A89B650FDB07E40FF 357376 ----a-w- C:\Windows\System32\MFHEAACdec.dll

2014-01-28 22:14:26 BF142D4F8C61ED3629A9CDD7BA867900 209920 ----a-w- C:\Windows\System32\mfplat.dll

2014-01-28 22:14:26 B9103A56ACABDED3E87C2A8777B6456C 98816 ----a-w- C:\Windows\System32\mfps.dll

2014-01-28 22:14:26 67D16247C56C26A4F0D79D1A7F272B8F 2873344 ----a-w- C:\Windows\System32\mf.dll

2014-01-28 22:14:25 B5950DF243837D8217F4E597919B224A 586240 ----a-w- C:\Windows\System32\stobject.dll

2014-01-28 22:14:25 167AC31450C0C53A01FA1491E94D7678 1075712 ----a-w- C:\Windows\System32\shdocvw.dll

2014-01-28 22:14:22 3439DFAD865BF24C3E3DE3BCB2F9C39F 135680 ----a-w- C:\Windows\System32\XpsRasterService.dll

2014-01-28 22:14:21 AAAE543C535ED596ECAD2AB8761C2C6F 478720 ----a-w- C:\Windows\System32\dxgi.dll

2014-01-28 22:14:20 E821547F853BF67CABE187B6FAA5D212 26112 ----a-w- C:\Windows\System32\printfilterpipelineprxy.dll

2014-01-28 22:14:20 DFD714F1A410B32DA258423CF592A96E 667648 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe

2014-01-28 22:14:20 5EC8FB83F31AA2D6F421F02C3F4F4475 258048 ----a-w- C:\Windows\System32\winspool.drv

2014-01-28 22:14:19 E607F9C6A2386647B572580CB147C7B3 1554432 ----a-w- C:\Windows\System32\xpsservices.dll

2014-01-28 22:14:19 A15ED03919107C2A6A3395EE02C7DD47 847360 ----a-w- C:\Windows\System32\OpcServices.dll

2014-01-28 22:13:30 D1C47F951EA35073C97EF2E928CF9D6F 195584 ----a-w- C:\Windows\System32\dxdiagn.dll

2014-01-28 22:13:30 8375E2BD58BFB375695135A511EBEE00 369664 ----a-w- C:\Windows\System32\WMPhoto.dll

2014-01-28 22:13:30 6E895BDCB3158E3860A49662332736BA 519680 ----a-w- C:\Windows\System32\d3d11.dll

2014-01-28 22:13:30 60BBAF3F5A38D0274B0C46710A218051 252928 ----a-w- C:\Windows\System32\dxdiag.exe

2014-01-28 22:13:29 6836D001FC733F205ACB80A7986CB6C9 974848 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2014-01-28 22:13:29 247609D2CD28A57BC1FE37FDA48AC0DB 321024 ----a-w- C:\Windows\System32\PhotoMetadataHandler.dll

2014-01-28 22:13:29 012A965F34414458075EF4F0EDC11536 189440 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll

2014-01-28 21:52:24 2F0BC1FC6142DCB31C7D9804962A7011 9728 ----a-w- C:\Windows\System32\Wdfres.dll

2014-01-28 21:52:17 76FD230DEAB73D2826458617DBB56A63 16896 ----a-w- C:\Windows\System32\winusb.dll

2014-01-28 21:52:16 FE47B7BC8EA320C2D9B5E5BF6E303765 73216 ----a-w- C:\Windows\System32\WUDFSvc.dll

2014-01-28 21:52:15 D5CF1536137026ACDED95BF6CBF849F6 172032 ----a-w- C:\Windows\System32\WUDFPlatform.dll

2014-01-28 21:52:13 D689B2C2E69156D954C24810F4081C1E 38912 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll

2014-01-28 21:52:12 A36F7A256E65D858A7039DB00ADEEBDD 613888 ----a-w- C:\Windows\System32\WUDFx.dll

2014-01-28 21:52:12 980B6A5F92B8DB235C4A26728C2BE732 196608 ----a-w- C:\Windows\System32\WUDFHost.exe

2014-01-28 20:44:48 420B075CD71AB9E58D15DD258958FBA3 353280 ----a-w- C:\Windows\System32\shlwapi.dll

2014-01-28 20:44:44 F189F4921D3C24AC96861AA27D329B9B 23040 ----a-w- C:\Windows\System32\dpnsvr.exe

2014-01-28 20:44:44 9258E6D71D65B90A9308978085B934AA 376320 ----a-w- C:\Windows\System32\dpnet.dll

2014-01-28 20:44:37 F1DBB1AC69239D292A9035032C5B4F00 2048 ----a-w- C:\Windows\System32\tzres.dll

2014-01-28 20:44:08 D6F0260D9051C0B60998F4CDBE9B2CC6 37376 ----a-w- C:\Windows\System32\cdd.dll

2014-01-28 20:44:06 959A4BC486951267EE6343A431A92B12 293376 ----a-w- C:\Windows\System32\psisdecd.dll

2014-01-28 20:44:06 3A78D48221D32BC99C4B11B112D6EADA 217088 ----a-w- C:\Windows\System32\psisrndr.ax

2014-01-28 20:44:06 1B45ED071775A5E8BF51682EC5B61231 69632 ----a-w- C:\Windows\System32\Mpeg2Data.ax

2014-01-28 20:44:05 D1AE4D2D559C23CE9DE4B3B10A90B901 57856 ----a-w- C:\Windows\System32\MSDvbNP.ax

2014-01-28 20:44:03 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys

2014-01-28 20:44:00 351FA1DF82CFFDEDA801604246E63E95 15872 ----a-w- C:\Windows\System32\icaapi.dll

2014-01-28 20:43:55 FF8FCDF1913016813AFB966A0F41B299 23552 ----a-w- C:\Windows\System32\mciseq.dll

2014-01-28 20:43:55 14FF750EFE13B0C21E5A06507C3A97B1 189952 ----a-w- C:\Windows\System32\winmm.dll

2014-01-28 20:43:50 63396CBB1365769D520E0FD89C2419F2 623616 ----a-w- C:\Windows\System32\localspl.dll

2014-01-28 20:42:45 E87F6492F5406287EDF05DF40BB86780 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll

2014-01-28 20:41:50 950343D413EEDC3A24472BB2046CFB59 75776 ----a-w- C:\Windows\System32\synceng.dll

2014-01-28 20:41:47 AAF101900A23D75AE1AE00840FA6F3B8 11586048 ----a-w- C:\Windows\System32\shell32.dll

2014-01-28 20:40:54 D0F138624B9B49F349C5D3D2341199A1 429056 ----a-w- C:\Windows\System32\EncDec.dll

2014-01-28 20:40:22 57390AF2F8939AB038FC4A5D10B50D52 335360 ----a-w- C:\Windows\System32\SysFxUI.dll

2014-01-28 20:40:19 E389C328AC7FE5673593ECAD269E7A54 783360 ----a-w- C:\Windows\System32\rpcrt4.dll

2014-01-28 20:40:14 98B656EAF128CD06F625B09C84D959E1 467968 ----a-w- C:\Windows\System32\netapi32.dll

2014-01-28 20:40:02 1217AEB3DBED42C54ADD826EDDC21660 288768 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2014-01-28 20:39:40 A520C77CFFABC96E32818451B60905C7 66560 ----a-w- C:\Windows\System32\packager.dll

2014-01-28 20:38:03 13CC59C1B04E9F20A87987C68CD4BE3F 204288 ----a-w- C:\Windows\System32\ncrypt.dll

2014-01-28 20:37:41 17AF64D727545F2804F6E6D998327E3F 680448 ----a-w- C:\Windows\System32\msvcrt.dll

2014-01-28 20:37:26 DC3105CC925A0D47F61B54E66AB730FC 892928 ----a-w- C:\Windows\System32\kernel32.dll

2014-01-28 20:37:08 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll

2014-01-28 20:37:05 A4E7946B71BBDF8708C7AC97FD9E9008 443904 ----a-w- C:\Windows\System32\win32spl.dll

2014-01-28 20:37:05 2D3D47B93E0BE86EEBB261734AB5B6A1 37376 ----a-w- C:\Windows\System32\printcom.dll

2014-01-28 20:37:02 C43A71C2845C88D7E5A8A26D3850BDFB 1548288 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2014-01-28 20:36:58 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe

2014-01-28 20:36:58 2497FD012104DFF64BF01DA98ECF6F75 131072 ----a-w- C:\Windows\System32\wshom.ocx

2014-01-28 20:36:58 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe

2014-01-28 20:36:57 F9D5C623E913CDAA198ECF0E6D2AA54A 36864 ----a-w- C:\Windows\System32\wshcon.dll

2014-01-28 20:36:57 DDEA43CDF00D6987F633F80AE4B7F2CE 172032 ----a-w- C:\Windows\System32\scrrun.dll

2014-01-28 20:36:52 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll

2014-01-28 20:36:45 84BDC77A844493FCD76858B52690F31B 812544 ----a-w- C:\Windows\System32\certutil.exe

2014-01-28 20:36:44 5827CF5BBA5AEBDB416556E076A19EAF 41984 ----a-w- C:\Windows\System32\certenc.dll

2014-01-28 20:36:08 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll

2014-01-28 20:35:37 0296DAEB5555A248E8ABF7E5012A37A6 1400832 ----a-w- C:\Windows\System32\msxml6.dll

2014-01-28 20:35:16 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL

2014-01-28 20:35:16 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF

2014-01-28 20:35:15 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2014-01-28 20:35:10 87CDFFCBD09C1CA03A068343D5D93250 5120 ----a-w- C:\Windows\System32\wmi.dll

2014-01-28 20:35:10 09EA40F4DAD2EDB3587E5E0BAA9C3E15 158208 ----a-w- C:\Windows\System32\imagehlp.dll

2014-01-28 20:35:05 E1E52D56D266C2741058BA6611970D0C 497152 ----a-w- C:\Windows\System32\qdvd.dll

2014-01-28 20:35:00 DBD9448D06E67FE6F29261FFAD205B68 615936 ----a-w- C:\Windows\System32\themeui.dll

2014-01-28 20:34:55 DBD02E3E6F061EBBBF9B99A9D7CBA30B 377344 ----a-w- C:\Windows\System32\winhttp.dll

2014-01-28 20:34:50 D1F8FE7C788C437DDE311E9F0C09005E 34304 ----a-w- C:\Windows\System32\atmlib.dll

2014-01-28 20:34:50 A136094368CA45BA50BF4E2703E93B82 293376 ----a-w- C:\Windows\System32\atmfd.dll

2014-01-28 20:34:40 61E5B6E75A5E53D1052A6D18BF67B59A 3603904 ----a-w- C:\Windows\System32\ntkrnlpa.exe

2014-01-28 20:34:39 CB284FC56D12BF5D2503CB75B03FD40A 3551680 ----a-w- C:\Windows\System32\ntoskrnl.exe

2014-01-28 20:34:38 BE7480C91E89EB82FC080F772C220AE4 64000 ----a-w- C:\Windows\System32\smss.exe

2014-01-28 20:34:38 B9FDFF876B0E7B4FECBAA5708C6ED616 1205168 ----a-w- C:\Windows\System32\ntdll.dll

2014-01-28 20:34:38 33F84B64D4765BCDFA0AB8464122DA14 49152 ----a-w- C:\Windows\System32\csrsrv.dll

2014-01-28 20:34:29 CCE5E7C0F8AA13207E777C43F4DA80A3 555520 ----a-w- C:\Windows\System32\UIAutomationCore.dll

2014-01-28 20:34:29 7E38DA8C11833B99766A97CEE3F80F07 4096 ----a-w- C:\Windows\System32\oleaccrc.dll

2014-01-28 20:34:28 DC15AB7168C0309D8F04FD95B6240422 238080 ----a-w- C:\Windows\System32\oleacc.dll

2014-01-28 20:34:28 B218342214D9BBA0F54EA12BA2E9278C 563712 ----a-w- C:\Windows\System32\oleaut32.dll

2014-01-28 20:33:41 26B7512FAF33ECD0356874BBB20A9E20 505344 ----a-w- C:\Windows\System32\qedit.dll

2014-01-28 20:33:37 6ABD253226770EAE1292B4C945ED4B4B 1248768 ----a-w- C:\Windows\System32\msxml3.dll

2014-01-28 20:32:56 6A166182E32844369FD072057782A22B 2067968 ----a-w- C:\Windows\System32\mstscax.dll

2014-01-28 20:32:52 1908CC7673F72601AFFDCA022689CEDF 182784 ----a-w- C:\Windows\System32\xmllite.dll

2014-01-28 20:32:48 58035212AB7869A5FC3AF186ACBA8F09 532480 ----a-w- C:\Windows\System32\comctl32.dll

2014-01-28 20:32:40 A508314231C49AEE86987CEA3EAECAD1 376320 ----a-w- C:\Windows\System32\winsrv.dll

2014-01-28 20:32:31 4E07C27B4207ABB35F694E10ED609D2C 24576 ----a-w- C:\Windows\System32\cryptdlg.dll

2014-01-28 20:29:39 50E3E76B0901BB4FC029BB88BFA5CE79 278528 ----a-w- C:\Windows\System32\schannel.dll

2014-01-28 20:29:39 178FAC2B7C66E9A4400CE7AC37623E3F 1259008 ----a-w- C:\Windows\System32\lsasrv.dll

2014-01-28 20:29:38 D602FEDBD9155FC2DED6863FB60C950F 72704 ----a-w- C:\Windows\System32\secur32.dll

2014-01-28 20:29:38 A3E186B4B935905B829219502557314E 9728 ----a-w- C:\Windows\System32\lsass.exe

2014-01-28 20:29:32 FF41E1AC301F51E16F61AD7C0F45467C 231424 ----a-w- C:\Windows\System32\msshsq.dll

2014-01-28 19:44:25 D16A740186870C32941C0E61DF4F1298 172544 ----a-w- C:\Windows\System32\wintrust.dll

2014-01-28 19:44:25 684C130BBC6DB681BAD4920A4C944AA5 133120 ----a-w- C:\Windows\System32\cryptsvc.dll

2014-01-28 19:44:24 71B479749F0F52C4FEC726C6FFA2CE1C 98304 ----a-w- C:\Windows\System32\cryptnet.dll

2014-01-28 19:40:38 DE98C769DA2B5F121846C9F3B9493C5A 613376 ----a-w- C:\Windows\System32\rdpencom.dll

2014-01-28 19:02:19 BDC0C99E472176C8C2C853A68ADC5073 45080 ----a-w- C:\Windows\System32\wups2.dll

2014-01-28 19:02:19 2E0B0A051FFAA86E358465BB0880D453 53784 ----a-w- C:\Windows\System32\wuauclt.exe

2014-01-28 19:02:17 FC3EC24FCE372C89423E015A2AC1A31E 1933848 ----a-w- C:\Windows\System32\wuaueng.dll

2014-01-28 19:02:17 285C594C4913FA9DC7BB6BA3AD6F101A 2422272 ----a-w- C:\Windows\System32\wucltux.dll

2014-01-28 19:01:34 3458EDA96E30FBD0477A2800D3FB1909 35864 ----a-w- C:\Windows\System32\wups.dll

2014-01-28 19:01:33 C480F0E968ECA0D80D0299D7F204E33B 88576 ----a-w- C:\Windows\System32\wudriver.dll

2014-01-28 19:01:33 1A617835452EEE5060976C9B9F5FE635 577048 ----a-w- C:\Windows\System32\wuapi.dll

2014-01-28 19:01:15 98F94089E9C549E223AB05BE54BAB2ED 171904 ----a-w- C:\Windows\System32\wuwebv.dll

2014-01-28 19:01:15 069385484EA57B663D688894C88975C5 33792 ----a-w- C:\Windows\System32\wuapp.exe

2014-01-27 20:40:41 F3A8B98DC6E7F559EE9873EB4F41EB14 773120 ----a-w- C:\Windows\System32\NEROINSTAEC43759.DB

2014-01-27 20:40:41 55DF4A8BD4FFF302DBA88ABE19299719 1414440 ----a-w- C:\Windows\System32\ShellManager310E2D762.dll

2014-01-27 18:00:38 E40B473E54807F35E6F597452C82B63E 71048 ----a-w- C:\Windows\System32\FlashPlayerCPLApp.cpl

2014-01-27 18:00:38 C2D948DB2E7ABC746B4A77B41356BFF3 692616 ----a-w- C:\Windows\System32\FlashPlayerApp.exe

====== C:\Windows\system32\drivers =====

2014-01-30 21:33:49 D909075FA72C090F27AA926C32CB4612 39272 ----a-w- C:\Windows\System32\drivers\fssfltr.sys

2014-01-30 05:06:34 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf

2014-01-28 21:52:39 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

2014-01-28 21:52:17 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys

2014-01-28 21:52:17 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys

2014-01-28 21:52:15 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys

2014-01-28 20:44:42 B9C2B89F08670E159F7181891E449CD9 53120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2014-01-28 20:44:08 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2014-01-28 20:44:00 F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 24064 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2014-01-28 20:41:29 6D0D344F643E28B31262AC2682109A3C 914880 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2014-01-28 20:41:29 5877A786EF27E42C4E84D1356F922302 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2014-01-28 20:40:22 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys

2014-01-28 20:40:22 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys

2014-01-28 20:40:16 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Windows\System32\drivers\volsnap.sys

2014-01-28 20:38:06 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2014-01-28 20:37:36 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2014-01-28 20:37:36 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-28 20:37:36 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-01-28 20:37:36 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-28 20:37:36 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-28 20:37:35 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-28 20:37:23 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys

2014-01-28 20:35:20 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2014-01-28 20:35:10 B972A66758577E0BFD1DE0F91AAA27B5 12800 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2014-01-28 20:32:44 C127EBD5AFAB31524662C48DFCEB773A 180736 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2014-01-28 20:31:54 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys

2014-01-28 20:29:40 4A1445EFA932A3BAF5BDB02D7131EE20 440704 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2014-01-28 20:29:27 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2014-01-27 20:59:39 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-01-27 20:57:17 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Windows\System32\drivers\ssmdrv.sys

2014-01-27 20:57:11 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Windows\System32\drivers\avkmgr.sys

2014-01-27 20:57:11 B8C10FF9369394EB84993F331810CF29 90400 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2014-01-27 20:57:11 4189E5AB2CAD6F395D87DAAE73EB090F 135648 ----a-w- C:\Windows\System32\drivers\avipbb.sys

2014-01-27 18:19:17 3546C0B6F2D808D4E6294A9D6B25151B 221568 ----a-w- C:\Windows\System32\drivers\netio.sys

====== C:\Windows\Tasks ======

2014-01-30 05:15:51 -------- d-----w- C:\Windows\system32\Tasks\WPD

2014-01-27 18:00:41 734A08D1DB3443397F22C05D264D5D6F 3684 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater

2014-01-27 18:00:40 0FF23C6DC2F020262CB89F9D465C3751 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-30 21:26:24 -------- d-----w- C:\Program Files\MSN Toolbar

2014-01-30 21:25:30 -------- d-----w- C:\Program Files\Bing Bar Installer

2014-01-30 21:05:26 -------- d-----w- C:\Program Files\trend micro

2014-01-30 05:08:18 -------- d-----w- C:\Program Files\Windows Portable Devices

2014-01-27 20:57:08 -------- d-----w- C:\Program Files\Avira

======= C: =====

====== C:\Users\cynthia\AppData\Roaming ======

2014-01-30 21:23:49 -------- d-----w- C:\Users\cynthia\AppData\Local\Windows Live

2014-01-27 20:59:21 -------- d-----w- C:\Users\cynthia\AppData\Roaming\Avira

2014-01-27 20:44:07 74F2233CE22400BDBA0129798222F44A 386416 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\WPFFontCache_v0400-S-1-5-21-1339676201-288736409-248646057-1000-8192.dat

2014-01-27 20:40:17 -------- d-----w- C:\Users\cynthia\AppData\Roaming\Nero

2014-01-27 20:16:39 74F2233CE22400BDBA0129798222F44A 386416 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\WPFFontCache_v0400-System.dat

====== C:\Users\cynthia ======

2014-01-30 21:04:57 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\cynthia\Desktop\RSIT.exe

2014-01-27 20:57:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2014-01-27 20:57:08 -------- d-----w- C:\ProgramData\Avira

2014-01-27 20:52:02 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\cynthia\Downloads\mbam-setup-1.75.0.1300.exe

2014-01-27 20:50:52 29B7410D1B5313E298094651A0C98530 129870080 ----a-w- C:\Users\cynthia\Downloads\avira_free_antivirus_nl.exe

2014-01-27 19:38:06 9A319F0CA0A2F423AC5240CEFFDE5109 3974840 ----a-w- C:\Users\cynthia\Downloads\avira_oe_client_antivirus_en (1).exe

2014-01-27 19:36:59 9A319F0CA0A2F423AC5240CEFFDE5109 3974840 ----a-w- C:\Users\cynthia\Downloads\avira_oe_client_antivirus_en.exe

2014-01-27 19:33:25 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\cynthia\Downloads\AdwCleaner.exe

2014-01-27 19:32:19 66FAEC18550B78D10E397B88544A0C21 929928 ----a-w- C:\Users\cynthia\Downloads\cbsidlm-cbsi171-AdwCleaner-ORG-75851221.exe

2014-01-27 18:24:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-01-27 18:07:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in

====== C: exe-files ==

2014-01-31 04:58:22 75B0D4CC6E1BFD6344EEF198270A773D 36532904 ----a-w- C:\Program Files\Google\Update\Install\{8ED0BDAD-1FAD-4460-B426-1F35C25E3F9A}\32.0.1700.102_chrome_installer.exe

2014-01-30 21:25:47 81EBC5DB32DA754CAE9E200B70F06DE2 469256 ----a-w- C:\Program Files\Bing Bar Installer\InstallManager.exe

2014-01-30 21:24:32 81EBC5DB32DA754CAE9E200B70F06DE2 469256 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\a8dc9acb1cf1e010b\InstallManager_WLE_WLE.exe

2014-01-30 21:24:26 A0EE8879A17B1D4B00B37D294AF106D0 15712 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\a6d34dab1cf1e010a\MeshBetaRemover.exe

2014-01-30 21:24:24 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\a46ac98b1cf1e0109\DXSETUP.exe

2014-01-30 21:24:20 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\a0f0874b1cf1e0108\DXSETUP.exe

2014-01-30 21:05:27 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\cynthia.exe

2014-01-30 21:04:57 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\cynthia\Desktop\RSIT.exe

2014-01-30 18:33:59 75B0D4CC6E1BFD6344EEF198270A773D 36532904 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_chrome_installer.exe

2014-01-30 05:28:48 BD556495B9E1E00A2A55D4E6131C2EA0 981160 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_32.0.1700.76_chrome_updater.exe

2014-01-28 22:16:10 825E01EEC25E744FBCFB92F07FF411EE 307200 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe

2014-01-28 22:16:10 73C8D00A87332F2DF0A7CFF87CEE1A82 107008 ----a-w- C:\Program Files\Internet Explorer\iecleanup.exe

2014-01-28 22:16:09 43E6F2A7FB182F2D7CB0CE5B8F1005CF 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-01-28 22:16:07 8911702CC546B76FE8F9C61987C68C43 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-01-28 22:16:07 3348D1B1D702E333CE99F7E0FD313460 468480 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-01-28 22:16:03 512C7881C3F7836455ADC9EBF0A0B167 22016 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe

2014-01-28 20:44:37 A41D107A42B7CFC4FD6C566CC6F37F23 19456 ----a-w- C:\Windows\servicing\GC32\tzupd.exe

2014-01-28 20:41:36 3290B7E959071A1C695EEBA90601E257 304128 ----a-w- C:\Program Files\Internet Explorer\ieuser.exe

2014-01-27 20:57:19 5BC02AC86CB9F875BD91A5D009132FDE 645688 ----a-w- C:\Program Files\Avira\AntiVir Desktop\wsctool.exe

2014-01-27 20:57:17 FE79366FECD444A16CCA9979134DBEA8 440376 ----a-w- C:\Program Files\Avira\AntiVir Desktop\sched.exe

2014-01-27 20:57:17 91ECCE87F494816737BD6F1B0B671C2A 934968 ----a-w- C:\Program Files\Avira\AntiVir Desktop\update.exe

2014-01-27 20:57:17 26731C2F4452C1A2DBDBAE8D201E4CE2 399416 ----a-w- C:\Program Files\Avira\AntiVir Desktop\updrgui.exe

2014-01-27 20:57:17 1106B8D42E6614240C03AB76224DAF02 422456 ----a-w- C:\Program Files\Avira\AntiVir Desktop\setuppending.exe

2014-01-27 20:57:17 039ECAE9617FBC500B891256F139FD79 1315384 ----a-w- C:\Program Files\Avira\AntiVir Desktop\setup.exe

2014-01-27 20:57:15 17819ACCC4D21E3C07E80454A40A26EB 466488 ----a-w- C:\Program Files\Avira\AntiVir Desktop\guardgui.exe

2014-01-27 20:57:15 1305B94364F8F8F80DCD0E22E64E267A 467000 ----a-w- C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe

2014-01-27 20:57:15 02AC980B23C6539B56DEC7956DE2DA3B 458296 ----a-w- C:\Program Files\Avira\AntiVir Desktop\licmgr.exe

2014-01-27 20:57:14 D49A434E4BF69D23291D54164D5D15D6 796728 ----a-w- C:\Program Files\Avira\AntiVir Desktop\fact.exe

2014-01-27 20:57:14 AFE071E446E1A2ABB75B0B9234AC726E 474680 ----a-w- C:\Program Files\Avira\AntiVir Desktop\ccuac.exe

2014-01-27 20:57:14 849D6BD0357DD1E39B01FFF40659B5ED 401976 ----a-w- C:\Program Files\Avira\AntiVir Desktop\checkt.exe

2014-01-27 20:57:13 42AFC20DB8D9D8651E26140E95B6A902 858720 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwsc.exe

2014-01-27 20:57:12 F88A5D699B6F6AD080ECD58548EF4D7F 511544 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avrestart.exe

2014-01-27 20:57:12 BD64ED04CB32C31F9F6812415405E65E 566328 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwebloader.exe

2014-01-27 20:57:12 B1625BA4BB3667C3219F2E2EB34AE0E7 411704 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avupgsvc.exe

2014-01-27 20:57:12 8A2DEC9995EFD16D97A84E3CB7F09812 759864 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avnotify.exe

2014-01-27 20:57:12 782ED0F2DFF01B1556A353E4283F2888 1032760 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avscan.exe

2014-01-27 20:57:12 6F1E9AB820B3DD8BD38C0190A206205D 431672 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

2014-01-27 20:57:12 29D956C8CB67222D678FAF20D485B25B 1011768 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe

2014-01-27 20:57:11 FDE9C7030FB1E9E2715E113EE6A10F90 440376 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

2014-01-27 20:57:11 FDA1329BF7F5F92C71C692798B642BAC 661048 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe

2014-01-27 20:57:11 F143483EF1FD85495AF9EAD190C55983 441400 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avadmin.exe

2014-01-27 20:57:11 DD231039B13EC2ABDE315D76E658EF0E 684600 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

2014-01-27 20:57:11 72B909F1594FC52D25FC3622B9D80D45 769592 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avconfig.exe

2014-01-27 20:57:09 4E41301AB03814EABE37FCF194B728A6 1326512 ----a-w- C:\Program Files\Avira\AntiVir Desktop\offercast_avirav7_.exe

2014-01-27 20:52:02 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\cynthia\Downloads\mbam-setup-1.75.0.1300.exe

2014-01-27 20:50:52 29B7410D1B5313E298094651A0C98530 129870080 ----a-w- C:\Users\cynthia\Downloads\avira_free_antivirus_nl.exe

2014-01-27 19:38:06 9A319F0CA0A2F423AC5240CEFFDE5109 3974840 ----a-w- C:\Users\cynthia\Downloads\avira_oe_client_antivirus_en (1).exe

2014-01-27 19:36:59 9A319F0CA0A2F423AC5240CEFFDE5109 3974840 ----a-w- C:\Users\cynthia\Downloads\avira_oe_client_antivirus_en.exe

2014-01-27 19:33:25 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\cynthia\Downloads\AdwCleaner.exe

2014-01-27 19:32:19 66FAEC18550B78D10E397B88544A0C21 929928 ----a-w- C:\Users\cynthia\Downloads\cbsidlm-cbsi171-AdwCleaner-ORG-75851221.exe

2014-01-27 19:21:13 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\McUICnt.exe

2014-01-27 18:27:53 BD5A28471F81D492D21A381610672411 531424 ----a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4805.320\GoogleToolbarInstaller_updater_signed.exe

2014-01-27 18:22:36 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe

2014-01-27 18:22:36 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe

2014-01-27 18:22:32 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe

2014-01-27 18:12:27 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

2014-01-27 18:12:25 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe

2014-01-27 18:12:20 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdate.exe

2014-01-27 18:09:55 00C2D68C98FA311C1A80EE33ED846923 36500648 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\32.0.1700.76\32.0.1700.76_chrome_installer.exe

2014-01-27 18:09:09 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe

=== C: other files ==

2014-01-31 04:59:41 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Program Files\Google\Chrome\Temp\source4516_6033\Chrome-bin\32.0.1700.102\default_apps\youtube.crx

2014-01-31 04:59:41 8AD223868AB9974F7746D0227730A0CC 26392 ----a-w- C:\Program Files\Google\Chrome\Temp\source4516_6033\Chrome-bin\32.0.1700.102\default_apps\search.crx

2014-01-31 04:59:41 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Program Files\Google\Chrome\Temp\source4516_6033\Chrome-bin\32.0.1700.102\default_apps\drive.crx

2014-01-31 04:59:41 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Program Files\Google\Chrome\Temp\source4516_6033\Chrome-bin\32.0.1700.102\default_apps\gmail.crx

2014-01-31 04:59:41 2C71C49F991095A1848624907BACBB08 4578 ----a-w- C:\Program Files\Google\Chrome\Temp\source4516_6033\Chrome-bin\32.0.1700.102\default_apps\docs.crx

2014-01-30 21:33:49 D909075FA72C090F27AA926C32CB4612 39272 ----a-w- C:\Windows\System32\drivers\fssfltr.sys

2014-01-30 18:39:35 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Program Files\Google\Chrome\Temp\source5028_28521\Chrome-bin\32.0.1700.102\default_apps\youtube.crx

2014-01-30 18:39:31 8AD223868AB9974F7746D0227730A0CC 26392 ----a-w- C:\Program Files\Google\Chrome\Temp\source5028_28521\Chrome-bin\32.0.1700.102\default_apps\search.crx

2014-01-30 18:39:30 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Program Files\Google\Chrome\Temp\source5028_28521\Chrome-bin\32.0.1700.102\default_apps\gmail.crx

2014-01-30 18:39:27 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Program Files\Google\Chrome\Temp\source5028_28521\Chrome-bin\32.0.1700.102\default_apps\drive.crx

2014-01-30 18:39:20 2C71C49F991095A1848624907BACBB08 4578 ----a-w- C:\Program Files\Google\Chrome\Temp\source5028_28521\Chrome-bin\32.0.1700.102\default_apps\docs.crx

2014-01-28 22:41:15 C034851122F667F26F813ED1E541C191 50688 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bthmtpenum.inf_201caa7f\BthMtpEnum.sys

2014-01-28 21:52:17 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys

2014-01-28 21:52:17 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys

2014-01-28 21:52:15 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys

2014-01-28 20:44:42 B9C2B89F08670E159F7181891E449CD9 53120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2014-01-28 20:44:08 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2014-01-28 20:44:03 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys

2014-01-28 20:44:00 F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 24064 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2014-01-28 20:43:08 D330803EAB2A15CAEC7F011F1D4CB30E 30208 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bth.inf_426d1460\BTHUSB.SYS

2014-01-28 20:43:08 611FF3F2F095C8D4A6D4CFD9DCC09793 508416 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bth.inf_426d1460\bthport.sys

2014-01-28 20:41:29 6D0D344F643E28B31262AC2682109A3C 914880 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2014-01-28 20:41:29 5877A786EF27E42C4E84D1356F922302 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2014-01-28 20:40:22 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys

2014-01-28 20:40:22 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys

2014-01-28 20:40:16 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Windows\System32\drivers\volsnap.sys

2014-01-28 20:40:11 8E6C378A885D6FFDA8F05E8D27B95C0E 27648 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mdmcpq.inf_fad2d0b6\usbser.sys

2014-01-28 20:38:06 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2014-01-28 20:37:36 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbd.sys

2014-01-28 20:37:36 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2014-01-28 20:37:36 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbport.sys

2014-01-28 20:37:36 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-28 20:37:36 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbccgp.sys

2014-01-28 20:37:36 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-01-28 20:37:36 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbhub.sys

2014-01-28 20:37:36 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbhub.sys

2014-01-28 20:37:36 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-28 20:37:36 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbehci.sys

2014-01-28 20:37:36 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-28 20:37:35 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbohci.sys

2014-01-28 20:37:35 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-28 20:37:35 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbuhci.sys

2014-01-28 20:37:23 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbvideo.inf_052c97ea\usbvideo.sys

2014-01-28 20:37:23 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys

2014-01-28 20:37:22 49A623C16E482F4D31AD0EBD801DD8EC 68608 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbcir.inf_933ee10a\usbcir.sys

2014-01-28 20:35:20 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2014-01-28 20:35:10 B972A66758577E0BFD1DE0F91AAA27B5 12800 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2014-01-28 20:32:44 C127EBD5AFAB31524662C48DFCEB773A 180736 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2014-01-28 20:31:54 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\DriverStore\FileRepository\input.inf_c7f006cc\hidparse.sys

2014-01-28 20:31:54 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys

2014-01-28 20:31:54 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sti.inf_45d79eaa\usbscan.sys

2014-01-28 20:29:40 4A1445EFA932A3BAF5BDB02D7131EE20 440704 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2014-01-28 20:29:27 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2014-01-28 20:29:27 228F444F9AF0D3B9ECA9FC3F4FEB12F2 15872 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_f705a06e\usb8023x.sys

2014-01-27 20:59:39 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-01-27 20:57:17 D66430ED8DF1E05D0F694B6BE3C1FB48 43040 ----a-w- C:\Program Files\Avira\AntiVir Desktop\sweb.zip

2014-01-27 20:57:17 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Windows\System32\drivers\ssmdrv.sys

2014-01-27 20:57:11 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Windows\System32\drivers\avkmgr.sys

2014-01-27 20:57:11 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avkmgr.sys

2014-01-27 20:57:11 B8C10FF9369394EB84993F331810CF29 90400 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2014-01-27 20:57:11 B8C10FF9369394EB84993F331810CF29 90400 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avgntflt.sys

2014-01-27 20:57:11 4189E5AB2CAD6F395D87DAAE73EB090F 135648 ----a-w- C:\Windows\System32\drivers\avipbb.sys

2014-01-27 20:57:11 4189E5AB2CAD6F395D87DAAE73EB090F 135648 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avipbb.sys

2014-01-27 18:19:17 3546C0B6F2D808D4E6294A9D6B25151B 221568 ----a-w- C:\Windows\System32\drivers\netio.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-1339676201-288736409-248646057-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe"

"Acer ePower Management"="C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe"

"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe"

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe"

"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe Reader Speed Launcher"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VideoWebCamera]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="VideoWebCamera"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\VideoWebCamera\\VideoWebCamera.exe\" -a"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27/01/2014 19:00]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02/02/2010 16:43]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02/02/2010 16:43]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\Acer\Burn Notification" [C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [18/10/2009 10:16]

==== Chrome Look ======================

Google Docs - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=080c&s=2&o=vb32&d=1009&m=easynote_lj61"

"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com/ie"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=080c&s=2&o=vb32&d=1009&m=easynote_lj61"

"Default_Page_URL"="http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=080c&s=2&o=vb32&d=1009&m=easynote_lj61"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://www.google.com/search/?q=%s"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{105E99FF-8B9A-4492-B155-06194B9056D2} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{6C6347AA-4F04-40EF-BB42-BECD15104C3A} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW_en"

==== HijackThis Entries ======================

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe

==== Empty IE Cache ======================

C:\Users\cynthia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\cynthia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\cynthia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4 folders=0 3992 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\cynthia\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\cynthia\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\cynthia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on ven. 31/01/2014 at 17:44:31,67 ======================

[kape]

En geeft Avira nu nog een foutmelding bij het scannen ?

[thierry1]

Neen hij geeft niets meer terug bij scannen.

[kape]

Uitstekend ... dan mag je nu de gebruikte tools en nog wat restjes opruimen:

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.