Ga naar inhoud

nazicht

Kurtt
 Delen

Aanbevolen berichten

Kurtt Grootmeester

Kurtt

Geplaatst:
Geplaatst:

Ik had binnen sandboxie een website gedraaid.

 

Toch ransomware melding (pc locked).  Ik heb de sandbox meteen gedeleted en kon terug in de pc. Zou u dit logje kunnen nazien? Normaal zouden er geen virussen mogen zijn. Wachtwoorden toch veranderen voor de zekerheid?

 

Logfile of random's system information tool 1.10 (written by random/random)
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 173 GB (74%) free of 232 GB
Total RAM: 8183 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:32:09, on 18/06/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Kt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKLM\..\Policies\Explorer\Run: [bootRacer] "C:\Program Files (x86)\BootRacer\Bootrace.exe" /2
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash

\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BootRacerServ - Greatis Software, LLC - C:\Program Files (x86)\BootRacer\BootRacerServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file

missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service

\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player

\wmpnetwk.exe (file missing)

--
End of file - 7721 bytes

======Listing Processes======


\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1

ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1

ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\BootRacer\BootRacerServ.exe"
atieclxx
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {7B604905-F0DC-455B-B8A0-194A278DC371}
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
KHALMNPR.EXE /API
system32\RAPID\SamsungRapidSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
ngservice.exe pipeserver
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\GWX\GWX.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-48d31721-4eba-4a68-9097-0b57b337b51a -

SystemEventPortName:HostProcess-27c830b1-e0bb-4be8-aa99-bdff7874eb28 -IoCancelEventPortName:HostProcess-3c7718e7-d4b1-49b6-9732-7f89d5360b38 -

NonStateChangingEventPortName:HostProcess-c9d6282a-8637-4933-9cac-3c5afaf667bf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709

-LifetimeId:5ba9767e-b64d-466e-ac5b-6ceac1225e51 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Users\Kurt\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Kurt\AppData\Roaming\Mozilla\Firefox\Profiles\i2sztdll.default-9289704609450

prefs.js - "browser.startup.homepage" -  "https://www.google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.160 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.160 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19 433944]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]
WOT Helper - C:\Program Files\WOT\WOT.dll [2012-08-02 2001984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19 364824]


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]
WOT Helper - C:\Program Files (x86)\WOT\WOT.dll [2012-08-02 1542720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2012-08-02 2001984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files (x86)\WOT\WOT.dll [2012-08-02 1542720]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2014-05-19 3100440]
"SamsungRapidApp"=C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [2015-02-04 282288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BootRacer"=C:\Program Files (x86)\BootRacer\Bootrace.exe [2012-10-18 6357264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2015-05-28 787592]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-06-03 5515496]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BootRacer"=C:\Program Files (x86)\BootRacer\Bootrace.exe [2012-10-18 6357264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-25 66328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-18 16:32:07 ----D---- C:\Program Files\trend micro
2015-06-18 16:32:06 ----D---- C:\rsit
2015-06-18 15:02:53 ----D---- C:\Program Files (x86)\Trend Micro
2015-06-12 10:04:05 ----A---- C:\Windows\system32\wmp.dll
2015-06-12 10:04:04 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-12 10:04:04 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-12 10:04:04 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-12 10:04:04 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-12 10:04:04 ----A---- C:\Windows\system32\spwmp.dll
2015-06-12 10:04:04 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-12 10:04:03 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-12 10:04:02 ----A---- C:\Windows\system32\appraiser.dll
2015-06-12 10:04:01 ----A---- C:\Windows\system32\invagent.dll
2015-06-12 10:04:01 ----A---- C:\Windows\system32\generaltel.dll
2015-06-12 10:04:01 ----A---- C:\Windows\system32\devinv.dll
2015-06-12 10:04:01 ----A---- C:\Windows\system32\aepic.dll
2015-06-12 10:04:01 ----A---- C:\Windows\system32\aepdu.dll
2015-06-12 10:04:01 ----A---- C:\Windows\system32\aeinv.dll
2015-06-12 10:04:01 ----A---- C:\Windows\system32\acmigration.dll
2015-06-12 10:03:57 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-12 10:03:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-12 10:03:57 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-12 10:03:57 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-12 10:03:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-12 10:03:57 ----A---- C:\Windows\system32\ntdll.dll
2015-06-12 10:03:57 ----A---- C:\Windows\system32\kerberos.dll
2015-06-12 10:03:57 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-12 10:03:56 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\wow64.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\winsrv.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\wdigest.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\typeperf.exe
2015-06-12 10:03:56 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-12 10:03:56 ----A---- C:\Windows\system32\tdh.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\sspicli.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\srcore.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\srclient.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\smss.exe
2015-06-12 10:03:56 ----A---- C:\Windows\system32\sechost.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\schannel.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\rstrui.exe
2015-06-12 10:03:56 ----A---- C:\Windows\system32\relog.exe
2015-06-12 10:03:56 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\lsass.exe
2015-06-12 10:03:56 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\logman.exe
2015-06-12 10:03:56 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\kernel32.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-12 10:03:56 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-12 10:03:56 ----A---- C:\Windows\system32\diskperf.exe
2015-06-12 10:03:56 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-12 10:03:56 ----A---- C:\Windows\system32\conhost.exe
2015-06-12 10:03:56 ----A---- C:\Windows\system32\auditpol.exe
2015-06-12 10:03:56 ----A---- C:\Windows\system32\advapi32.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-12 10:03:55 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-12 10:03:55 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-12 10:03:55 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-12 10:03:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-12 10:03:55 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-12 10:03:55 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-12 10:03:55 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-12 10:03:55 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-12 10:03:55 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-12 10:03:55 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-12 10:03:55 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-12 10:03:55 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-12 10:03:55 ----A---- C:\Windows\system32\wow64win.dll
2015-06-12 10:03:55 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-12 10:03:55 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-12 10:03:55 ----A---- C:\Windows\system32\secur32.dll
2015-06-12 10:03:55 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-12 10:03:55 ----A---- C:\Windows\system32\msobjs.dll
2015-06-12 10:03:55 ----A---- C:\Windows\system32\msaudite.dll
2015-06-12 10:03:55 ----A---- C:\Windows\system32\credssp.dll
2015-06-12 10:03:55 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-12 10:03:55 ----A---- C:\Windows\system32\adtschema.dll
2015-06-12 10:03:43 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-12 10:03:43 ----A---- C:\Windows\system32\win32k.sys
2015-06-12 10:03:43 ----A---- C:\Windows\system32\comctl32.dll
2015-06-12 10:03:41 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-12 10:03:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-12 10:03:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-12 10:03:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-12 10:03:40 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-12 10:03:40 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-12 10:03:40 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-12 10:03:40 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-12 10:03:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-12 10:03:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-12 10:03:40 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-12 10:03:40 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-12 10:03:40 ----A---- C:\Windows\system32\iernonce.dll
2015-06-12 10:03:40 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-12 10:03:40 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-12 10:03:40 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-12 10:03:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-12 10:03:39 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-12 10:03:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-12 10:03:39 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-12 10:03:39 ----A---- C:\Windows\system32\urlmon.dll
2015-06-12 10:03:39 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-12 10:03:38 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-12 10:03:38 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-12 10:03:38 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-12 10:03:38 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-12 10:03:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-12 10:03:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-12 10:03:38 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-12 10:03:38 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-12 10:03:38 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-12 10:03:38 ----A---- C:\Windows\system32\iesetup.dll
2015-06-12 10:03:38 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-12 10:03:38 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-12 10:03:37 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-12 10:03:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-12 10:03:37 ----A---- C:\Windows\system32\vbscript.dll
2015-06-12 10:03:37 ----A---- C:\Windows\system32\iertutil.dll
2015-06-12 10:03:37 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-12 10:03:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-12 10:03:36 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-12 10:03:36 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-12 10:03:36 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-12 10:03:36 ----A---- C:\Windows\system32\ieui.dll
2015-06-12 10:03:36 ----A---- C:\Windows\system32\ieframe.dll
2015-06-12 10:03:36 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-12 10:03:35 ----A---- C:\Windows\system32\wininet.dll
2015-06-12 10:03:35 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-12 10:03:35 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-12 10:03:35 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-12 10:03:35 ----A---- C:\Windows\system32\jscript9.dll
2015-06-12 10:03:35 ----A---- C:\Windows\system32\jscript.dll
2015-06-12 10:03:34 ----A---- C:\Windows\system32\msrating.dll
2015-06-12 10:03:34 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-12 10:03:34 ----A---- C:\Windows\system32\mshtml.dll
2015-06-09 18:24:31 ----DC---- C:\Windows\system32\DRVSTORE
2015-06-09 18:24:31 ----D---- C:\Windows\system32\RAPID
2015-06-09 18:24:31 ----A---- C:\Windows\system32\drivers\SamsungRapidDiskFltr.sys
2015-06-09 18:24:22 ----D---- C:\ProgramData\ATI
2015-06-09 18:23:50 ----D---- C:\Program Files (x86)\AMD AVT
2015-06-09 18:23:28 ----D---- C:\Program Files (x86)\AMD
2015-06-09 18:22:34 ----D---- C:\Program Files\AMD
2015-06-09 17:57:47 ----ASH---- C:\hiberfil.sys
2015-06-09 17:56:47 ----D---- C:\ProgramData\Samsung
2015-06-09 17:56:47 ----D---- C:\Program Files (x86)\Samsung
2015-06-03 19:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-03 19:28:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-06-03 19:19:10 ----D---- C:\Program Files\CCleaner
2015-06-03 19:11:49 ----D---- C:\Program Files\Sandboxie
2015-06-03 13:59:22 ----SD---- C:\Windows\system32\CompatTel
2015-06-03 13:59:22 ----D---- C:\Windows\system32\appraiser
2015-06-03 13:59:21 ----SD---- C:\Windows\SYSWOW64\GWX
2015-06-03 13:59:21 ----SD---- C:\Windows\system32\GWX
2015-06-03 13:50:30 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-03 13:50:30 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-03 13:45:23 ----A---- C:\Windows\system32\aswBoot.exe
2015-06-03 13:45:21 ----A---- C:\Windows\avastSS.scr
2015-06-03 13:13:45 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-06-03 13:13:45 ----A---- C:\Windows\system32\certcli.dll
2015-06-03 13:10:49 ----A---- C:\Windows\system32\services.exe
2015-06-03 13:10:48 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-06-03 13:10:48 ----A---- C:\Windows\system32\FntCache.dll
2015-06-03 13:10:48 ----A---- C:\Windows\system32\DWrite.dll
2015-06-03 13:10:45 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-06-03 13:10:45 ----A---- C:\Windows\system32\jnwmon.dll
2015-06-03 13:10:45 ----A---- C:\Windows\system32\InkEd.dll
2015-06-03 13:10:44 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-06-03 13:10:43 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-06-03 13:10:43 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-06-03 13:10:43 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-06-03 13:10:43 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-06-03 13:10:43 ----A---- C:\Windows\system32\wuwebv.dll
2015-06-03 13:10:43 ----A---- C:\Windows\system32\wups2.dll
2015-06-03 13:10:43 ----A---- C:\Windows\system32\wups.dll
2015-06-03 13:10:43 ----A---- C:\Windows\system32\wudriver.dll
2015-06-03 13:10:43 ----A---- C:\Windows\system32\wucltux.dll
2015-06-03 13:10:43 ----A---- C:\Windows\system32\wuaueng.dll
2015-06-03 13:10:43 ----A---- C:\Windows\system32\wuauclt.exe
2015-06-03 13:10:43 ----A---- C:\Windows\system32\wuapp.exe
2015-06-03 13:10:43 ----A---- C:\Windows\system32\wuapi.dll
2015-06-03 13:10:43 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-06-03 13:10:43 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-06-03 13:10:34 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-06-03 13:10:34 ----A---- C:\Windows\system32\wpdshext.dll
2015-06-03 13:10:33 ----A---- C:\Windows\system32\aitstatic.exe
2015-06-03 13:10:18 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-06-03 13:10:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-06-03 13:10:18 ----A---- C:\Windows\system32\msxml3.dll
2015-06-03 13:10:18 ----A---- C:\Windows\system32\gdi32.dll
2015-06-03 13:10:17 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-06-03 13:10:17 ----A---- C:\Windows\system32\msxml3r.dll
2015-06-03 13:09:56 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-06-03 13:09:56 ----A---- C:\Windows\system32\poqexec.exe
2015-06-03 13:09:55 ----A---- C:\Windows\system32\drivers\http.sys
2015-06-03 13:09:54 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-06-03 13:09:54 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-06-03 13:09:54 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-06-03 13:09:54 ----A---- C:\Windows\system32\shimeng.dll
2015-06-03 13:09:54 ----A---- C:\Windows\system32\sdbinst.exe
2015-06-03 13:09:54 ----A---- C:\Windows\system32\apphelp.dll
2015-06-03 13:09:54 ----A---- C:\Windows\system32\aelupsvc.dll
2015-06-03 13:09:53 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-06-03 13:09:53 ----A---- C:\Windows\system32\clfsw32.dll
2015-06-03 13:09:53 ----A---- C:\Windows\system32\clfs.sys

======List of files/folders modified in the last 1 month======

2015-06-18 16:32:09 ----D---- C:\Windows\Temp
2015-06-18 16:32:07 ----D---- C:\Program Files
2015-06-18 16:29:10 ----D---- C:\Windows\System32
2015-06-18 16:29:10 ----D---- C:\Windows\inf
2015-06-18 16:29:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-18 16:28:41 ----D---- C:\Program Files (x86)\Opera
2015-06-18 16:23:33 ----D---- C:\Windows\system32\Tasks
2015-06-18 16:23:15 ----D---- C:\Program Files (x86)\BootRacer
2015-06-18 16:22:13 ----D---- C:\Windows\system32\config
2015-06-18 15:06:01 ----SHD---- C:\Windows\Installer
2015-06-18 15:06:00 ----SHD---- C:\System Volume Information
2015-06-18 15:02:53 ----RD---- C:\Program Files (x86)
2015-06-17 08:23:55 ----SD---- C:\Users\Kurt\AppData\Roaming\Microsoft
2015-06-12 10:12:56 ----D---- C:\Windows\winsxs
2015-06-12 10:11:40 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-06-12 10:11:40 ----D---- C:\Windows\SysWOW64
2015-06-12 10:11:40 ----D---- C:\Program Files\Windows Media Player
2015-06-12 10:11:40 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-12 10:11:39 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-12 10:11:39 ----D---- C:\Windows\system32\nl-NL
2015-06-12 10:11:39 ----D---- C:\Windows\system32\en-US
2015-06-12 10:11:39 ----D---- C:\Windows\system32\drivers
2015-06-12 10:11:39 ----D---- C:\Windows\PolicyDefinitions
2015-06-12 10:11:39 ----D---- C:\Program Files\Internet Explorer
2015-06-12 10:11:39 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-12 10:10:15 ----D---- C:\ProgramData\Microsoft Help
2015-06-12 10:07:48 ----D---- C:\Windows\system32\MRT
2015-06-12 10:05:52 ----A---- C:\Windows\system32\MRT.exe
2015-06-12 09:59:06 ----D---- C:\Windows\system32\catroot2
2015-06-12 09:52:32 ----D---- C:\Windows\Microsoft.NET
2015-06-12 09:45:04 ----D---- C:\Windows
2015-06-12 09:45:04 ----A---- C:\Windows\Sandboxie.ini
2015-06-09 18:24:46 ----D---- C:\Windows\system32\catroot
2015-06-09 18:24:22 ----HD---- C:\ProgramData
2015-06-09 18:23:50 ----D---- C:\ProgramData\AMD
2015-06-09 18:23:21 ----D---- C:\Program Files\ATI Technologies
2015-06-09 18:23:02 ----D---- C:\Windows\system32\DriverStore
2015-06-09 18:22:29 ----D---- C:\ProgramData\Package Cache
2015-06-09 18:19:42 ----D---- C:\AMD
2015-06-04 12:46:58 ----D---- C:\Windows\rescache
2015-06-04 12:41:00 ----D---- C:\Windows\AppCompat
2015-06-04 11:25:21 ----RSD---- C:\Windows\assembly
2015-06-04 10:04:36 ----D---- C:\Program Files\Speccy
2015-06-04 10:02:59 ----D---- C:\Program Files (x86)\Canon
2015-06-03 19:48:42 ----D---- C:\Windows\Tasks
2015-06-03 19:35:27 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-03 19:30:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 19:25:49 ----D---- C:\Users\Kurt\AppData\Roaming\Opera Software
2015-06-03 14:00:48 ----D---- C:\Windows\Logs
2015-06-03 13:59:23 ----D---- C:\Windows\system32\AdvancedInstallers
2015-06-03 13:59:23 ----D---- C:\Program Files\Windows Journal
2015-06-03 13:59:22 ----SD---- C:\ProgramData\Microsoft
2015-06-03 13:59:22 ----D---- C:\Windows\system32\wbem
2015-06-03 13:59:12 ----D---- C:\Program Files\Microsoft Silverlight
2015-06-03 13:59:12 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-06-03 13:56:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-06-03 13:53:13 ----D---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-06-03 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-06-03 272248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver; C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys [2015-02-04 271024]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr; C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys [2015-02-04 111280]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-06-03 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-06-03 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-03 442264]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-07-22 126872]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-06-03 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-06-03 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-06-03 137288]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-06-03 273824]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 17920]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2014-03-19 77592]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2014-03-19 13080]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2014-03-19 76568]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2014-03-19 59160]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB64.sys [2009-06-10 1627520]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2015-05-28 188552]
R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2014-03-19 40728]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-01-05 37888]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-06-03 343336]
R2 BootRacerServ;BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [2012-05-31 65296]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 SamsungRapidSvc;Samsung RAPID Mode Service; C:\Windows\system32\RAPID\SamsungRapidSvc.exe [2015-02-04 28848]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2015-05-28 176264]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-06-03 4034896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11

105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11

124088]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-04 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-17 268976]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2014-03-25 357144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-03 148080]
S3 UPnPService;UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2008-10-21 548864]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-03 1255736]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET

\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET

\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET

\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
 

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Dat ziet er netjes uit Kurtt ... wachtwoorden wijzigen kan natuurlijk nooit kwaad, maar er zit niet echt een probleem meer in. Je mag met Delfix wel nog de door jou gebruikte tools verwijderen. Die heb je momenteel niet meer nodig.

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.