Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

some difficult persistence rootkit that's comming back everytime


  • This topic is locked This topic is locked
6 replies to this topic

#1 cell_O

cell_O

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:42 AM

Posted 01 April 2014 - 11:08 AM

Hello i've got some nasty rootkit that is comming back everytime, even when i changed my harddisk and do a fresh new reinstall from with windows cd.
 
i paste the logs down right here.
 
 
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: FingerPrinter Reader
Device ID: USB\VID_1C7A&PID_0801\00000000000006
Manufacturer: 
Name: FingerPrinter Reader
PNP Device ID: USB\VID_1C7A&PID_0801\00000000000006
Service: 
.
Class GUID: 
Description: 
Device ID: ACPI\WEC1040\4&891F657&0
Manufacturer: 
Name: 
PNP Device ID: ACPI\WEC1040\4&891F657&0
Service: 
.
==== System Restore Points ===================
.
RP3: 29-3-2014 16:58:56 - avast! antivirus system restore point
RP4: 29-3-2014 17:02:25 - Installatie van apparaatstuurprogramma: COMODO Network Service
RP5: 29-3-2014 17:06:14 - Windows Update
RP6: 29-3-2014 18:01:24 - Windows Update
RP7: 29-3-2014 18:39:16 - Installatieprogramma voor Windows-modules
RP8: 29-3-2014 19:04:10 - Windows Update
RP9: 29-3-2014 19:59:32 - Windows Update
RP10: 29-3-2014 20:28:49 - Windows Update
RP12: 1-4-2014 15:31:14 - RAPID
RP13: 1-4-2014 15:51:09 - Windows Update
RP14: 1-4-2014 16:13:24 - Application removal with Reg Organizer
RP15: 1-4-2014 16:15:55 - Removed GeekBuddy.
RP16: 1-4-2014 16:55:45 - Removed GeekBuddy.
RP18: 1-4-2014 17:30:58 - RAPID
RP20: 1-4-2014 17:34:50 - RAPID
.
==== Installed Programs ======================
.
Adobe Flash Player 12 Plugin
AnVir Task Manager Free
avast! Free Antivirus
Comodo Dragon
COMODO Firewall
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (Nederlands)
Microsoft .NET Framework 4.5.1 (NLD)
Microsoft Silverlight
NVIDIA-configuratiescherm 327.02
NVIDIA Grafisch stuurprogramma 327.02
NVIDIA Install Application
NVIDIA Update 1.14.17
NVIDIA Update Components
RAPID Mode
Reg Organizer version 6.11
Samsung Magician
Secunia PSI (3.0.0.9016)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
SpywareBlaster 5.0
.
==== End Of File ===========================
 
 
 
 
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16521
Run by aa at 17:58:15 on 2014-04-01
Microsoft Windows 7 Professional   6.1.7601.1.1252.31.1043.18.4091.1875 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\CISVC.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Windows\system32\svchost.exe -k ftpsvc
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\svchost.exe -k ipripsvc
C:\Windows\system32\mqsvc.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\RAPID\SamsungRapidSvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\System32\snmp.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\mqtgsvc.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Comodo\Dragon\virtual_mode_helper.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyServer = localhost:8080
mWinlogon: Userinit = userinit.exe,
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\Users\aa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.3.2.1
TCP: Interfaces\{38BEAEF4-D2DF-4494-9192-B6F1A1895618} : DHCPNameServer = 192.3.2.1
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-Run: [MsmqIntCert] regsvr32 /s mqrt.dll
x64-Run: [SamsungRapidApp] C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver;C:\Windows\System32\drivers\SamsungRapidDiskFltr.sys [2014-4-1 240864]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr;C:\Windows\System32\drivers\SamsungRapidFSFltr.sys [2013-7-29 111328]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\EEK\Run\a2ddax64.sys [2014-3-30 26176]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-3-29 1039096]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-3-29 423240]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-9-24 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-11-14 709144]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-9-24 48872]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-3-29 79184]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-3-29 50344]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-10-11 70352]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-1-28 2135232]
R2 ftpsvc;Microsoft FTP-service;C:\Windows\System32\svchost.exe -k ftpsvc [2009-7-14 27136]
R2 GeekBuddyRSP;GeekBuddyRSP Server;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-10-11 2327248]
R2 iprip;RIP-listener;C:\Windows\System32\svchost.exe -k ipripsvc [2009-7-14 27136]
R2 SamsungRapidSvc;Samsung RAPID Mode Service;system32\RAPID\SamsungRapidSvc.exe --> system32\RAPID\SamsungRapidSvc.exe [?]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-12-6 1229528]
R3 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-3-29 84816]
R3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-9-24 164056]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-10 270848]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-12-6 18456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 cleanhlp;cleanhlp;C:\EEK\Run\cleanhlp64.sys [2014-3-30 57024]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-29 111616]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-3-30 119512]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-29 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-29 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-3-29 30208]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-29 1255736]
S3 WMSVC;Web Management-service;C:\Windows\System32\inetsrv\WMSvc.exe [2009-7-14 10752]
.
=============== Created Last 30 ================
.
2014-04-01 15:35:10 -------- d-----w- C:\Windows\System32\RAPID
2014-04-01 13:31:29 240864 ----a-w- C:\Windows\System32\drivers\SamsungRapidDiskFltr.sys
2014-04-01 13:12:58 -------- d-----w- C:\ProgramData\Samsung
2014-04-01 13:12:58 -------- d-----w- C:\Program Files (x86)\Samsung
2014-04-01 12:21:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-01 12:21:40 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-01 12:20:52 -------- d-----w- C:\Users\aa\AppData\Local\Adobe
2014-04-01 09:34:44 -------- d-----w- C:\Users\aa\AppData\Local\WindowsUpdate
2014-04-01 09:32:29 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C8ACFE3F-430A-49C8-B8CE-A096F70DA4AE}\mpengine.dll
2014-03-30 21:30:28 -------- d-----w- C:\EEK
2014-03-30 21:29:01 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-03-30 21:28:58 -------- d-----w- C:\Users\aa\AppData\Local\CrashDumps
2014-03-30 21:28:05 -------- d-----w- C:\ProgramData\Malwarebytes
2014-03-30 20:47:45 -------- d-----w- C:\Users\aa\AppData\Local\Secunia PSI
2014-03-30 20:47:38 -------- d-----w- C:\Program Files (x86)\Secunia
2014-03-30 20:41:30 -------- d-----w- C:\ProgramData\Licenses
2014-03-30 20:41:10 129872 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2014-03-30 20:41:10 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-30 20:41:09 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2014-03-30 20:35:11 -------- d-----w- C:\Users\aa\AppData\Roaming\ChemTable Software
2014-03-30 20:35:06 -------- d-----w- C:\Program Files (x86)\Reg Organizer
2014-03-30 20:35:04 -------- d-----w- C:\Users\aa\AppData\Local\Programs
2014-03-30 20:35:04 -------- d-----w- C:\Users\aa\AppData\Local\ChemTable Software
2014-03-30 20:35:03 -------- d-----w- C:\Users\aa\AppData\Local\AnVir
2014-03-30 20:35:01 -------- d-----w- C:\Program Files (x86)\AnVir Task Manager Free
2014-03-30 20:14:27 -------- d-----w- C:\TDSSKiller_Quarantine
2014-03-30 20:02:01 -------- d-----w- C:\AdwCleaner
2014-03-30 15:30:40 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-03-30 15:30:40 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2014-03-30 15:30:40 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2014-03-30 06:25:15 -------- d-----w- C:\Users\aa\AppData\Local\Diagnostics
2014-03-29 23:23:51 -------- d-----w- C:\FRST
2014-03-29 19:22:36 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-03-29 19:22:36 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-03-29 19:16:20 -------- d-----w- C:\Windows\System32\drivers\en-US
2014-03-29 19:03:39 -------- d-----w- C:\Windows\Migration
2014-03-29 19:00:59 3584 ----a-w- C:\Windows\System32\drivers\nl-NL\tsusbflt.sys.mui
2014-03-29 19:00:58 15360 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-03-29 19:00:56 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2014-03-29 19:00:56 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2014-03-29 19:00:53 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2014-03-29 19:00:53 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2014-03-29 19:00:52 3174912 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-03-29 19:00:52 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2014-03-29 18:46:58 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-03-29 18:45:55 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-03-29 18:45:55 366592 ----a-w- C:\Windows\System32\qdvd.dll
2014-03-29 18:36:54 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2014-03-29 18:36:53 -------- d-----w- C:\Windows\System32\wbem\en-US
2014-03-29 18:36:49 -------- d-----w- C:\Windows\SysWow64\Wat
2014-03-29 18:36:49 -------- d-----w- C:\Windows\System32\Wat
2014-03-29 18:33:09 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-03-29 18:33:09 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-03-29 18:33:08 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-03-29 18:33:07 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-03-29 18:27:07 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2014-03-29 18:26:58 920864 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-03-29 18:26:58 6599968 ----a-w- C:\Windows\System32\nvcpl.dll
2014-03-29 18:26:58 63776 ----a-w- C:\Windows\System32\nvshext.dll
2014-03-29 18:26:58 3452192 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-03-29 18:26:58 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-03-29 18:26:58 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2014-03-29 18:26:41 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2014-03-29 18:26:41 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-03-29 18:25:35 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2014-03-29 18:25:29 -------- d-----w- C:\Program Files\NVIDIA Corporation
2014-03-29 18:15:43 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-29 18:11:29 2560 ----a-w- C:\Windows\System32\drivers\nl-NL\wdf01000.sys.mui
2014-03-29 18:09:48 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2014-03-29 18:07:09 -------- d-----w- C:\Windows\System32\MRT
2014-03-29 18:06:29 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-03-29 18:06:29 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-03-29 18:06:28 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2014-03-29 18:06:28 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2014-03-29 18:06:26 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2014-03-29 18:06:26 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2014-03-29 18:06:26 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2014-03-29 18:04:34 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-03-29 17:56:57 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2014-03-29 17:55:57 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2014-03-29 17:39:59 -------- d-----w- C:\Windows\SysWow64\BestPractices
2014-03-29 17:39:57 -------- d-----w- C:\Windows\System32\msmq
2014-03-29 17:39:57 -------- d-----w- C:\Windows\System32\BestPractices
2014-03-29 17:39:55 -------- d-----w- C:\inetpub
2014-03-29 17:02:59 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2014-03-29 17:02:59 5120 ----a-w- C:\Windows\System32\wmi.dll
2014-03-29 17:02:59 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2014-03-29 17:01:00 59392 ----a-w- C:\Windows\System32\browcli.dll
2014-03-29 17:01:00 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2014-03-29 17:01:00 136704 ----a-w- C:\Windows\System32\browser.dll
2014-03-29 16:59:59 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-29 16:58:55 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2014-03-29 16:57:54 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2014-03-29 16:47:13 -------- d--h--w- C:\VTRoot
2014-03-29 16:06:37 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2014-03-29 16:06:32 99840 ----a-w- C:\Windows\System32\wudriver.dll
2014-03-29 16:06:30 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-03-29 16:06:30 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2014-03-29 16:02:18 -------- d-s---w- C:\ProgramData\Shared Space
2014-03-29 16:01:43 -------- d-----w- C:\Windows\pss
2014-03-29 16:01:07 -------- d-----w- C:\ProgramData\COMODO
2014-03-29 16:01:01 -------- d-----w- C:\Program Files\COMODO
2014-03-29 16:01:00 -------- d-----w- C:\Program Files (x86)\Common Files\COMODO
2014-03-29 15:59:37 -------- d-----w- C:\Users\aa\AppData\Roaming\AVAST Software
2014-03-29 15:59:26 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-03-29 15:59:26 84816 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-03-29 15:59:26 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-03-29 15:59:26 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-03-29 15:59:26 208928 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-03-29 15:59:26 1039096 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-03-29 15:59:25 43152 ----a-w- C:\Windows\avastSS.scr
2014-03-29 15:59:09 -------- d-----w- C:\Program Files\AVAST Software
2014-03-29 15:58:56 -------- d-sh--w- C:\Windows\Installer
2014-03-29 15:58:55 -------- d-----w- C:\Users\aa\AppData\Local\Comodo
2014-03-29 15:58:53 57096 ----a-w- C:\Windows\System32\certsentry.dll
2014-03-29 15:58:53 48392 ----a-w- C:\Windows\SysWow64\certsentry.dll
2014-03-29 15:58:45 -------- d-----w- C:\Program Files (x86)\Comodo
2014-03-29 15:58:43 -------- d-----w- C:\ProgramData\Comodo Downloader
2014-03-29 15:58:17 -------- d-----w- C:\ProgramData\AVAST Software
2014-03-29 15:53:33 -------- d-----w- C:\Windows\Panther
2014-03-29 15:53:19 -------- d-sh--w- C:\Boot
.
==================== Find3M  ====================
.
2014-03-29 18:15:43 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-02-04 02:32:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-02-04 02:32:12 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-02-04 02:04:22 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04:11 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
.
============= FINISH: 17:59:21,37 ===============

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:42 PM

Posted 04 April 2014 - 07:57 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 cell_O

cell_O
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:42 AM

Posted 04 April 2014 - 09:03 PM

Hey hello, thanks for you help and instructions. I got the done as you have explain it and saved the logs:)

 

 

============================================================================================================================

MBAM

============================================================================================================================

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scandatum: 5-4-2014
Scantijd: 2:04:22
Logbestand: mbam.txt
Beheerder: Ja

Versie: 2.00.1.1004
Malwaredatabase: v2014.04.04.11
Rootkitdatabase: v2014.03.27.01
Licentie: Gratis
Malwarebescherming: Uitgeschakeld
Kwaadaardige Website Bescherming: Uitgeschakeld
Chameleon: Uitgeschakeld

Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: aa

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten Gescand: 260314
Verstreken Tijd: 8 m, 31 s

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Shuriken: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registersleutels: 11
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantaine, [cb35808004fcf01008053a07f30f4eb2],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\IESmartBar.BHO, In Quarantaine, [cb35808004fcf01008053a07f30f4eb2],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantaine, [cb35808004fcf01008053a07f30f4eb2],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantaine, [cb35808004fcf01008053a07f30f4eb2],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESmartBar.BHO, In Quarantaine, [cb35808004fcf01008053a07f30f4eb2],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantaine, [cb35808004fcf01008053a07f30f4eb2],
PUP.Optional.QuickShare.A, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantaine, [cb35808004fcf01008053a07f30f4eb2],
PUP.Optional.QuickShare.A, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantaine, [cb35808004fcf01008053a07f30f4eb2],
PUP.Optional.SmartBar, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarBackup, In Quarantaine, [5ea2fe0270903ac611aa5f3d768d26da],
PUP.Optional.SmartBar, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarLog, In Quarantaine, [05fb5aa6bf41bb4501b99b0111f260a0],
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, In Quarantaine, [f50bfe022dd3728efecfbbb20200fb05],

Registerwaardes: 2
PUP.Optional.Snapdo, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Infrastructure Helper, C:\Users\aa\AppData\Local\Smartbar\Application\SnapDo.exe startup, In Quarantaine, [db25f70954ac36cadb0e57186c969e62]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|Publisher, SnapdoOCYB, In Quarantaine, [f50bfe022dd3728efecfbbb20200fb05]

Registerdata: 12
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}),Vervangen,[d42c6e92d729ca36e2c5a36748bc6e92]
PUP.Optional.Snapdo, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7N&q={searchTerms}, Goed: (http://www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7N&q={searchTerms}),Vervangen,[a45ccc3449b720e03fd15db78c7802fe]
PUP.Optional.Snapdo, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7N&q={searchTerms}, Goed: (http://www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7N&q={searchTerms}),Vervangen,[8a769769b54b35cbca45b460f014e719]
PUP.Optional.Snapdo, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7N&q={searchTerms}, Goed: (http://www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7N&q={searchTerms}),Vervangen,[15ebb44c55abd32d1ff37f9518ec6799]
PUP.Optional.Snapdo, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7N&q={searchTerms}, Goed: (http://www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7N&q={searchTerms}),Vervangen,[00009e62df2118e8839056be8b799c64]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1154313942-895617834-3706001645-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7N&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7N&q={searchTerms}),Vervangen,[4ab6857bfa06738d7d2bff0bfc08fc04]
PUP.Optional.Snapdo, HKU\S-1-5-21-1154313942-895617834-3706001645-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGr1UFqN0cIDXtvJag1OGU_mmd5BTo06tgNOdyancwyiMfX0fEulj51oDk9jcuKXW, Goed: (http://www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGr1UFqN0cIDXtvJag1OGU_mmd5BTo06tgNOdyancwyiMfX0fEulj51oDk9jcuKXW),Vervangen,[768afd0325db39c71cf59084e61eea16]
PUP.Optional.Snapdo, HKU\S-1-5-21-1154313942-895617834-3706001645-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}, Goed: (http://www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}),Vervangen,[d12fa45c27d923dda46b19fb56ae53ad]
PUP.Optional.Snapdo, HKU\S-1-5-21-1154313942-895617834-3706001645-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}, Goed: (http://www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}),Vervangen,[837db54b52ae6a96cc44070df80cb947]
PUP.Optional.Snapdo, HKU\S-1-5-21-1154313942-895617834-3706001645-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}, Goed: (http://www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}),Vervangen,[50b0e51bfa060df3c84ab55ff60e6f91]
PUP.Optional.Snapdo, HKU\S-1-5-21-1154313942-895617834-3706001645-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}, Goed: (http://www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}),Vervangen,[6a96bb459d6369971ef5e62e11f360a0]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1154313942-895617834-3706001645-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmcY6qraQiIVKY2jLhDqf__Ew5bUA5upBSsD8FElkKzjhM_Gy1rxR6E3SWO-5vEvlY2sXLSvtUmvLBGrEXRwqiUvhvHe00RZ9HQd96jO2XmoZYwT9rS9CfzDJiEUeb_AK8R7Du7Iit5P7L&q={searchTerms}),Vervangen,[e21e8c7414ec18e8aafe9f6bde266c94]

Mappen: 0
(No malicious items detected)

Bestanden: 0
(No malicious items detected)

Fysieke Sectoren: 0
(No malicious items detected)

(end)

 

 

 

============================================================================================================================

ADWCLEANER

============================================================================================================================

 

# AdwCleaner v3.023 - Report created 05/04/2014 at 02:20:19
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : aa - AA-PC
# Running from : C:\Users\aa\Desktop\Nieuwe map\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

*************************

AdwCleaner[R1].txt - [2652 octets] - [05/04/2014 02:17:50]
AdwCleaner[S1].txt - [2593 octets] - [05/04/2014 02:20:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2653 octets] ##########

 

 

 

 

============================================================================================================================

FARBAR - FRST

============================================================================================================================

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by aa (administrator) on AA-PC on 05-04-2014 03:51:45
Running from C:\Users\aa\Desktop\Nieuwe map
Windows 7 Professional Service Pack 1 (X64) OS Language: Dutch Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Microsoft Corporation) C:\Windows\system32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWlan.exe
(Samsung Electronics Co., Ltd.) C:\Windows\system32\RAPID\SamsungRapidSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll
HKLM\...\Run: [SamsungRapidApp] - C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [109280 2013-07-29] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-29] (AVAST Software)
HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2014-04-05] ()
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1154313942-895617834-3706001645-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1154313942-895617834-3706001645-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1154313942-895617834-3706001645-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{38BEAEF4-D2DF-4494-9192-B6F1A1895618}: [NameServer]192.168.3.1

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-29] (AVAST Software)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-10-11] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6812400 2014-03-25] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-01-28] ()
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-03-12] (Ellora Assets Corp.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-10-11] (Comodo Security Solutions, Inc.)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [285795 2014-04-05] ()
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
R2 RealtekCU; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [27360 2013-07-29] (Samsung Electronics Co., Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-21] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-21] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-03-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-03-29] (AVAST Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-03-25] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-03-25] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-03-25] (COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-03-25] (COMODO)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1525904 2012-11-07] (Realtek Semiconductor Corporation                           )
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [240864 2013-07-29] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111328 2013-07-29] (Samsung Electronics Co., Ltd.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S1 A2DDA; \??\C:\EEK\RUN\a2ddax64.sys [X]
S3 cleanhlp; \??\C:\EEK\Run\cleanhlp64.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-05 03:51 - 2014-04-05 03:51 - 00000000 ____D () C:\FRST
2014-04-05 02:24 - 2014-04-05 02:24 - 00001206 _____ () C:\Users\aa\Desktop\Desinstaller_HOSTS_Anti-PUPs.lnk
2014-04-05 02:24 - 2014-04-05 02:24 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-04-05 02:17 - 2014-04-05 02:20 - 00000000 ____D () C:\AdwCleaner
2014-04-05 01:52 - 2014-04-05 01:52 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-05 01:52 - 2014-04-05 01:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-05 01:52 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-05 01:52 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-05 01:52 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-05 01:48 - 2014-04-05 03:51 - 00000000 ____D () C:\Users\aa\Desktop\Nieuwe map
2014-04-04 23:31 - 2014-04-05 01:04 - 00000000 ____D () C:\Users\aa\.zenmap
2014-04-04 23:31 - 2014-04-04 23:31 - 00000988 _____ () C:\Users\aa\Desktop\Nmap - Zenmap GUI.lnk
2014-04-04 23:31 - 2014-04-04 23:31 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2014-04-04 23:30 - 2014-04-04 23:30 - 00000000 ____D () C:\Program Files (x86)\Nmap
2014-04-04 23:27 - 2014-04-04 23:28 - 26776462 _____ (Insecure.org) C:\Users\aa\Desktop\nmap-6.40-setup.exe
2014-04-04 22:36 - 2014-04-04 22:36 - 00057907 _____ () C:\Users\aa\Desktop\IPv6Disable.zip
2014-04-04 22:36 - 2014-04-04 22:36 - 00000000 ____D () C:\Users\aa\Desktop\IPv6Disable
2014-04-04 21:16 - 2014-04-04 21:16 - 00002153 _____ () C:\Users\Public\Desktop\REALTEK USB Wireless LAN Utility.lnk
2014-04-04 21:16 - 2014-04-04 21:16 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-04 21:15 - 2014-04-04 21:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-04 21:15 - 2012-11-07 09:34 - 01525904 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RTWlanU.sys
2014-04-04 21:15 - 2012-09-25 16:25 - 00405504 _____ (Realtek) C:\Windows\SwUSB.exe
2014-04-04 21:15 - 2012-09-20 10:00 - 00036864 _____ () C:\Windows\runSW.exe
2014-04-04 21:15 - 2012-02-14 19:37 - 00594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2014-04-04 21:15 - 2010-12-01 09:31 - 00451072 _____ () C:\Windows\SysWOW64\ISSRemoveSP.exe
2014-04-04 21:15 - 2009-03-31 14:31 - 00380928 _____ (Realtek) C:\Windows\RtlUI2.exe
2014-04-04 21:15 - 2009-01-05 20:31 - 00000901 _____ () C:\Windows\RtlUI2.exe.manifest
2014-04-04 21:15 - 2008-07-01 12:31 - 00614400 _____ (Realtek Semiconductor Corp. ) C:\Windows\SysWOW64\Rtlihvs.dll
2014-04-04 21:15 - 2007-04-26 14:05 - 00100000 _____ () C:\Windows\SysWOW64\EAPPkt9x.VXD
2014-04-04 21:15 - 2001-09-26 11:03 - 00012981 _____ () C:\Windows\SysWOW64\REALPKT.VXD
2014-04-04 21:14 - 2014-04-04 21:14 - 00000000 ____D () C:\Program Files (x86)\REALTEK
2014-04-04 16:49 - 2014-04-04 16:51 - 00000000 ____D () C:\Users\aa\Downloads\docs
2014-04-04 04:09 - 2014-04-04 04:09 - 00000811 _____ () C:\Users\UpdatusUser\Desktop\SARDU.lnk
2014-04-04 04:09 - 2014-04-04 04:09 - 00000781 _____ () C:\Users\aa\Desktop\SARDU.lnk
2014-04-04 04:09 - 2014-04-04 04:09 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SARDU
2014-04-04 04:08 - 2014-04-04 04:10 - 00000000 ____D () C:\Users\aa\Desktop\SARDU_2.0.6.5
2014-04-04 04:07 - 2014-04-04 04:08 - 14021962 _____ () C:\Users\aa\Desktop\SARDU_2.0.6.5.zip
2014-04-03 13:53 - 2010-05-10 10:45 - 00103736 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBTOOL.EXE
2014-04-03 13:53 - 2010-04-02 07:33 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL
2014-04-03 13:53 - 2005-01-17 09:10 - 00045056 _____ () C:\Windows\SysWOW64\BRTCPCON.DLL
2014-04-03 13:53 - 2004-08-09 09:00 - 00000114 _____ () C:\Windows\SysWOW64\BRLMW03A.INI
2014-04-03 13:53 - 2004-08-09 08:42 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL
2014-04-03 13:53 - 1999-10-26 18:00 - 00000050 _____ () C:\Windows\system32\BRADM10A.DAT
2014-04-03 13:52 - 2014-04-03 21:19 - 00000000 ____D () C:\ProgramData\Brother
2014-04-03 02:23 - 2014-04-03 02:46 - 00000600 _____ () C:\Users\aa\AppData\Local\PUTTY.RND
2014-04-03 00:51 - 2014-04-03 00:51 - 00000074 _____ () C:\Users\aa\Desktop\naam.txt
2014-04-02 06:21 - 2014-04-02 06:24 - 00000000 ____D () C:\Users\aa\Documents\Freemake
2014-04-02 06:21 - 2014-04-02 06:21 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-04-02 06:20 - 2014-04-02 06:21 - 00001357 _____ () C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2014-04-02 06:20 - 2014-04-02 06:21 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-02 06:20 - 2014-04-02 06:20 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-02 06:04 - 2014-03-29 09:32 - 02984832 _____ (Easeware ) C:\Users\aa\Desktop\DriverEasy_Setup.exe
2014-04-02 04:33 - 2014-04-02 04:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-04-02 00:58 - 2014-04-02 00:58 - 00000000 ____D () C:\Program Files (x86)\ImageWriter
2014-04-02 00:44 - 2014-04-02 00:44 - 00002111 _____ () C:\Users\Public\Desktop\SDFormatter.lnk
2014-04-02 00:44 - 2014-04-02 00:44 - 00000000 ____D () C:\Program Files (x86)\SDA
2014-04-02 00:43 - 2014-04-04 21:32 - 00000000 ____D () C:\Users\aa\AppData\Local\Downloaded Installations
2014-04-01 22:25 - 2014-04-01 22:25 - 00000000 ____D () C:\Users\aa\AppData\Roaming\NVIDIA
2014-04-01 22:24 - 2014-04-01 22:26 - 00000000 ____D () C:\Users\aa\.VirtualBox
2014-04-01 22:22 - 2014-03-26 19:01 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-04-01 22:22 - 2014-03-26 19:00 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-04-01 22:16 - 2014-04-01 22:17 - 107394336 _____ (Oracle Corporation) C:\Users\aa\Downloads\VirtualBox-4.3.10-93012-Win (1).exe
2014-04-01 21:59 - 2014-04-01 21:59 - 00086528 _____ (code.kliu.org) C:\Users\aa\Downloads\HashCheckInstall-2.1.11.exe
2014-04-01 21:59 - 2014-04-01 21:59 - 00000000 ____D () C:\Windows\SysWOW64\ShellExt
2014-04-01 21:59 - 2014-04-01 21:59 - 00000000 ____D () C:\Windows\system32\ShellExt
2014-04-01 21:57 - 2014-04-01 21:57 - 00001024 _____ () C:\Windows\SysWOW64\%TMP%
2014-04-01 21:56 - 2014-04-02 20:46 - 00000000 ____D () C:\ProgramData\VMware
2014-04-01 21:56 - 2014-04-02 20:46 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-04-01 21:44 - 2014-04-01 21:44 - 00000469 _____ () C:\Users\aa\Downloads\443.ovpn
2014-04-01 21:22 - 2014-03-28 17:19 - 514092024 _____ (VMware, Inc.) C:\Users\aa\Desktop\VMware-workstation-full-10.0.1-1379776.exe
2014-04-01 21:22 - 2014-03-28 06:51 - 00170835 _____ () C:\Users\aa\Desktop\Tortilla_v1.1.0_Beta.zip
2014-04-01 21:13 - 2014-04-01 22:01 - 567279616 _____ () C:\Users\aa\Downloads\proxmox-ve_3.2-1933730b-2.iso
2014-04-01 21:12 - 2014-04-01 21:16 - 06024674 _____ () C:\Users\aa\Downloads\CDBurnerXP-x64-4.5.3.4643.zip
2014-04-01 18:00 - 2014-04-01 18:00 - 00002485 _____ () C:\Users\aa\Desktop\attach.txt
2014-04-01 18:00 - 2014-04-01 17:59 - 00019751 _____ () C:\Users\aa\Desktop\dds.txt
2014-04-01 17:35 - 2014-04-01 17:35 - 00000000 ____D () C:\Windows\system32\RAPID
2014-04-01 16:40 - 2014-04-01 17:04 - 276762432 _____ (NVIDIA Corporation) C:\Users\aa\Desktop\335.23-notebook-win8-win7-64bit-international-whql.exe
2014-04-01 16:15 - 2014-04-01 16:15 - 00000085 _____ () C:\Windows\wininit.ini
2014-04-01 16:15 - 2014-04-01 16:15 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-04-01 16:02 - 2014-04-01 16:02 - 00000109 _____ () C:\Users\aa\Desktop\lic.txt
2014-04-01 15:31 - 2013-07-29 11:56 - 00240864 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SamsungRapidDiskFltr.sys
2014-04-01 15:13 - 2014-04-01 15:13 - 00001250 _____ () C:\Users\Public\Desktop\Samsung Magician.lnk
2014-04-01 15:12 - 2014-04-01 17:34 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-04-01 15:12 - 2014-04-01 15:12 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-01 15:11 - 2014-04-01 15:12 - 15617656 _____ (Samsung Electronics ) C:\Users\aa\Downloads\Samsung_Magician_v43.exe
2014-04-01 14:27 - 2014-04-01 14:27 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Macromedia
2014-04-01 14:21 - 2014-04-05 03:36 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-01 14:21 - 2014-04-01 14:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-01 14:21 - 2014-04-01 14:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-01 14:21 - 2014-04-01 14:21 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-01 14:21 - 2014-04-01 14:21 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-04-01 14:21 - 2014-04-01 14:21 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-01 14:20 - 2014-04-01 14:21 - 00000000 ____D () C:\Users\aa\AppData\Local\Adobe
2014-04-01 12:08 - 2014-04-01 12:08 - 00000000 __RHD () C:\Users\Public\Libraries
2014-04-01 12:06 - 2014-04-01 12:08 - 00000000 ____D () C:\Users\aa\Desktop\usn
2014-04-01 11:32 - 2014-04-01 11:32 - 00008794 _____ () C:\Users\aa\Documents\CisReport_v6.3.301686.2974_20140401-113224.zip
2014-03-31 02:08 - 2014-03-31 02:12 - 00000000 ____D () C:\Users\aa\Downloads\Nieuwe map (2)
2014-03-31 00:43 - 2014-03-31 00:35 - 00450626 ____R () C:\Windows\system32\Drivers\etc\hosts.20140331-004344.backup
2014-03-31 00:35 - 2014-03-30 21:51 - 00000741 _____ () C:\Windows\system32\Drivers\etc\hosts.20140331-003545.backup
2014-03-30 23:30 - 2014-03-30 23:30 - 00000571 _____ () C:\Users\aa\Desktop\Emsisoft Emergency Kit.lnk
2014-03-30 23:29 - 2014-04-05 02:06 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 23:28 - 2014-03-30 23:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 22:47 - 2014-03-30 22:47 - 00000000 ____D () C:\Users\aa\AppData\Local\Secunia PSI
2014-03-30 22:47 - 2014-03-30 22:47 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-03-30 22:41 - 2014-04-01 15:39 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-03-30 22:41 - 2014-03-30 22:41 - 00001104 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-03-30 22:41 - 2014-03-30 22:41 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-30 22:41 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-03-30 22:41 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2014-03-30 22:40 - 2014-03-30 22:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-03-30 22:40 - 2014-03-30 22:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-03-30 22:40 - 2014-03-30 22:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-03-30 22:35 - 2014-03-30 23:17 - 00000000 ____D () C:\Users\aa\AppData\Local\AnVir
2014-03-30 22:35 - 2014-03-30 22:38 - 00000282 _____ () C:\Windows\Tasks\AnVir Task Manager.job
2014-03-30 22:35 - 2014-03-30 22:35 - 00001584 _____ () C:\Windows\system32\rrr.lnk
2014-03-30 22:35 - 2014-03-30 22:35 - 00001195 _____ () C:\Users\aa\Desktop\Reg Organizer - a PC performance improvement utility.lnk
2014-03-30 22:35 - 2014-03-30 22:35 - 00001142 _____ () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager Free.lnk
2014-03-30 22:35 - 2014-03-30 22:35 - 00001118 _____ () C:\Users\aa\Desktop\AnVir Task Manager Free.lnk
2014-03-30 22:35 - 2014-03-30 22:35 - 00000370 _____ () C:\Windows\Tasks\RegOrganizerQuickLaunch.job
2014-03-30 22:35 - 2014-03-30 22:35 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Free
2014-03-30 22:35 - 2014-03-30 22:35 - 00000000 ____D () C:\Users\aa\AppData\Roaming\ChemTable Software
2014-03-30 22:35 - 2014-03-30 22:35 - 00000000 ____D () C:\Users\aa\AppData\Local\ChemTable Software
2014-03-30 22:35 - 2014-03-30 22:35 - 00000000 ____D () C:\Program Files (x86)\Reg Organizer
2014-03-30 22:35 - 2014-03-30 22:35 - 00000000 ____D () C:\Program Files (x86)\AnVir Task Manager Free
2014-03-30 22:05 - 2014-03-30 22:05 - 00000000 ____D () C:\Users\aa\Downloads\HxDSetupNL
2014-03-30 21:50 - 2014-03-30 21:51 - 00000000 ____D () C:\Users\aa\Downloads\vba32arkit
2014-03-30 21:49 - 2014-03-30 21:50 - 00000000 ____D () C:\Users\aa\Downloads\TCPView
2014-03-30 21:49 - 2014-03-30 21:49 - 00000000 ____D () C:\Users\aa\Downloads\StarterSetup
2014-03-30 21:46 - 2014-03-30 21:52 - 00000000 ____D () C:\Users\aa\Desktop\RK_Quarantine
2014-03-30 21:45 - 2014-03-30 21:45 - 00000000 ____D () C:\Users\aa\Desktop\rkill
2014-03-30 21:37 - 2014-03-30 21:37 - 00000000 ____D () C:\Users\aa\Downloads\getservice
2014-03-30 21:20 - 2014-03-30 21:20 - 00000000 ____D () C:\Users\aa\Downloads\Autoruns
2014-03-30 17:30 - 2014-03-30 17:30 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-03-30 17:30 - 2014-03-30 17:30 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-03-30 17:30 - 2014-03-30 17:30 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-03-30 01:25 - 2014-03-30 01:25 - 00022202 _____ () C:\Users\aa\Downloads\Shortcut.txt
2014-03-30 01:24 - 2014-03-30 22:18 - 00000000 ____D () C:\Users\aa\Downloads\tdsskiller
2014-03-30 01:24 - 2014-03-30 01:25 - 00015004 _____ () C:\Users\aa\Downloads\Addition.txt
2014-03-30 01:23 - 2014-03-30 01:25 - 00150293 _____ () C:\Users\aa\Downloads\FRST.txt
2014-03-30 01:03 - 2014-03-30 01:05 - 05329480 _____ (Secunia) C:\Users\aa\Downloads\PSISetup.exe
2014-03-30 01:03 - 2014-03-30 01:04 - 18506264 _____ (SUPERAntiSpyware) C:\Users\aa\Downloads\SUPERAntiSpyware.exe
2014-03-30 01:03 - 2014-03-30 01:03 - 00291606 _____ () C:\Users\aa\Downloads\TCPView.zip
2014-03-30 01:03 - 2014-03-30 01:03 - 00130337 _____ () C:\Users\aa\Downloads\getservices.zip
2014-03-29 23:11 - 2014-03-29 23:12 - 12589848 _____ (Malwarebytes Corp.) C:\Users\aa\Downloads\mbar-1.07.0.1009 (1).exe
2014-03-29 23:11 - 2014-03-29 23:11 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\aa\Downloads\rkill.exe
2014-03-29 23:11 - 2014-03-29 23:11 - 00688992 ____R (Swearware) C:\Users\aa\Downloads\dds.com
2014-03-29 23:11 - 2014-03-29 23:11 - 00602112 _____ (OldTimer Tools) C:\Users\aa\Downloads\OTL.exe
2014-03-29 23:11 - 2014-03-29 23:11 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\aa\Downloads\unhide.exe
2014-03-29 23:10 - 2014-03-29 23:15 - 17523520 _____ (Malwarebytes Corporation ) C:\Users\aa\Downloads\mbam-setup.exe
2014-03-29 23:09 - 2014-03-29 23:11 - 12589848 _____ (Malwarebytes Corp.) C:\Users\aa\Downloads\mbar-1.07.0.1009.exe
2014-03-29 23:09 - 2014-03-29 23:10 - 04787368 _____ (Piriform Ltd) C:\Users\aa\Downloads\ccsetup412.exe
2014-03-29 23:09 - 2014-03-29 23:10 - 04745728 _____ (AVAST Software) C:\Users\aa\Downloads\aswMBR.exe
2014-03-29 23:09 - 2014-03-29 23:10 - 01472131 _____ () C:\Users\aa\Downloads\vba32arkit.zip
2014-03-29 23:09 - 2014-03-29 23:09 - 00550371 _____ () C:\Users\aa\Downloads\Autoruns.zip
2014-03-29 23:09 - 2014-03-29 23:09 - 00380416 _____ () C:\Users\aa\Downloads\gmer.exe
2014-03-29 23:08 - 2014-03-29 23:10 - 06894152 _____ () C:\Users\aa\Downloads\taskfree.exe
2014-03-29 23:08 - 2014-03-29 23:09 - 04095448 _____ (BrightFort LLC ) C:\Users\aa\Downloads\spywareblastersetup50.exe
2014-03-29 23:08 - 2014-03-29 23:09 - 01066024 _____ (BillP Studios) C:\Users\aa\Downloads\wpsetup.exe
2014-03-29 23:08 - 2014-03-29 23:09 - 00680340 _____ () C:\Users\aa\Downloads\StarterSetup.zip
2014-03-29 23:08 - 2014-03-29 23:08 - 03972608 _____ () C:\Users\aa\Downloads\RogueKiller.exe
2014-03-29 23:08 - 2014-03-29 23:08 - 00142744 _____ () C:\Users\aa\Downloads\vtuploader2.2.exe
2014-03-29 23:07 - 2014-03-29 23:08 - 02157056 _____ (Farbar) C:\Users\aa\Downloads\FRST64.exe
2014-03-29 23:07 - 2014-03-29 23:08 - 01950720 _____ () C:\Users\aa\Downloads\AdwCleaner.exe
2014-03-29 23:07 - 2014-03-29 23:08 - 01038974 _____ (Thisisu) C:\Users\aa\Downloads\JRT.exe
2014-03-29 23:07 - 2014-03-29 23:07 - 04113320 _____ () C:\Users\aa\Downloads\tdsskiller.zip
2014-03-29 23:06 - 2014-03-29 23:20 - 224104440 _____ () C:\Users\aa\Downloads\EmsisoftEmergencyKit.exe
2014-03-29 23:06 - 2014-03-29 23:14 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\aa\Downloads\spybot-2.2.exe
2014-03-29 23:06 - 2014-03-29 23:10 - 39103896 _____ () C:\Users\aa\Downloads\xpud-0.9.2.iso
2014-03-29 23:06 - 2014-03-29 23:06 - 00873310 _____ () C:\Users\aa\Downloads\HxDSetupNL.zip
2014-03-29 23:05 - 2014-03-29 23:06 - 01783856 _____ (TODO: <Company name>) C:\Users\aa\Downloads\snxConfig.exe
2014-03-29 22:26 - 2014-03-29 22:26 - 00000000 ____D () C:\Users\aa\Downloads\Nieuwe map
2014-03-29 21:22 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-29 21:22 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-29 21:01 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-03-29 21:01 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-29 21:01 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-29 21:01 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-03-29 21:01 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-03-29 21:01 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-29 21:01 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-03-29 21:01 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-29 21:01 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-29 21:01 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-03-29 21:01 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-03-29 21:01 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-03-29 21:01 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-29 21:01 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-03-29 21:01 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-29 21:01 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-03-29 21:00 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-03-29 21:00 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-03-29 21:00 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-03-29 21:00 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-03-29 21:00 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-03-29 21:00 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-03-29 21:00 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-03-29 20:59 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-29 20:59 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-29 20:59 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-29 20:59 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-29 20:59 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-29 20:59 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-29 20:59 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-29 20:59 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-29 20:59 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-29 20:59 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-29 20:59 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-29 20:59 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-29 20:59 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-29 20:59 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-29 20:59 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-29 20:59 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-29 20:59 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-29 20:59 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-29 20:59 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-29 20:59 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-29 20:59 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-29 20:59 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-29 20:59 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-29 20:59 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-29 20:59 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-29 20:59 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-29 20:59 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-29 20:59 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-29 20:59 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-29 20:59 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-29 20:59 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-29 20:59 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-29 20:59 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-29 20:59 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-29 20:59 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-29 20:59 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-29 20:59 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-29 20:59 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-29 20:59 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-29 20:59 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-29 20:59 - 2013-12-21 11:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-29 20:59 - 2013-12-21 10:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-29 20:46 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-29 20:46 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-29 20:46 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-29 20:46 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-29 20:46 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-29 20:46 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-29 20:46 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-29 20:46 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-29 20:46 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-03-29 20:46 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-29 20:46 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-03-29 20:46 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-03-29 20:46 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-03-29 20:46 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-03-29 20:45 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-03-29 20:45 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-03-29 20:39 - 2014-03-29 20:39 - 00003524 _____ () C:\Windows\System32\Tasks\CreateChoiceProcessTask
2014-03-29 20:39 - 2014-03-29 20:39 - 00001775 _____ () C:\Users\Public\Desktop\Internetbrowser selecteren.lnk
2014-03-29 20:39 - 2014-03-29 20:39 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Adobe
2014-03-29 20:33 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-03-29 20:33 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-03-29 20:33 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-03-29 20:33 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-03-29 20:27 - 2014-03-29 20:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-29 20:27 - 2014-03-29 20:27 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Sjablonen
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Netwerkprinteromgeving
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Mijn documenten
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Menu Start
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Mijn video's
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Mijn muziek
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Mijn afbeeldingen
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Geschiedenis
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-29 20:27 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-29 20:27 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-29 20:26 - 2013-09-05 03:37 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-29 20:26 - 2013-09-05 03:37 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-29 20:26 - 2013-08-30 00:43 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-29 20:26 - 2013-08-30 00:43 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-29 20:26 - 2013-08-30 00:43 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-29 20:26 - 2013-08-30 00:43 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-29 20:26 - 2013-08-30 00:43 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-29 20:26 - 2013-08-30 00:43 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-29 20:25 - 2014-03-29 20:27 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-29 20:25 - 2014-03-29 20:25 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-29 20:23 - 2013-10-14 19:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-03-29 20:17 - 2014-03-29 20:17 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-29 20:17 - 2014-03-29 20:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-29 20:17 - 2014-03-29 20:17 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-29 20:17 - 2014-03-29 20:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-29 20:17 - 2014-03-29 20:17 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-29 20:17 - 2014-03-29 20:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-29 20:17 - 2014-03-29 20:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-29 20:15 - 2014-03-29 20:15 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-29 20:14 - 2014-03-29 20:23 - 00013671 _____ () C:\Windows\IE11_main.log
2014-03-29 20:09 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-03-29 20:07 - 2014-03-29 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-29 20:07 - 2014-03-02 15:05 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-29 20:06 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-03-29 20:06 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-03-29 20:06 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-03-29 20:06 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-03-29 20:06 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-03-29 20:06 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-03-29 20:06 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-03-29 20:06 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-03-29 19:57 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-03-29 19:57 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-03-29 19:57 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-03-29 19:57 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-03-29 19:57 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-03-29 19:57 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-03-29 19:57 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-03-29 19:57 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-03-29 19:57 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-03-29 19:57 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-03-29 19:57 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-03-29 19:57 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-03-29 19:57 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-03-29 19:57 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-03-29 19:57 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-03-29 19:57 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-03-29 19:57 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-03-29 19:57 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-03-29 19:57 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-03-29 19:57 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-03-29 19:57 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-03-29 19:57 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-03-29 19:57 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-03-29 19:57 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-03-29 19:57 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-03-29 19:57 - 2011-03-11 08:41 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-03-29 19:57 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-03-29 19:57 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-03-29 19:57 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-03-29 19:57 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-03-29 19:57 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-03-29 19:57 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-03-29 19:57 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-03-29 19:57 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-03-29 19:57 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-03-29 19:57 - 2011-02-05 19:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-03-29 19:57 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-03-29 19:57 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-03-29 19:57 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-03-29 19:57 - 2011-02-05 19:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-03-29 19:57 - 2011-02-05 19:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-03-29 19:57 - 2011-02-05 19:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-03-29 19:56 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-29 19:56 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-03-29 19:56 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-03-29 19:56 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-29 19:56 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-03-29 19:56 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-29 19:56 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-03-29 19:56 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-03-29 19:56 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-03-29 19:56 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-03-29 19:56 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-03-29 19:56 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-03-29 19:56 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-29 19:56 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-03-29 19:56 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-03-29 19:56 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-29 19:56 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-29 19:56 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-03-29 19:56 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-03-29 19:56 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-03-29 19:56 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-03-29 19:56 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-03-29 19:56 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-29 19:56 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-03-29 19:56 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-03-29 19:56 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-03-29 19:56 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-03-29 19:56 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-03-29 19:56 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-03-29 19:56 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-03-29 19:56 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-03-29 19:56 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-03-29 19:56 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-03-29 19:56 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-03-29 19:56 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-03-29 19:56 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-03-29 19:56 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-03-29 19:56 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-03-29 19:56 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-03-29 19:56 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-03-29 19:56 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-03-29 19:56 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-03-29 19:56 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-03-29 19:56 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-03-29 19:56 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-03-29 19:56 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-03-29 19:56 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-03-29 19:56 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-03-29 19:56 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-03-29 19:56 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-03-29 19:56 - 2012-11-30 07:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-03-29 19:56 - 2012-11-30 07:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-03-29 19:56 - 2012-11-30 07:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-03-29 19:56 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-03-29 19:56 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-03-29 19:56 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-03-29 19:56 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-03-29 19:56 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-03-29 19:56 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2014-03-29 19:56 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2014-03-29 19:56 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2014-03-29 19:56 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2014-03-29 19:56 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2014-03-29 19:56 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2014-03-29 19:56 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2014-03-29 19:56 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2014-03-29 19:56 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2014-03-29 19:56 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2014-03-29 19:56 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2014-03-29 19:56 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2014-03-29 19:56 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-03-29 19:56 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-03-29 19:55 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-29 19:55 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-29 19:55 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-03-29 19:55 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-03-29 19:55 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-03-29 19:55 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-03-29 19:55 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-29 19:55 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-03-29 19:55 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-03-29 19:55 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-03-29 19:55 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-03-29 19:55 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-03-29 19:55 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-03-29 19:55 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-03-29 19:55 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-03-29 19:55 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-29 19:55 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-29 19:55 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-03-29 19:55 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-29 19:55 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-29 19:55 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-29 19:55 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-29 19:55 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-03-29 19:55 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-03-29 19:55 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-29 19:55 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-03-29 19:55 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-29 19:55 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-03-29 19:55 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-03-29 19:55 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-03-29 19:55 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-03-29 19:55 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-03-29 19:55 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-03-29 19:55 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-03-29 19:55 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-03-29 19:55 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-03-29 19:55 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-29 19:55 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-03-29 19:55 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-03-29 19:55 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-03-29 19:55 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-03-29 19:55 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-03-29 19:55 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-03-29 19:55 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-03-29 19:55 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-03-29 19:55 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-03-29 19:55 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-03-29 19:55 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-03-29 19:55 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-03-29 19:55 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-03-29 19:55 - 2011-04-23 00:15 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-03-29 19:55 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-03-29 19:55 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-03-29 19:42 - 2014-04-05 03:01 - 01864550 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-29 19:40 - 2014-03-29 20:39 - 00099097 _____ () C:\Windows\iis7.log
2014-03-29 19:39 - 2014-04-04 21:57 - 00000000 ____D () C:\inetpub
2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Windows\system32\msmq
2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-03-29 19:02 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-03-29 19:02 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-03-29 19:02 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-03-29 19:01 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-03-29 19:01 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-03-29 19:01 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-03-29 19:01 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-03-29 19:01 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-03-29 19:00 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-29 19:00 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-29 19:00 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-03-29 19:00 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-29 19:00 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-29 19:00 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-29 19:00 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-03-29 19:00 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-03-29 19:00 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-29 19:00 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-29 19:00 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-29 19:00 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-29 19:00 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-29 19:00 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-29 19:00 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-03-29 19:00 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-03-29 19:00 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-29 19:00 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-03-29 19:00 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-03-29 19:00 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-03-29 19:00 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-03-29 19:00 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-03-29 19:00 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-03-29 18:59 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-29 18:59 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-03-29 18:59 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-29 18:59 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-03-29 18:59 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-03-29 18:59 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-29 18:59 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-29 18:59 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-29 18:59 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-29 18:59 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-03-29 18:59 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-03-29 18:59 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-03-29 18:59 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-03-29 18:59 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-03-29 18:59 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-03-29 18:59 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-03-29 18:59 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-03-29 18:59 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-03-29 18:59 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-03-29 18:59 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-03-29 18:59 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-03-29 18:59 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-03-29 18:59 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-03-29 18:59 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-03-29 18:59 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-03-29 18:59 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-03-29 18:59 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-03-29 18:59 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-03-29 18:59 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-03-29 18:59 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-03-29 18:59 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-03-29 18:59 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-03-29 18:59 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-03-29 18:59 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-03-29 18:59 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-03-29 18:59 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-03-29 18:59 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-03-29 18:59 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-03-29 18:59 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-03-29 18:59 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-03-29 18:59 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-03-29 18:59 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-03-29 18:58 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-29 18:58 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-29 18:58 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-29 18:58 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-29 18:58 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-29 18:58 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-29 18:58 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-03-29 18:58 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-29 18:58 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-29 18:58 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-29 18:58 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-03-29 18:58 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-29 18:58 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-03-29 18:58 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-03-29 18:58 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-03-29 18:58 - 2013-09-25 04:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-03-29 18:58 - 2013-09-25 04:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-29 18:58 - 2013-09-25 04:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-03-29 18:58 - 2013-09-25 04:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-03-29 18:58 - 2013-09-25 04:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-29 18:58 - 2013-09-25 04:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-29 18:58 - 2013-09-25 04:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-29 18:58 - 2013-09-25 04:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-29 18:58 - 2013-09-25 03:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-03-29 18:58 - 2013-09-25 03:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-03-29 18:58 - 2013-09-25 03:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-03-29 18:58 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-03-29 18:58 - 2013-09-25 03:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-29 18:58 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-29 18:58 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-29 18:58 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-03-29 18:58 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-29 18:58 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-29 18:58 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-03-29 18:58 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-29 18:58 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-03-29 18:58 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-29 18:58 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-03-29 18:58 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-03-29 18:58 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-29 18:58 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-29 18:58 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-29 18:58 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-29 18:58 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-03-29 18:58 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-03-29 18:58 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-03-29 18:58 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-29 18:58 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-03-29 18:58 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-03-29 18:58 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-29 18:58 - 2012-08-11 02:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-03-29 18:58 - 2012-08-11 01:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-03-29 18:58 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-03-29 18:58 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-03-29 18:58 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-03-29 18:58 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-03-29 18:58 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-03-29 18:58 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-03-29 18:58 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-03-29 18:58 - 2011-10-26 07:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-03-29 18:58 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-03-29 18:58 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-03-29 18:58 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-03-29 18:58 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-03-29 18:58 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-03-29 18:58 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-03-29 18:58 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-03-29 18:58 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-03-29 18:58 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-03-29 18:58 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-03-29 18:58 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-03-29 18:58 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-03-29 18:57 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-29 18:57 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-29 18:57 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-29 18:57 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-29 18:57 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-03-29 18:57 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-29 18:57 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-29 18:57 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-29 18:57 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-29 18:57 - 2013-09-28 03:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-29 18:57 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-03-29 18:57 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-29 18:57 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-29 18:57 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-29 18:57 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-29 18:57 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-03-29 18:57 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-29 18:57 - 2013-01-03 08:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-03-29 18:57 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-03-29 18:57 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-03-29 18:57 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-03-29 18:57 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-03-29 18:57 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-03-29 18:57 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-03-29 18:57 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-03-29 18:57 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-03-29 18:57 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-03-29 18:57 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-03-29 18:57 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-03-29 18:57 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-03-29 18:57 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-03-29 18:57 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-03-29 18:57 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-03-29 18:57 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-03-29 18:57 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-03-29 18:57 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-03-29 18:57 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-03-29 18:57 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-03-29 18:57 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-03-29 18:57 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-03-29 18:57 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-03-29 18:57 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-03-29 18:57 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-03-29 18:57 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-03-29 18:57 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-03-29 18:57 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-03-29 18:57 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-03-29 18:57 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-03-29 18:57 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-03-29 18:57 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-03-29 18:47 - 2014-04-04 04:06 - 08235064 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ___HD () C:\VTRoot
2014-03-29 18:06 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-03-29 18:06 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-03-29 18:06 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-03-29 18:06 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-03-29 18:06 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-03-29 18:06 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-03-29 18:06 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-03-29 18:06 - 2012-06-02 16:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-03-29 18:06 - 2012-06-02 16:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-03-29 18:03 - 2014-04-02 18:11 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-03-29 18:02 - 2014-04-04 10:34 - 00000000 ___SD () C:\ProgramData\Shared Space
2014-03-29 18:02 - 2014-04-02 18:09 - 00001947 _____ () C:\Users\Public\Desktop\COMODO Firewall.lnk
2014-03-29 18:02 - 2014-03-29 18:02 - 00001924 _____ () C:\Users\Public\Desktop\Virtueel Comodo Dragon.lnk
2014-03-29 18:02 - 2014-03-29 18:02 - 00000618 _____ () C:\Users\Public\Desktop\Shared Space.lnk
2014-03-29 18:01 - 2014-04-01 16:56 - 00000000 ____D () C:\Program Files\COMODO
2014-03-29 18:01 - 2014-03-30 21:17 - 00000000 ____D () C:\ProgramData\COMODO
2014-03-29 18:01 - 2014-03-29 18:01 - 00000000 ____D () C:\Windows\pss
2014-03-29 17:59 - 2014-03-29 17:59 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-29 17:59 - 2014-03-29 17:59 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 17:59 - 2014-03-29 17:59 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-29 17:59 - 2014-03-29 17:59 - 00000000 ____D () C:\Users\aa\AppData\Roaming\AVAST Software
2014-03-29 17:59 - 2014-03-29 17:59 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-29 17:58 - 2014-04-05 03:22 - 01573357 _____ () C:\Windows\WindowsUpdate.log
2014-03-29 17:58 - 2014-03-30 17:30 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-03-29 17:58 - 2014-03-30 17:30 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-03-29 17:58 - 2014-03-30 17:30 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-03-29 17:58 - 2014-03-29 20:40 - 00058016 _____ () C:\Users\aa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-29 17:58 - 2014-03-29 17:58 - 00000000 ____D () C:\Users\aa\AppData\Local\Comodo
2014-03-29 17:58 - 2014-03-29 17:58 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-03-29 17:58 - 2014-03-29 17:58 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-29 17:57 - 2014-04-04 21:51 - 00000000 ___RD () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-29 17:57 - 2014-04-04 21:51 - 00000000 ___RD () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-29 17:57 - 2014-03-29 20:39 - 00001450 _____ () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-29 17:57 - 2014-03-29 17:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-29 17:57 - 2014-03-28 00:31 - 88551496 _____ (AVAST Software) C:\Users\aa\Desktop\avast_free_antivirus_setup_9.0.2016.exe
2014-03-29 17:57 - 2014-03-26 21:40 - 211388240 _____ (COMODO) C:\Users\aa\Desktop\comodo firewall _5732_83.exe
2014-03-29 17:56 - 2014-04-04 23:31 - 00000000 ____D () C:\Users\aa
2014-03-29 17:56 - 2014-04-04 21:50 - 00000000 ___RD () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-29 17:56 - 2014-03-29 17:56 - 00000020 ___SH () C:\Users\aa\ntuser.ini
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Sjablonen
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Netwerkprinteromgeving
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Mijn documenten
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Menu Start
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Documents\Mijn video's
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Documents\Mijn muziek
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Documents\Mijn afbeeldingen
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Geschiedenis
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Netwerkprinteromgeving
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Mijn documenten
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Menu Start
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Documents\Mijn video's
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Documents\Mijn muziek
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Documents\Mijn afbeeldingen
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\AppData\Local\Geschiedenis
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\ProgramData\Sjablonen
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\ProgramData\Menu Start
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\ProgramData\Favorieten
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\ProgramData\Documenten
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\ProgramData\Bureaublad
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 __SHD () C:\Recovery
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 ____D () C:\Users\aa\AppData\Local\VirtualStore
2014-03-29 17:56 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-29 17:55 - 2014-03-29 17:55 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-29 17:53 - 2014-03-29 17:56 - 00000000 ____D () C:\Windows\Panther
2014-03-29 17:53 - 2014-03-29 17:53 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-03-29 17:53 - 2010-11-21 05:23 - 00383786 __RSH () C:\bootmgr
2014-03-26 19:00 - 2014-03-26 19:00 - 00141600 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys

==================== One Month Modified Files and Folders =======

2014-04-05 03:51 - 2014-04-05 03:51 - 00000000 ____D () C:\FRST
2014-04-05 03:51 - 2014-04-05 01:48 - 00000000 ____D () C:\Users\aa\Desktop\Nieuwe map
2014-04-05 03:36 - 2014-04-01 14:21 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-05 03:26 - 2011-04-12 15:00 - 00830214 _____ () C:\Windows\system32\perfh013.dat
2014-04-05 03:26 - 2011-04-12 15:00 - 00187196 _____ () C:\Windows\system32\perfc013.dat
2014-04-05 03:26 - 2009-07-14 07:13 - 01889882 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-05 03:22 - 2014-03-29 17:58 - 01573357 _____ () C:\Windows\WindowsUpdate.log
2014-04-05 03:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-04-05 03:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-05 03:20 - 2009-07-14 06:51 - 00026645 _____ () C:\Windows\setupact.log
2014-04-05 03:19 - 2009-07-14 06:45 - 00017072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-05 03:19 - 2009-07-14 06:45 - 00017072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-05 03:01 - 2014-03-29 19:42 - 01864550 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-05 02:24 - 2014-04-05 02:24 - 00001206 _____ () C:\Users\aa\Desktop\Desinstaller_HOSTS_Anti-PUPs.lnk
2014-04-05 02:24 - 2014-04-05 02:24 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-04-05 02:20 - 2014-04-05 02:17 - 00000000 ____D () C:\AdwCleaner
2014-04-05 02:06 - 2014-03-30 23:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 01:52 - 2014-04-05 01:52 - 00001127 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-05 01:52 - 2014-04-05 01:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-05 01:04 - 2014-04-04 23:31 - 00000000 ____D () C:\Users\aa\.zenmap
2014-04-04 23:31 - 2014-04-04 23:31 - 00000988 _____ () C:\Users\aa\Desktop\Nmap - Zenmap GUI.lnk
2014-04-04 23:31 - 2014-04-04 23:31 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2014-04-04 23:31 - 2014-03-29 17:56 - 00000000 ____D () C:\Users\aa
2014-04-04 23:30 - 2014-04-04 23:30 - 00000000 ____D () C:\Program Files (x86)\Nmap
2014-04-04 23:28 - 2014-04-04 23:27 - 26776462 _____ (Insecure.org) C:\Users\aa\Desktop\nmap-6.40-setup.exe
2014-04-04 22:36 - 2014-04-04 22:36 - 00057907 _____ () C:\Users\aa\Desktop\IPv6Disable.zip
2014-04-04 22:36 - 2014-04-04 22:36 - 00000000 ____D () C:\Users\aa\Desktop\IPv6Disable
2014-04-04 21:57 - 2014-03-29 19:39 - 00000000 ____D () C:\inetpub
2014-04-04 21:51 - 2014-03-29 17:57 - 00000000 ___RD () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-04 21:51 - 2014-03-29 17:57 - 00000000 ___RD () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-04 21:50 - 2014-03-29 17:56 - 00000000 ___RD () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-04 21:32 - 2014-04-02 00:43 - 00000000 ____D () C:\Users\aa\AppData\Local\Downloaded Installations
2014-04-04 21:16 - 2014-04-04 21:16 - 00002153 _____ () C:\Users\Public\Desktop\REALTEK USB Wireless LAN Utility.lnk
2014-04-04 21:16 - 2014-04-04 21:16 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-04 21:15 - 2014-04-04 21:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-04 21:14 - 2014-04-04 21:14 - 00000000 ____D () C:\Program Files (x86)\REALTEK
2014-04-04 16:51 - 2014-04-04 16:49 - 00000000 ____D () C:\Users\aa\Downloads\docs
2014-04-04 10:34 - 2014-03-29 18:02 - 00000000 ___SD () C:\ProgramData\Shared Space
2014-04-04 04:10 - 2014-04-04 04:08 - 00000000 ____D () C:\Users\aa\Desktop\SARDU_2.0.6.5
2014-04-04 04:09 - 2014-04-04 04:09 - 00000811 _____ () C:\Users\UpdatusUser\Desktop\SARDU.lnk
2014-04-04 04:09 - 2014-04-04 04:09 - 00000781 _____ () C:\Users\aa\Desktop\SARDU.lnk
2014-04-04 04:09 - 2014-04-04 04:09 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SARDU
2014-04-04 04:08 - 2014-04-04 04:07 - 14021962 _____ () C:\Users\aa\Desktop\SARDU_2.0.6.5.zip
2014-04-04 04:06 - 2014-03-29 18:47 - 08235064 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-04-04 03:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-03 21:19 - 2014-04-03 13:52 - 00000000 ____D () C:\ProgramData\Brother
2014-04-03 09:51 - 2014-04-05 01:52 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-05 01:52 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-05 01:52 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 02:46 - 2014-04-03 02:23 - 00000600 _____ () C:\Users\aa\AppData\Local\PUTTY.RND
2014-04-03 01:16 - 2010-11-21 05:47 - 00006932 _____ () C:\Windows\PFRO.log
2014-04-03 00:51 - 2014-04-03 00:51 - 00000074 _____ () C:\Users\aa\Desktop\naam.txt
2014-04-02 20:46 - 2014-04-01 21:56 - 00000000 ____D () C:\ProgramData\VMware
2014-04-02 20:46 - 2014-04-01 21:56 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-04-02 18:11 - 2014-03-29 18:03 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-04-02 18:09 - 2014-03-29 18:02 - 00001947 _____ () C:\Users\Public\Desktop\COMODO Firewall.lnk
2014-04-02 06:24 - 2014-04-02 06:21 - 00000000 ____D () C:\Users\aa\Documents\Freemake
2014-04-02 06:21 - 2014-04-02 06:21 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-04-02 06:21 - 2014-04-02 06:20 - 00001357 _____ () C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2014-04-02 06:21 - 2014-04-02 06:20 - 00000000 ____D () C:\ProgramData\Freemake
2014-04-02 06:20 - 2014-04-02 06:20 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-04-02 06:16 - 2011-12-22 14:43 - 01009976 _____ (Ellora Assets Corporation ) C:\Users\aa\Desktop\Freemake Video Downloader.exe
2014-04-02 06:15 - 2011-12-22 14:46 - 31580160 _____ () C:\Users\aa\Desktop\PDF-XChange Viewer x64.msi
2014-04-02 04:33 - 2014-04-02 04:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-04-02 00:58 - 2014-04-02 00:58 - 00000000 ____D () C:\Program Files (x86)\ImageWriter
2014-04-02 00:44 - 2014-04-02 00:44 - 00002111 _____ () C:\Users\Public\Desktop\SDFormatter.lnk
2014-04-02 00:44 - 2014-04-02 00:44 - 00000000 ____D () C:\Program Files (x86)\SDA
2014-04-01 22:54 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-01 22:26 - 2014-04-01 22:24 - 00000000 ____D () C:\Users\aa\.VirtualBox
2014-04-01 22:25 - 2014-04-01 22:25 - 00000000 ____D () C:\Users\aa\AppData\Roaming\NVIDIA
2014-04-01 22:17 - 2014-04-01 22:16 - 107394336 _____ (Oracle Corporation) C:\Users\aa\Downloads\VirtualBox-4.3.10-93012-Win (1).exe
2014-04-01 22:01 - 2014-04-01 21:13 - 567279616 _____ () C:\Users\aa\Downloads\proxmox-ve_3.2-1933730b-2.iso
2014-04-01 21:59 - 2014-04-01 21:59 - 00086528 _____ (code.kliu.org) C:\Users\aa\Downloads\HashCheckInstall-2.1.11.exe
2014-04-01 21:59 - 2014-04-01 21:59 - 00000000 ____D () C:\Windows\SysWOW64\ShellExt
2014-04-01 21:59 - 2014-04-01 21:59 - 00000000 ____D () C:\Windows\system32\ShellExt
2014-04-01 21:57 - 2014-04-01 21:57 - 00001024 _____ () C:\Windows\SysWOW64\%TMP%
2014-04-01 21:44 - 2014-04-01 21:44 - 00000469 _____ () C:\Users\aa\Downloads\443.ovpn
2014-04-01 21:16 - 2014-04-01 21:12 - 06024674 _____ () C:\Users\aa\Downloads\CDBurnerXP-x64-4.5.3.4643.zip
2014-04-01 18:00 - 2014-04-01 18:00 - 00002485 _____ () C:\Users\aa\Desktop\attach.txt
2014-04-01 17:59 - 2014-04-01 18:00 - 00019751 _____ () C:\Users\aa\Desktop\dds.txt
2014-04-01 17:35 - 2014-04-01 17:35 - 00000000 ____D () C:\Windows\system32\RAPID
2014-04-01 17:34 - 2014-04-01 15:12 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-04-01 17:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-01 17:04 - 2014-04-01 16:40 - 276762432 _____ (NVIDIA Corporation) C:\Users\aa\Desktop\335.23-notebook-win8-win7-64bit-international-whql.exe
2014-04-01 16:56 - 2014-03-29 18:01 - 00000000 ____D () C:\Program Files\COMODO
2014-04-01 16:15 - 2014-04-01 16:15 - 00000085 _____ () C:\Windows\wininit.ini
2014-04-01 16:15 - 2014-04-01 16:15 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-04-01 16:02 - 2014-04-01 16:02 - 00000109 _____ () C:\Users\aa\Desktop\lic.txt
2014-04-01 15:39 - 2014-03-30 22:41 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-04-01 15:13 - 2014-04-01 15:13 - 00001250 _____ () C:\Users\Public\Desktop\Samsung Magician.lnk
2014-04-01 15:12 - 2014-04-01 15:12 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-01 15:12 - 2014-04-01 15:11 - 15617656 _____ (Samsung Electronics ) C:\Users\aa\Downloads\Samsung_Magician_v43.exe
2014-04-01 14:27 - 2014-04-01 14:27 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Macromedia
2014-04-01 14:21 - 2014-04-01 14:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-01 14:21 - 2014-04-01 14:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-01 14:21 - 2014-04-01 14:21 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-01 14:21 - 2014-04-01 14:21 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-04-01 14:21 - 2014-04-01 14:21 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-01 14:21 - 2014-04-01 14:20 - 00000000 ____D () C:\Users\aa\AppData\Local\Adobe
2014-04-01 13:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-01 12:08 - 2014-04-01 12:08 - 00000000 __RHD () C:\Users\Public\Libraries
2014-04-01 12:08 - 2014-04-01 12:06 - 00000000 ____D () C:\Users\aa\Desktop\usn
2014-04-01 11:32 - 2014-04-01 11:32 - 00008794 _____ () C:\Users\aa\Documents\CisReport_v6.3.301686.2974_20140401-113224.zip
2014-03-31 02:12 - 2014-03-31 02:08 - 00000000 ____D () C:\Users\aa\Downloads\Nieuwe map (2)
2014-03-31 00:35 - 2014-03-31 00:43 - 00450626 ____R () C:\Windows\system32\Drivers\etc\hosts.20140331-004344.backup
2014-03-30 23:30 - 2014-03-30 23:30 - 00000571 _____ () C:\Users\aa\Desktop\Emsisoft Emergency Kit.lnk
2014-03-30 23:28 - 2014-03-30 23:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 23:17 - 2014-03-30 22:35 - 00000000 ____D () C:\Users\aa\AppData\Local\AnVir
2014-03-30 22:47 - 2014-03-30 22:47 - 00000000 ____D () C:\Users\aa\AppData\Local\Secunia PSI
2014-03-30 22:47 - 2014-03-30 22:47 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-03-30 22:41 - 2014-03-30 22:41 - 00001104 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-03-30 22:41 - 2014-03-30 22:41 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-30 22:40 - 2014-03-30 22:40 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-03-30 22:40 - 2014-03-30 22:40 - 00000628 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-03-30 22:40 - 2014-03-30 22:40 - 00000458 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-03-30 22:38 - 2014-03-30 22:35 - 00000282 _____ () C:\Windows\Tasks\AnVir Task Manager.job
2014-03-30 22:35 - 2014-03-30 22:35 - 00001584 _____ () C:\Windows\system32\rrr.lnk
2014-03-30 22:35 - 2014-03-30 22:35 - 00001195 _____ () C:\Users\aa\Desktop\Reg Organizer - a PC performance improvement utility.lnk
2014-03-30 22:35 - 2014-03-30 22:35 - 00001142 _____ () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager Free.lnk
2014-03-30 22:35 - 2014-03-30 22:35 - 00001118 _____ () C:\Users\aa\Desktop\AnVir Task Manager Free.lnk
2014-03-30 22:35 - 2014-03-30 22:35 - 00000370 _____ () C:\Windows\Tasks\RegOrganizerQuickLaunch.job
2014-03-30 22:35 - 2014-03-30 22:35 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Free
2014-03-30 22:35 - 2014-03-30 22:35 - 00000000 ____D () C:\Users\aa\AppData\Roaming\ChemTable Software
2014-03-30 22:35 - 2014-03-30 22:35 - 00000000 ____D () C:\Users\aa\AppData\Local\ChemTable Software
2014-03-30 22:35 - 2014-03-30 22:35 - 00000000 ____D () C:\Program Files (x86)\Reg Organizer
2014-03-30 22:35 - 2014-03-30 22:35 - 00000000 ____D () C:\Program Files (x86)\AnVir Task Manager Free
2014-03-30 22:18 - 2014-03-30 01:24 - 00000000 ____D () C:\Users\aa\Downloads\tdsskiller
2014-03-30 22:05 - 2014-03-30 22:05 - 00000000 ____D () C:\Users\aa\Downloads\HxDSetupNL
2014-03-30 21:52 - 2014-03-30 21:46 - 00000000 ____D () C:\Users\aa\Desktop\RK_Quarantine
2014-03-30 21:51 - 2014-03-31 00:35 - 00000741 _____ () C:\Windows\system32\Drivers\etc\hosts.20140331-003545.backup
2014-03-30 21:51 - 2014-03-30 21:50 - 00000000 ____D () C:\Users\aa\Downloads\vba32arkit
2014-03-30 21:50 - 2014-03-30 21:49 - 00000000 ____D () C:\Users\aa\Downloads\TCPView
2014-03-30 21:49 - 2014-03-30 21:49 - 00000000 ____D () C:\Users\aa\Downloads\StarterSetup
2014-03-30 21:45 - 2014-03-30 21:45 - 00000000 ____D () C:\Users\aa\Desktop\rkill
2014-03-30 21:37 - 2014-03-30 21:37 - 00000000 ____D () C:\Users\aa\Downloads\getservice
2014-03-30 21:20 - 2014-03-30 21:20 - 00000000 ____D () C:\Users\aa\Downloads\Autoruns
2014-03-30 21:17 - 2014-03-29 18:01 - 00000000 ____D () C:\ProgramData\COMODO
2014-03-30 17:30 - 2014-03-30 17:30 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-03-30 17:30 - 2014-03-30 17:30 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-03-30 17:30 - 2014-03-30 17:30 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-03-30 17:30 - 2014-03-29 17:58 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-03-30 17:30 - 2014-03-29 17:58 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-03-30 17:30 - 2014-03-29 17:58 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-03-30 09:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-30 01:25 - 2014-03-30 01:25 - 00022202 _____ () C:\Users\aa\Downloads\Shortcut.txt
2014-03-30 01:25 - 2014-03-30 01:24 - 00015004 _____ () C:\Users\aa\Downloads\Addition.txt
2014-03-30 01:25 - 2014-03-30 01:23 - 00150293 _____ () C:\Users\aa\Downloads\FRST.txt
2014-03-30 01:05 - 2014-03-30 01:03 - 05329480 _____ (Secunia) C:\Users\aa\Downloads\PSISetup.exe
2014-03-30 01:04 - 2014-03-30 01:03 - 18506264 _____ (SUPERAntiSpyware) C:\Users\aa\Downloads\SUPERAntiSpyware.exe
2014-03-30 01:03 - 2014-03-30 01:03 - 00291606 _____ () C:\Users\aa\Downloads\TCPView.zip
2014-03-30 01:03 - 2014-03-30 01:03 - 00130337 _____ () C:\Users\aa\Downloads\getservices.zip
2014-03-29 23:20 - 2014-03-29 23:06 - 224104440 _____ () C:\Users\aa\Downloads\EmsisoftEmergencyKit.exe
2014-03-29 23:15 - 2014-03-29 23:10 - 17523520 _____ (Malwarebytes Corporation ) C:\Users\aa\Downloads\mbam-setup.exe
2014-03-29 23:14 - 2014-03-29 23:06 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\aa\Downloads\spybot-2.2.exe
2014-03-29 23:12 - 2014-03-29 23:11 - 12589848 _____ (Malwarebytes Corp.) C:\Users\aa\Downloads\mbar-1.07.0.1009 (1).exe
2014-03-29 23:11 - 2014-03-29 23:11 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\aa\Downloads\rkill.exe
2014-03-29 23:11 - 2014-03-29 23:11 - 00688992 ____R (Swearware) C:\Users\aa\Downloads\dds.com
2014-03-29 23:11 - 2014-03-29 23:11 - 00602112 _____ (OldTimer Tools) C:\Users\aa\Downloads\OTL.exe
2014-03-29 23:11 - 2014-03-29 23:11 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\aa\Downloads\unhide.exe
2014-03-29 23:11 - 2014-03-29 23:09 - 12589848 _____ (Malwarebytes Corp.) C:\Users\aa\Downloads\mbar-1.07.0.1009.exe
2014-03-29 23:10 - 2014-03-29 23:09 - 04787368 _____ (Piriform Ltd) C:\Users\aa\Downloads\ccsetup412.exe
2014-03-29 23:10 - 2014-03-29 23:09 - 04745728 _____ (AVAST Software) C:\Users\aa\Downloads\aswMBR.exe
2014-03-29 23:10 - 2014-03-29 23:09 - 01472131 _____ () C:\Users\aa\Downloads\vba32arkit.zip
2014-03-29 23:10 - 2014-03-29 23:08 - 06894152 _____ () C:\Users\aa\Downloads\taskfree.exe
2014-03-29 23:10 - 2014-03-29 23:06 - 39103896 _____ () C:\Users\aa\Downloads\xpud-0.9.2.iso
2014-03-29 23:09 - 2014-03-29 23:09 - 00550371 _____ () C:\Users\aa\Downloads\Autoruns.zip
2014-03-29 23:09 - 2014-03-29 23:09 - 00380416 _____ () C:\Users\aa\Downloads\gmer.exe
2014-03-29 23:09 - 2014-03-29 23:08 - 04095448 _____ (BrightFort LLC ) C:\Users\aa\Downloads\spywareblastersetup50.exe
2014-03-29 23:09 - 2014-03-29 23:08 - 01066024 _____ (BillP Studios) C:\Users\aa\Downloads\wpsetup.exe
2014-03-29 23:09 - 2014-03-29 23:08 - 00680340 _____ () C:\Users\aa\Downloads\StarterSetup.zip
2014-03-29 23:08 - 2014-03-29 23:08 - 03972608 _____ () C:\Users\aa\Downloads\RogueKiller.exe
2014-03-29 23:08 - 2014-03-29 23:08 - 00142744 _____ () C:\Users\aa\Downloads\vtuploader2.2.exe
2014-03-29 23:08 - 2014-03-29 23:07 - 02157056 _____ (Farbar) C:\Users\aa\Downloads\FRST64.exe
2014-03-29 23:08 - 2014-03-29 23:07 - 01950720 _____ () C:\Users\aa\Downloads\AdwCleaner.exe
2014-03-29 23:08 - 2014-03-29 23:07 - 01038974 _____ (Thisisu) C:\Users\aa\Downloads\JRT.exe
2014-03-29 23:07 - 2014-03-29 23:07 - 04113320 _____ () C:\Users\aa\Downloads\tdsskiller.zip
2014-03-29 23:06 - 2014-03-29 23:06 - 00873310 _____ () C:\Users\aa\Downloads\HxDSetupNL.zip
2014-03-29 23:06 - 2014-03-29 23:05 - 01783856 _____ (TODO: <Company name>) C:\Users\aa\Downloads\snxConfig.exe
2014-03-29 22:26 - 2014-03-29 22:26 - 00000000 ____D () C:\Users\aa\Downloads\Nieuwe map
2014-03-29 21:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-29 20:40 - 2014-03-29 17:58 - 00058016 _____ () C:\Users\aa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-29 20:39 - 2014-03-29 20:39 - 00003524 _____ () C:\Windows\System32\Tasks\CreateChoiceProcessTask
2014-03-29 20:39 - 2014-03-29 20:39 - 00001775 _____ () C:\Users\Public\Desktop\Internetbrowser selecteren.lnk
2014-03-29 20:39 - 2014-03-29 20:39 - 00000000 ____D () C:\Users\aa\AppData\Roaming\Adobe
2014-03-29 20:39 - 2014-03-29 20:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-29 20:39 - 2014-03-29 19:40 - 00099097 _____ () C:\Windows\iis7.log
2014-03-29 20:39 - 2014-03-29 17:57 - 00001450 _____ () C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-29 20:38 - 2009-07-14 06:45 - 00275944 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-29 20:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-29 20:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-29 20:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-03-29 20:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-29 20:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-29 20:27 - 2014-03-29 20:27 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Sjablonen
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Netwerkprinteromgeving
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Mijn documenten
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Menu Start
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Mijn video's
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Mijn muziek
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Mijn afbeeldingen
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Geschiedenis
2014-03-29 20:27 - 2014-03-29 20:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-29 20:27 - 2014-03-29 20:25 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-29 20:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-03-29 20:25 - 2014-03-29 20:25 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-29 20:23 - 2014-03-29 20:14 - 00013671 _____ () C:\Windows\IE11_main.log
2014-03-29 20:17 - 2014-03-29 20:17 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-29 20:17 - 2014-03-29 20:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-29 20:17 - 2014-03-29 20:17 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-29 20:17 - 2014-03-29 20:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-29 20:17 - 2014-03-29 20:17 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-29 20:17 - 2014-03-29 20:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-29 20:17 - 2014-03-29 20:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-29 20:17 - 2014-03-29 20:17 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-29 20:15 - 2014-03-29 20:15 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-29 20:15 - 2014-03-29 20:15 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-29 20:07 - 2014-03-29 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Windows\system32\msmq
2014-03-29 19:39 - 2014-03-29 19:39 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-03-29 19:39 - 2011-04-12 14:59 - 00000000 ____D () C:\Windows\system32\0413
2014-03-29 19:31 - 2011-04-12 15:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-29 19:31 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-29 19:31 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-29 19:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ___HD () C:\VTRoot
2014-03-29 18:02 - 2014-03-29 18:02 - 00001924 _____ () C:\Users\Public\Desktop\Virtueel Comodo Dragon.lnk
2014-03-29 18:02 - 2014-03-29 18:02 - 00000618 _____ () C:\Users\Public\Desktop\Shared Space.lnk
2014-03-29 18:01 - 2014-03-29 18:01 - 00000000 ____D () C:\Windows\pss
2014-03-29 17:59 - 2014-03-29 17:59 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-29 17:59 - 2014-03-29 17:59 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-29 17:59 - 2014-03-29 17:59 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 17:59 - 2014-03-29 17:59 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-29 17:59 - 2014-03-29 17:59 - 00000000 ____D () C:\Users\aa\AppData\Roaming\AVAST Software
2014-03-29 17:59 - 2014-03-29 17:59 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-29 17:58 - 2014-03-29 17:58 - 00000000 ____D () C:\Users\aa\AppData\Local\Comodo
2014-03-29 17:58 - 2014-03-29 17:58 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-03-29 17:58 - 2014-03-29 17:58 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-29 17:58 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-03-29 17:57 - 2014-03-29 17:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-29 17:56 - 2014-03-29 17:56 - 00000020 ___SH () C:\Users\aa\ntuser.ini
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Sjablonen
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Netwerkprinteromgeving
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Mijn documenten
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Menu Start
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Documents\Mijn video's
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Documents\Mijn muziek
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\Documents\Mijn afbeeldingen
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Geschiedenis
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Netwerkprinteromgeving
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Mijn documenten
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Menu Start
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Documents\Mijn video's
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Documents\Mijn muziek
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\Documents\Mijn afbeeldingen
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\Users\aa\AppData\Local\Geschiedenis
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\ProgramData\Sjablonen
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\ProgramData\Menu Start
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\ProgramData\Favorieten
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\ProgramData\Documenten
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 _SHDL () C:\ProgramData\Bureaublad
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 __SHD () C:\Recovery
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 ____D () C:\Users\aa\AppData\Local\VirtualStore
2014-03-29 17:56 - 2014-03-29 17:53 - 00000000 ____D () C:\Windows\Panther
2014-03-29 17:56 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default
2014-03-29 17:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-03-29 17:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-29 17:55 - 2014-03-29 17:55 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-29 17:55 - 2009-07-14 06:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-03-29 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-03-29 17:54 - 2011-04-12 15:11 - 00000000 ____D () C:\Windows\CSC
2014-03-29 17:53 - 2014-03-29 17:53 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-03-29 17:53 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-03-29 17:53 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-03-29 09:32 - 2014-04-02 06:04 - 02984832 _____ (Easeware ) C:\Users\aa\Desktop\DriverEasy_Setup.exe
2014-03-28 17:19 - 2014-04-01 21:22 - 514092024 _____ (VMware, Inc.) C:\Users\aa\Desktop\VMware-workstation-full-10.0.1-1379776.exe
2014-03-28 06:51 - 2014-04-01 21:22 - 00170835 _____ () C:\Users\aa\Desktop\Tortilla_v1.1.0_Beta.zip
2014-03-28 00:31 - 2014-03-29 17:57 - 88551496 _____ (AVAST Software) C:\Users\aa\Desktop\avast_free_antivirus_setup_9.0.2016.exe
2014-03-26 21:40 - 2014-03-29 17:57 - 211388240 _____ (COMODO) C:\Users\aa\Desktop\comodo firewall _5732_83.exe
2014-03-26 19:01 - 2014-04-01 22:22 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-03-26 19:00 - 2014-04-01 22:22 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-03-26 19:00 - 2014-03-26 19:00 - 00141600 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2014-03-25 21:22 - 2013-11-14 12:38 - 00738472 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2014-03-25 21:22 - 2013-11-14 12:38 - 00043216 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2014-03-25 21:22 - 2013-09-24 11:54 - 00105552 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2014-03-25 21:22 - 2013-09-24 11:54 - 00048360 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2014-03-25 21:22 - 2013-09-24 11:54 - 00023168 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2014-03-25 21:22 - 2013-09-24 11:53 - 00453680 _____ (COMODO) C:\Windows\system32\guard64.dll
2014-03-25 21:22 - 2013-09-24 11:53 - 00363504 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2014-03-25 21:22 - 2013-09-24 11:53 - 00352984 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2014-03-25 21:22 - 2013-09-24 11:53 - 00284888 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2014-03-25 21:22 - 2013-09-24 11:53 - 00045784 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2014-03-25 21:22 - 2013-09-24 11:53 - 00040664 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll

Some content of TEMP:
====================
C:\Users\aa\AppData\Local\Temp\AdwCleaner.exe
C:\Users\aa\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!

LastRegBack: 2014-04-01 13:45

==================== End Of Log ============================

 

 

 

============================================================================================================================

FARBAR - ADDITION

============================================================================================================================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by aa at 2014-04-05 03:52:29
Running from C:\Users\aa\Desktop\Nieuwe map
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
AnVir Task Manager Free (HKLM-x32\...\AnVir Task Manager Free) (Version:  - AnVir Software)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 31.1.0.0 - COMODO)
COMODO Firewall (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 6.3.39949.2976 - COMODO Security Solutions Inc.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.4 - Ellora Assets Corporation)
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Malwarebytes Anti-Malware versie 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nmap 6.40 (HKLM-x32\...\Nmap) (Version:  - )
NVIDIA Grafisch stuurprogramma 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA-configuratiescherm 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
RAPID Mode (Version: 1.0.1.42 - Samsung Electronics Co., Ltd.) Hidden
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0199 - REALTEK Semiconductor Corp.)
Reg Organizer version 6.11 (HKLM-x32\...\Reg Organizer_is1) (Version: 6.11 - ChemTable Software)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
SARDU 2.0.6.5 (HKLM-x32\...\SARDU) (Version: 2.0.6.5 - Davide Costa)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)

==================== Restore Points  =========================

02-04-2014 22:57:04 Application removal with Reg Organizer
03-04-2014 11:53:00 Geïnstalleerd Brother Software Suite
03-04-2014 19:18:30 Verwijderd Brother Software Suite
03-04-2014 19:19:27 Application removal with Reg Organizer
04-04-2014 01:00:10 Windows Update
04-04-2014 19:14:56 Geïnstalleerd REALTEK USB Wireless LAN Driver and Utility
05-04-2014 01:00:10 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-03-31 00:43 - 00450626 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: {2A9B37B2-509D-4598-807B-24A83B641597} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-01] (Adobe Systems Incorporated)
Task: {3A568749-8DCC-4366-8531-CDDB2C657821} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-29] (AVAST Software)
Task: {7190F5D9-23B9-4346-9D5F-EE949229BC8B} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-03-31] (COMODO)
Task: {9A650982-6DD9-45F5-83EA-DC261EBD1B04} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-03-31] (COMODO)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AnVir Task Manager.job => C:\Program Files (x86)\AnVir Task Manager Free\AnVir.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\RegOrganizerQuickLaunch.job => C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2014-03-29 20:26 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-28 16:35 - 2014-01-28 16:35 - 02135232 _____ () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
2014-04-04 14:37 - 2014-04-04 14:37 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14040400\algo.dll
2014-03-29 17:59 - 2014-03-29 17:59 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-04 21:15 - 2012-11-06 09:47 - 00114688 _____ () C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\EnumDevLib.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\01089753.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\62344973.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\80036119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\01089753.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\62344973.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\80036119.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling-adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: NetGroup Packet Filter Driver
Description: NetGroup Packet Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: npf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: FingerPrinter Reader
Description: FingerPrinter Reader
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/05/2014 03:21:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/05/2014 02:24:12 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/05/2014 02:07:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 10:40:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 10:28:35 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: RtWlan.exe, versie: 700.1659.1106.2012, tijdstempel: 0x509a10d1
Naam van module met fout: RtWlan.exe, versie: 700.1659.1106.2012, tijdstempel: 0x509a10d1
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00006a1f
Id van proces met fout: 0x5b8
Starttijd van toepassing met fout: 0xRtWlan.exe0
Pad naar toepassing met fout: RtWlan.exe1
Pad naar module met fout: RtWlan.exe2
Rapport-id: RtWlan.exe3

Error: (04/04/2014 10:27:32 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: RtWlan.exe, versie: 700.1659.1106.2012, tijdstempel: 0x509a10d1
Naam van module met fout: RtWlan.exe, versie: 700.1659.1106.2012, tijdstempel: 0x509a10d1
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00006a1f
Id van proces met fout: 0xd2c
Starttijd van toepassing met fout: 0xRtWlan.exe0
Pad naar toepassing met fout: RtWlan.exe1
Pad naar module met fout: RtWlan.exe2
Rapport-id: RtWlan.exe3

Error: (04/04/2014 10:09:09 PM) (Source: Application Hang) (User: )
Description: Het programma RtWlan.exe, versie 700.1659.1106.2012 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.

Proces-id: b84

Starttijd: 01cf5040d3abde53

Eindtijd: 16

Toepassingspad: C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWlan.exe

Rapport-id: f811b862-bc34-11e3-a1c2-000b8190c2e5

Error: (04/04/2014 10:04:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 08:50:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 07:29:12 PM) (Source: Desktop Window Manager) (User: )
Description: Er is een onherstelbare fout (0x80070008) opgetreden

System errors:
=============
Error: (04/05/2014 03:30:02 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: De volgende melding van een onherstelbare fout is gegenereerd: 43. De interne foutstatus is 252.

Error: (04/05/2014 03:30:02 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: De volgende melding van een onherstelbare fout is gegenereerd: 43. De interne foutstatus is 252.

Error: (04/05/2014 03:30:02 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: De volgende melding van een onherstelbare fout is gegenereerd: 43. De interne foutstatus is 252.

Error: (04/05/2014 03:30:00 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: De volgende melding van een onherstelbare fout is gegenereerd: 43. De interne foutstatus is 252.

Error: (04/05/2014 03:30:00 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: De volgende melding van een onherstelbare fout is gegenereerd: 43. De interne foutstatus is 252.

Error: (04/05/2014 03:20:49 AM) (Source: Service Control Manager) (User: )
Description: De WinPcap Packet Driver (NPF)-service kan vanwege de volgende fout niet worden gestart:
%%2

Error: (04/05/2014 03:20:49 AM) (Source: Service Control Manager) (User: )
Description: De WinPcap Packet Driver (NPF)-service kan vanwege de volgende fout niet worden gestart:
%%2

Error: (04/05/2014 03:20:49 AM) (Source: Service Control Manager) (User: )
Description: De WinPcap Packet Driver (NPF)-service kan vanwege de volgende fout niet worden gestart:
%%2

Error: (04/05/2014 03:20:49 AM) (Source: Service Control Manager) (User: )
Description: De WinPcap Packet Driver (NPF)-service kan vanwege de volgende fout niet worden gestart:
%%2

Error: (04/05/2014 03:20:49 AM) (Source: Service Control Manager) (User: )
Description: De WinPcap Packet Driver (NPF)-service kan vanwege de volgende fout niet worden gestart:
%%2

Microsoft Office Sessions:
=========================
Error: (04/05/2014 03:21:34 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/05/2014 02:24:12 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/05/2014 02:07:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 10:40:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 10:28:35 PM) (Source: Application Error)(User: )
Description: RtWlan.exe700.1659.1106.2012509a10d1RtWlan.exe700.1659.1106.2012509a10d1c000000500006a1f5b801cf50446048408fC:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWlan.exeC:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWlan.exeb211709c-bc37-11e3-a1c2-001f169b55bb

Error: (04/04/2014 10:27:32 PM) (Source: Application Error)(User: )
Description: RtWlan.exe700.1659.1106.2012509a10d1RtWlan.exe700.1659.1106.2012509a10d1c000000500006a1fd2c01cf50424c41f50cC:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWlan.exeC:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWlan.exe8c74edab-bc37-11e3-a1c2-001f169b55bb

Error: (04/04/2014 10:09:09 PM) (Source: Application Hang)(User: )
Description: RtWlan.exe700.1659.1106.2012b8401cf5040d3abde5316C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWlan.exef811b862-bc34-11e3-a1c2-000b8190c2e5

Error: (04/04/2014 10:04:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 08:50:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 07:29:12 PM) (Source: Desktop Window Manager)(User: )
Description: 0x80070008

==================== Memory info ===========================

Percentage of memory in use: 59%
Total physical RAM: 4090.93 MB
Available physical RAM: 1675.03 MB
Total Pagefile: 4289.11 MB
Available Pagefile: 1659.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Door systeem gereserveerd) (Fixed) (Total:214.62 GB) (Free:144.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: C5D7C5D7)

Partition: GPT Partition Type.

==================== End Of Log ============================



#4 cell_O

cell_O
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:42 AM

Posted 04 April 2014 - 09:15 PM

oh and by the way, the name from the adwcleaner logfile was no als you noticed  (C:\AdwCleaner[Sn].txt)

 

i got actually 2 log files in this location: C:\AdwCleaner

 

-AdwCleaner[R1].txt  @ 02:18 AM

-AdwCleaner[S1].txt  @ 02:20 AM

 

I just found out, that they are also a little different from each other.

 

i wil will copy and paste them both down here, so it would be easier for you to see the differents;)

 

 

============================================================================================================================

AdwCleaner[R1].txt

============================================================================================================================

 

# AdwCleaner v3.023 - Report created 05/04/2014 at 02:17:50
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : aa - AA-PC
# Running from : C:\Users\aa\Desktop\Nieuwe map\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Value Found : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

*************************

AdwCleaner[R1].txt - [2484 octets] - [05/04/2014 02:17:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2544 octets] ##########

 

 

 

 

 

============================================================================================================================

AdwCleaner[S1].txt    [THIS SHOULD BE THE SAME LOG(file), AS THAT I POST BEFORE IN MY EARLIER REPLY ABOVE HERE A FEW MINUTES AGO]

============================================================================================================================

 

# AdwCleaner v3.023 - Report created 05/04/2014 at 02:20:19
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : aa - AA-PC
# Running from : C:\Users\aa\Desktop\Nieuwe map\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

*************************

AdwCleaner[R1].txt - [2652 octets] - [05/04/2014 02:17:50]
AdwCleaner[S1].txt - [2593 octets] - [05/04/2014 02:20:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2653 octets] ##########


Edited by cell_O, 04 April 2014 - 09:23 PM.


#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:42 PM

Posted 05 April 2014 - 09:29 AM

AdwCleaner[R1].txt is the log with the option Scan
AdwCleaner[S1].txt is the log with the option clean


===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.


start

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 cleanhlp; \??\C:\EEK\Run\cleanhlp64.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.

===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Let me know what problem persists.

#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:42 PM

Posted 10 April 2014 - 10:09 AM

Are you still with me?

#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:42 PM

Posted 16 April 2014 - 08:59 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users