Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

roguekiller log unknown virus malwarebytes defeated


  • This topic is locked This topic is locked
40 replies to this topic

#1 southnu

southnu

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:04 AM

Posted 08 May 2014 - 07:58 AM

hey im infected with a unkown virus it made my  malwarebytes disabled also when i enable it disable again

 

i run combofix and unistall it but the virus is still here detected with rogue killer log :

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

besturingssysteem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestart vanuit : Normale modus
Gebruiker : jadeze [Administrator rechten]
Modus : Scan -- Datum : 05/08/2014 14:39:48
| ARK || FAK || MBR |

¤¤¤ Kwaadaardige processen : 0 ¤¤¤

¤¤¤ Register verwijzingen : 1 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> gevonden

¤¤¤ geplande taken : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ webbrowsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Speciale Files / Folders: ¤¤¤

¤¤¤ Driver : [Niet geladen 0x0] ¤¤¤
[Address] EAT @explorer.exe (WlanAllocateMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9468AC8)
[Address] EAT @explorer.exe (WlanCloseHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF94638A0)
[Address] EAT @explorer.exe (WlanConnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9465558)
[Address] EAT @explorer.exe (WlanDeleteProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9466D10)
[Address] EAT @explorer.exe (WlanDisconnect) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF94657E8)
[Address] EAT @explorer.exe (WlanEnumInterfaces) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9463A80)
[Address] EAT @explorer.exe (WlanExtractPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9468394)
[Address] EAT @explorer.exe (WlanFreeMemory) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF946A5A0)
[Address] EAT @explorer.exe (WlanGetAvailableNetworkList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9464F88)
[Address] EAT @explorer.exe (WlanGetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9467F9C)
[Address] EAT @explorer.exe (WlanGetInterfaceCapability) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9464188)
[Address] EAT @explorer.exe (WlanGetNetworkBssList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9465268)
[Address] EAT @explorer.exe (WlanGetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9466A20)
[Address] EAT @explorer.exe (WlanGetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9467B1C)
[Address] EAT @explorer.exe (WlanGetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9467404)
[Address] EAT @explorer.exe (WlanGetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9468D88)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStart) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF946935C)
[Address] EAT @explorer.exe (WlanHostedNetworkForceStop) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9469418)
[Address] EAT @explorer.exe (WlanHostedNetworkInitSettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF94699D8)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF94694D4)
[Address] EAT @explorer.exe (WlanHostedNetworkQuerySecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF946A020)
[Address] EAT @explorer.exe (WlanHostedNetworkQueryStatus) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9469B50)
[Address] EAT @explorer.exe (WlanHostedNetworkRefreshSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9469A94)
[Address] EAT @explorer.exe (WlanHostedNetworkSetProperty) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9469744)
[Address] EAT @explorer.exe (WlanHostedNetworkSetSecondaryKey) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9469D78)
[Address] EAT @explorer.exe (WlanHostedNetworkStartUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF94691EC)
[Address] EAT @explorer.exe (WlanHostedNetworkStopUsing) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF94692A4)
[Address] EAT @explorer.exe (WlanIhvControl) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9464A00)
[Address] EAT @explorer.exe (WlanOpenHandle) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9461960)
[Address] EAT @explorer.exe (WlanQueryAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9463EE8)
[Address] EAT @explorer.exe (WlanQueryInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9464668)
[Address] EAT @explorer.exe (WlanReasonCodeToString) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9468A54)
[Address] EAT @explorer.exe (WlanRegisterNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9465A08)
[Address] EAT @explorer.exe (WlanRegisterVirtualStationNotification) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF946A358)
[Address] EAT @explorer.exe (WlanRenameProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9466F4C)
[Address] EAT @explorer.exe (WlanSaveTemporaryProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF94687D0)
[Address] EAT @explorer.exe (WlanScan) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9464D40)
[Address] EAT @explorer.exe (WlanSetAutoConfigParameter) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9463D10)
[Address] EAT @explorer.exe (WlanSetFilterList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9467DCC)
[Address] EAT @explorer.exe (WlanSetInterface) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9464470)
[Address] EAT @explorer.exe (WlanSetProfile) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9466760)
[Address] EAT @explorer.exe (WlanSetProfileCustomUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF94678A4)
[Address] EAT @explorer.exe (WlanSetProfileEapUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9465CC4)
[Address] EAT @explorer.exe (WlanSetProfileEapXmlUserData) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9465F9C)
[Address] EAT @explorer.exe (WlanSetProfileList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF94671A8)
[Address] EAT @explorer.exe (WlanSetProfilePosition) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9467644)
[Address] EAT @explorer.exe (WlanSetPsdIEDataList) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF94681B0)
[Address] EAT @explorer.exe (WlanSetSecuritySettings) : msxml6.dll -> HOOKED (C:\Windows\system32\Wlanapi.dll @ 0xF9468B58)

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infectie :  ¤¤¤

¤¤¤ HOSTS Bestand: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1    localhost


¤¤¤ MBR Controle: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320325AS +++++
--- User ---
[MBR] randomnumber
[BSP] randomnumber : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 305242 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD7500BPVT-00HXZT3 +++++
--- User ---
[MBR] randomnumber
[BSP] randomnumber : Linux MBR Code   <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< why linux i want this also be Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 715403 MB
User = LL1 ... OK!
User = LL2 ... OK!

Gereed : << RKreport[0]_S_05082014_143948.txt >>



 


Edited by southnu, 08 May 2014 - 08:16 AM.


BC AdBot (Login to Remove)

 


#2 southnu

southnu
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:04 AM

Posted 08 May 2014 - 08:30 AM

gues what  like i asked why is this linux check this one out  scanned with mbrcheck

 

Naamloos.jpg


Edited by southnu, 08 May 2014 - 08:31 AM.


#3 southnu

southnu
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:04 AM

Posted 08 May 2014 - 08:37 AM

+++++ PhysicalDrive0

 

3.....|......|.........Ph...........~..|.............V.U.F...F...A..U..]r...U.u.....t..F.f`.~..t&fh....f.v.h..h.|h..h...B.V.................|.V..v..N..n...fas..N.u..~..........U2..V...]...>.}U.un.v....u.....d......`.|....d.u.......f#.u;f..TCPAu2....r,fh....fh....fh....fSfSfUfh....fh.|..fah.....Z2...|.................2.......<.t.............+..d..$...$..Invalid partition table.Error loading operating system.Missing operating system...c{.......

 

 

+++++ PhysicalDrive1

0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63

.c.................|.........!......8.u........u.........|...t..L.....|....................................t...pt....y|..1....... ..d|<.t...R....'.t...}.....|.A..U..ZRr=..U.u7...t21..D.@.D..D.....f..\|f.\.f..`|f.\..D..p.B..r...p.v....s..........}...f....d.@f.D...........@.D.......f..f.`|f..uNf.\|f1.f.4..1.f.t.;D.}7....0........Z....p..1......r...`......1..........a.&Z|..}....}.4...}.......GRUB .Geom.Hard Disk.Read. Error...........<.u..o~....



#4 southnu

southnu
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:04 AM

Posted 08 May 2014 - 08:40 AM

scanned now with mbar-1.07.0.1009 no results ..... i gues i just have to wait and follow steps .. my goal is to make this >virus detected< and have a clean pc :bananas:



#5 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:04 AM

Posted 08 May 2014 - 10:09 AM

Hello and Welcome on board southnu :welcome:,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Hello,
please post the ComboFix Log, it should be located here: C:\combofix.txt

Please download OTL (by OldTimer) (if you haven't already) from the link below and save it to your Desktop.
 

Download Mirror #1

  • Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the customFix.png.pagespeed.ce.jU5V4w6MU1.pn box in OTL. To do that:
    • Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    qmgr.dll
    mpsvc.dll
    winsock.*
    rpcss.dll
    /md5stop
    dir "%systemdrive%\*" /S /A:L /C
    CREATERESTOREPOINT

  • Open otlicon.png on the desktop. To do that:
    • XP users: Double click on the OTL icon.
    • Vista / 7 Users: Right click on the icon and click Run as Administrator)
  • Make sure all other windows are closed.
    • You will see a console like the one below:

      OTL_Main_Tutorial.gif
      • Click the box beside Scan All Users at the top of the console
      • If you have a 64bit Windows, click the box beside Include 64bit Scans at the top of the console.
      • Make sure the Output box at the top is set to Standard Output.
      • Check the boxes beside LOP Check and Purity Check.
      • Make sure that Use Safe List is checked under Extra Registry.
      • Place the mouse pointer inside the customFix.png.pagespeed.ce.jU5V4w6MU1.pn box, right click and click Paste. This will put the above script inside OTL
      • Click the runscanbutton.png.pagespeed.ce.KPQ_c3iHh button. Do not change any settings unless otherwise told to do so.
      • Let the scan run uninterrupted.
      • When the scan completes, it will open OTL.Txt on the desktop.
      • Please copy the contents of these files and paste it into your reply. To do that:
        • On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
        • Right click inside the forum post window then click Paste. This will paste the contents of the OTL.txt file in the in the post window.
      • Please do the same for the Extras.txt

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#6 southnu

southnu
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:04 AM

Posted 08 May 2014 - 10:41 AM

oke im doing it now thanks for the reply :)  i removed the combofix log



#7 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:04 AM

Posted 08 May 2014 - 10:49 AM

Why did you removed the ComboFix Log? I will wait for the results of the scan.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#8 southnu

southnu
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:04 AM

Posted 08 May 2014 - 10:52 AM

i removed it after reading do not run combofix unless you were told to so i removed everything that named combofix OTL is busy with scanning


Edited by southnu, 08 May 2014 - 10:52 AM.


#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:04 AM

Posted 08 May 2014 - 10:57 AM

OK, anyway, post it then into your next reply.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 southnu

southnu
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:04 AM

Posted 08 May 2014 - 11:11 AM

post is to long what should i do



#11 southnu

southnu
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:04 AM

Posted 08 May 2014 - 11:17 AM

OTL logfile created on: 8-5-2014 17:45:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\JAHIER\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000000 | Country: Candy | Language: NLD | Date Format: d-M-yyyy
 
3,68 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 48,24% Memory free
7,35 Gb Paging File | 4,59 Gb Available in Paging File | 62,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 255,51 Gb Free Space | 85,72% Space Free | Partition Type: NTFS
Drive D: | 498,63 Gb Total Space | 497,00 Gb Free Space | 99,67% Space Free | Partition Type: NTFS
Drive E: | 200,00 Gb Total Space | 131,27 Gb Free Space | 65,64% Space Free | Partition Type: NTFS
 
Computer Name: JAHIER-PC | User Name: JAHIER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-05-08 17:39:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JAHIER\Desktop\OTL.exe
PRC - [2014-05-08 04:18:18 | 003,873,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014-05-08 04:18:18 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-04-22 11:24:48 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-04-10 11:22:08 | 000,347,448 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
PRC - [2014-04-10 11:20:18 | 001,300,792 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
PRC - [2014-04-03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014-04-03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014-04-03 09:49:06 | 006,963,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2013-12-21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010-02-25 22:35:04 | 001,289,296 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010-02-25 22:35:04 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010-02-25 22:35:04 | 000,288,336 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2009-12-23 17:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009-12-23 17:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-05-08 04:18:18 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014-04-22 11:25:22 | 003,845,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014-04-21 23:40:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
MOD - [2014-04-21 23:39:12 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014-04-21 23:39:05 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014-04-21 23:38:45 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014-04-21 23:38:37 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014-04-21 23:38:33 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014-04-21 23:38:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014-04-21 23:38:26 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013-07-08 14:43:32 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-05-20 14:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014-05-08 04:18:18 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014-04-16 22:12:46 | 006,817,544 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (CmdAgent)
SRV:64bit: - [2014-03-25 20:22:20 | 002,264,280 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2014-03-06 10:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012-04-05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2010-02-05 20:23:06 | 000,865,824 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010-01-22 09:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-11-02 12:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014-05-07 07:21:25 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-04-10 11:22:08 | 000,347,448 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe -- (MbaeSvc)
SRV - [2014-04-03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014-04-03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014-03-15 10:40:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-12-21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-25 22:35:04 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010-01-18 15:33:30 | 000,023,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2009-12-23 17:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014-05-08 14:34:56 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014-05-08 04:18:19 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014-05-08 04:18:19 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014-05-08 04:18:19 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014-05-08 04:18:19 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014-05-08 04:18:19 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014-05-08 04:18:19 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014-05-08 04:18:19 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014-05-08 04:18:19 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014-04-22 21:40:30 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2014-04-20 17:11:43 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2014-04-16 22:12:56 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2014-04-03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014-04-03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013-12-16 13:02:00 | 000,037,496 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\splitcam_hd_driver.sys -- (splitcam_hd_driver)
DRV:64bit: - [2013-12-06 15:37:50 | 000,035,232 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2013-11-27 03:54:02 | 000,042,016 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv.sys -- (ManyCam)
DRV:64bit: - [2013-11-01 11:12:20 | 000,023,552 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SplitCamAudio.sys -- (scvad_simple)
DRV:64bit: - [2013-10-02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013-07-24 17:02:55 | 000,034,816 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2012-08-23 16:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012-04-15 23:32:14 | 001,071,032 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\wcmvcam64.sys -- (WCMVCAM)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010-11-21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-01-22 09:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-01-22 08:08:28 | 008,034,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010-01-22 08:08:28 | 008,034,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010-01-22 08:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-01-18 15:38:00 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010-01-06 21:33:16 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009-12-17 10:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-11-02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009-09-30 09:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009-09-17 20:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009-09-17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014-04-11 16:19:36 | 000,063,928 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys -- (ESProtectionDriver)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-418532852-178646354-63402781-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-418532852-178646354-63402781-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKU\S-1-5-21-418532852-178646354-63402781-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 2B EA E0 B1 5C CF 01  [binary data]
IE - HKU\S-1-5-21-418532852-178646354-63402781-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-418532852-178646354-63402781-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-418532852-178646354-63402781-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-418532852-178646354-63402781-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.22
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.23
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.15
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2018.95
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-08 04:18:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-04-27 03:07:12 | 000,000,000 | ---D | M]
 
[2014-04-21 22:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JAHIER\AppData\Roaming\mozilla\Extensions
[2014-05-07 11:33:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JAHIER\AppData\Roaming\mozilla\Firefox\Profiles\yymagv8w.default\extensions
[2014-05-02 22:58:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\JAHIER\AppData\Roaming\mozilla\Firefox\Profiles\yymagv8w.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014-05-06 22:36:08 | 000,126,171 | ---- | M] () (No name found) -- C:\Users\JAHIER\AppData\Roaming\mozilla\firefox\profiles\yymagv8w.default\extensions\elemhidehelper@adblockplus.org.xpi
[2014-04-24 19:34:59 | 001,533,185 | ---- | M] () (No name found) -- C:\Users\JAHIER\AppData\Roaming\mozilla\firefox\profiles\yymagv8w.default\extensions\firefox@ghostery.com.xpi
[2014-05-06 22:20:50 | 000,538,139 | ---- | M] () (No name found) -- C:\Users\JAHIER\AppData\Roaming\mozilla\firefox\profiles\yymagv8w.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014-05-01 22:06:39 | 000,957,880 | ---- | M] () (No name found) -- C:\Users\JAHIER\AppData\Roaming\mozilla\firefox\profiles\yymagv8w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-05-07 11:33:53 | 000,287,566 | ---- | M] () (No name found) -- C:\Users\JAHIER\AppData\Roaming\mozilla\firefox\profiles\yymagv8w.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014-04-30 17:58:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014-04-30 17:58:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-05-08 04:18:21 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2014-03-03 01:49:30 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
O1 HOSTS File: ([2014-05-08 15:00:55 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - D:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (COMODO)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-418532852-178646354-63402781-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-418532852-178646354-63402781-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE7F3E13-D4B0-406A-B5F8-A9D3FFDDF376}: DhcpNameServer = 62.179.104.196 213.46.228.196
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-05-08 17:39:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\JAHIER\Desktop\OTL.exe
[2014-05-08 15:06:13 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\Desktop\mbar
[2014-05-08 14:34:49 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\Desktop\RK_Quarantine
[2014-05-08 04:23:19 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\AVAST Software
[2014-05-08 04:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014-05-08 04:22:01 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014-05-08 04:22:01 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014-05-08 04:22:01 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014-05-08 04:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014-05-08 04:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
[2014-05-08 04:21:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Exploit
[2014-05-08 04:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2014-05-08 04:20:20 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2014-05-08 04:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2014-05-08 04:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2014-05-08 04:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014-05-08 04:18:31 | 000,085,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014-05-08 04:18:30 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014-05-08 04:18:29 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014-05-08 04:18:27 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014-05-08 04:18:25 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014-05-08 04:18:22 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014-05-08 04:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2014-05-08 04:18:19 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014-05-08 04:17:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014-05-08 03:53:05 | 004,796,856 | ---- | C] (AVAST Software) -- C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
[2014-05-08 03:48:33 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014-05-07 13:04:24 | 000,016,712 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\SysNative\drivers\PROCEXP113.SYS
[2014-05-07 12:59:17 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014-05-07 12:28:36 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014-05-07 11:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2014-05-07 11:22:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2014-05-07 10:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014-05-07 09:16:53 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Opera Software
[2014-05-07 09:16:52 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Opera Software
[2014-05-07 09:16:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2014-05-07 08:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitCam
[2014-05-07 07:19:56 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\WebcamMax
[2014-05-07 05:56:42 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\NCH Software
[2014-05-07 05:31:28 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2014-05-07 05:29:46 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2014-05-07 05:28:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software
[2014-05-07 04:36:07 | 000,044,928 | ---- | C] (ManyCam LLC) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys
[2014-05-06 22:17:32 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014-05-02 22:39:54 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\Documents\Any Video Converter
[2014-05-02 22:39:54 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\AnvSoft
[2014-05-02 22:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2014-05-02 22:39:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft
[2014-05-02 22:27:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2014-05-01 22:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\unzip
[2014-05-01 16:34:07 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2014-05-01 16:33:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2014-05-01 16:32:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2014-05-01 16:26:44 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Windows Live
[2014-05-01 16:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2014-05-01 15:57:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
[2014-05-01 15:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Geevs
[2014-05-01 15:56:33 | 000,000,000 | ---D | C] -- C:\Program Files\Lightworks
[2014-04-30 20:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014-04-30 20:15:25 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-04-30 20:04:48 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Malwarebytes
[2014-04-30 20:04:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014-04-30 19:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2014-04-30 04:38:08 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014-04-30 01:52:47 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\VS Revo Group
[2014-04-30 01:52:38 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014-04-30 01:13:16 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014-04-30 00:49:20 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014-04-30 00:49:19 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014-04-28 19:22:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014-04-28 19:22:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014-04-28 18:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014-04-25 02:56:08 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\CrashDumps
[2014-04-25 02:35:26 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Apple Computer
[2014-04-25 02:35:26 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Apple Computer
[2014-04-25 02:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014-04-25 02:35:09 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014-04-25 02:35:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014-04-25 02:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014-04-25 02:33:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014-04-25 02:33:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014-04-25 02:33:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014-04-25 02:33:34 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014-04-25 02:32:43 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Apple
[2014-04-25 02:32:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014-04-25 02:32:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014-04-25 02:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014-04-25 02:32:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014-04-25 02:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014-04-25 02:31:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014-04-25 02:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014-04-25 02:29:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014-04-25 02:29:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014-04-25 00:21:55 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\ArmA 2
[2014-04-24 19:55:57 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2014-04-24 19:55:56 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Apps
[2014-04-23 00:20:56 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\ArmA 2 OA
[2014-04-22 23:45:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2014-04-22 23:43:40 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2014-04-22 23:07:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2014-04-22 23:07:58 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2014-04-22 22:52:57 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2014-04-22 22:52:57 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2014-04-22 22:52:57 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2014-04-22 22:52:57 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2014-04-22 22:52:56 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2014-04-22 22:52:56 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2014-04-22 22:52:55 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2014-04-22 22:52:55 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2014-04-22 22:52:54 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2014-04-22 22:52:54 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2014-04-22 22:52:53 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014-04-22 22:52:53 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014-04-22 22:52:52 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014-04-22 22:52:52 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014-04-22 22:52:49 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014-04-22 22:52:49 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014-04-22 22:52:47 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014-04-22 22:52:47 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014-04-22 22:52:47 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014-04-22 22:52:47 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014-04-22 22:52:46 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2014-04-22 22:52:46 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014-04-22 22:52:45 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014-04-22 22:52:45 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2014-04-22 22:52:44 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014-04-22 22:52:42 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014-04-22 22:52:42 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014-04-22 22:52:41 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014-04-22 22:52:41 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2014-04-22 22:52:39 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014-04-22 22:52:39 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014-04-22 22:52:38 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2014-04-22 22:52:38 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2014-04-22 22:52:38 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014-04-22 22:52:38 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014-04-22 22:52:36 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014-04-22 22:52:36 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2014-04-22 22:52:36 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014-04-22 22:52:36 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2014-04-22 22:52:34 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2014-04-22 22:52:32 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2014-04-22 22:52:32 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2014-04-22 22:52:32 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014-04-22 22:52:31 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2014-04-22 22:52:31 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2014-04-22 22:52:30 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2014-04-22 22:52:29 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2014-04-22 22:52:29 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2014-04-22 22:52:29 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2014-04-22 22:52:29 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2014-04-22 22:52:25 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2014-04-22 22:52:25 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2014-04-22 22:52:16 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014-04-22 22:52:16 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014-04-22 22:52:15 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014-04-22 22:52:15 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014-04-22 22:52:14 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014-04-22 22:52:14 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014-04-22 22:52:13 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014-04-22 22:52:13 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014-04-22 22:52:11 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014-04-22 22:52:11 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2014-04-22 22:52:11 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014-04-22 22:52:11 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2014-04-22 22:52:10 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014-04-22 22:52:10 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014-04-22 22:52:09 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2014-04-22 22:52:09 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2014-04-22 22:52:09 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2014-04-22 22:52:09 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2014-04-22 22:52:07 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2014-04-22 22:52:07 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2014-04-22 22:52:06 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2014-04-22 22:52:06 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2014-04-22 22:52:06 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2014-04-22 22:52:06 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2014-04-22 22:52:04 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2014-04-22 22:52:04 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2014-04-22 22:52:04 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2014-04-22 22:52:04 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2014-04-22 22:52:03 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2014-04-22 22:52:03 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2014-04-22 22:52:02 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2014-04-22 22:52:02 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2014-04-22 22:52:01 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2014-04-22 22:52:01 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2014-04-22 22:51:59 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2014-04-22 22:51:59 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2014-04-22 22:51:58 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2014-04-22 22:51:58 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2014-04-22 22:51:57 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2014-04-22 22:51:57 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2014-04-22 22:51:56 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2014-04-22 22:51:56 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2014-04-22 22:51:56 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2014-04-22 22:51:56 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2014-04-22 22:51:54 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2014-04-22 22:51:54 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2014-04-22 22:51:53 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014-04-22 22:51:53 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014-04-22 22:51:51 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014-04-22 22:51:51 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014-04-22 22:51:51 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014-04-22 22:51:51 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014-04-22 22:51:49 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014-04-22 22:51:49 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014-04-22 22:51:48 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014-04-22 22:51:48 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014-04-22 22:51:47 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014-04-22 22:51:47 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014-04-22 22:51:47 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014-04-22 22:51:47 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014-04-22 22:51:32 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014-04-22 22:51:32 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014-04-22 22:51:30 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014-04-22 22:51:30 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014-04-22 22:51:30 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014-04-22 22:51:30 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014-04-22 22:51:29 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014-04-22 22:51:29 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014-04-22 22:51:29 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014-04-22 22:51:29 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014-04-22 22:51:28 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014-04-22 22:51:28 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014-04-22 22:51:27 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014-04-22 22:51:26 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014-04-22 22:51:26 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014-04-22 22:51:24 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014-04-22 22:51:24 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014-04-22 22:51:24 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014-04-22 22:51:24 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014-04-22 22:51:22 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014-04-22 22:51:22 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014-04-22 22:51:19 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014-04-22 22:51:19 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014-04-22 22:51:17 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014-04-22 22:51:17 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014-04-22 22:51:16 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014-04-22 22:51:16 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014-04-22 22:51:14 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2014-04-22 22:51:14 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2014-04-22 22:51:11 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014-04-22 22:51:11 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014-04-22 22:51:11 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014-04-22 22:51:11 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014-04-22 22:51:09 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014-04-22 22:51:09 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014-04-22 22:51:07 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014-04-22 22:51:07 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014-04-22 22:51:06 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014-04-22 22:51:06 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014-04-22 22:51:02 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014-04-22 22:51:02 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014-04-22 22:51:00 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014-04-22 22:51:00 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014-04-22 22:50:51 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014-04-22 22:50:51 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014-04-22 22:50:39 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014-04-22 22:50:39 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014-04-22 22:50:37 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014-04-22 22:50:37 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014-04-22 22:50:37 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014-04-22 22:50:37 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014-04-22 22:50:36 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014-04-22 22:50:36 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014-04-22 22:50:35 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014-04-22 22:50:35 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014-04-22 22:50:33 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014-04-22 22:50:33 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014-04-22 22:50:32 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014-04-22 22:50:32 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014-04-22 22:50:31 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014-04-22 22:50:31 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014-04-22 22:50:29 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014-04-22 22:50:29 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014-04-22 22:49:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014-04-22 21:40:30 | 000,386,680 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2014-04-22 20:51:50 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014-04-22 20:37:39 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Diagnostics
[2014-04-22 20:16:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimCleaner
[2014-04-22 20:09:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014-04-22 19:42:43 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\SlimWare Utilities Inc
[2014-04-22 19:42:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimComputer
[2014-04-22 19:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
[2014-04-22 19:27:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileASSASSIN
[2014-04-22 18:52:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Bohemia Interactive
[2014-04-22 18:52:41 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Arma 3
[2014-04-22 18:39:43 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014-04-22 18:39:43 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014-04-22 18:39:41 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2014-04-22 18:39:41 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2014-04-22 18:39:40 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2014-04-22 18:39:39 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2014-04-22 18:39:36 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2014-04-22 17:09:32 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Belastingdienst
[2014-04-22 03:35:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014-04-22 03:35:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014-04-22 03:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014-04-22 03:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014-04-22 03:34:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2014-04-22 03:34:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014-04-22 03:33:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014-04-22 03:33:40 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-04-22 03:33:30 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-04-22 03:33:30 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014-04-22 03:33:30 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-04-22 03:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014-04-22 03:33:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014-04-22 03:32:38 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Macromedia
[2014-04-22 03:32:38 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Macromedia
[2014-04-22 03:32:31 | 000,692,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-04-22 03:32:31 | 000,070,832 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-04-22 03:32:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014-04-22 03:32:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014-04-22 03:32:00 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Adobe
[2014-04-22 03:08:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2014-04-22 02:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit
[2014-04-22 02:36:29 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\vlc
[2014-04-22 02:34:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014-04-22 02:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014-04-22 02:30:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014-04-22 02:30:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2014-04-22 02:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014-04-22 02:29:26 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014-04-22 02:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2014-04-22 02:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2014-04-22 02:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2014-04-22 02:26:55 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Microsoft Help
[2014-04-22 02:26:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014-04-22 02:26:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014-04-22 01:46:48 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Melon
[2014-04-22 01:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2014-04-22 01:01:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-04-22 01:01:06 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2014-04-22 01:01:06 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2014-04-22 01:01:06 | 000,608,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2014-04-22 01:01:06 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2014-04-22 01:00:54 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Programs
[2014-04-22 00:48:48 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014-04-22 00:48:48 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014-04-22 00:26:22 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\Documents\Bluetooth Folder
[2014-04-22 00:23:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Suite
[2014-04-22 00:22:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2014-04-22 00:20:34 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-04-22 00:20:33 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-04-22 00:20:29 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014-04-22 00:20:19 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-04-22 00:20:19 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014-04-22 00:20:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-04-22 00:20:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-04-22 00:20:17 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-04-22 00:20:17 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-04-22 00:20:17 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014-04-22 00:20:17 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014-04-22 00:20:17 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-04-22 00:20:17 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-04-22 00:20:16 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-04-22 00:20:16 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-04-22 00:20:16 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-04-22 00:20:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-04-22 00:20:16 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-04-22 00:20:08 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014-04-22 00:20:04 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-04-22 00:20:04 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-04-22 00:20:04 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-04-22 00:20:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-04-22 00:20:04 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-04-22 00:20:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-04-22 00:20:03 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014-04-22 00:19:58 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-04-22 00:19:58 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-04-22 00:19:53 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-04-22 00:16:16 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\ATI
[2014-04-22 00:16:16 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\ATI
[2014-04-22 00:16:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014-04-21 23:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2014-04-21 23:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014-04-21 23:53:07 | 008,034,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdpmd64.sys
[2014-04-21 23:53:07 | 008,034,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2014-04-21 23:53:07 | 005,968,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2014-04-21 23:53:07 | 004,499,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2014-04-21 23:53:07 | 000,550,912 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2014-04-21 23:53:07 | 000,510,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2014-04-21 23:53:07 | 000,410,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2014-04-21 23:53:07 | 000,377,856 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2014-04-21 23:53:07 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2014-04-21 23:53:07 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2014-04-21 23:53:07 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2014-04-21 23:53:07 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2014-04-21 23:53:07 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2014-04-21 23:53:07 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2014-04-21 23:53:07 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2014-04-21 23:53:07 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2014-04-21 23:53:07 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2014-04-21 23:53:07 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2014-04-21 23:53:07 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2014-04-21 23:53:07 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2014-04-21 23:53:07 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2014-04-21 23:53:07 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2014-04-21 23:53:07 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2014-04-21 23:53:07 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2014-04-21 23:53:07 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2014-04-21 23:53:07 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2014-04-21 23:53:07 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2014-04-21 23:53:07 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2014-04-21 23:53:07 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2014-04-21 23:53:07 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2014-04-21 23:53:07 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2014-04-21 23:53:07 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2014-04-21 23:53:07 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2014-04-21 23:53:07 | 000,281,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2014-04-21 23:53:07 | 000,281,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2014-04-21 23:53:07 | 000,248,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2014-04-21 23:53:07 | 000,226,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2014-04-21 23:53:07 | 000,222,744 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2014-04-21 23:53:07 | 000,166,424 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2014-04-21 23:53:07 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2014-04-21 23:53:07 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2014-04-21 23:53:07 | 000,121,872 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtiHdmi.sys
[2014-04-21 23:53:06 | 008,129,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2014-04-21 23:53:06 | 006,060,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2014-04-21 23:53:06 | 005,517,312 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4dev64.dll
[2014-04-21 23:53:06 | 004,099,072 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2014-04-21 23:53:06 | 004,077,568 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4dev32.dll
[2014-04-21 23:53:06 | 003,896,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2014-04-21 23:53:06 | 000,390,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2014-04-21 23:53:05 | 004,668,928 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2014-04-21 23:53:05 | 003,602,432 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2014-04-21 23:53:05 | 003,126,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2014-04-21 23:53:05 | 002,913,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2014-04-21 23:53:05 | 002,617,856 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2014-04-21 23:53:05 | 000,119,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2014-04-21 23:53:05 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2014-04-21 23:53:05 | 000,035,840 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2014-04-21 23:53:05 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2014-04-21 23:53:04 | 017,567,744 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2014-04-21 23:53:04 | 013,388,288 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2014-04-21 23:53:04 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2014-04-21 23:53:04 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2014-04-21 23:53:04 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2014-04-21 23:53:04 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2014-04-21 23:53:04 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2014-04-21 23:53:04 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2014-04-21 23:53:04 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2014-04-21 23:53:04 | 000,028,160 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2014-04-21 23:53:04 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2014-04-21 23:53:04 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2014-04-21 23:53:03 | 006,233,088 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atipmdag.sys
[2014-04-21 23:53:03 | 006,233,088 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2014-04-21 23:53:03 | 004,748,288 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2014-04-21 23:53:03 | 003,671,040 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2014-04-21 23:53:03 | 003,641,344 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2014-04-21 23:53:03 | 003,060,224 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2014-04-21 23:53:03 | 000,450,048 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2014-04-21 23:53:03 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2014-04-21 23:53:03 | 000,316,928 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2014-04-21 23:53:03 | 000,229,376 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2014-04-21 23:53:03 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2014-04-21 23:53:03 | 000,161,280 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2014-04-21 23:53:03 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2014-04-21 23:53:03 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2014-04-21 23:53:03 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2014-04-21 23:53:03 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2014-04-21 23:53:03 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2014-04-21 23:53:03 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2014-04-21 23:53:03 | 000,043,008 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2014-04-21 23:53:03 | 000,039,936 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2014-04-21 23:53:03 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2014-04-21 23:53:03 | 000,015,360 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2014-04-21 23:53:03 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2014-04-21 23:53:03 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2014-04-21 23:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014-04-21 23:52:49 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014-04-21 23:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014-04-21 23:47:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2014-04-21 23:46:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager
[2014-04-21 23:44:34 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM
[2014-04-21 23:42:42 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2014-04-21 23:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2014-04-21 23:41:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2014-04-21 23:39:30 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Intel Corporation
[2014-04-21 23:14:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014-04-21 23:14:42 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014-04-21 23:14:42 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014-04-21 23:14:42 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014-04-21 23:14:41 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014-04-21 23:14:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014-04-21 23:14:40 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014-04-21 23:14:40 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014-04-21 23:14:40 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014-04-21 23:14:40 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014-04-21 23:14:40 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014-04-21 23:14:40 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014-04-21 23:14:40 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014-04-21 23:14:40 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014-04-21 23:14:39 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014-04-21 23:14:39 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014-04-21 23:11:33 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014-04-21 23:11:32 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014-04-21 23:11:29 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014-04-21 23:11:29 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014-04-21 23:11:24 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014-04-21 23:11:23 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014-04-21 23:10:22 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014-04-21 23:10:21 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2014-04-21 23:10:20 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014-04-21 23:10:20 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014-04-21 23:10:18 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014-04-21 23:10:18 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2014-04-21 23:10:10 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014-04-21 23:10:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2014-04-21 23:09:12 | 001,664,248 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.exe
[2014-04-21 23:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
[2014-04-21 23:07:21 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\tsusbflt.sys.mui
[2014-04-21 23:07:19 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014-04-21 23:07:14 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2014-04-21 23:07:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\terminpt.sys
[2014-04-21 23:07:14 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014-04-21 23:07:08 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014-04-21 23:07:08 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2014-04-21 23:07:08 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2014-04-21 23:07:07 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014-04-21 23:06:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2014-04-21 23:05:34 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014-04-21 23:05:30 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2014-04-21 23:05:30 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2014-04-21 23:05:30 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2014-04-21 23:05:30 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2014-04-21 23:05:30 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2014-04-21 23:05:29 | 001,913,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2014-04-21 23:05:29 | 000,612,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2014-04-21 23:05:28 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2014-04-21 23:05:27 | 001,659,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2014-04-21 23:05:27 | 000,477,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2014-04-21 23:05:27 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2014-04-21 23:05:27 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2014-04-21 23:05:27 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2014-04-21 23:05:27 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2014-04-21 23:05:27 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2014-04-21 23:05:26 | 001,210,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014-04-21 23:05:26 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2014-04-21 23:05:26 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2014-04-21 23:05:26 | 000,069,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2014-04-21 23:05:22 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2014-04-21 23:05:22 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2014-04-21 23:05:21 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2014-04-21 23:05:21 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2014-04-21 23:05:21 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2014-04-21 23:05:21 | 000,321,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014-04-21 23:05:21 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2014-04-21 23:05:21 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2014-04-21 23:05:21 | 000,123,664 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2014-04-21 23:05:20 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2014-04-21 23:05:20 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2014-04-21 23:05:20 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2014-04-21 23:05:20 | 000,168,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2014-04-21 23:05:20 | 000,123,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2014-04-21 23:05:20 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2014-04-21 23:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2014-04-21 23:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Temp
[2014-04-21 23:05:17 | 001,247,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2014-04-21 23:05:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014-04-21 23:01:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2014-04-21 23:00:36 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2014-04-21 23:00:36 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2014-04-21 23:00:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2014-04-21 23:00:34 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2014-04-21 23:00:34 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2014-04-21 23:00:34 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2014-04-21 23:00:15 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014-04-21 23:00:02 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014-04-21 23:00:01 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014-04-21 22:58:26 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014-04-21 22:58:26 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014-04-21 22:57:15 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014-04-21 22:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014-04-21 22:53:11 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014-04-21 22:53:10 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014-04-21 22:53:05 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014-04-21 22:53:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2014-04-21 22:53:03 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014-04-21 22:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Acer
[2014-04-21 22:52:35 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014-04-21 22:52:27 | 000,000,000 | ---D | C] -- C:\OEM
[2014-04-21 22:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
[2014-04-21 22:52:22 | 000,000,000 | ---D | C] -- C:\Program Files\Acer
[2014-04-21 22:51:55 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014-04-21 22:51:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014-04-21 22:51:41 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014-04-21 22:51:41 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014-04-21 22:51:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014-04-21 22:51:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014-04-21 22:51:40 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014-04-21 22:51:19 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014-04-21 22:51:16 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2014-04-21 22:51:16 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2014-04-21 22:51:16 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2014-04-21 22:51:16 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2014-04-21 22:51:16 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2014-04-21 22:51:16 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2014-04-21 22:51:16 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2014-04-21 22:51:16 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2014-04-21 22:51:16 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2014-04-21 22:51:16 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2014-04-21 22:51:16 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2014-04-21 22:51:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2014-04-21 22:51:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2014-04-21 22:51:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2014-04-21 22:51:16 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2014-04-21 22:51:13 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014-04-21 22:51:12 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2014-04-21 22:51:12 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2014-04-21 22:51:12 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2014-04-21 22:51:12 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2014-04-21 22:51:12 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2014-04-21 22:51:12 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2014-04-21 22:51:12 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2014-04-21 22:51:12 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2014-04-21 22:51:12 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2014-04-21 22:51:12 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2014-04-21 22:51:12 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2014-04-21 22:51:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2014-04-21 22:51:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2014-04-21 22:51:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2014-04-21 22:51:12 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2014-04-21 22:50:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2014-04-21 22:49:30 | 000,538,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2014-04-21 22:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014-04-21 22:43:13 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Mozilla
[2014-04-21 22:43:13 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Mozilla
[2014-04-21 22:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014-04-21 22:42:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014-04-21 22:42:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014-04-21 22:36:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014-04-21 22:36:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014-04-21 22:34:01 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014-04-21 22:34:01 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014-04-21 22:34:01 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014-04-21 22:34:01 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014-04-21 22:34:00 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014-04-21 22:34:00 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014-04-21 22:33:59 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014-04-21 22:33:59 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014-04-21 22:33:17 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014-04-21 22:33:17 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014-04-21 22:33:16 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014-04-21 22:33:16 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014-04-21 22:33:16 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014-04-21 22:33:16 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014-04-21 22:33:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014-04-21 22:33:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014-04-21 22:33:12 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014-04-21 22:32:24 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2014-04-21 22:29:08 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Adobe

[2014-04-21 01:33:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014-04-21 01:33:04 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014-04-21 01:33:04 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014-04-21 01:33:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014-04-21 01:32:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014-04-21 01:12:46 | 000,000,000 | ---D | C] -- C:\Windows\nl-NL
[2014-04-21 01:12:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nl
[2014-04-21 01:12:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0413
[2014-04-21 01:12:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2014-04-21 01:12:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\nl-NL
[2014-04-21 01:12:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nl
[2014-04-21 01:12:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0413
[2014-04-21 01:12:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2014-04-21 00:21:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014-04-21 00:20:59 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014-04-21 00:20:45 | 000,000,000 | ---D | C] -- C:\Boot
[2014-04-20 22:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014-04-20 22:14:27 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014-04-20 21:17:55 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014-04-20 21:17:54 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014-04-20 21:17:53 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014-04-20 21:17:50 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014-04-20 20:51:35 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014-04-20 20:42:12 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014-04-20 20:42:07 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014-04-20 20:42:07 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014-04-20 20:42:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014-04-20 20:42:06 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014-04-20 20:42:06 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014-04-20 20:42:06 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014-04-20 20:42:06 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014-04-20 20:42:06 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014-04-20 20:42:06 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014-04-20 20:42:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014-04-20 20:42:06 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014-04-20 20:42:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014-04-20 20:42:06 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014-04-20 20:42:06 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014-04-20 20:42:06 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014-04-20 20:42:06 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014-04-20 20:42:06 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014-04-20 20:42:06 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014-04-20 20:42:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014-04-20 20:42:06 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014-04-20 20:42:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014-04-20 20:42:06 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014-04-20 20:42:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014-04-20 20:42:05 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014-04-20 20:42:05 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014-04-20 20:42:05 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014-04-20 20:42:05 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014-04-20 20:42:05 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014-04-20 20:42:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014-04-20 20:42:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014-04-20 20:42:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014-04-20 20:42:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014-04-20 20:42:04 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014-04-20 20:42:04 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014-04-20 20:42:04 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014-04-20 20:42:04 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014-04-20 20:42:04 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014-04-20 20:42:04 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014-04-20 20:42:04 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014-04-20 20:42:04 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014-04-20 20:42:04 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014-04-20 20:42:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014-04-20 20:42:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014-04-20 20:42:03 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014-04-20 20:42:03 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014-04-20 20:42:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014-04-20 20:42:03 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014-04-20 20:42:03 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014-04-20 20:42:03 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014-04-20 20:42:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014-04-20 19:43:05 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\wdf01000.sys.mui
[2014-04-20 19:38:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014-04-20 19:38:03 | 000,000,000 | ---D | C] -- C:\Intel
[2014-04-20 18:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2014-04-20 18:54:45 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2014-04-20 18:28:25 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014-04-20 18:28:24 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014-04-20 18:28:24 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014-04-20 18:28:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014-04-20 18:21:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014-04-20 18:19:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014-04-20 18:14:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\rdvgkmd.sys.mui
[2014-04-20 18:14:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\rdpwd.sys.mui
[2014-04-20 18:14:18 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\tunnel.sys.mui
[2014-04-20 18:14:18 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\tsusbhub.sys.mui
[2014-04-20 18:14:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\usbport.sys.mui
[2014-04-20 18:14:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\battc.sys.mui
[2014-04-20 18:14:10 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\Dot4usb.sys.mui
[2014-04-20 18:14:03 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\nl-NL\tcpip.sys.mui
[2014-04-20 18:14:03 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\nl-NL\bfe.dll.mui
[2014-04-20 18:14:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\nl-NL\scfilter.sys.mui
[2014-04-20 18:14:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\nl-NL\qwavedrv.sys.mui
[2014-04-20 18:13:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\nl-NL\pacer.sys.mui
[2014-04-20 18:13:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\nl-NL\ndiscap.sys.mui
[2014-04-20 18:13:53 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\volsnap.sys.mui
[2014-04-20 18:13:53 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\usbhub.sys.mui
[2014-04-20 18:13:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vhdmp.sys.mui
[2014-04-20 18:13:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\tpm.sys.mui
[2014-04-20 18:13:53 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\nl-NL\pscr.sys.mui
[2014-04-20 18:13:53 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\portcls.sys.mui
[2014-04-20 18:13:53 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\umbus.sys.mui
[2014-04-20 18:13:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\serscan.sys.mui
[2014-04-20 18:13:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\wd.sys.mui
[2014-04-20 18:13:49 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\mpio.sys.mui
[2014-04-20 18:13:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\afd.sys.mui
[2014-04-20 18:13:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\serial.sys.mui
[2014-04-20 18:13:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\i8042prt.sys.mui
[2014-04-20 18:13:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\msdsm.sys.mui
[2014-04-20 18:13:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\sermouse.sys.mui
[2014-04-20 18:13:49 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\pcmcia.sys.mui
[2014-04-20 18:13:49 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\mouclass.sys.mui
[2014-04-20 18:13:49 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\parport.sys.mui
[2014-04-20 18:13:49 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\ataport.sys.mui
[2014-04-20 18:13:49 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\scsiport.sys.mui
[2014-04-20 18:13:49 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\rndismpx.sys.mui
[2014-04-20 18:13:49 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\rndismp6.sys.mui
[2014-04-20 18:13:49 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\mouhid.sys.mui
[2014-04-20 18:13:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vwifibus.sys.mui
[2014-04-20 18:13:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\MTConfig.sys.mui
[2014-04-20 18:13:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\amdide.sys.mui
[2014-04-20 18:13:46 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\tcpip.sys.mui
[2014-04-20 18:13:46 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\bfe.dll.mui
[2014-04-20 18:13:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\modem.sys.mui
[2014-04-20 18:13:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\ws2ifsl.sys.mui
[2014-04-20 18:13:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\usbrpm.sys.mui
[2014-04-20 18:13:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\fvevol.sys.mui
[2014-04-20 18:13:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\srv.sys.mui
[2014-04-20 18:13:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\scfilter.sys.mui
[2014-04-20 18:13:44 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\ntfs.sys.mui
[2014-04-20 18:13:44 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\ndis.sys.mui
[2014-04-20 18:13:44 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\pacer.sys.mui
[2014-04-20 18:13:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\nwifi.sys.mui
[2014-04-20 18:13:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\ndiscap.sys.mui
[2014-04-20 18:13:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\rdbss.sys.mui
[2014-04-20 18:13:44 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\RNDISMP.sys.mui
[2014-04-20 18:13:44 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\ndisuio.sys.mui
[2014-04-20 18:13:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\qwavedrv.sys.mui
[2014-04-20 18:13:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\partmgr.sys.mui
[2014-04-20 18:13:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\mountmgr.sys.mui
[2014-04-20 18:13:43 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\http.sys.mui
[2014-04-20 18:13:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\luafv.sys.mui
[2014-04-20 18:13:43 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\ipnat.sys.mui
[2014-04-20 18:13:42 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\processr.sys.mui
[2014-04-20 18:13:42 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\intelppm.sys.mui
[2014-04-20 18:13:42 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\amdppm.sys.mui
[2014-04-20 18:13:42 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\amdk8.sys.mui
[2014-04-20 18:13:42 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\ohci1394.sys.mui
[2014-04-20 18:13:42 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\1394ohci.sys.mui
[2014-04-20 18:13:42 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\nl-NL\BrSerId.sys.mui
[2014-04-20 18:13:42 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\nl-NL\BrSerIb.sys.mui
[2014-04-20 18:13:42 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\acpi.sys.mui
[2014-04-20 18:13:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\pci.sys.mui
[2014-04-20 18:13:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\bthport.sys.mui
[2014-04-20 18:13:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\IPMIDrv.sys.mui
[2014-04-20 18:13:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\kbdclass.sys.mui
[2014-04-20 18:13:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\fltmgr.sys.mui
[2014-04-20 18:13:42 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\bthpan.sys.mui
[2014-04-20 18:13:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\wacompen.sys.mui
[2014-04-20 18:13:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vdrvroot.sys.mui
[2014-04-20 18:13:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\isapnp.sys.mui
[2014-04-20 18:13:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\hdaudbus.sys.mui
[2014-04-20 18:13:42 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\HdAudio.sys.mui
[2014-04-20 18:13:42 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\nl-NL\atikmdag.sys.mui
[2014-04-20 18:13:42 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\mssmbios.sys.mui
[2014-04-20 18:13:42 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\hidbth.sys.mui
[2014-04-20 18:13:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\volmgrx.sys.mui
[2014-04-20 18:13:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\ULIAGPKX.SYS.mui
[2014-04-20 18:13:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\UAGP35.SYS.mui
[2014-04-20 18:13:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\pnpmem.sys.mui
[2014-04-20 18:13:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\NV_AGP.SYS.mui
[2014-04-20 18:13:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\kbdhid.sys.mui
[2014-04-20 18:13:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\GAGP30KX.SYS.mui
[2014-04-20 18:13:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\BTHUSB.SYS.mui
[2014-04-20 18:13:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\AGP440.sys.mui
[2014-04-20 18:13:42 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\nl-NL\BrParwdm.sys.mui
[2014-04-20 18:13:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\disk.sys.mui
[2014-04-20 18:13:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\cdrom.sys.mui
[2014-04-20 18:13:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\bthenum.sys.mui
[2014-04-20 18:11:22 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014-04-20 18:11:22 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014-04-20 18:11:22 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014-04-20 18:11:22 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014-04-20 18:11:20 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014-04-20 18:11:20 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014-04-20 18:11:20 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014-04-20 18:11:20 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014-04-20 18:11:20 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014-04-20 18:11:20 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014-04-20 18:11:20 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014-04-20 18:11:20 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014-04-20 18:11:20 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014-04-20 18:11:20 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014-04-20 18:11:20 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014-04-20 18:11:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014-04-20 18:11:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014-04-20 18:11:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014-04-20 18:11:20 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014-04-20 18:11:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014-04-20 18:11:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014-04-20 18:11:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014-04-20 18:11:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014-04-20 18:11:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014-04-20 18:11:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014-04-20 18:11:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014-04-20 18:11:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014-04-20 18:11:20 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014-04-20 18:11:20 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014-04-20 18:11:19 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014-04-20 18:11:19 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014-04-20 18:11:19 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014-04-20 18:11:19 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014-04-20 18:10:45 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2014-04-20 18:06:24 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2014-04-20 18:06:24 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2014-04-20 18:06:23 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2014-04-20 18:06:23 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2014-04-20 18:06:23 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2014-04-20 18:06:23 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2014-04-20 18:06:23 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2014-04-20 18:06:23 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2014-04-20 18:06:23 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2014-04-20 18:06:23 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2014-04-20 18:06:23 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2014-04-20 18:06:23 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2014-04-20 18:06:23 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2014-04-20 18:06:07 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2014-04-20 18:06:07 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2014-04-20 18:06:07 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2014-04-20 18:06:07 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2014-04-20 18:06:07 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2014-04-20 18:06:07 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2014-04-20 18:04:44 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2014-04-20 18:04:44 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2014-04-20 18:04:43 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2014-04-20 18:04:43 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2014-04-20 18:04:33 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2014-04-20 18:04:17 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014-04-20 18:04:16 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014-04-20 18:03:38 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014-04-20 18:03:38 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014-04-20 18:02:14 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014-04-20 18:02:13 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014-04-20 18:00:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014-04-20 18:00:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014-04-20 18:00:32 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2014-04-20 18:00:32 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2014-04-20 18:00:17 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014-04-20 18:00:17 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014-04-20 17:59:50 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014-04-20 17:59:50 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2014-04-20 17:59:50 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014-04-20 17:59:47 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014-04-20 17:59:45 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2014-04-20 17:59:44 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2014-04-20 17:59:38 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014-04-20 17:59:38 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014-04-20 17:59:37 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014-04-20 17:59:33 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2014-04-20 17:59:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2014-04-20 17:59:33 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2014-04-20 17:59:33 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2014-04-20 17:59:32 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2014-04-20 17:59:32 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2014-04-20 17:59:32 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2014-04-20 17:59:32 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2014-04-20 17:59:32 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2014-04-20 17:59:26 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014-04-20 17:59:26 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014-04-20 17:59:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2014-04-20 17:59:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2014-04-20 17:59:18 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014-04-20 17:59:18 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014-04-20 17:59:13 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014-04-20 17:59:13 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014-04-20 17:59:13 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014-04-20 17:59:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014-04-20 17:59:13 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014-04-20 17:59:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2014-04-20 17:59:13 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014-04-20 17:59:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2014-04-20 17:59:06 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014-04-20 17:58:31 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014-04-20 17:58:30 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014-04-20 17:58:29 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014-04-20 17:58:29 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014-04-20 17:58:29 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014-04-20 17:58:29 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014-04-20 17:58:29 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014-04-20 17:57:50 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014-04-20 17:56:48 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2014-04-20 17:56:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2014-04-20 17:56:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2014-04-20 17:56:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2014-04-20 17:56:08 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014-04-20 17:56:08 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014-04-20 17:55:06 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014-04-20 17:55:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2014-04-20 17:55:02 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014-04-20 17:54:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014-04-20 17:54:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014-04-20 17:54:57 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014-04-20 17:54:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2014-04-20 17:54:53 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2014-04-20 17:54:53 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2014-04-20 17:54:51 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2014-04-20 17:54:50 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014-04-20 17:54:50 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2014-04-20 17:54:49 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014-04-20 17:54:49 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014-04-20 17:54:45 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014-04-20 17:54:45 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014-04-20 17:54:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2014-04-20 17:54:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2014-04-20 17:54:42 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2014-04-20 17:54:42 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2014-04-20 17:54:42 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2014-04-20 17:54:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2014-04-20 17:54:41 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014-04-20 17:54:41 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014-04-20 17:54:41 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014-04-20 17:54:41 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014-04-20 17:54:41 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2014-04-20 17:54:41 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2014-04-20 17:54:41 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2014-04-20 17:54:40 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014-04-20 17:54:40 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2014-04-20 17:54:40 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2014-04-20 17:54:39 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014-04-20 17:54:39 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014-04-20 17:54:37 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014-04-20 17:54:37 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014-04-20 17:54:37 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014-04-20 17:54:35 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2014-04-20 17:54:34 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014-04-20 17:54:34 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2014-04-20 17:43:00 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014-04-20 17:42:45 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014-04-20 17:42:45 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014-04-20 17:42:27 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014-04-20 17:42:27 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014-04-20 17:42:27 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014-04-20 17:42:27 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014-04-20 17:42:27 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014-04-20 17:42:27 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2014-04-20 17:42:27 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014-04-20 17:42:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014-04-20 17:42:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014-04-20 17:42:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014-04-20 17:42:27 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014-04-20 17:42:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014-04-20 17:42:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014-04-20 17:42:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014-04-20 17:42:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014-04-20 17:42:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014-04-20 17:42:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014-04-20 17:42:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014-04-20 17:42:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014-04-20 17:42:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014-04-20 17:42:24 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014-04-20 17:42:20 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2014-04-20 17:42:17 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2014-04-20 17:42:17 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2014-04-20 17:42:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2014-04-20 17:42:16 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2014-04-20 17:42:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2014-04-20 17:42:14 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2014-04-20 17:42:09 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014-04-20 17:42:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014-04-20 17:42:09 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014-04-20 17:42:09 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014-04-20 17:42:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014-04-20 17:42:09 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014-04-20 17:42:06 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014-04-20 17:42:06 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2014-04-20 17:42:02 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2014-04-20 17:42:02 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2014-04-20 17:42:02 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2014-04-20 17:42:02 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2014-04-20 17:41:58 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014-04-20 17:41:44 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014-04-20 17:41:44 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014-04-20 17:41:43 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2014-04-20 17:41:43 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2014-04-20 17:41:42 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2014-04-20 17:41:42 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2014-04-20 17:41:39 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014-04-20 17:41:39 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014-04-20 17:41:39 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2014-04-20 17:41:39 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014-04-20 17:41:39 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014-04-20 17:41:38 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014-04-20 17:41:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014-04-20 17:39:12 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2014-04-20 17:39:12 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2014-04-20 17:33:44 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014-04-20 17:33:44 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014-04-20 17:33:44 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014-04-20 17:33:35 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014-04-20 17:33:35 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014-04-20 17:33:35 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014-04-20 17:33:21 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014-04-20 17:33:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014-04-20 17:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2014-04-20 17:12:30 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014-04-20 17:11:50 | 003,896,632 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvsrv64.dll
[2014-04-20 17:11:50 | 003,561,272 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll
[2014-04-20 17:11:50 | 003,058,168 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS
[2014-04-20 17:11:50 | 000,095,472 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll
[2014-04-20 17:11:46 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\InstallShield
[2014-04-20 16:44:59 | 000,000,000 | R--D | C] -- C:\Users\JAHIER\Searches
[2014-04-20 16:44:59 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014-04-20 16:44:59 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014-04-20 16:44:59 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014-04-20 16:44:49 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Identities
[2014-04-20 16:44:47 | 000,000,000 | R--D | C] -- C:\Users\JAHIER\Contacts
[2014-04-20 16:44:45 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\VirtualStore
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\AppData\Local\Temporary Internet Files
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\Templates
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\Start Menu
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\SendTo
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\Recent
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\PrintHood
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\NetHood
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\Documents\My Videos
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\Documents\My Pictures
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\Documents\My Music
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\My Documents
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\Local Settings
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\AppData\Local\History
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\Cookies
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\Application Data
[2014-04-20 16:44:40 | 000,000,000 | -HSD | C] -- C:\Users\JAHIER\AppData\Local\Application Data
[2014-04-20 16:44:39 | 000,000,000 | --SD | C] -- C:\Users\JAHIER\AppData\Roaming\Microsoft
[2014-04-20 16:44:39 | 000,000,000 | R--D | C] -- C:\Users\JAHIER\Videos
[2014-04-20 16:44:39 | 000,000,000 | R--D | C] -- C:\Users\JAHIER\Saved Games
[2014-04-20 16:44:39 | 000,000,000 | R--D | C] -- C:\Users\JAHIER\Pictures
[2014-04-20 16:44:39 | 000,000,000 | R--D | C] -- C:\Users\JAHIER\Music
[2014-04-20 16:44:39 | 000,000,000 | R--D | C] -- C:\Users\JAHIER\Links
[2014-04-20 16:44:39 | 000,000,000 | R--D | C] -- C:\Users\JAHIER\Favorites
[2014-04-20 16:44:39 | 000,000,000 | R--D | C] -- C:\Users\JAHIER\Downloads
[2014-04-20 16:44:39 | 000,000,000 | R--D | C] -- C:\Users\JAHIER\Documents
[2014-04-20 16:44:39 | 000,000,000 | R--D | C] -- C:\Users\JAHIER\Desktop
[2014-04-20 16:44:39 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Temp
[2014-04-20 16:44:39 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Local\Microsoft
[2014-04-20 16:44:39 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Media Center Programs
[2014-04-20 16:44:39 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014-04-20 16:44:39 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData
[2014-04-20 16:44:39 | 000,000,000 | ---D | C] -- C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014-04-20 16:44:34 | 000,000,000 | ---D | C] -- C:\Recovery
[2014-04-20 14:26:10 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014-04-20 14:24:04 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014-04-16 22:12:56 | 000,023,168 | ---- | C] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys
 
========== Files - Modified Within 30 Days ==========
 
[2014-05-08 17:39:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JAHIER\Desktop\OTL.exe
[2014-05-08 17:15:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-05-08 16:31:26 | 000,021,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-05-08 16:31:26 | 000,021,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-05-08 15:06:18 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014-05-08 15:00:55 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014-05-08 14:34:56 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-05-08 04:28:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-05-08 04:28:22 | 2960,510,976 | -HS- | M] () -- C:\hiberfil.sys
[2014-05-08 04:22:05 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-05-08 04:21:00 | 000,001,870 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2014-05-08 04:19:03 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014-05-08 04:18:19 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014-05-08 04:18:19 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014-05-08 04:18:19 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014-05-08 04:18:19 | 000,208,416 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014-05-08 04:18:19 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014-05-08 04:18:19 | 000,085,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014-05-08 04:18:19 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014-05-08 04:18:19 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014-05-08 04:18:19 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014-05-08 04:18:19 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014-05-08 03:53:09 | 004,796,856 | ---- | M] (AVAST Software) -- C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
[2014-05-08 03:46:09 | 000,016,712 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Windows\SysNative\drivers\PROCEXP113.SYS
[2014-05-07 09:16:46 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2014-05-07 07:28:14 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-05-07 07:28:14 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-05-07 05:13:30 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.trb
[2014-05-02 22:39:48 | 000,001,201 | ---- | M] () -- C:\Users\JAHIER\Desktop\Any Video Converter.lnk
[2014-05-01 22:52:06 | 000,000,211 | ---- | M] () -- C:\ProgramData\acer.zip
[2014-04-30 17:58:22 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-04-28 19:22:47 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014-04-28 18:33:59 | 000,441,496 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-04-25 02:35:17 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014-04-24 20:12:01 | 001,668,596 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-04-24 20:12:01 | 000,745,258 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2014-04-24 20:12:01 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-04-24 20:12:01 | 000,153,178 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2014-04-24 20:12:01 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-04-24 20:11:59 | 2946,897,920 | ---- | M] () -- C:\Users\JAHIER\Desktop\9600.17050.WINBLUE_REFRESH.140317-1640_X86FRE_ENTERPRISE_EVAL_EN-US-IR3_CENA_X86FREE_EN-US_DV9.ISO
[2014-04-24 19:55:57 | 000,002,534 | ---- | M] () -- C:\Users\JAHIER\Desktop\Windows 7 USB DVD Download Tool.lnk
[2014-04-22 21:40:30 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2014-04-22 20:21:47 | 000,000,017 | ---- | M] () -- C:\Users\JAHIER\AppData\Local\resmon.resmoncfg
[2014-04-22 19:27:21 | 000,001,057 | ---- | M] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk
[2014-04-22 03:33:16 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-04-22 03:33:11 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-04-22 03:33:11 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-04-22 03:33:11 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014-04-22 02:51:34 | 000,001,323 | ---- | M] () -- C:\Users\JAHIER\Desktop\PowerPoint 2013.lnk
[2014-04-22 02:35:01 | 000,000,788 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014-04-22 02:31:59 | 000,002,837 | ---- | M] () -- C:\Users\JAHIER\Desktop\Word 2013.lnk
[2014-04-22 02:31:59 | 000,002,789 | ---- | M] () -- C:\Users\JAHIER\Desktop\Excel 2013.lnk
[2014-04-22 01:44:53 | 000,000,859 | ---- | M] () -- C:\Users\JAHIER\Desktop\PeerBlock.lnk
[2014-04-22 00:26:57 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBT.bin
[2014-04-22 00:26:57 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2014-04-21 23:58:04 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2014-04-21 23:49:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2014-04-21 23:48:55 | 001,643,448 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-04-21 23:46:27 | 000,000,184 | ---- | M] () -- C:\Windows\LMv4.UNI
[2014-04-21 00:20:47 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014-04-20 20:42:12 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014-04-20 20:42:07 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014-04-20 20:42:07 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014-04-20 20:42:07 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014-04-20 20:42:06 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014-04-20 20:42:06 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014-04-20 20:42:06 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014-04-20 20:42:06 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014-04-20 20:42:06 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014-04-20 20:42:06 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014-04-20 20:42:06 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014-04-20 20:42:06 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014-04-20 20:42:06 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014-04-20 20:42:06 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014-04-20 20:42:06 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014-04-20 20:42:06 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014-04-20 20:42:06 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014-04-20 20:42:06 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014-04-20 20:42:06 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014-04-20 20:42:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014-04-20 20:42:06 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014-04-20 20:42:06 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014-04-20 20:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014-04-20 20:42:06 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014-04-20 20:42:06 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014-04-20 20:42:05 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014-04-20 20:42:05 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014-04-20 20:42:05 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014-04-20 20:42:05 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014-04-20 20:42:05 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014-04-20 20:42:05 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014-04-20 20:42:05 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014-04-20 20:42:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014-04-20 20:42:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014-04-20 20:42:04 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014-04-20 20:42:04 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014-04-20 20:42:04 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014-04-20 20:42:04 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014-04-20 20:42:04 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014-04-20 20:42:04 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014-04-20 20:42:04 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014-04-20 20:42:04 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014-04-20 20:42:04 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014-04-20 20:42:04 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014-04-20 20:42:04 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014-04-20 20:42:04 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014-04-20 20:42:03 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014-04-20 20:42:03 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014-04-20 20:42:03 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014-04-20 20:42:03 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014-04-20 20:42:03 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014-04-20 20:42:03 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014-04-20 20:42:03 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014-04-20 18:18:06 | 000,341,322 | ---- | M] () -- C:\Windows\SysNative\perfi013.dat
[2014-04-20 18:18:06 | 000,043,068 | ---- | M] () -- C:\Windows\SysNative\perfd013.dat
[2014-04-20 18:01:56 | 000,001,439 | ---- | M] () -- C:\Users\JAHIER\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014-04-20 17:12:09 | 000,696,680 | ---- | M] () -- C:\Windows\SysNative\oem2.inf
[2014-04-20 17:11:43 | 003,896,632 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvsrv64.dll
[2014-04-20 17:11:43 | 003,561,272 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll
[2014-04-20 17:11:43 | 003,058,168 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS
[2014-04-20 17:11:43 | 000,095,472 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll
[2014-04-20 17:11:43 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\bcmwlrc.dll
[2014-04-20 14:27:05 | 000,116,385 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014-04-20 14:27:04 | 000,116,385 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014-04-20 14:25:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014-04-16 22:12:56 | 000,023,168 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys
[2014-04-14 04:24:46 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014-04-14 04:19:37 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
 
========== Files Created - No Company Name ==========
 
[2014-05-08 04:22:05 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-05-08 04:21:00 | 000,001,870 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2014-05-08 04:19:03 | 000,001,972 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014-05-08 04:18:31 | 000,208,416 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014-05-08 04:18:28 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014-05-08 04:18:26 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014-05-07 09:16:46 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2014-05-07 08:47:24 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2014-05-07 08:47:24 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2014-05-07 08:47:24 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2014-05-02 22:39:48 | 000,001,201 | ---- | C] () -- C:\Users\JAHIER\Desktop\Any Video Converter.lnk
[2014-05-01 22:52:06 | 000,000,211 | ---- | C] () -- C:\ProgramData\acer.zip
[2014-05-01 16:33:58 | 000,001,311 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2014-05-01 16:33:39 | 000,001,380 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2014-04-28 19:22:47 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014-04-25 02:35:17 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014-04-25 02:32:38 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014-04-24 20:00:21 | 2946,897,920 | ---- | C] () -- C:\Users\JAHIER\Desktop\9600.17050.WINBLUE_REFRESH.140317-1640_X86FRE_ENTERPRISE_EVAL_EN-US-IR3_CENA_X86FREE_EN-US_DV9.ISO
[2014-04-24 19:55:57 | 000,002,534 | ---- | C] () -- C:\Users\JAHIER\Desktop\Windows 7 USB DVD Download Tool.lnk
[2014-04-22 20:21:47 | 000,000,017 | ---- | C] () -- C:\Users\JAHIER\AppData\Local\resmon.resmoncfg
[2014-04-22 19:27:21 | 000,001,057 | ---- | C] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk
[2014-04-22 03:35:33 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014-04-22 03:32:32 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-04-22 02:51:34 | 000,001,323 | ---- | C] () -- C:\Users\JAHIER\Desktop\PowerPoint 2013.lnk
[2014-04-22 02:35:01 | 000,000,788 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014-04-22 02:31:59 | 000,002,837 | ---- | C] () -- C:\Users\JAHIER\Desktop\Word 2013.lnk
[2014-04-22 02:31:59 | 000,002,789 | ---- | C] () -- C:\Users\JAHIER\Desktop\Excel 2013.lnk
[2014-04-22 01:44:53 | 000,000,859 | ---- | C] () -- C:\Users\JAHIER\Desktop\PeerBlock.lnk
[2014-04-22 00:26:31 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2014-04-21 23:58:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014-04-21 23:53:07 | 001,991,936 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2014-04-21 23:53:07 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2014-04-21 23:53:07 | 000,870,544 | ---- | C] () -- C:\Windows\SysNative\igkrng575.bin
[2014-04-21 23:53:07 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2014-04-21 23:53:07 | 000,205,824 | ---- | C] () -- C:\Windows\SysNative\iglhsip64.dll
[2014-04-21 23:53:07 | 000,187,392 | ---- | C] () -- C:\Windows\SysNative\iglhcp64.dll
[2014-04-21 23:53:07 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2014-04-21 23:53:07 | 000,060,254 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2014-04-21 23:53:07 | 000,060,226 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2014-04-21 23:53:07 | 000,060,015 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2014-04-21 23:53:07 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2014-04-21 23:53:07 | 000,051,068 | ---- | C] () -- C:\Windows\SysNative\igfcg575m.bin
[2014-04-21 23:53:07 | 000,005,900 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2014-04-21 23:53:07 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2014-04-21 23:53:07 | 000,001,090 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2014-04-21 23:53:06 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2014-04-21 23:53:06 | 000,127,896 | ---- | C] () -- C:\Windows\SysNative\igcompkrng575.bin
[2014-04-21 23:53:05 | 000,409,184 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2014-04-21 23:53:05 | 000,409,184 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2014-04-21 23:53:05 | 000,187,765 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2014-04-21 23:53:05 | 000,176,490 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2014-04-21 23:53:05 | 000,163,560 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2014-04-21 23:53:05 | 000,152,600 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2014-04-21 23:53:05 | 000,138,088 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2014-04-21 23:53:05 | 000,134,602 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2014-04-21 23:53:05 | 000,131,904 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2014-04-21 23:53:05 | 000,123,747 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2014-04-21 23:53:05 | 000,121,451 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2014-04-21 23:53:05 | 000,121,132 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2014-04-21 23:53:05 | 000,120,882 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2014-04-21 23:53:05 | 000,119,326 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2014-04-21 23:53:05 | 000,118,949 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2014-04-21 23:53:05 | 000,118,569 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2014-04-21 23:53:05 | 000,117,762 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2014-04-21 23:53:05 | 000,117,737 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2014-04-21 23:53:05 | 000,117,527 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2014-04-21 23:53:05 | 000,117,229 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2014-04-21 23:53:05 | 000,116,944 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2014-04-21 23:53:05 | 000,116,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2014-04-21 23:53:05 | 000,116,629 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2014-04-21 23:53:05 | 000,116,230 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2014-04-21 23:53:05 | 000,113,040 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2014-04-21 23:53:05 | 000,112,529 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2014-04-21 23:53:05 | 000,112,445 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2014-04-21 23:53:05 | 000,108,405 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2014-04-21 23:53:05 | 000,102,229 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2014-04-21 23:53:05 | 000,101,113 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2014-04-21 23:53:04 | 000,019,462 | ---- | C] () -- C:\Windows\atiogl.xml
[2014-04-21 23:53:04 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014-04-21 23:53:04 | 000,001,035 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2014-04-21 23:53:03 | 000,197,624 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2014-04-21 23:49:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2014-04-21 23:46:27 | 000,000,184 | ---- | C] () -- C:\Windows\LMv4.UNI
[2014-04-21 23:09:12 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll
[2014-04-21 23:09:12 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2014-04-21 23:09:12 | 000,049,464 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
[2014-04-21 23:09:12 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2014-04-21 23:09:12 | 000,009,168 | ---- | C] () -- C:\Windows\Suyin.reg
[2014-04-21 23:09:12 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2014-04-21 23:09:12 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2014-04-21 23:05:33 | 000,231,056 | ---- | C] () -- C:\Windows\SysNative\drivers\RTConvEQ.dat
[2014-04-21 23:05:33 | 000,030,856 | ---- | C] () -- C:\Windows\SysNative\drivers\RtPCEE3.DAT
[2014-04-21 23:05:33 | 000,001,352 | ---- | C] () -- C:\Windows\SysNative\drivers\RtHdatEx.dat
[2014-04-21 23:05:33 | 000,000,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SamSfPa.dat
[2014-04-21 23:05:33 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX3.dat
[2014-04-21 23:05:33 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.dat
[2014-04-21 23:05:33 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.dat
[2014-04-21 23:05:33 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2014-04-21 23:05:33 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\drivers\RTHDAEQ1.dat
[2014-04-21 23:05:33 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat
[2014-04-21 22:43:04 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-04-21 22:43:03 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014-04-21 01:23:25 | 000,341,322 | ---- | C] () -- C:\Windows\SysNative\perfi013.dat
[2014-04-21 01:23:24 | 000,745,258 | ---- | C] () -- C:\Windows\SysNative\perfh013.dat
[2014-04-21 01:23:24 | 000,153,178 | ---- | C] () -- C:\Windows\SysNative\perfc013.dat
[2014-04-21 01:23:24 | 000,043,068 | ---- | C] () -- C:\Windows\SysNative\perfd013.dat
[2014-04-21 00:20:47 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2014-04-21 00:20:45 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2014-04-20 22:17:55 | 001,643,448 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-04-20 20:42:06 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014-04-20 20:42:04 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014-04-20 18:28:24 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014-04-20 18:01:55 | 000,001,439 | ---- | C] () -- C:\Users\JAHIER\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014-04-20 17:55:05 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014-04-20 17:12:17 | 000,696,680 | ---- | C] () -- C:\Windows\SysNative\oem2.inf
[2014-04-20 17:11:51 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll
[2014-04-20 16:45:00 | 000,001,415 | ---- | C] () -- C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014-04-20 16:44:39 | 000,000,290 | ---- | C] () -- C:\Users\JAHIER\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014-04-20 16:44:39 | 000,000,272 | ---- | C] () -- C:\Users\JAHIER\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014-04-20 14:26:56 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014-04-20 14:26:45 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014-04-20 14:25:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014-04-20 14:23:11 | 2960,510,976 | -HS- | C] () -- C:\hiberfil.sys
 
========== ZeroAccess Check ==========
 
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014-05-02 22:39:54 | 000,000,000 | ---D | M] -- C:\Users\JAHIER\AppData\Roaming\AnvSoft
[2014-05-08 04:23:19 | 000,000,000 | ---D | M] -- C:\Users\JAHIER\AppData\Roaming\AVAST Software
[2014-04-22 17:11:54 | 000,000,000 | ---D | M] -- C:\Users\JAHIER\AppData\Roaming\Melon
[2014-05-07 09:16:52 | 000,000,000 | ---D | M] -- C:\Users\JAHIER\AppData\Roaming\Opera Software
[2014-05-08 15:05:24 | 000,000,000 | ---D | M] -- C:\Users\JAHIER\AppData\Roaming\Frog
[2014-05-07 07:19:56 | 000,000,000 | ---D | M] -- C:\Users\JAHIER\AppData\Roaming\WebcamMax
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV:64bit: - [2009-07-14 03:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013-02-27 07:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009-07-14 03:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010-11-21 05:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010-11-21 05:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2013-09-25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009-07-14 03:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012-07-05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013-07-09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013-07-09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010-11-21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010-11-21 05:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010-11-21 05:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011-03-03 08:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009-07-14 03:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009-07-14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009-07-14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009-07-14 03:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010-11-21 05:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009-07-14 03:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009-07-14 03:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009-07-14 03:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009-07-14 03:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012-10-03 19:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009-07-14 03:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011-05-24 13:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012-02-11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2013-09-25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009-07-14 03:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010-11-21 05:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010-11-21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010-11-21 05:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2013-09-25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009-07-14 03:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010-11-21 05:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010-11-21 05:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010-11-21 05:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010-11-21 05:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010-11-21 05:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010-11-21 05:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009-07-14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012-05-01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010-11-21 05:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010-11-21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010-11-21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010-11-21 05:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010-11-21 05:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010-11-21 05:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010-11-21 05:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010-11-21 05:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010-11-21 05:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009-07-14 03:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012-06-03 00:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010-11-21 05:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009-07-14 03:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010-11-21 05:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: EXPLORER.EXE  >
[2011-02-26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011-02-25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011-02-25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011-02-25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-02-26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010-11-21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010-11-21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: MPSVC.DLL  >
[2013-05-27 07:26:41 | 001,011,712 | ---- | M] (Microsoft Corporation) MD5=7B6CD2C784B13D63481B6BF49605C026 -- C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpSvc.dll
[2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) MD5=7CBB1D4D13DC62D7F529D87151FD3CD3 -- C:\Program Files\Windows Defender\MpSvc.dll
[2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) MD5=7CBB1D4D13DC62D7F529D87151FD3CD3 -- C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpSvc.dll
[2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) MD5=CF318F60A84F15AF352439465A8D05F4 -- C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpSvc.dll
 
< MD5 for: QMGR.DLL  >
[2010-11-21 05:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\erdnt\cache64\qmgr.dll
[2010-11-21 05:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010-11-21 05:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
 
< MD5 for: RPCSS.DLL  >
[2010-11-21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\erdnt\cache64\rpcss.dll
[2010-11-21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\SysNative\rpcss.dll
[2010-11-21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
 
< MD5 for: SERVICES  >
[2009-06-10 23:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
 
< MD5 for: SERVICES.ASFX  >
[2013-12-21 08:04:36 | 000,002,626 | ---- | M] () MD5=2FD7F2FDEF0BA1B3080372C092348748 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Locale\nl_NL\Services\Services.asfx
 
< MD5 for: SERVICES.CFG  >
[2013-12-21 08:04:16 | 000,559,392 | ---- | M] () MD5=F9FBA73F44366AB3514BD1985707F178 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
 
< MD5 for: SERVICES.EXE  >
[2009-07-14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009-07-14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009-07-14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2011-04-12 10:17:17 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2011-04-12 10:17:17 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
[2009-07-13 18:57:50 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=B84CF40C8CF1DA44A95CC37E360EB977 -- C:\Windows\SysNative\nl-NL\services.exe.mui
[2009-07-13 18:57:50 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=B84CF40C8CF1DA44A95CC37E360EB977 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_7efe2a1cc8ae306f\services.exe.mui
 
< MD5 for: SERVICES.LNK  >
[2009-07-14 06:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009-07-14 06:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2009-06-10 22:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009-06-10 22:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
 
< MD5 for: SERVICES.MSC  >
[2011-04-12 10:17:16 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009-06-10 22:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2011-04-12 10:17:18 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009-06-10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2011-04-12 10:17:16 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009-06-10 22:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2011-04-12 10:17:18 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009-06-10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
[2009-07-13 18:46:50 | 000,092,747 | ---- | M] () MD5=E4FE4D28A62170560B388B241E5F2D6B -- C:\Windows\SysNative\nl-NL\services.msc
[2009-07-13 18:45:48 | 000,092,747 | ---- | M] () MD5=E4FE4D28A62170560B388B241E5F2D6B -- C:\Windows\SysWOW64\nl-NL\services.msc
[2009-07-13 18:46:50 | 000,092,747 | ---- | M] () MD5=E4FE4D28A62170560B388B241E5F2D6B -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_b93ffa089f17ca62\services.msc
[2009-07-13 18:45:48 | 000,092,747 | ---- | M] () MD5=E4FE4D28A62170560B388B241E5F2D6B -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_5d215e84e6ba592c\services.msc
 
< MD5 for: SERVICES.PTXML  >
[2009-07-13 22:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009-07-13 22:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
 
< MD5 for: SVCHOST.EXE  >
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014-04-03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2010-11-21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010-11-21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010-11-21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010-11-21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010-11-21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010-11-21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010-11-21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010-11-21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014-04-03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
 
< dir "%systemdrive%\*" /S /A:L /C >
 De volumenaam van station C is System
 Het volumenummer is 74AB-D086
 Map van C:\
14-07-2009  07:08    <KOPPELING>    Documents and Settings [C:\Users]
               0 bestand(en)                0 bytes
 Map van C:\ProgramData
14-07-2009  07:08    <KOPPELING>    Application Data [C:\ProgramData]
14-07-2009  07:08    <KOPPELING>    Desktop [C:\Users\Public\Desktop]
14-07-2009  07:08    <KOPPELING>    Documents [C:\Users\Public\Documents]
14-07-2009  07:08    <KOPPELING>    Favorites [C:\Users\Public\Favorites]
14-07-2009  07:08    <KOPPELING>    Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14-07-2009  07:08    <KOPPELING>    Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 bestand(en)                0 bytes
 Map van C:\Users
14-07-2009  07:08    <SYMLINKD>     All Users [C:\ProgramData]
14-07-2009  07:08    <KOPPELING>    Default User [C:\Users\Default]
               0 bestand(en)                0 bytes
 Map van C:\Users\All Users
14-07-2009  07:08    <KOPPELING>    Application Data [C:\ProgramData]
14-07-2009  07:08    <KOPPELING>    Desktop [C:\Users\Public\Desktop]
14-07-2009  07:08    <KOPPELING>    Documents [C:\Users\Public\Documents]
14-07-2009  07:08    <KOPPELING>    Favorites [C:\Users\Public\Favorites]
14-07-2009  07:08    <KOPPELING>    Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14-07-2009  07:08    <KOPPELING>    Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 bestand(en)                0 bytes
 Map van C:\Users\JAHIER
20-04-2014  16:44    <KOPPELING>    Application Data [C:\Users\JAHIER\AppData\Roaming]
20-04-2014  16:44    <KOPPELING>    Cookies [C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Cookies]
20-04-2014  16:44    <KOPPELING>    Local Settings [C:\Users\JAHIER\AppData\Local]
20-04-2014  16:44    <KOPPELING>    My Documents [C:\Users\JAHIER\Documents]
20-04-2014  16:44    <KOPPELING>    NetHood [C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
20-04-2014  16:44    <KOPPELING>    PrintHood [C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
20-04-2014  16:44    <KOPPELING>    Recent [C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Recent]
20-04-2014  16:44    <KOPPELING>    SendTo [C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\SendTo]
20-04-2014  16:44    <KOPPELING>    Start Menu [C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Start Menu]
20-04-2014  16:44    <KOPPELING>    Templates [C:\Users\JAHIER\AppData\Roaming\Microsoft\Windows\Templates]
               0 bestand(en)                0 bytes
 Map van C:\Users\JAHIER\AppData\Local
20-04-2014  16:44    <KOPPELING>    Application Data [C:\Users\JAHIER\AppData\Local]
20-04-2014  16:44    <KOPPELING>    History [C:\Users\JAHIER\AppData\Local\Microsoft\Windows\History]
20-04-2014  16:44    <KOPPELING>    Temporary Internet Files [C:\Users\JAHIER\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 bestand(en)                0 bytes
 Map van C:\Users\JAHIER\Documents
20-04-2014  16:44    <KOPPELING>    My Music [C:\Users\JAHIER\Music]
20-04-2014  16:44    <KOPPELING>    My Pictures [C:\Users\JAHIER\Pictures]
20-04-2014  16:44    <KOPPELING>    My Videos [C:\Users\JAHIER\Videos]
               0 bestand(en)                0 bytes
 Map van C:\Users\Default
14-07-2009  07:08    <KOPPELING>    Application Data [C:\Users\Default\AppData\Roaming]
14-07-2009  07:08    <KOPPELING>    Local Settings [C:\Users\Default\AppData\Local]
14-07-2009  07:08    <KOPPELING>    My Documents [C:\Users\Default\Documents]
14-07-2009  07:08    <KOPPELING>    NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14-07-2009  07:08    <KOPPELING>    PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14-07-2009  07:08    <KOPPELING>    Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14-07-2009  07:08    <KOPPELING>    SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
14-07-2009  07:08    <KOPPELING>    Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14-07-2009  07:08    <KOPPELING>    Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 bestand(en)                0 bytes
 Map van C:\Users\Default\AppData\Local
14-07-2009  07:08    <KOPPELING>    Application Data [C:\Users\Default\AppData\Local]
14-07-2009  07:08    <KOPPELING>    History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14-07-2009  07:08    <KOPPELING>    Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 bestand(en)                0 bytes
 Map van C:\Users\Default\Documents
14-07-2009  07:08    <KOPPELING>    My Music [C:\Users\Default\Music]
14-07-2009  07:08    <KOPPELING>    My Pictures [C:\Users\Default\Pictures]
14-07-2009  07:08    <KOPPELING>    My Videos [C:\Users\Default\Videos]
               0 bestand(en)                0 bytes
 Map van C:\Users\Public\Documents
14-07-2009  07:08    <KOPPELING>    My Music [C:\Users\Public\Music]
14-07-2009  07:08    <KOPPELING>    My Pictures [C:\Users\Public\Pictures]
14-07-2009  07:08    <KOPPELING>    My Videos [C:\Users\Public\Videos]
               0 bestand(en)                0 bytes
     Totaal aantal weergegeven bestanden:
               0 bestand(en)                0 bytes
              49 map(pen)  274.333.143.040 bytes beschikbaar

< End of report >
 



#12 southnu

southnu
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:04 AM

Posted 08 May 2014 - 11:18 AM

OTL Extras logfile created on: 8-5-2014 17:45:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\JAHIER\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000000 | Country: Candy | Language: NLD | Date Format: d-M-yyyy
 
3,68 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 48,24% Memory free
7,35 Gb Paging File | 4,59 Gb Available in Paging File | 62,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 255,51 Gb Free Space | 85,72% Space Free | Partition Type: NTFS
Drive D: | 498,63 Gb Total Space | 497,00 Gb Free Space | 99,67% Space Free | Partition Type: NTFS
Drive E: | 200,00 Gb Total Space | 131,27 Gb Free Space | 65,64% Space Free | Partition Type: NTFS
 
Computer Name: JAHIER-PC | User Name: JAHIER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-418532852-178646354-63402781-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office15\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office15\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02FC15E7-CF32-40FC-BBEA-921874D1355A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0B4A14F4-6DD3-4196-A027-1A9FAABACEFC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{11D2F37A-C6B7-486E-BB72-712C5CA5B1FB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{190ED230-F6A9-4DC3-A877-F783481D9D1A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2DF32FF4-A892-45FC-9640-BDC6E3B18EC3}" = lport=6004 | protocol=17 | dir=in | app=d:\program files\microsoft office\office15\outlook.exe |
"{31F089DC-6E23-4855-B9FF-55A284668C18}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{34727A0F-2CE7-4059-83C1-1C35C25061F0}" = lport=138 | protocol=17 | dir=in | app=system |
"{3E34AB27-7B85-4699-B006-F7895AAF8D7F}" = lport=139 | protocol=6 | dir=in | app=system |
"{4536DA57-000E-4D8E-B22D-601F5607E2B6}" = lport=445 | protocol=6 | dir=in | app=system |
"{69FD0D85-AECF-40EF-9019-9DDBEE6DE593}" = rport=139 | protocol=6 | dir=out | app=system |
"{6ECA75B7-3D32-4B5B-AE87-DF2126F61DBC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6F0501CB-C7D6-4762-86A7-CCEC0E42B31A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72D30277-A7F5-43D3-9537-1525B983030C}" = rport=445 | protocol=6 | dir=out | app=system |
"{7FDD9CE9-8926-4AAA-A681-6964F4D3342A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{81C3EB75-4520-43B9-8CC2-71277A2DDF62}" = lport=10243 | protocol=6 | dir=in | app=system |
"{83B7BDD9-3BBC-4E0F-A100-AC6962364BAB}" = lport=137 | protocol=17 | dir=in | app=system |
"{AA2DE2B8-86D3-481E-9858-47FF4A337A97}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B3D10222-17E7-45D0-9862-F135AFDBB222}" = rport=137 | protocol=17 | dir=out | app=system |
"{B6A7B874-2970-4474-8D03-655830A94CBD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B9BEFA73-09E9-4391-AE51-91724C44C63A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BCE1D884-FF4F-4392-BDF5-94F746CB51B3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E09A3CFD-08AC-4F8F-9189-7EC7744A044A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E645ECAE-89B9-43CD-9A2E-1EB7345E8576}" = rport=138 | protocol=17 | dir=out | app=system |
"{E975557A-998D-437B-AA50-63336400BD2A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07517142-F966-459B-A351-6C4376FED4B9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{10D97ECE-CAF3-4C53-AD2E-75072B133AFB}" = protocol=17 | dir=in | app=d:\program files\microsoft office\office15\ucmapi.exe |
"{1B9CA898-978F-4C1A-85C2-F46D1EBFF539}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1F6B7E30-9A56-4937-B3DF-F4E2C987AEB8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2610C1B2-DDE6-4C43-9FDB-A7471478D731}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2661A757-1C7F-4088-B4A9-47F3D3E54163}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{32E2A39A-F541-4845-851A-C73E6EE94555}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3CE98646-589F-48E7-9819-3843D437478E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{416413B0-BD89-4146-80AB-C11929DBBA05}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{436B7221-7336-43F0-A4AA-E4698BDABF45}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4C00C13B-064D-49C9-977D-03AB5F916D2B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{520754D7-886B-46BC-A7BA-6DC0C4339071}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5EC9DA39-18BC-44FA-AAD6-AB13155C904A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6E05BB9A-84BC-4B73-9B41-BB9C0F8CBDB3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6FC84DE5-ADF4-4E35-89E2-7131B8AEFEE0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7791E761-EF7B-4CAF-A228-B2B827D05E23}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{781FE3A1-A0FE-4DAA-92BB-DB491778DEBD}" = protocol=17 | dir=in | app=d:\program files\microsoft office\office15\ucmapi.exe |
"{7B10D12C-127F-470F-9835-062474E85088}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{804F20A5-9DC2-4714-81CE-85043AC13C7F}" = protocol=6 | dir=out | app=system |
"{81D09605-7424-40F0-B5CA-AB840AA6E120}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8DB4C7E8-74F0-4E47-924E-66AF571FA43D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{993BEBAD-A600-4D72-A5E8-95920EB365C6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{99D0BAFA-EAEC-4309-AD8C-22F593901806}" = protocol=17 | dir=in | app=d:\program files\microsoft office\office15\lync.exe |
"{9BE428B5-DD96-429B-8138-A9D162D7ECC7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A1425B72-5CBE-4801-8689-88800ED6C5ED}" = protocol=6 | dir=in | app=d:\program files\microsoft office\office15\ucmapi.exe |
"{A4B8D839-23DA-4A10-A7A2-82FA4365F9D7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AF50B2B9-AB2F-4B5B-850F-C9CE06F9CDB8}" = protocol=6 | dir=in | app=d:\program files\microsoft office\office15\lync.exe |
"{B9384C25-CBB3-41E3-983A-7D69BBE4B22C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CBEE11AE-6C8B-4EB2-A1CA-0175DF1DBD63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D0A722FD-AA82-4AEF-BE05-037E5B1DB11F}" = protocol=6 | dir=in | app=d:\program files\microsoft office\office15\lync.exe |
"{F50C2F79-BEE8-44FE-AEAA-85A763D0EDA4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FCAAF995-811F-4431-ADC7-BA300126378B}" = protocol=17 | dir=in | app=d:\program files\microsoft office\office15\lync.exe |
"{FCB90471-2AF8-4115-BFEA-3BA675BC4FC3}" = protocol=6 | dir=in | app=d:\program files\microsoft office\office15\ucmapi.exe |
"TCP Query User{944E8814-01A4-4338-A861-F9E3843180BF}C:\users\JAHIER\appdata\roaming\melon\melon.exe" = protocol=6 | dir=in | app=c:\users\JAHIER\appdata\roaming\melon\melon.exe |
"UDP Query User{D3BEEDDD-F19E-4C56-8938-4E24D1E163A9}C:\users\JAHIER\appdata\roaming\melon\melon.exe" = protocol=17 | dir=in | app=c:\users\JAHIER\appdata\roaming\melon\melon.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.2 (r693)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}" = COMODO Firewall
"{293B6AD6-584D-A86D-A5C6-39D3A5A49189}" = ccc-utility64
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technologie monitor
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{86B32D5B-3F29-12E4-C485-C9BDE5EC8202}" = ATI Catalyst Install Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0015-0413-1000-0000000FF1CE}" = Microsoft Access MUI (Dutch) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0016-0413-1000-0000000FF1CE}" = Microsoft Excel MUI (Dutch) 2013
"{90150000-0017-0413-1000-0000000FF1CE}" = Microsoft SharePoint Designer MUI (Dutch) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0018-0413-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Dutch) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-0019-0413-1000-0000000FF1CE}" = Microsoft Publisher MUI (Dutch) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001A-0413-1000-0000000FF1CE}" = Microsoft Outlook MUI (Dutch) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001B-0413-1000-0000000FF1CE}" = Microsoft Word MUI (Dutch) 2013
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0413-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Nederlands
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-002C-0413-1000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-0044-0413-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Dutch) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-006E-0413-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-0090-0413-1000-0000000FF1CE}" = Microsoft DCF MUI (Dutch) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00A1-0413-1000-0000000FF1CE}" = Microsoft OneNote MUI (Dutch) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00BA-0413-1000-0000000FF1CE}" = Microsoft Groove MUI (Dutch) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00C1-0413-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Dutch) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E1-0413-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Dutch) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-00E2-0413-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Dutch) 2013
"{90150000-0100-0413-1000-0000000FF1CE}" = Microsoft Office O MUI (Dutch) 2013
"{90150000-0101-0413-1000-0000000FF1CE}" = Microsoft X MUI (Dutch) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{90150000-012B-0413-1000-0000000FF1CE}" = Microsoft Lync MUI (Dutch) 2013
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043" = Microsoft .NET Framework 4.5.1 (Nederlands)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EBB0AF2-4AD2-3ABA-95EF-977EBEA1CB09}" = Microsoft .NET Framework 4.5.1 (NLD)
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"CCleaner" = CCleaner
"Malwarebytes Anti-Exploit_is1" = Malwarebytes Anti-Exploit version 0.10.3.0100
"Office15.OMUI.nl-nl" = Microsoft Office Language Pack 2013  - Dutch/Nederlands
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.1.3
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{01A32062-5AD4-885D-01A8-C140AE3B0B9C}" = CCC Help French
"{076673C9-79FF-AE1A-7D06-743E028FFB7A}" = CCC Help Thai
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0D345AE6-CD83-1B6D-379C-A141DACE70BA}" = CCC Help Korean
"{194B9E76-7985-37F3-20BF-E3921D542977}" = CCC Help Danish
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1B905A9B-EB74-4C70-B81B-5F446C178566}" = Windows Live Essentials
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{266F77D9-A797-8506-1231-096087130EFD}" = CCC Help Japanese
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{290C2B0A-CEE1-4F55-AB46-4571EC01DA96}" = Windows Live UX Platform Language Pack
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3B5CB5AC-B214-387C-AD7A-92382C0C1941}" = CCC Help Greek
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40EB550C-F85C-3CC8-4980-5E6D49685E4E}" = Catalyst Control Center Localization All
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{453D2EB7-88DF-785B-BD11-33E2E7D6701E}" = CCC Help English
"{48CD5A9E-E548-77D4-EE90-87BA8DBEA307}" = CCC Help German
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BCBC4D0-1D88-462D-809E-506F34EA11C0}" = Catalyst Control Center - Branding
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{64EB0DCE-0C5D-5797-206E-4CC4F6B4FDCD}" = CCC Help Spanish
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74BE9B9A-FB50-945C-6896-91641BADB80B}" = Catalyst Control Center Graphics Light
"{7702DD63-2DF5-5C10-E0C3-DC02E4A3C4BB}" = CCC Help Russian
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A68D041-864A-D7AB-9E8E-0F9ACAFD7BBF}" = Catalyst Control Center Core Implementation
"{7E70DF41-FF74-7C1D-569C-C3DF957E1C42}" = Catalyst Control Center Graphics Full Existing
"{844D0426-F118-A428-9D70-C455422AB1B3}" = Catalyst Control Center Graphics Full New
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{902E5483-8232-5C68-019E-023E90487ED1}" = CCC Help Turkish
"{9344B896-CFC5-1211-130A-27E33E7ECA3C}" = CCC Help Chinese Traditional
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FB084CE-9F77-3B02-0DC1-DDC2C61BEF6A}" = CCC Help Norwegian
"{A26E29A7-6FE5-85B1-7CD0-2A5DBA10D2A1}" = ccc-core-static
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Nederlands
"{AFED9C63-AA8A-BD09-800E-EEFEC7648EAF}" = CCC Help Dutch
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B5F04FC0-EF1E-8FFE-9A2E-9CCC1BAD96B0}" = CCC Help Czech
"{B85BA192-2879-4E8A-C9DD-6FCB1E68E2E9}" = Catalyst Control Center Graphics Previews Vista
"{C3538BF4-735B-45F3-B09E-C541A007E4E8}" = Photo Common
"{CA1A1DDB-DD25-5860-28A9-ED4C6F848FCB}" = CCC Help Hungarian
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{CF579FD9-470E-BFDC-FFD6-68D7B70EC022}" = CCC Help Portuguese
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D4C4A7F3-D364-F624-479E-D787B05D99A5}" = Catalyst Control Center InstallProxy
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{DA492B5A-CB88-4C6C-8E0E-65399151A318}" = CCC Help Polish
"{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}" = Movie Maker
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1790A1A-90A2-402A-30CF-7AA5D4FF5940}" = CCC Help Chinese Standard
"{E4FD6328-1E51-91B2-27B8-E4EA3C7D2135}" = CCC Help Italian
"{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}" = Alcor Micro USB Card Reader
"{E789C634-D0DE-67F7-147B-786AEEFC5A88}" = CCC Help Finnish
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4DEB840-B638-4BCE-AC6B-057EF31E0012}" = Photo Gallery
"{FC8A5587-CCD0-680C-0936-A607FE906AAF}" = CCC Help Swedish
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Any Video Converter_is1" = Any Video Converter 5.5.9
"Avast" = avast! Free Antivirus
"FileASSASSIN" = FileASSASSIN
"InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}" = Alcor Micro USB Card Reader
"LManager" = Launch Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versie 2.0.1.1004
"Mozilla Firefox 29.0 (x86 nl)" = Mozilla Firefox 29.0 (x86 nl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 21.0.1432.57" = Opera Stable 21.0.1432.57
"WinLiveSuite" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 7-5-2014 22:12:47 | Computer Name = JAHIER-PC | Source = Windows Search Service | ID = 3058
Description =
 
Error - 7-5-2014 22:12:47 | Computer Name = JAHIER-PC | Source = Windows Search Service | ID = 7010
Description =
 
Error - 7-5-2014 22:17:13 | Computer Name = JAHIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = De service Cryptografische services is mislukt tijdens het verwerken
 van aanroep OnIdentity() op het object System Writer.  Details: AddCoreCsiFiles :
RtlConvertNtFilePathToWin32Path() failed.  System Error: 0xC0000039 (unresolvable).
 
Error - 7-5-2014 22:20:33 | Computer Name = JAHIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = De service Cryptografische services is mislukt tijdens het verwerken
 van aanroep OnIdentity() op het object System Writer.  Details: AddCoreCsiFiles :
RtlConvertNtFilePathToWin32Path() failed.  System Error: 0xC0000039 (unresolvable).
 
Error - 7-5-2014 22:20:34 | Computer Name = JAHIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = De service Cryptografische services is mislukt tijdens het verwerken
 van aanroep OnIdentity() op het object System Writer.  Details: AddCoreCsiFiles :
RtlConvertNtFilePathToWin32Path() failed.  System Error: 0xC0000039 (unresolvable).
 
Error - 7-5-2014 22:23:48 | Computer Name = JAHIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = De service Cryptografische services is mislukt tijdens het verwerken
 van aanroep OnIdentity() op het object System Writer.  Details: AddCoreCsiFiles :
RtlConvertNtFilePathToWin32Path() failed.  System Error: 0xC0000039 (unresolvable).
 
Error - 7-5-2014 22:23:50 | Computer Name = JAHIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = De service Cryptografische services is mislukt tijdens het verwerken
 van aanroep OnIdentity() op het object System Writer.  Details: AddCoreCsiFiles :
RtlConvertNtFilePathToWin32Path() failed.  System Error: 0xC0000039 (unresolvable).
 
Error - 7-5-2014 22:29:41 | Computer Name = JAHIER-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 7-5-2014 23:27:27 | Computer Name = JAHIER-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: firefox.exe, versie: 29.0.0.5224, tijdstempel:
 0x5356318a  Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode:
 0xc0000005  Foutoffset: 0x71b003e6  Id van proces met fout: 0xbe4  Starttijd van toepassing
 met fout: 0x01cf6a6d69dc19e7  Pad naar toepassing met fout: C:\Program Files (x86)\Mozilla
 Firefox\firefox.exe  Pad naar module met fout: unknown  Rapport-id: ad421715-d660-11e3-810a-c80aa95e58b7
 
Error - 8-5-2014 11:46:46 | Computer Name = JAHIER-PC | Source = Microsoft-Windows-CAPI2 | ID = 500
Description = De service Cryptografische services is mislukt tijdens het verwerken
 van aanroep OnIdentity() op het object System Writer.  Details: AddCoreCsiFiles :
RtlConvertNtFilePathToWin32Path() failed.  System Error: 0xC0000039 (unresolvable).
 
 
< End of report >
 



#13 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:04 AM

Posted 08 May 2014 - 11:39 AM

Please post the ComboFix Log, it should be located here: C:\combofix.txt

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#14 southnu

southnu
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:08:04 AM

Posted 08 May 2014 - 12:19 PM

ComboFix 14-05-07.03 - JAHIER 08-05-2014  18:52:06.3.4 - x64
Microsoft Windows 7 Ultimate    [GMT 2:00]
Gestart vanuit: c:\users\JAHIER\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated*
FW: COMODO Firewall *Disabled*
SP: avast! Antivirus *Disabled/Updated*
SP: COMODO Antivirus *Disabled/Outdated*
SP: Windows Defender *Enabled/Updated*
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2014-04-08 to 2014-05-08  ))))))))))))))))))))))))))))))
.
.
2014-05-08 17:02 . 2014-05-08 17:02    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-05-08 02:22 . 2014-05-08 13:06    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-05-08 02:22 . 2014-04-03 07:51    63192    ----a-w-    c:\windows\system32\drivers\mwac.sys
2014-05-08 02:22 . 2014-04-03 07:50    25816    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-05-08 02:22 . 2014-05-08 02:22    --------    d-----w-    c:\program files (x86)\Malwarebytes Anti-Malware
2014-05-08 02:21 . 2014-05-08 02:21    --------    d-----w-    c:\program files (x86)\Malwarebytes Anti-Exploit
2014-05-08 02:18 . 2014-05-08 02:18    43152    ----a-w-    c:\windows\avastSS.scr
2014-05-08 02:17 . 2014-05-08 02:17    --------    d-----w-    c:\program files\AVAST Software
2014-05-08 01:53 . 2014-05-08 03:55    75888    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{641E3EB4-C974-43CD-9567-6A3CF5DB3982}\offreg.dll
2014-05-07 09:23 . 2014-05-07 09:23    --------    d-----w-    c:\programdata\Licenses
2014-05-07 09:22 . 2014-05-07 09:22    --------    d-----w-    c:\programdata\Simply Super Software
2014-05-07 08:49 . 2014-05-07 09:06    --------    d-----w-    c:\programdata\HitmanPro
2014-05-07 07:16 . 2014-05-07 07:16    --------    d-----w-    c:\program files (x86)\Opera
2014-05-07 06:47 . 2013-11-01 09:12    810496    ----a-w-    c:\windows\SysWow64\xvidcore.dll
2014-05-07 06:47 . 2013-11-01 09:12    183808    ----a-w-    c:\windows\SysWow64\xvidvfw.dll
2014-05-07 06:47 . 2013-11-01 09:12    112640    ----a-w-    c:\windows\SysWow64\ff_vfw.dll
2014-05-07 06:46 . 2014-05-08 12:36    --------    d-----w-    c:\program files (x86)\SplitCam
2014-05-07 03:31 . 2014-05-07 03:31    --------    d-sh--w-    c:\windows\SysWow64\AI_RecycleBin
2014-05-07 03:29 . 2014-05-07 03:30    --------    d-----w-    c:\programdata\NCH Software
2014-05-07 03:28 . 2014-05-07 03:57    --------    d-----w-    c:\program files (x86)\NCH Software
2014-05-07 02:36 . 2012-10-11 03:08    44928    ----a-w-    c:\windows\system32\drivers\mcvidrv_x64.sys
2014-05-06 20:18 . 2014-04-17 03:31    10651704    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{641E3EB4-C974-43CD-9567-6A3CF5DB3982}\mpengine.dll
2014-05-06 20:17 . 2013-04-09 23:34    1247744    ----a-w-    c:\windows\SysWow64\DWrite.dll
2014-05-06 20:17 . 2013-04-02 22:51    1643520    ----a-w-    c:\windows\system32\DWrite.dll
2014-05-02 20:39 . 2014-05-02 20:39    --------    d-----w-    c:\program files (x86)\AnvSoft
2014-05-02 19:27 . 2014-04-29 14:01    23547904    ----a-w-    c:\windows\system32\mshtml.dll
2014-05-02 19:27 . 2014-04-29 13:40    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2014-05-02 19:27 . 2014-04-29 12:34    2724864    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2014-05-01 20:52 . 2014-05-01 20:52    --------    d-----w-    c:\programdata\unzip
2014-05-01 14:34 . 2014-05-01 14:34    --------    d-----w-    c:\windows\nl
2014-05-01 14:33 . 2014-05-01 14:33    --------    d-----w-    c:\program files (x86)\Microsoft SQL Server Compact Edition
2014-05-01 14:32 . 2014-05-01 14:33    --------    d-----w-    c:\program files (x86)\Windows Live
2014-05-01 14:26 . 2014-05-01 14:26    --------    d-----w-    c:\program files (x86)\Common Files\Windows Live
2014-05-01 13:57 . 2014-05-01 13:57    --------    d-----w-    c:\programdata\Geevs
2014-05-01 13:56 . 2014-05-01 14:25    --------    d-----w-    c:\program files\Lightworks
2014-04-30 18:16 . 2014-05-08 13:38    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-04-30 18:15 . 2014-05-08 16:14    119512    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-30 18:04 . 2014-04-30 18:15    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2014-04-30 17:54 . 2014-05-08 03:25    --------    d-----w-    c:\programdata\boost_interprocess
2014-04-29 23:52 . 2014-04-29 23:52    --------    d-----w-    c:\programdata\VS Revo Group
2014-04-29 23:13 . 2014-04-29 23:13    --------    d-s---w-    c:\windows\system32\CompatTel
2014-04-29 22:49 . 2014-04-14 02:24    465408    ----a-w-    c:\windows\system32\aepdu.dll
2014-04-29 22:49 . 2014-04-14 02:19    424448    ----a-w-    c:\windows\system32\aeinv.dll
2014-04-28 17:22 . 2014-04-28 17:22    --------    d-----w-    c:\program files\CCleaner
2014-04-28 16:07 . 2014-04-28 16:07    --------    d-----w-    c:\program files\Microsoft.NET
2014-04-27 01:02 . 2014-04-27 01:02    --------    d-----w-    c:\users\Default\AppData\Local\Microsoft Help
2014-04-25 00:35 . 2014-04-25 00:35    --------    dc----w-    c:\windows\system32\DRVSTORE
2014-04-25 00:35 . 2012-08-21 11:01    33240    ----a-w-    c:\windows\system32\drivers\GEARAspiWDM.sys
2014-04-25 00:33 . 2014-04-25 00:33    --------    d-----w-    c:\program files\iPod
2014-04-25 00:33 . 2014-04-25 00:34    --------    d-----w-    c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-25 00:33 . 2014-04-25 00:34    --------    d-----w-    c:\program files\iTunes
2014-04-25 00:33 . 2014-04-25 00:34    --------    d-----w-    c:\program files (x86)\iTunes
2014-04-25 00:33 . 2014-04-25 00:33    --------    d-----w-    c:\programdata\Apple Computer
2014-04-25 00:32 . 2014-04-25 00:32    --------    d-----w-    c:\program files (x86)\Apple Software Update
2014-04-25 00:32 . 2014-04-25 00:32    --------    d-----w-    c:\program files\Common Files\Apple
2014-04-25 00:32 . 2014-04-25 00:32    --------    d-----w-    c:\program files\Bonjour
2014-04-25 00:32 . 2014-04-25 00:32    --------    d-----w-    c:\program files (x86)\Bonjour
2014-04-25 00:31 . 2014-04-25 00:33    --------    d-----w-    c:\program files (x86)\Common Files\Apple
2014-04-25 00:31 . 2014-04-25 00:32    --------    d-----w-    c:\programdata\Apple
2014-04-25 00:29 . 2014-04-25 00:29    --------    d-----w-    c:\program files\Microsoft Silverlight
2014-04-25 00:29 . 2014-04-25 00:29    --------    d-----w-    c:\program files (x86)\Microsoft Silverlight
2014-04-22 21:43 . 2009-02-24 16:35    255552    ----a-w-    c:\windows\system32\drivers\mcdbus.sys
2014-04-22 21:07 . 2014-04-22 21:07    --------    d-----w-    c:\program files\7-Zip
2014-04-22 20:51 . 2008-03-05 14:04    489480    ----a-w-    c:\windows\system32\XAudio2_0.dll
2014-04-22 20:50 . 2006-03-31 10:40    352464    ----a-w-    c:\windows\system32\xactengine2_1.dll
2014-04-22 19:40 . 2014-04-22 19:40    386680    ----a-w-    c:\windows\system32\drivers\sptd.sys
2014-04-22 18:51 . 2014-04-22 18:51    --------    d-----w-    c:\windows\ERUNT
2014-04-22 18:16 . 2014-04-29 16:16    --------    d-----w-    c:\program files (x86)\SlimCleaner
2014-04-22 18:09 . 2014-04-22 18:09    --------    d-----w-    c:\windows\system32\appmgmt
2014-04-22 17:42 . 2014-04-22 18:09    --------    d-----w-    c:\program files (x86)\SlimComputer
2014-04-22 17:27 . 2014-04-22 17:27    --------    d-----w-    c:\program files (x86)\FileASSASSIN
2014-04-22 16:52 . 2014-04-22 16:52    --------    d-----w-    c:\programdata\Bohemia Interactive
2014-04-22 16:39 . 2009-09-04 15:44    69464    ----a-w-    c:\windows\SysWow64\XAPOFX1_3.dll
2014-04-22 16:39 . 2009-09-04 15:44    515416    ----a-w-    c:\windows\SysWow64\XAudio2_5.dll
2014-04-22 16:39 . 2009-03-09 13:27    453456    ----a-w-    c:\windows\SysWow64\d3dx10_41.dll
2014-04-22 16:39 . 2009-03-09 13:27    1846632    ----a-w-    c:\windows\SysWow64\D3DCompiler_41.dll
2014-04-22 16:39 . 2009-03-09 13:27    4178264    ----a-w-    c:\windows\SysWow64\D3DX9_41.dll
2014-04-22 16:39 . 2009-03-16 12:18    22360    ----a-w-    c:\windows\SysWow64\X3DAudio1_6.dll
2014-04-22 16:39 . 2007-04-04 16:53    81768    ----a-w-    c:\windows\SysWow64\xinput1_3.dll
2014-04-22 01:35 . 2014-04-22 01:35    --------    d-----w-    c:\program files (x86)\Common Files\Adobe
2014-04-22 01:34 . 2014-04-22 01:34    --------    d-----w-    c:\programdata\Oracle
2014-04-22 01:34 . 2014-04-22 01:34    --------    d-----w-    c:\windows\SysWow64\Adobe
2014-04-22 01:33 . 2014-04-22 01:33    --------    d-----w-    c:\program files (x86)\Common Files\Java
2014-04-22 01:33 . 2014-04-22 01:33    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-22 01:33 . 2014-04-22 01:33    --------    d-----w-    c:\program files (x86)\Java
2014-04-22 01:32 . 2014-05-07 05:28    70832    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-22 01:32 . 2014-05-07 05:28    692400    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-22 01:32 . 2014-04-22 01:32    --------    d-----w-    c:\windows\SysWow64\Macromed
2014-04-22 01:32 . 2014-04-22 01:32    --------    d-----w-    c:\windows\system32\Macromed
2014-04-22 01:08 . 2014-04-22 01:08    --------    d-----w-    c:\program files (x86)\Microsoft Visual Studio 8
2014-04-22 00:37 . 2014-04-22 00:38    --------    d-----w-    c:\programdata\Microsoft Toolkit
2014-04-22 00:30 . 2014-04-22 00:30    --------    d-----w-    c:\program files\Common Files\DESIGNER
2014-04-22 00:30 . 2014-04-22 00:30    --------    d-----w-    c:\program files (x86)\Microsoft SQL Server
2014-04-22 00:30 . 2014-04-22 00:30    --------    d-----w-    c:\programdata\regid.1991-06.com.microsoft
2014-04-22 00:29 . 2014-04-22 00:30    --------    d-----w-    c:\program files\Microsoft SQL Server
2014-04-22 00:29 . 2014-04-22 00:29    --------    d-----w-    c:\windows\PCHEALTH
2014-04-22 00:27 . 2014-04-22 00:27    --------    d-----w-    c:\program files\Microsoft Analysis Services
2014-04-22 00:27 . 2014-04-22 00:27    --------    d-----w-    c:\program files (x86)\Microsoft Analysis Services
2014-04-22 00:26 . 2014-04-28 16:17    --------    d-----w-    c:\programdata\Microsoft Help
2014-04-21 23:01 . 2014-04-30 18:15    --------    d-----w-    c:\programdata\Malwarebytes
2014-04-21 23:01 . 2011-06-10 22:58    773968    ----a-w-    c:\windows\SysWow64\msvcr100.dll
2014-04-21 23:01 . 2011-06-10 22:58    421200    ----a-w-    c:\windows\SysWow64\msvcp100.dll
2014-04-21 23:01 . 2011-06-10 22:15    829264    ----a-w-    c:\windows\system32\msvcr100.dll
2014-04-21 23:01 . 2011-06-10 22:15    608080    ----a-w-    c:\windows\system32\msvcp100.dll
2014-04-21 22:48 . 2014-01-09 02:22    5694464    ----a-w-    c:\windows\SysWow64\mstscax.dll
2014-04-21 22:48 . 2014-01-03 22:44    6574592    ----a-w-    c:\windows\system32\mstscax.dll
2014-04-21 22:22 . 2014-04-21 22:23    --------    d-----w-    c:\program files (x86)\Bluetooth Suite
2014-04-21 22:19 . 2014-03-08 02:34    809680    ----a-w-    c:\program files\Internet Explorer\iexplore.exe
2014-04-21 22:19 . 2014-03-08 01:59    811728    ----a-w-    c:\program files (x86)\Internet Explorer\iexplore.exe
2014-04-21 22:19 . 2014-03-06 06:22    2260480    ----a-w-    c:\windows\system32\wininet.dll
2014-04-21 22:19 . 2014-03-06 05:58    1400832    ----a-w-    c:\windows\system32\urlmon.dll
2014-04-21 22:19 . 2014-03-06 07:11    2043904    ----a-w-    c:\windows\system32\inetcpl.cpl
2014-04-21 22:19 . 2014-03-06 06:40    1967104    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2014-04-21 22:19 . 2014-03-06 06:53    13551104    ----a-w-    c:\windows\system32\ieframe.dll
2014-04-21 22:19 . 2014-03-06 08:11    5784064    ----a-w-    c:\windows\system32\jscript9.dll
2014-04-21 22:19 . 2014-03-06 07:46    4254720    ----a-w-    c:\windows\SysWow64\jscript9.dll
2014-04-21 22:16 . 2014-04-21 22:16    --------    d-----w-    c:\programdata\ATI
2014-04-21 21:58 . 2014-04-21 21:58    0    ----a-w-    c:\windows\ativpsrm.bin
2014-04-21 21:57 . 2014-04-21 21:57    --------    d-----w-    c:\program files (x86)\ATI Technologies
2014-04-21 21:52 . 2014-04-21 21:59    --------    d-----w-    c:\program files\ATI Technologies
2014-04-21 21:52 . 2014-04-21 21:52    --------    d-----w-    c:\program files\ATI
2014-04-21 21:49 . 2014-04-21 21:49    --------    d-----w-    c:\program files\Synaptics
2014-04-21 21:47 . 2014-04-21 21:47    --------    d-----w-    c:\windows\SysWow64\Atheros_L1e
2014-04-21 21:46 . 2014-04-21 21:46    --------    d-----w-    c:\program files (x86)\Launch Manager
2014-04-21 21:44 . 2014-04-21 21:44    --------    d-----w-    c:\programdata\OEM
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-02 19:32 . 2012-07-17 12:37    23264    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-03-31 19:34 . 2014-03-31 19:34    322248    ----a-w-    c:\windows\WLXPGSS.SCR
2014-03-31 07:35 . 2010-11-21 03:27    270496    ------w-    c:\windows\system32\MpSigStub.exe
2014-03-25 18:22 . 2014-03-25 18:22    43216    ----a-w-    c:\windows\system32\cmdcsr.dll
2014-03-25 18:22 . 2014-03-25 18:22    363504    ----a-w-    c:\windows\SysWow64\guard32.dll
2014-03-25 18:22 . 2014-03-25 18:22    453680    ----a-w-    c:\windows\system32\guard64.dll
2014-03-25 18:22 . 2014-03-25 18:22    45784    ----a-w-    c:\windows\system32\cmdkbd64.dll
2014-03-25 18:22 . 2014-03-25 18:22    352984    ----a-w-    c:\windows\system32\cmdvrt64.dll
2014-03-25 18:22 . 2014-03-25 18:22    284888    ----a-w-    c:\windows\SysWow64\cmdvrt32.dll
2014-03-25 18:22 . 2014-03-25 18:22    40664    ----a-w-    c:\windows\SysWow64\cmdkbd32.dll
2014-03-04 09:17 . 2014-04-20 15:42    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-03-12 18:13    1728216    ----a-w-    c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-03-12 18:13    1728216    ----a-w-    c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-03-12 18:13    1728216    ----a-w-    c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-12-23 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-02-25 1289296]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-08 3873704]
"Malwarebytes Anti-Exploit"="c:\program files (x86)\Malwarebytes Anti-Exploit\mbae.exe" [2014-04-10 1300792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 scvad_simple;SplitCam Virtual Microphone (WDM);c:\windows\system32\drivers\SplitCamAudio.sys;c:\windows\SYSNATIVE\drivers\SplitCamAudio.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MbaeSvc;Malwarebytes Anti-Exploit Service;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 splitcam_hd_driver;SplitCam Virtual Video Driver;c:\windows\system32\DRIVERS\splitcam_hd_driver.sys;c:\windows\SYSNATIVE\DRIVERS\splitcam_hd_driver.sys [x]
S4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBACCESSCONTROL
*Deregistered* - MBAMWebAccessControl
.
Inhoud van de 'Gedeelde Taken' map
.
2014-05-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-22 05:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-03-12 18:10    2333400    ----a-w-    d:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-03-12 18:10    2333400    ----a-w-    d:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-03-12 18:10    2333400    ----a-w-    d:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-08 02:18    290888    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-22 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-22 877600]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-02-05 324608]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-05 860192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-22 410136]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2014-03-25 1275608]
.
------- Bijkomende Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xport to Microsoft Excel - d:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - d:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer =
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\JAHIER\AppData\Roaming\Mozilla\Firefox\Profiles\yymagv8w.default\
.
- - - - ORPHANS VERWIJDERD - - - -
.
SafeBoot-71952352.sys
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Voltooingstijd: 2014-05-08  19:07:39
ComboFix-quarantined-files.txt  2014-05-08 17:07
.
Pre-Run: 274.364.968.960 bytes beschikbaar
Post-Run: 273.947.598.848 bytes beschikbaar
.
- - End Of File - - 69FE6745FE16F69F0475F056F7DA1E48
 



#15 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,032 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:04 AM

Posted 08 May 2014 - 12:39 PM

Hey,
Logs look pretty good.

Step 1: OTL Fix
  • Run OTL (If you have Windows Vista / Windows 7 / Windows 8 please do a Right click on the OTL icon and select Run as Administrator).
  • Copy (Ctrl+C) and Paste (Ctrl+V) all of the following text into the Custom Scans/Fixes box:


    :Commands
    [CREATERESTOREPOINT]
    
    :OTL
    FF - user.js - File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-418532852-178646354-63402781-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    [2014-04-30 19:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
    
    :Commands
    [EMPTYTEMP]
    
  • Click the Run Fix button.
  • After your computer has rebooted, post the Fixlog into your next reply.
Step 2: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: OTL QuickScan
  • Run OTL by double-clicking on it. (If you have Windows Vista / Windows 7 / Windows 8 please do a Right click on OTL.exe and select Run as Administrator)
  • Click Quick Scan to start OTL.
  • When OTL finishes scanning, a logs, OTL.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 5: Question

How is your PC running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users