Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

yahoo searchengine keeps popping up


  • This topic is locked This topic is locked
11 replies to this topic

#1 maytekid

maytekid

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 08 September 2015 - 03:08 PM

the search engine of google is being pushed away by the yahoo search engine, after using several malware programs that have detected them but didnt remove them, it is still on the computer, pushing google search engine away.. 

 

 Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie:07-09-2015

Gestart door bianca (Beheerder) op BIANCA (08-09-2015 22:01:00)
Gestart vanaf C:\Users\bianca\Downloads
Geladen Profielen: bianca (Beschikbare Profielen: bianca)
Platform: Windows 8 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 10 (Standaardbrowser: Chrome)
Boot Modus: Normal
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Crawler.com) C:\Program Files (x86)\CStart8\CStart8Tray64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Register (gefilterd) ===========================
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2874256 2012-12-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1603544 2015-06-30] (Bitdefender)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [CStart8] => C:\PROGRAM FILES (X86)\CSTART8\CStart8Tray64.exe [3135816 2015-06-29] (Crawler.com)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2317824354-2218965584-1394745157-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-06-18] (Bitdefender)
HKU\S-1-5-21-2317824354-2218965584-1394745157-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2317824354-2218965584-1394745157-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-2317824354-2218965584-1394745157-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
 
Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B0679B1F-884A-4D4C-94DB-EC7DE85AA68D}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C9D55447-2CB8-4A93-8AED-364F3EABCF8B}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2317824354-2218965584-1394745157-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {6B7A0EBD-CD66-404E-BA7C-89193A7DB841} URL = 
SearchScopes: HKU\S-1-5-21-2317824354-2218965584-1394745157-1001 -> DefaultScope {6B7A0EBD-CD66-404E-BA7C-89193A7DB841} URL = 
SearchScopes: HKU\S-1-5-21-2317824354-2218965584-1394745157-1001 -> OldSearch URL = 
SearchScopes: HKU\S-1-5-21-2317824354-2218965584-1394745157-1001 -> {3831D7D6-B1C6-4345-A071-9E549B999EF9} URL = 
SearchScopes: HKU\S-1-5-21-2317824354-2218965584-1394745157-1001 -> {6B7A0EBD-CD66-404E-BA7C-89193A7DB841} URL = 
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-08-13] (Bitdefender)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL Geen bestand
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-08-13] (Bitdefender)
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL Geen bestand
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-08-13] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-08-13] (Bitdefender)
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-2317824354-2218965584-1394745157-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-12] ()
FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff [2015-09-02]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-09-02]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-09-02]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
 
Chrome: 
=======
CHR Profile: C:\Users\bianca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Cards Against Originality) - C:\Users\bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\akccmajgihkbpjdmkceiamgkkplachhk [2015-09-02]
CHR Extension: (Google Drive) - C:\Users\bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-02]
CHR Extension: (YouTube) - C:\Users\bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-02]
CHR Extension: (Adblock Plus) - C:\Users\bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-02]
CHR Extension: (Google Search) - C:\Users\bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-02]
CHR Extension: (Ghostery) - C:\Users\bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-09-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02]
CHR Extension: (SABconnect++) - C:\Users\bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod [2015-09-02]
CHR Extension: (Gmail) - C:\Users\bianca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-02]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
 
==================== Services (gefilterd) ========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-07-24] (Bitdefender)
S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-12-07] (ELAN Microelectronics Corp.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-26] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-11-10] (Dritek System INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2015-04-22] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1540744 2015-07-27] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-04-21] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros) [Bestand niet getekend]
S2 ST2012_Svc; "C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe" [X]
 
===================== Drivers (gefilterd) ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-05-29] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-12-15] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-05-21] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2013-04-21] (Broadcom Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-02-24] (BitDefender LLC)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-09-04] (REALiX™)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-09-04] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-11-10] (Dritek System Inc.)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1119232 2012-06-30] (Realtek Semiconductor Corporation                           )
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows ® Win 7 DDK provider)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35232 2013-04-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [230904 2013-04-21] (Microsoft Corporation)
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een Maand Aangemaakt bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2015-09-08 22:01 - 2015-09-08 22:01 - 00016261 _____ C:\Users\bianca\Downloads\FRST.txt
2015-09-08 22:00 - 2015-09-08 22:01 - 00000000 ____D C:\FRST
2015-09-08 21:59 - 2015-09-08 21:59 - 02190336 _____ (Farbar) C:\Users\bianca\Downloads\FRST64.exe
2015-09-08 21:28 - 2015-09-08 21:28 - 00000200 _____ C:\WINDOWS\wininit.ini
2015-09-08 21:17 - 2015-09-08 21:17 - 00000264 _____ C:\Users\bianca\Downloads\debug.log
2015-09-08 20:59 - 2015-09-08 20:59 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-08 20:57 - 2015-09-08 20:57 - 00000000 ____D C:\Users\bianca\Documents\ProcAlyzer Dumps
2015-09-08 20:54 - 2012-07-26 07:26 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20150908-205414.backup
2015-09-08 20:50 - 2015-09-08 20:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-09-08 20:48 - 2015-09-08 20:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-09-08 20:48 - 2015-09-08 20:48 - 00001367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-09-08 20:48 - 2015-09-08 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-09-08 20:48 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-09-08 20:47 - 2015-09-08 21:05 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-08 20:46 - 2015-09-08 20:47 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\bianca\Downloads\spybot-2.2.exe
2015-09-08 20:35 - 2015-09-08 20:35 - 47346280 _____ (Microsoft Corporation) C:\Users\bianca\Downloads\Windows-KB890830-x64-V5.28.exe
2015-09-08 20:35 - 2015-08-26 18:37 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-09-08 20:20 - 2015-09-08 21:49 - 00002346 _____ C:\WINDOWS\PFRO.log
2015-09-08 20:14 - 2015-09-08 21:25 - 00000000 ____D C:\Program Files\PeerBlock
2015-09-08 20:14 - 2015-09-08 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
2015-09-08 19:15 - 2015-09-08 19:15 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\bianca\Downloads\sh-remover (1).exe
2015-09-08 19:11 - 2015-09-08 19:11 - 00002788 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-09-08 19:11 - 2015-09-08 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-08 19:11 - 2015-09-08 19:11 - 00000000 ____D C:\Program Files\CCleaner
2015-09-08 19:10 - 2015-09-08 19:10 - 06667640 _____ (Piriform Ltd) C:\Users\bianca\Downloads\ccsetup509.exe
2015-09-08 18:42 - 2015-09-08 18:45 - 00000000 ____D C:\AdwCleaner
2015-09-08 18:42 - 2015-09-08 18:42 - 01654784 _____ C:\Users\bianca\Downloads\adwcleaner_5.006.exe
2015-09-08 18:39 - 2015-09-08 18:39 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-08 18:38 - 2015-09-08 18:39 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bianca\Downloads\revosetup.exe
2015-09-08 16:16 - 2015-09-08 21:49 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2015-09-08 16:16 - 2015-09-08 16:17 - 00000000 ____D C:\Users\bianca\AppData\Roaming\CStart8
2015-09-08 16:16 - 2015-09-08 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
2015-09-08 16:16 - 2015-09-08 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Start 8
2015-09-08 16:16 - 2015-09-08 16:16 - 00000000 ____D C:\Program Files (x86)\CStart8
2015-09-08 16:14 - 2015-09-08 16:15 - 09486824 _____ (Crawler Group ) C:\Users\bianca\Downloads\SpywareTerminatorSetup.exe
2015-09-08 16:00 - 2015-09-08 21:31 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-08 16:00 - 2015-09-08 16:00 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\bianca\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-08 16:00 - 2015-09-08 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-08 16:00 - 2015-09-08 16:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-08 16:00 - 2015-09-08 16:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-08 16:00 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-08 16:00 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-08 16:00 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-08 10:43 - 2015-09-08 10:43 - 00000371 _____ C:\Users\bianca\Desktop\Configuratiescherm - Snelkoppeling.lnk
2015-09-08 09:14 - 2015-09-08 09:14 - 00000000 _____ C:\autoexec.bat
2015-09-08 09:13 - 2015-09-08 09:13 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\bianca\Downloads\sh-remover.exe
2015-09-08 08:12 - 2015-09-08 08:12 - 00000155 _____ C:\Users\bianca\Desktop\cavia geluiden.url
2015-09-07 15:03 - 2015-09-07 15:03 - 00000000 ____D C:\Users\bianca\AppData\Roaming\DVDVideoSoft
2015-09-07 15:03 - 2015-09-07 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-09-07 15:03 - 2015-09-07 15:03 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-09-06 18:36 - 2015-09-06 18:36 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-09-06 18:35 - 2015-09-06 18:35 - 61440296 _____ (Ubisoft) C:\Users\bianca\Downloads\UplayInstaller.exe
2015-09-06 18:26 - 2015-09-06 21:09 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Might & Magic Heroes VI
2015-09-06 18:26 - 2015-09-06 18:49 - 00000000 ____D C:\Users\bianca\Documents\Might & Magic Heroes VI
2015-09-06 18:26 - 2015-09-06 18:38 - 00000000 ____D C:\Users\bianca\AppData\Local\Ubisoft Game Launcher
2015-09-06 18:25 - 2015-09-06 18:25 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-09-06 18:25 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-09-06 18:25 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-09-06 18:25 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-09-06 18:25 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-09-06 18:25 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-09-06 18:25 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-09-06 18:25 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-09-06 18:25 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-09-06 18:25 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-09-06 18:25 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-09-06 18:25 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-09-06 18:25 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-09-06 18:25 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-09-06 18:25 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-09-06 18:25 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-09-06 18:25 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-09-06 18:25 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-09-06 18:25 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-09-06 18:25 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-09-06 18:25 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-09-06 18:25 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-09-06 18:25 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-09-06 18:25 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-09-06 18:25 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-09-06 18:25 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-09-06 18:25 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-09-06 18:25 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-09-06 18:25 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-09-06 18:25 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-09-06 18:25 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-09-06 18:25 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2015-09-06 18:25 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-09-06 18:25 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-09-06 18:25 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-09-06 18:25 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-09-06 18:25 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-09-06 18:25 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-09-06 18:25 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-09-06 18:25 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-09-06 18:25 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-09-06 18:25 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-09-06 18:25 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-09-06 18:25 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2015-09-06 18:25 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-09-06 18:25 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2015-09-06 18:24 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-09-06 18:24 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-09-06 18:24 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-09-06 18:24 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-09-06 18:24 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-09-06 18:24 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-09-06 18:24 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-09-06 18:24 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-09-06 18:24 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-09-06 18:24 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-09-06 18:24 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-09-06 18:24 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-09-06 18:24 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-09-06 18:24 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-09-06 18:24 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-09-06 18:24 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-09-06 18:24 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-09-06 18:24 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-09-06 18:24 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-09-06 18:24 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-09-06 18:24 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-09-06 18:24 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-09-06 18:24 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-09-06 18:24 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-09-06 18:24 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-09-06 18:24 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-09-06 18:24 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-09-06 18:24 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-09-06 18:24 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-09-06 18:24 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-09-06 18:24 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-09-06 18:24 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-09-06 18:24 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-09-06 18:24 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-09-06 18:24 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-09-06 18:24 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-09-06 18:24 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-09-06 18:24 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2015-09-06 18:24 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-09-06 18:24 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-09-06 18:24 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-09-06 18:24 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-09-06 18:24 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-09-06 18:24 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-09-06 18:24 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-09-06 18:24 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-09-06 18:24 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-09-06 18:24 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-09-06 18:24 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-09-06 18:24 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-09-06 18:24 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-09-06 18:24 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-09-06 18:24 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-09-06 18:24 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-09-06 18:24 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-09-06 18:24 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-09-06 18:24 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-09-06 18:24 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-09-06 18:24 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-09-06 18:24 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-09-06 18:24 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-09-06 18:24 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-09-06 18:24 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-09-06 18:24 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-09-06 18:24 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-09-06 18:24 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-09-06 18:24 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-09-06 18:24 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-09-06 18:24 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-09-06 18:24 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-09-06 18:24 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-09-06 18:24 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-09-06 18:24 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-09-06 18:24 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-09-06 18:24 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-09-06 18:24 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-09-06 18:24 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-09-06 18:24 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-09-06 18:24 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-09-06 18:24 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-09-06 18:24 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-09-06 18:24 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-09-06 18:24 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-09-06 18:24 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-09-06 18:24 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-09-06 18:24 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-09-06 18:24 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-09-06 18:24 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-09-06 18:24 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-09-06 18:24 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-09-06 18:24 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-09-06 18:24 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-09-06 18:24 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-09-06 18:24 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-09-06 18:24 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-09-06 18:24 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-09-06 18:24 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-09-06 18:24 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-09-06 18:24 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-09-06 18:24 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-09-06 18:24 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-09-06 18:24 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-09-06 18:24 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-09-06 18:24 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-09-06 18:24 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-09-06 18:24 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-09-06 18:24 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-09-06 18:24 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-09-06 18:23 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-09-06 18:23 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-09-06 18:23 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-09-06 18:23 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-09-06 18:23 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-09-06 18:23 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-09-06 18:23 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-09-06 18:23 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-09-06 18:23 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-09-06 18:23 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-09-06 18:23 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-09-06 18:23 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-09-06 18:23 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-09-06 18:23 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-09-06 18:23 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-09-06 18:23 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-09-06 18:23 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-09-06 18:23 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-09-06 18:23 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-09-06 18:23 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-09-06 18:23 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-09-06 18:23 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-09-06 18:23 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-09-06 18:23 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-09-06 17:34 - 2015-09-06 17:42 - 00000000 ____D C:\Users\bianca\AppData\Roaming\com.infinite-interactive.GoW
2015-09-06 16:00 - 2015-09-06 16:08 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-05 10:41 - 2015-09-05 10:41 - 00000000 ____D C:\ProgramData\Zylom
2015-09-04 19:51 - 2015-09-06 23:26 - 00080896 ___SH C:\Users\bianca\Desktop\Thumbs.db
2015-09-04 18:37 - 2015-09-04 18:37 - 00000000 ____D C:\WINDOWS\LastGood
2015-09-04 18:33 - 2015-09-04 18:33 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-04 18:32 - 2015-09-04 18:32 - 24283136 _____ C:\WINDOWS\system32\igdfcl64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 19587072 _____ C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 09999872 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 09549312 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 08663552 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 07864832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 07570928 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-09-04 18:32 - 2015-09-04 18:32 - 07052288 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 05475840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 04441856 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-09-04 18:32 - 2015-09-04 18:32 - 04370944 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 04060160 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 03411968 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-09-04 18:32 - 2015-09-04 18:32 - 02384896 _____ C:\WINDOWS\system32\GfxRes.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 02064896 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 01814016 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 01693696 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 01568768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00861184 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00856576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00753136 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIHotKeyMenu.exe
2015-09-04 18:32 - 2015-09-04 18:32 - 00534000 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-09-04 18:32 - 2015-09-04 18:32 - 00529904 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2015-09-04 18:32 - 2015-09-04 18:32 - 00444928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00444928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00444416 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00444400 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2015-09-04 18:32 - 2015-09-04 18:32 - 00443904 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00443904 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00443904 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00443904 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00443904 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00443392 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00443392 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00442880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00442880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00442880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00442880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00442880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00442368 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00442368 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00441856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00441856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00441856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00441344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00441344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00435200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00433664 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00431616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00431104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00407536 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2015-09-04 18:32 - 2015-09-04 18:32 - 00398832 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-09-04 18:32 - 2015-09-04 18:32 - 00354304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00345600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00322560 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00288768 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2015-09-04 18:32 - 2015-09-04 18:32 - 00287232 _____ C:\WINDOWS\system32\igdde64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00279040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00279024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-09-04 18:32 - 2015-09-04 18:32 - 00258834 _____ C:\WINDOWS\system32\Gfxres.th-TH.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00258560 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00251888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-09-04 18:32 - 2015-09-04 18:32 - 00244779 _____ C:\WINDOWS\system32\Gfxres.el-GR.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00241152 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00227714 _____ C:\WINDOWS\system32\Gfxres.ru-RU.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00216064 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00203264 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00194747 _____ C:\WINDOWS\system32\Gfxres.ar-SA.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00192148 _____ C:\WINDOWS\system32\Gfxres.ja-JP.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00192000 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00186669 _____ C:\WINDOWS\system32\Gfxres.he-IL.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00180224 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00175700 _____ C:\WINDOWS\system32\Gfxres.it-IT.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00175265 _____ C:\WINDOWS\system32\Gfxres.ko-KR.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00173284 _____ C:\WINDOWS\system32\Gfxres.es-ES.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00172960 _____ C:\WINDOWS\system32\Gfxres.fr-FR.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00172910 _____ C:\WINDOWS\system32\Gfxres.de-DE.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00171376 _____ C:\WINDOWS\system32\Gfxres.ro-RO.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00170690 _____ C:\WINDOWS\system32\Gfxres.tr-TR.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00170560 _____ C:\WINDOWS\system32\Gfxres.hu-HU.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00170077 _____ C:\WINDOWS\system32\Gfxres.pl-PL.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00169768 _____ C:\WINDOWS\system32\Gfxres.nl-NL.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00169249 _____ C:\WINDOWS\system32\Gfxres.pt-BR.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00168415 _____ C:\WINDOWS\system32\Gfxres.fi-FI.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00168126 _____ C:\WINDOWS\system32\Gfxres.sk-SK.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00167854 _____ C:\WINDOWS\system32\Gfxres.pt-PT.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00167848 _____ C:\WINDOWS\system32\Gfxres.sv-SE.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00167388 _____ C:\WINDOWS\system32\Gfxres.cs-CZ.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00166401 _____ C:\WINDOWS\system32\Gfxres.hr-HR.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00165872 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2015-09-04 18:32 - 2015-09-04 18:32 - 00163039 _____ C:\WINDOWS\system32\Gfxres.sl-SI.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00162081 _____ C:\WINDOWS\system32\Gfxres.nb-NO.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00161471 _____ C:\WINDOWS\system32\Gfxres.da-DK.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00156915 _____ C:\WINDOWS\system32\Gfxres.en-US.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00153072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-09-04 18:32 - 2015-09-04 18:32 - 00151040 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00150186 _____ C:\WINDOWS\system32\Gfxres.zh-TW.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00148487 _____ C:\WINDOWS\system32\Gfxres.zh-CN.resources
2015-09-04 18:32 - 2015-09-04 18:32 - 00143360 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00140288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00128000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00124928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2015-09-04 18:32 - 2015-09-04 18:32 - 00122368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00117760 _____ C:\WINDOWS\system32\igdail64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00103936 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00089600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3215.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-09-04 18:32 - 2015-09-04 18:32 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-09-04 18:32 - 2015-09-04 18:32 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-09-04 18:32 - 2015-09-04 18:32 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-09-04 18:32 - 2015-09-04 18:32 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-09-04 18:32 - 2015-09-04 18:32 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-09-04 18:32 - 2015-09-04 18:32 - 00025088 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00017622 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-09-04 18:32 - 2015-09-04 18:32 - 00012288 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2015-09-04 18:32 - 2015-09-04 18:32 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2015-09-04 18:31 - 2015-09-04 18:31 - 00130248 _____ (Qualcomm Atheros Co., Ltd.) C:\WINDOWS\system32\Drivers\L1C63x64.sys
2015-09-04 18:30 - 2015-09-04 18:33 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-09-04 18:30 - 2015-09-04 18:30 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2015-09-04 18:30 - 2015-09-04 18:30 - 03973120 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw8x.sys
2015-09-04 18:30 - 2015-09-04 18:30 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-09-04 18:30 - 2015-09-04 18:30 - 00365272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys
2015-09-04 18:30 - 2015-09-04 18:30 - 00129312 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverx64.sys
2015-09-04 18:30 - 2015-09-04 18:30 - 00083160 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2015-09-04 18:30 - 2015-09-04 18:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-09-04 18:24 - 2015-09-08 21:52 - 00002872 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (bianca)
2015-09-04 18:24 - 2015-09-04 18:24 - 00026528 _____ (REALiX™) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2015-09-04 18:24 - 2015-09-04 18:24 - 00003230 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scan
2015-09-04 18:24 - 2015-09-04 18:24 - 00003174 _____ C:\WINDOWS\System32\Tasks\Driver Booster Update
2015-09-04 18:24 - 2015-09-04 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-09-04 18:23 - 2015-09-04 18:23 - 11792408 _____ (IObit ) C:\Users\bianca\Downloads\driver_booster_setup.exe
2015-09-03 18:32 - 2015-09-03 18:32 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Skip-Bo
2015-09-03 18:27 - 2015-09-03 18:27 - 00000000 ____D C:\Users\bianca\AppData\Roaming\8floor
2015-09-03 18:21 - 2015-09-03 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piraten Solitaire 2 DeLuxe
2015-09-03 17:49 - 2015-09-08 19:11 - 00000000 ____D C:\Users\bianca\AppData\Local\CrashDumps
2015-09-03 17:49 - 2015-09-03 18:24 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zylom Games
2015-09-03 17:49 - 2015-09-03 17:49 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Zylom
2015-09-03 17:45 - 2015-09-03 17:45 - 00000000 ____D C:\Users\bianca\AppData\Roaming\rokapublish
2015-09-03 16:41 - 2015-09-03 16:41 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-03 08:50 - 2015-09-03 08:50 - 09470040 _____ (IObit ) C:\Users\bianca\Downloads\sm8-setup.exe
2015-09-03 07:26 - 2015-09-03 07:26 - 00000000 _____ C:\Recovery.txt
2015-09-02 23:51 - 2015-09-07 15:01 - 00000000 ____D C:\Users\bianca\Desktop\SPELLEN
2015-09-02 23:50 - 2015-09-08 21:39 - 00000000 ____D C:\Users\bianca\Desktop\PROGRAMMAS
2015-09-02 23:49 - 2015-09-07 20:12 - 00000000 ____D C:\Users\bianca\AppData\Roaming\vlc
2015-09-02 23:47 - 2015-09-02 23:47 - 00001167 _____ C:\Users\bianca\Desktop\Documenten - Snelkoppeling.lnk
2015-09-02 23:47 - 2015-09-02 23:47 - 00001164 _____ C:\Users\bianca\Desktop\Afbeeldingen - Snelkoppeling.lnk
2015-09-02 23:47 - 2015-09-02 23:47 - 00001139 _____ C:\Users\bianca\Desktop\Muziek - Snelkoppeling.lnk
2015-09-02 23:47 - 2015-09-02 23:47 - 00000351 _____ C:\Users\bianca\Desktop\Computer - Snelkoppeling.lnk
2015-09-02 23:33 - 2015-09-02 23:33 - 00000000 ____D C:\Users\bianca\AppData\Roaming\ProductData
2015-09-02 23:32 - 2015-09-04 18:25 - 00000000 ____D C:\ProgramData\ProductData
2015-09-02 23:32 - 2015-09-04 18:24 - 00000000 ____D C:\ProgramData\IObit
2015-09-02 23:32 - 2015-09-04 18:24 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-02 23:32 - 2015-09-02 23:38 - 00000000 ____D C:\Users\bianca\AppData\Roaming\IObit
2015-09-02 23:28 - 2015-09-02 23:30 - 00000000 ____D C:\Users\bianca\AppData\Roaming\.minecraft
2015-09-02 23:28 - 2015-09-02 23:28 - 00000000 ____D C:\Users\bianca\AppData\Roaming\java
2015-09-02 23:27 - 2015-09-02 23:28 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-09-02 23:27 - 2015-09-02 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-09-02 23:23 - 2015-09-02 23:23 - 00000000 ____D C:\Users\bianca\AppData\Local\Steam
2015-09-02 23:23 - 2015-09-02 23:23 - 00000000 ____D C:\Users\bianca\AppData\Local\CEF
2015-09-02 23:17 - 2015-09-08 21:51 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-02 23:17 - 2015-09-02 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-02 23:16 - 2015-09-02 23:16 - 00000000 ____D C:\Users\bianca\AppData\Local\GHISLER
2015-09-02 23:15 - 2015-09-02 23:15 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-09-02 23:15 - 2015-09-02 23:15 - 00000000 ____D C:\Users\bianca\AppData\Roaming\GHISLER
2015-09-02 23:15 - 2015-09-02 23:15 - 00000000 ____D C:\totalcmd
2015-09-02 23:15 - 2015-09-02 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-09-02 23:15 - 2012-08-03 08:01 - 00000545 _____ C:\WINDOWS\UC.PIF
2015-09-02 23:15 - 2012-08-03 08:01 - 00000545 _____ C:\WINDOWS\RAR.PIF
2015-09-02 23:15 - 2012-08-03 08:01 - 00000545 _____ C:\WINDOWS\PKZIP.PIF
2015-09-02 23:15 - 2012-08-03 08:01 - 00000545 _____ C:\WINDOWS\PKUNZIP.PIF
2015-09-02 23:15 - 2012-08-03 08:01 - 00000545 _____ C:\WINDOWS\LHA.PIF
2015-09-02 23:15 - 2012-08-03 08:01 - 00000545 _____ C:\WINDOWS\ARJ.PIF
2015-09-02 23:14 - 2015-09-02 23:14 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-09-02 23:13 - 2015-09-02 23:13 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Macromedia
2015-09-02 23:07 - 2015-09-02 23:07 - 00000000 ____D C:\ProgramData\Symantec
2015-09-02 22:43 - 2015-09-02 22:43 - 00512520 _____ C:\ProgramData\1441226397.bdinstall.bin
2015-09-02 22:43 - 2015-09-02 22:43 - 00000385 _____ C:\Users\bianca\AppData\Roaminguser_gensett.xml
2015-09-02 22:42 - 2015-09-08 10:48 - 00000000 ____D C:\ProgramData\BDLogging
2015-09-02 22:42 - 2015-09-02 22:48 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Bitdefender
2015-09-02 22:42 - 2015-09-02 22:42 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2015-09-02 22:42 - 2015-09-02 22:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-09-02 22:42 - 2015-09-02 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-09-02 22:42 - 2015-05-29 09:50 - 01730304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-09-02 22:42 - 2015-05-29 09:50 - 00271272 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-09-02 22:42 - 2015-05-28 14:21 - 00747120 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2015-09-02 22:42 - 2015-05-28 13:37 - 01369288 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2015-09-02 22:42 - 2014-12-15 18:04 - 00098768 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\bdfndisf6.sys
2015-09-02 22:42 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2015-09-02 22:42 - 2013-07-30 18:41 - 00079192 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2015-09-02 22:42 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-09-02 22:40 - 2015-09-02 22:42 - 00000000 ____D C:\ProgramData\Bitdefender
2015-09-02 22:40 - 2015-09-02 22:40 - 00000000 ____D C:\Program Files\Bitdefender
2015-09-02 22:40 - 2015-02-24 17:52 - 00160544 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-09-02 22:40 - 2014-10-15 17:14 - 00452040 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-09-02 22:39 - 2015-09-02 22:39 - 00000000 ____D C:\Users\bianca\AppData\Roaming\QuickScan
2015-09-02 22:34 - 2015-09-02 22:40 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-09-02 22:32 - 2014-05-20 04:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-02 22:32 - 2014-05-20 01:45 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-02 22:32 - 2014-05-20 01:45 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-02 22:32 - 2014-05-20 01:24 - 03286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-02 22:32 - 2014-05-20 01:24 - 01623040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-02 22:32 - 2014-05-20 01:24 - 00773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-02 22:32 - 2014-05-20 01:24 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-02 22:32 - 2014-05-20 01:24 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-09-02 22:32 - 2014-05-20 01:24 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-02 22:32 - 2014-05-15 00:43 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-02 22:32 - 2014-05-15 00:43 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-02 22:32 - 2014-05-15 00:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-02 22:32 - 2014-05-15 00:42 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-02 22:32 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-09-02 22:32 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-09-02 22:32 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-09-02 22:24 - 2015-09-08 21:51 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-02 22:24 - 2015-09-08 21:34 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-02 22:24 - 2015-09-08 21:17 - 00000000 ____D C:\Users\bianca\AppData\Local\Google
2015-09-02 22:24 - 2015-09-02 22:29 - 00004050 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-02 22:24 - 2015-09-02 22:29 - 00003814 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-02 22:24 - 2015-09-02 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-02 22:24 - 2015-09-02 22:24 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-02 22:23 - 2015-09-02 22:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-09-02 22:22 - 2015-09-08 18:22 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2317824354-2218965584-1394745157-1001
2015-09-02 22:16 - 2015-09-02 22:16 - 00000877 _____ C:\Users\bianca\Desktop\Downloads.lnk
2015-09-02 22:16 - 2015-09-02 22:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-09-02 22:16 - 2015-09-02 22:16 - 00000000 ____D C:\ProgramData\OEM_YAHOO
2015-09-02 22:15 - 2015-09-07 14:59 - 00000000 ____D C:\Users\bianca\AppData\Local\VirtualStore
2015-09-02 22:15 - 2015-09-02 22:15 - 00001434 _____ C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-02 22:15 - 2015-09-02 22:15 - 00000000 ____D C:\Users\bianca\AppData\Roaming\lm
2015-09-02 22:15 - 2015-09-02 22:15 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Adobe
2015-09-02 22:14 - 2015-09-03 16:41 - 00000000 ____D C:\Users\bianca\AppData\Local\Packages
2015-09-02 22:13 - 2015-09-08 09:14 - 00000000 ____D C:\Users\bianca
2015-09-02 22:13 - 2015-09-02 22:13 - 00000020 ___SH C:\Users\bianca\ntuser.ini
2015-09-02 22:13 - 2015-09-02 22:13 - 00000000 _SHDL C:\Users\bianca\Sjablonen
2015-09-02 22:13 - 2015-09-02 22:13 - 00000000 _SHDL C:\Users\bianca\Netwerkprinteromgeving
2015-09-02 22:13 - 2015-09-02 22:13 - 00000000 _SHDL C:\Users\bianca\Mijn documenten
2015-09-02 22:13 - 2015-09-02 22:13 - 00000000 _SHDL C:\Users\bianca\Menu Start
2015-09-02 22:13 - 2015-09-02 22:13 - 00000000 _SHDL C:\Users\bianca\Documents\Mijn video's
2015-09-02 22:13 - 2015-09-02 22:13 - 00000000 _SHDL C:\Users\bianca\Documents\Mijn muziek
2015-09-02 22:13 - 2015-09-02 22:13 - 00000000 _SHDL C:\Users\bianca\Documents\Mijn afbeeldingen
2015-09-02 22:13 - 2015-09-02 22:13 - 00000000 _SHDL C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2015-09-02 22:13 - 2015-09-02 22:13 - 00000000 _SHDL C:\Users\bianca\AppData\Local\Geschiedenis
2015-09-02 22:13 - 2013-04-21 11:38 - 00000000 ___RD C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-02 22:13 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-02 22:13 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-02 22:13 - 2012-07-26 10:13 - 00000000 ____D C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== Een Maand Gewijzigd bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2015-09-08 22:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-08 21:57 - 2013-11-10 18:58 - 01967353 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-08 21:50 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-08 21:49 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\PLA
2015-09-08 20:44 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-08 19:11 - 2013-06-19 13:40 - 00000000 ____D C:\WINDOWS\Panther
2015-09-08 10:50 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-09-08 10:45 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-07 15:00 - 2013-11-10 19:45 - 00796920 _____ C:\WINDOWS\system32\perfh013.dat
2015-09-07 15:00 - 2013-11-10 19:45 - 00159176 _____ C:\WINDOWS\system32\perfc013.dat
2015-09-07 15:00 - 2012-07-26 09:28 - 01792392 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-06 18:25 - 2013-11-10 19:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-06 07:53 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-04 18:37 - 2013-11-10 19:02 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-09-04 18:33 - 2013-11-10 19:11 - 00000000 ____D C:\Program Files\Intel
2015-09-04 18:32 - 2013-11-10 18:50 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-09-04 18:32 - 2013-11-10 18:50 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-09-04 18:32 - 2013-06-19 13:33 - 08997888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2015-09-04 18:32 - 2013-06-19 13:33 - 00441344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2015-09-04 18:32 - 2013-06-19 13:33 - 00358912 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2015-09-04 18:32 - 2013-06-19 13:33 - 00108032 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2015-09-04 18:32 - 2013-06-19 13:33 - 00066048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.dll
2015-09-04 18:32 - 2013-06-19 13:33 - 00029184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-09-03 16:32 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-09-03 11:14 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2015-09-03 11:13 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-03 08:27 - 2013-06-19 13:21 - 00000000 ____D C:\ProgramData\Norton
2015-09-03 07:25 - 2012-07-26 10:13 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-09-02 23:10 - 2013-06-19 13:16 - 00000000 ____D C:\ProgramData\WildTangent
2015-09-02 23:10 - 2013-06-19 13:16 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-09-02 22:38 - 2013-06-19 13:15 - 00281240 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-02 22:32 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\restore
2015-09-02 22:17 - 2013-06-19 13:26 - 00000000 ___HD C:\OEM
2015-09-02 22:14 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-09-02 22:14 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore
2015-08-13 18:52 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\ELAMBKUP
 
==================== Bestanden in de root van sommige mappen =======
 
2015-09-02 22:43 - 2015-09-02 22:43 - 0512520 _____ () C:\ProgramData\1441226397.bdinstall.bin
 
==================== Bamital & volsnap =================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
 
 
LastRegBack: 2013-06-19 12:41
 
==================== Eind van FRST.txt ============================


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:44 AM

Posted 09 September 2015 - 08:26 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.


start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:
cmd: ipconfig /flushdns

(Crawler.com) C:\Program Files (x86)\CStart8\CStart8Tray64.exe
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [CStart8] => C:\PROGRAM FILES (X86)\CSTART8\CStart8Tray64.exe [3135816 2015-06-29] (Crawler.com)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
SearchScopes: HKU\S-1-5-21-2317824354-2218965584-1394745157-1001 -> OldSearch URL =
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL Geen bestand
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL Geen bestand
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
S2 ST2012_Svc; "C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe" [X]
C:\Program Files (x86)\CStart8

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F

Clean the Firefox Cache.
https://kb.wisc.edu/page.php?id=15141
===

How is the computer running now?

p.s.
Please post in you next reply the Addition.txt file that the Farbar tool has created.

#3 maytekid

maytekid
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 09 September 2015 - 10:57 AM

Fixlog.txt. : 
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie:07-09-2015
Gestart door bianca (2015-09-09 17:37:35) Run:1
Gestart vanaf C:\Users\bianca\Downloads
Geladen Profielen: bianca (Beschikbare Profielen: bianca)
Boot Modus: Normal
==============================================
 
fixlist inhoud:
*****************
 
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
cmd: ipconfig /flushdns
 
(Crawler.com) C:\Program Files (x86)\CStart8\CStart8Tray64.exe
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [CStart8] => C:\PROGRAM FILES (X86)\CSTART8\CStart8Tray64.exe [3135816 2015-06-29] (Crawler.com)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
SearchScopes: HKU\S-1-5-21-2317824354-2218965584-1394745157-1001 -> OldSearch URL =
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL Geen bestand
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL Geen bestand
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
S2 ST2012_Svc; "C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe" [X]
C:\Program Files (x86)\CStart8
 
End
*****************
 
Herstelpunt is succesfol gemaakt.
Proces succesvol afgesloten.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= Eind van CMD: =========
 
C:\Program Files (x86)\CStart8\CStart8Tray64.exe => Geen lopend proces gevonden
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => waarde is succesvol verwijderd.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CStart8 => waarde is succesvol verwijderd.
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => sleutel is succesvol verwijderd.
"HKU\S-1-5-21-2317824354-2218965584-1394745157-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch" => sleutel is succesvol verwijderd.
HKCR\CLSID\OldSearch => sleutel niet gevonden. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}" => sleutel is succesvol verwijderd.
"HKCR\CLSID\{82A76710-4F98-4957-92BE-99648A4E2475}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}" => sleutel is succesvol verwijderd.
"HKCR\Wow6432Node\CLSID\{82A76710-4F98-4957-92BE-99648A4E2475}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fabcmochhfpldjekobfaaggijgohadih" => sleutel is succesvol verwijderd.
ST2012_Svc => dienst is succesvol verwijderd.
C:\Program Files (x86)\CStart8 => is succesvol verplaatst.
EmptyTemp: => 392.6 MB tijdelijke gegevens verwijderd.
 
 
Het systeem moest herstart worden.. 
 
==== Eind van Fixlog 17:38:07 ====
 
 
 
 
AdwCleaner[C2].txt : 
 

# AdwCleaner v5.007 - Logbestand aangemaakt 09/09/2015 op 17:47:38
# Laatste update 08/09/2015 door Xplode
# Database : 2015-09-08.2 [Server]
# Besturingssysteem : Windows 8  (x64)
# Gebruikersnaam : bianca - BIANCA
# Gestart vanuit : C:\Users\bianca\Desktop\AdwCleaner.exe
# Optie : Verwijderen
# Ondersteuning : http://toolslib.net/forum
 
***** [ Services ] *****
 
[-] Service Verwijderd : sp_rsdrv2
 
***** [ Mappen ] *****
 
 
***** [ Bestanden ] *****
 
 
***** [ Snelkoppelingen ] *****
 
 
***** [ geplande taken ] *****
 
 
***** [ Register ] *****
 
 
***** [ Internetbrowsers ] *****
 
[-] [C:\Users\bianca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Verwijderd : gafhhbahpojnjfhpepjjfjojbphnogmn
 
*************************
 
:: Winsock instellingen gereset
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [824 bytes] ##########
 
 
The search engine is still there, when i open a new tab window this is the line that is in the adresline.. : 
 
hxxttps://nl.search.yahoo.com/?fr=hp-ddc-bd-tab&type=dc-bcr-sw-rhb-37__alt__ddc_dsssyctab_bd_com
 
so the adwcleaner and the fix tool did not work..

Edited by nasdaq, 09 September 2015 - 12:19 PM.


#4 maytekid

maytekid
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 09 September 2015 - 11:00 AM

in addition to my former reply my windows 8 startmenu button wich i installed after the yahoo searchengine appeared is gone.. :-(



#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:44 AM

Posted 09 September 2015 - 12:24 PM



How do I get the start button back in Windows 8?
http://www.computerhope.com/issues/ch001374.htm

===

As previously requested.

p.s.
Please post in you next reply the Addition.txt file that the Farbar tool has created.

===

Please run this tool also.

Temporarily disable your AV program so it does not interfere.
Info on how to disable your security applications How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides.

Download Zeok tool from here

When the download appears, save to the Desktop.
On the Desktop, right-click the Zoek.exe file and select: Run as Administrator
(Give it a few seconds to appear.)

Next, copy/paste the entire script inside the code box below to the input field of Zoek:
createsrpoint;
autoclean;
emptyalltemp;
ipconfig /flushdns;b
Now...
Close any open Browsers.
Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please attach the zoek-results.log in your reply.

Also, please provide an update on how the computer is behaving after running the above script.

===

#6 maytekid

maytekid
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 13 September 2015 - 05:52 AM

Zoek results and Addition.txt are in the attachment.
 
The computer is behaving in the same way as it was before. As soon as I open my Chrome browser (which is set to continue where I closed it) all pages get redirected to the yahoo search engine "hxxttps://nl.search.yahoo.com/?fr=hp-ddc-bd-tab&type=dc-bcr-sw-rhb-37__alt__ddc_dsssyctab_bd_com"

Attached Files


Edited by nasdaq, 13 September 2015 - 07:20 AM.


#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:44 AM

Posted 13 September 2015 - 07:24 AM


As soon as I open my Chrome browser (which is set to continue where I closed it) all pages get redirected to the yahoo search engine


Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en
Select "From the beginning of time"

Restart Chrome
===

If the problem persists remove the setting "to continue where I close it".

http://www.howtogeek.com/120185/always-open-tabs-from-your-last-browsing-session-in-firefox-chrome-opera-safari-and-ie/

Close Chrome.

Restart the program.

How is it now?

#8 maytekid

maytekid
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 14 September 2015 - 04:38 AM

Settings reset, cache and cookies cleared and the setting to continue removed.

Unfortunately, I am still redirected upon launching the browser or opening a new tab.



#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:44 AM

Posted 14 September 2015 - 08:00 AM

Remove Chrome using the the instructions on this page.
https://support.google.com/chrome/answer/95319?hl=en

Before you do Export your Bookmarks
Chrome will export your bookmarks as a HTML file, which you can then import into another browser.

If you want to save your passwords as well see here: http://www.intowindows.com/how-to-backup-saved-passwords-in-google-chrome-browser/

Re-install Chrome and the Bookmarks.

<<<>>>

#10 maytekid

maytekid
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 14 September 2015 - 08:23 AM

That did the trick. It's gone. 

Thank you very much!



#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:44 AM

Posted 14 September 2015 - 08:25 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#12 nasdaq

nasdaq

  • Malware Response Team
  • 40,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:44 AM

Posted 20 September 2015 - 07:31 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users