De PC van mijn partner draait op W7 en geregeld worden daar kleine tot middelgrote spellen voor gedownload.
Op mijn PC doen alle spellen het (direct-run of installers), maar op de PC van mijn vriendin werkt vrijwel geen enkel spel.
Uitvoeren (ook als administrator) geeft geen effect, er gebeurd niets behalve dat de cursor even 'bezig is' (zandloper rondje).
Aangezien er verder niets gebeurd en er ook geen foutmelding komt heb ik verder dus geen informatie helaas..
Iemand een idee??
2
Administrator
Administrator
Hoi,
Het zou heel goed kunnen dat de bestandsassociaties beschadigd zijn, heb je deze computer al eens gecontroleerd op aanwezigheid van malware?
Je kan sowieso de volgende register-fix uitvoeren om de *.exe associatie naar de standaard waarden te herstellen.
Ga naar start --> uitvoeren.
Typ daar notepad en druk op enter
Kopieer onderstaande (code) in dit kladblokbestand.
Klik op Bestand > Opslaan als.
Bij "Opslaan in" kies je: Bureaublad
Bij "Bestandsnaam" zet je: Fix.reg
Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
Klik op de knop Opslaan.
Dubbelklik op "Fix.reg" en sta toe dat de wijzigingen in het register worden toegepast.
Het zou heel goed kunnen dat de bestandsassociaties beschadigd zijn, heb je deze computer al eens gecontroleerd op aanwezigheid van malware?
Je kan sowieso de volgende register-fix uitvoeren om de *.exe associatie naar de standaard waarden te herstellen.
Ga naar start --> uitvoeren.
Typ daar notepad en druk op enter
Kopieer onderstaande (code) in dit kladblokbestand.
Code: Selecteer alles
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\.EXE]
@="exefile"
"Content Type"="application/x-msdownload"
[HKEY_CLASSES_ROOT\.EXE\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"
[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,\
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,\
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00
[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"
[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runas]
"HasLUAShield"=""
[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runasuser]
@="@shell32.dll,-50944"
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"
[HKEY_CLASSES_ROOT\exefile\shell\runasuser\command]
"DelegateExecute"="{ea72d00e-4960-42fa-ba92-7792a7944c1d}"
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers]
@="Compatibility"
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility]
@="{1d27f844-3a1f-4410-85ac-14651078412d}"
[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.EXE\UserChoice]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.EXE\OpenWithProgids]
"exefile"=hex(0):
Bij "Opslaan in" kies je: Bureaublad
Bij "Bestandsnaam" zet je: Fix.reg
Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
Klik op de knop Opslaan.
Dubbelklik op "Fix.reg" en sta toe dat de wijzigingen in het register worden toegepast.
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
3
PC Web Plus - Member
PC Web Plus - Member
Fix.reg uitgevoerd maar liep tegen deze melding aan:
Daarna maar even MBam laten draaien:
Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org" onclick="window.open(this.href);return false;
Databaseversie: v2013.02.09.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Gebruiker :: PRISCILLA-PC [administrator]
9-2-2013 12:31:05
mbam-log-2013-02-09 (12-31-05).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 212280
Verstreken tijd: 3 minuut/minuten, 22 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{4C39179A-11CB-5CE4-3B74-F1745F6ECFDF} (Trojan.ZbotR.Gen) -> Data: C:\Users\Gebruiker\AppData\Roaming\Piezgy\acox.exe -> Succesvol in quarantaine geplaatst en verwijderd.
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 1
C:\Users\Gebruiker\AppData\Roaming\Piezgy\acox.exe (Trojan.ZbotR.Gen) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
PC opnieuw opgestart hierna...
Daarna maar even MBam laten draaien:Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org" onclick="window.open(this.href);return false;
Databaseversie: v2013.02.09.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Gebruiker :: PRISCILLA-PC [administrator]
9-2-2013 12:31:05
mbam-log-2013-02-09 (12-31-05).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 212280
Verstreken tijd: 3 minuut/minuten, 22 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{4C39179A-11CB-5CE4-3B74-F1745F6ECFDF} (Trojan.ZbotR.Gen) -> Data: C:\Users\Gebruiker\AppData\Roaming\Piezgy\acox.exe -> Succesvol in quarantaine geplaatst en verwijderd.
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 1
C:\Users\Gebruiker\AppData\Roaming\Piezgy\acox.exe (Trojan.ZbotR.Gen) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
PC opnieuw opgestart hierna...
4
Administrator
Administrator
Hoi,
De computer was in ieder geval geïnfecteerd met de Zeus trojan, wijzig sowieso alle gebruikte wachtwoorden op dit systeem.
Krijg je na een herstart nog steeds de melding als je het registerbestand uitvoert?
De computer was in ieder geval geïnfecteerd met de Zeus trojan, wijzig sowieso alle gebruikte wachtwoorden op dit systeem.
Krijg je na een herstart nog steeds de melding als je het registerbestand uitvoert?
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
6
Administrator
Administrator
Hoi,
Wellicht handig om eerst het systeem eens verder te controleren op eventuele aanwezigheid van malware.
Ik zal dit topic dan ook even verplaatsen naar Malware en virusinfectie problemen (HijackThis / DDS logs)
Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download.
DDS - Bleeping Computer download.
DDS - Infospyware.
DDS is een diagnosetool en maakt gebruik van scripts.
Schakel je beveiligings software uit voordat je DDS uitvoert!
(hier of hier) kan je lezen hoe je dat doet.
Dubbelklik op DDS om de tool te starten.
Er worden nu automatisch twee log bestanden op het bureablad opgeslagen.
Wellicht handig om eerst het systeem eens verder te controleren op eventuele aanwezigheid van malware.
Ik zal dit topic dan ook even verplaatsen naar Malware en virusinfectie problemen (HijackThis / DDS logs)
Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download.
DDS - Bleeping Computer download.
DDS - Infospyware.
DDS is een diagnosetool en maakt gebruik van scripts.Schakel je beveiligings software uit voordat je DDS uitvoert!
(hier of hier) kan je lezen hoe je dat doet.
Dubbelklik op DDS om de tool te starten.
Er worden nu automatisch twee log bestanden op het bureablad opgeslagen.
- DDS.txt
- Attach.txt (Plaats deze alleen indien hierom wordt gevraagd!)
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
7
PC Web Plus - Member
PC Web Plus - Member
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.13.2
Run by Gebruiker at 13:13:39 on 2013-02-09
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.6135.4753 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Online Games Manager\ogmservice.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\EXPERTool ATI\TBPANEL.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.nl" onclick="window.open(this.href);return false;
uDefault_Page_URL = http://www.google.nl" onclick="window.open(this.href);return false;
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Gainward] C:\Program Files (x86)\EXPERTool ATI\TBPanel.exe /A
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\GEBRUI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{7EC3CB02-24E6-432E-B5FF-1E4DAEFA9A49} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-3-20 203888]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-4 238080]
R2 ogmservice;Online Games Manager;C:\Program Files (x86)\Online Games Manager\ogmservice.exe [2012-6-8 521344]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760]
S3 b06diag;Broadcom NetXtreme II Diag Driver;C:\Windows\System32\drivers\bxdiaga.sys [2012-3-19 88104]
S3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2012-3-19 157288]
S3 BFNVis64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\XenoVa64.sys [2012-3-19 157288]
S3 BXOIS;BXOIS;C:\Windows\System32\drivers\bxois.sys [2012-3-19 533544]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IAMTVE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTVE.sys [2012-3-19 43416]
S3 IAMTXPE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTXPE.sys [2012-3-19 51096]
S3 IFCoEMP;IFCoEMP;C:\Windows\System32\drivers\ifM60x64.sys [2012-3-19 388368]
S3 IFCoEVB;IFCoEVB;C:\Windows\System32\drivers\ifP60x64.sys [2012-3-19 77584]
S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2012-3-19 40144]
S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2012-3-19 42192]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 98688]
S3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2012-3-19 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
.
=============== Created Last 30 ================
.
2013-02-09 11:30:31 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Malwarebytes
2013-02-09 11:30:21 -------- d-----w- C:\ProgramData\Malwarebytes
2013-02-09 11:30:20 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-02-09 11:30:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-09 11:30:10 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Programs
2013-02-09 09:52:14 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7E623580-AB3C-4356-9963-A7BC98E42ED9}\mpengine.dll
2013-02-08 11:19:21 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Melesta
2013-02-08 09:53:11 9161176 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-06 19:54:07 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2013-02-06 19:54:06 -------- d-----w- C:\Windows\System32\wbem\en-US
2013-02-06 19:19:41 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-02-06 19:19:41 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-02-06 19:19:41 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-02-06 19:19:41 2560 ----a-w- C:\Windows\System32\drivers\nl-NL\wdf01000.sys.mui
2013-02-06 19:14:08 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2013-02-06 19:10:58 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2013-02-06 19:10:58 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-02-06 19:10:58 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-02-06 19:10:58 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-02-06 19:10:58 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-02-06 19:10:58 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-02-06 19:10:27 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-02-06 19:10:27 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-02-06 19:10:27 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-02-06 19:10:27 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-02-06 19:10:26 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-02-06 19:10:26 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-02-06 19:10:26 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-02-06 19:09:13 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-02-06 19:09:13 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-02-06 19:09:13 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-02-06 19:09:13 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-02-06 19:09:13 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-02-06 19:07:13 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2013-02-06 19:06:58 5562736 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-06 19:05:58 1465344 ----a-w- C:\Windows\System32\crypt32.dll
2013-02-06 19:05:57 186880 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-02-06 19:05:57 142336 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-02-06 19:05:57 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2013-02-06 19:05:57 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-02-06 19:05:57 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-02-06 19:01:10 559616 ----a-w- C:\Windows\System32\spoolsv.exe
2013-02-06 19:01:09 67072 ----a-w- C:\Windows\splwow64.exe
2013-02-06 18:56:34 -------- d-----w- C:\Program Files\CCleaner
2013-02-06 16:32:09 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-06 16:23:37 -------- d-----w- C:\Windows\SysWow64\directx
2013-02-06 11:57:47 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\HeroCraft
2013-02-03 20:02:31 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\World-Loom
2013-02-02 16:52:45 257024 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw72.dll
2013-01-21 17:23:18 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\tor
2013-01-21 17:23:17 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Yrizi
2013-01-21 17:23:17 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Azacx
2013-01-21 17:22:51 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Piezgy
2013-01-21 17:22:51 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Kezyo
.
==================== Find3M ====================
.
2013-02-08 14:54:37 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 14:54:37 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-06 16:32:05 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-02-06 16:32:05 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-03 12:32:32 43520 ----a-w- C:\Windows\SysWow64\CmdLineExt03.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:55:04 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:55:04 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:55:04 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:55:04 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:54:58 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:52:53 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 05:49:53 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 05:03:32 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 04:59:55 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-11-30 04:59:23 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 04:57:48 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:57:47 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 02:51:29 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:51:28 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:46:18 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:46:18 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:46:18 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:46:18 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:28:21 3152384 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:59:05 801280 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 05:36:39 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:38:07 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 05:14:02 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
.
============= FINISH: 13:13:57,63 ===============
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.13.2
Run by Gebruiker at 13:13:39 on 2013-02-09
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.6135.4753 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Online Games Manager\ogmservice.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\EXPERTool ATI\TBPANEL.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.nl" onclick="window.open(this.href);return false;
uDefault_Page_URL = http://www.google.nl" onclick="window.open(this.href);return false;
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Gainward] C:\Program Files (x86)\EXPERTool ATI\TBPanel.exe /A
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\GEBRUI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{7EC3CB02-24E6-432E-B5FF-1E4DAEFA9A49} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-3-20 203888]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-4 238080]
R2 ogmservice;Online Games Manager;C:\Program Files (x86)\Online Games Manager\ogmservice.exe [2012-6-8 521344]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760]
S3 b06diag;Broadcom NetXtreme II Diag Driver;C:\Windows\System32\drivers\bxdiaga.sys [2012-3-19 88104]
S3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2012-3-19 157288]
S3 BFNVis64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\XenoVa64.sys [2012-3-19 157288]
S3 BXOIS;BXOIS;C:\Windows\System32\drivers\bxois.sys [2012-3-19 533544]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IAMTVE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTVE.sys [2012-3-19 43416]
S3 IAMTXPE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTXPE.sys [2012-3-19 51096]
S3 IFCoEMP;IFCoEMP;C:\Windows\System32\drivers\ifM60x64.sys [2012-3-19 388368]
S3 IFCoEVB;IFCoEVB;C:\Windows\System32\drivers\ifP60x64.sys [2012-3-19 77584]
S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2012-3-19 40144]
S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2012-3-19 42192]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 98688]
S3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2012-3-19 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
.
=============== Created Last 30 ================
.
2013-02-09 11:30:31 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Malwarebytes
2013-02-09 11:30:21 -------- d-----w- C:\ProgramData\Malwarebytes
2013-02-09 11:30:20 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-02-09 11:30:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-09 11:30:10 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Programs
2013-02-09 09:52:14 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7E623580-AB3C-4356-9963-A7BC98E42ED9}\mpengine.dll
2013-02-08 11:19:21 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Melesta
2013-02-08 09:53:11 9161176 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-06 19:54:07 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2013-02-06 19:54:06 -------- d-----w- C:\Windows\System32\wbem\en-US
2013-02-06 19:19:41 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-02-06 19:19:41 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-02-06 19:19:41 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-02-06 19:19:41 2560 ----a-w- C:\Windows\System32\drivers\nl-NL\wdf01000.sys.mui
2013-02-06 19:14:08 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2013-02-06 19:10:58 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2013-02-06 19:10:58 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-02-06 19:10:58 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-02-06 19:10:58 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-02-06 19:10:58 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-02-06 19:10:58 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-02-06 19:10:27 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-02-06 19:10:27 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-02-06 19:10:27 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-02-06 19:10:27 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-02-06 19:10:26 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-02-06 19:10:26 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-02-06 19:10:26 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-02-06 19:09:13 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-02-06 19:09:13 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-02-06 19:09:13 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-02-06 19:09:13 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-02-06 19:09:13 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-02-06 19:07:13 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2013-02-06 19:06:58 5562736 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-06 19:05:58 1465344 ----a-w- C:\Windows\System32\crypt32.dll
2013-02-06 19:05:57 186880 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-02-06 19:05:57 142336 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-02-06 19:05:57 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2013-02-06 19:05:57 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-02-06 19:05:57 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-02-06 19:01:10 559616 ----a-w- C:\Windows\System32\spoolsv.exe
2013-02-06 19:01:09 67072 ----a-w- C:\Windows\splwow64.exe
2013-02-06 18:56:34 -------- d-----w- C:\Program Files\CCleaner
2013-02-06 16:32:09 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-06 16:23:37 -------- d-----w- C:\Windows\SysWow64\directx
2013-02-06 11:57:47 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\HeroCraft
2013-02-03 20:02:31 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\World-Loom
2013-02-02 16:52:45 257024 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw72.dll
2013-01-21 17:23:18 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\tor
2013-01-21 17:23:17 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Yrizi
2013-01-21 17:23:17 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Azacx
2013-01-21 17:22:51 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Piezgy
2013-01-21 17:22:51 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Kezyo
.
==================== Find3M ====================
.
2013-02-08 14:54:37 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 14:54:37 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-06 16:32:05 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-02-06 16:32:05 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-03 12:32:32 43520 ----a-w- C:\Windows\SysWow64\CmdLineExt03.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:55:04 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:55:04 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:55:04 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:55:04 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:54:58 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:52:53 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 05:49:53 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 05:03:32 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 04:59:55 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-11-30 04:59:23 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 04:57:48 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:57:47 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 02:51:29 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:51:28 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:46:18 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:46:18 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:46:18 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:46:18 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:28:21 3152384 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:59:05 801280 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 05:36:39 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:38:07 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 05:14:02 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
.
============= FINISH: 13:13:57,63 ===============
8
Administrator
Administrator
Hoi,
Download zoek.exe naar het bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
Download zoek.exe naar het bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
- Dubbelklik op Zoek.exe om de tool te starten.
- Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
- Kopieer nu onderstaande code en plak die in het grote invulvenster:
- Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
Code: Selecteer alles
HKEY_CLASSES_ROOT\.EXE;e HKEY_CLASSES_ROOT\exefile;e startupall; filesrcm; - Klik nu op de knop "Run script".
- Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
- Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
- Post nu de inhoud van het geopende logje in het volgende bericht.
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
9
PC Web Plus - Member
PC Web Plus - Member
Zoek.exe Version 4.0.0.2 Beta Updated 09-February-2013
Tool run by Gebruiker on za 09-02-2013 at 13:22:52,81.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Registry Exports ======================
[HKEY_CLASSES_ROOT\.EXE]
@="exefile"
"Content Type"="application/x-msdownload"
[HKEY_CLASSES_ROOT\.EXE\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"
[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,\
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,\
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00
[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"
[HKEY_CLASSES_ROOT\exefile\shell]
[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runas]
"HasLUAShield"=""
[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runasuser]
@="@shell32.dll,-50944"
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"
[HKEY_CLASSES_ROOT\exefile\shell\runasuser\command]
"DelegateExecute"="{ea72d00e-4960-42fa-ba92-7792a7944c1d}"
[HKEY_CLASSES_ROOT\exefile\shellex]
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers]
@="Compatibility"
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\CmdLineExt]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility]
@="{1d27f844-3a1f-4410-85ac-14651078412d}"
[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"
==== Registry Exports x64 ======================
[HKEY_CLASSES_ROOT\.EXE]
@="exefile"
"Content Type"="application/x-msdownload"
[HKEY_CLASSES_ROOT\.EXE\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"
[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,\
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,\
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00
[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"
[HKEY_CLASSES_ROOT\exefile\shell]
[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runas]
"HasLUAShield"=""
[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runasuser]
@="@shell32.dll,-50944"
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"
[HKEY_CLASSES_ROOT\exefile\shell\runasuser\command]
"DelegateExecute"="{ea72d00e-4960-42fa-ba92-7792a7944c1d}"
[HKEY_CLASSES_ROOT\exefile\shellex]
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers]
@="Compatibility"
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\CmdLineExt]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility]
@="{1d27f844-3a1f-4410-85ac-14651078412d}"
[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2013-02-06 19:01:09 F4872D16F08BDA4250E97A58F9DAD555 67072 ----a-w- C:\Windows\splwow64.exe
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2013-01-30 23:58:57 F655170EB3DC3CBB3F564077C670A7E1 897448 ----a-w- C:\Users\GEBRUI~1\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
====== C:\Windows\SysWOW64 =====
2013-02-06 19:13:21 ED6F6FBBCDEC95483B7351E23F4FCDF6 110592 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll
2013-02-06 19:13:21 A3FA99A16F10D44EDB7A8C340FA2EE1B 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2013-02-06 19:13:21 90A57CA422923286838AAC7DE2D41B92 118784 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2013-02-06 19:13:21 8E38CE628D4817D949DD31D77A7F21CD 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-02-06 19:13:21 7FA3A810F383588D46220967DE8B64FF 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll
2013-02-06 19:13:21 780E80E5502015EDAEC91DC0A0C96A79 1793024 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2013-02-06 19:13:21 6B036492120E65C0C367DC31D01088A1 74752 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-02-06 19:13:21 4B80D1F847C0658977E1E8051A4DE002 41472 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll
2013-02-06 19:13:21 4266A3230981DD4434C55957F6DD497D 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2013-02-06 19:13:21 35AAE2E841AA1A949775168E119482C9 161792 ----a-w- C:\Windows\SysWOW64\msls31.dll
2013-02-06 19:13:21 1D3EE28BA231CBB9600F5D102EAF4EA7 10752 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe
2013-02-06 19:13:21 0B8FE658BD033EC8B1F6FBC305CC65E7 162304 ----a-w- C:\Windows\SysWOW64\msrating.dll
2013-02-06 19:13:21 0A866897039E42DF8080BE5DD83BC8E0 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll
2013-02-06 19:13:20 F9D038A8C2BDC3AE2548150A7AED0F8A 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll
2013-02-06 19:13:20 F83865A3007357A5E498EB9E3BED273D 31744 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2013-02-06 19:13:20 F0FEFB0B5D25A75D478A4317139D937E 353584 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2013-02-06 19:13:20 EE9D715AF1B928982F417238B9914484 434176 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2013-02-06 19:13:20 EE0AFCEE88098F754212F9069E80A766 86528 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2013-02-06 19:13:20 E290E3FDF645DF29D00D6368B9127E30 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-02-06 19:13:20 DE6652B4B4E9795B53142959FD02A4EB 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2013-02-06 19:13:20 DCFA393FA7F8FFAAE4A4A1F5E3E7CD64 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2013-02-06 19:13:20 DB754FF5F6ADBA2A25EC1B6672D1C91E 163840 ----a-w- C:\Windows\SysWOW64\ieakui.dll
2013-02-06 19:13:20 CA493A92DA9880B6F1A89C3DBD54BA5B 223232 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2013-02-06 19:13:20 C0B8B96D018849FD8CCF15FED84E8782 74240 ----a-w- C:\Windows\SysWOW64\ie4uinit.exe
2013-02-06 19:13:20 9D8D5E1F881DB5CD0E9C59166E7AC422 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2013-02-06 19:13:20 83F5D4B41BB12CE146786E97F6AAD75E 3695416 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat
2013-02-06 19:13:20 802B0229D904E28C1EA9A5274AB457FC 74752 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2013-02-06 19:13:20 7AC9B18F1BE210702DA5E586224B1571 66048 ----a-w- C:\Windows\SysWOW64\icardie.dll
2013-02-06 19:13:20 76EB0222590D5DCD050CF862237F414A 63488 ----a-w- C:\Windows\SysWOW64\tdc.ocx
2013-02-06 19:13:20 76E987D8CF0683337CF165363B6FDFD9 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll
2013-02-06 19:13:20 736D1B28224F9DF8008BE8B0DEDFC9EF 76800 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-02-06 19:13:20 6B4701D3D9724812E8C3801E7BF87157 23552 ----a-w- C:\Windows\SysWOW64\licmgr10.dll
2013-02-06 19:13:20 68563AC389F92EE79F1C714288BA1DCE 35840 ----a-w- C:\Windows\SysWOW64\imgutil.dll
2013-02-06 19:13:20 67BC2BA6F94D2D0C51213691FBFEEBB1 152064 ----a-w- C:\Windows\SysWOW64\wextract.exe
2013-02-06 19:13:20 60B4F624BB87A3B21D3EC68F38DA6B61 78848 ----a-w- C:\Windows\SysWOW64\inseng.dll
2013-02-06 19:13:20 5B37190F79F5D63C1033ED88C006080C 123392 ----a-w- C:\Windows\SysWOW64\occache.dll
2013-02-06 19:13:20 5466DCAEF5A648E04D1B6580F2C901B5 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2013-02-06 19:13:20 543BBE783E2CA0D58E1981BD75483BAD 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2013-02-06 19:13:20 51AF0A12CD86E22E1A027C38CC021AC6 150528 ----a-w- C:\Windows\SysWOW64\iexpress.exe
2013-02-06 19:13:20 5193DE33F3284C447E0D31DAFBF92570 203776 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2013-02-06 19:13:20 4B333D3CC96AE66BD754329FD2989EE2 72822 ----a-w- C:\Windows\SysWOW64\ieuinit.inf
2013-02-06 19:13:20 49729570B7FD369BBDEC16D7683324A0 227840 ----a-w- C:\Windows\SysWOW64\ieaksie.dll
2013-02-06 19:13:20 4312DEBDACBE338F0B90E7F08E7672BE 353792 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2013-02-06 19:13:20 4071D132E66ACDA3776F1FEAD19E6E01 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2013-02-06 19:13:20 3F7A8BCF37433A69CEEDE1E6AEE79784 101888 ----a-w- C:\Windows\SysWOW64\admparse.dll
2013-02-06 19:13:20 31B0448CC0694378106582F46D0D07E4 231936 ----a-w- C:\Windows\SysWOW64\url.dll
2013-02-06 19:13:20 1E7094AFAD0C369DD6D400C7047E4AB2 130560 ----a-w- C:\Windows\SysWOW64\ieakeng.dll
2013-02-06 19:13:20 09C9E7F477FB225FDB3B6DE8FED0AA9B 367104 ----a-w- C:\Windows\SysWOW64\html.iec
2013-02-06 19:13:20 07F649CD36F266BBE33B814FA678AA43 12320256 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2013-02-06 19:13:20 061CBB1058A10C0875D18CAFF835AE97 11776 ----a-w- C:\Windows\SysWOW64\mshta.exe
2013-02-06 19:13:20 04A8B2F67825380BC0C7C46D56776133 54272 ----a-w- C:\Windows\SysWOW64\pngfilt.dll
2013-02-06 19:10:58 D144A13DA2D98F454062F106DD47456A 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll
2013-02-06 19:10:58 22DC14043E0407A79DEB5E80926AEB40 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2013-02-06 19:10:58 18482E1819DB232062389A729CEEFBC3 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2013-02-06 19:09:13 B2DB6ABA2E292235749B80A9C3DFA867 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll
2013-02-06 19:09:13 907281ED4AD35D41B29FFDC211EBAD80 5120 ----a-w- C:\Windows\SysWOW64\wmi.dll
2013-02-06 19:08:20 1153AC6E133AA849853DFD407B086B80 420064 ----a-w- C:\Windows\SysWOW64\locale.nls
2013-02-06 19:08:19 EC10F0E7278272E392190292DD6324E0 275456 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2013-02-06 19:08:19 EAB15EA7F0897A468B3A2127C1FD2BFA 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2013-02-06 19:08:19 B0BA990781210836135C0ABC680A7448 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2013-02-06 19:08:19 B0404E8D7911552D8559C03CDD5DFBEC 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2013-02-06 19:08:19 9CC2571E3646B9A24296AD7ADCC71682 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2013-02-06 19:08:19 9BDC6304A6CF27B0A5A0FABCA56489D9 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2013-02-06 19:08:19 859085B54E35BE90BDB110FD229E671C 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2013-02-06 19:07:13 5FF9F07B268E5D5A1C321C3CF5C2CB9B 175104 ----a-w- C:\Windows\SysWOW64\netcorehc.dll
2013-02-06 19:07:13 4DB684167C3B220B556ECD0640715769 18944 ----a-w- C:\Windows\SysWOW64\netevent.dll
2013-02-06 19:07:13 140D9F911182357626165EA0BEB98C4F 156672 ----a-w- C:\Windows\SysWOW64\ncsi.dll
2013-02-06 19:07:09 ED59143843560B5EDB543C2A48CB9E4B 45568 ----a-w- C:\Windows\SysWOW64\oflc-nz.rs
2013-02-06 19:07:09 A704E750245D5D4EE4A23E99A00F27D5 46592 ----a-w- C:\Windows\SysWOW64\fpb.rs
2013-02-06 19:07:09 A067A19A91C2AA0198F9BD01A5CEF5C6 21504 ----a-w- C:\Windows\SysWOW64\grb.rs
2013-02-06 19:07:09 9EDCFA23CC081E38C86CA309D0F7E3DC 30720 ----a-w- C:\Windows\SysWOW64\usk.rs
2013-02-06 19:07:09 9B7D7F4D1F79E8B7D727BE94B1630D59 44544 ----a-w- C:\Windows\SysWOW64\pegibbfc.rs
2013-02-06 19:07:09 6EC618588447B82EA8D88719EE46F725 43520 ----a-w- C:\Windows\SysWOW64\csrr.rs
2013-02-06 19:07:09 64E211E0FDFCE4D186DF58BB7D0503BC 2576384 ----a-w- C:\Windows\SysWOW64\gameux.dll
2013-02-06 19:07:09 5109C45498BC709C8A7E016D5FFCCAC2 20480 ----a-w- C:\Windows\SysWOW64\pegi.rs
2013-02-06 19:07:09 4F5C56DBF076D5BBB1D22B37BF281396 20480 ----a-w- C:\Windows\SysWOW64\pegi-pt.rs
2013-02-06 19:07:09 43C9CF6825CEA58F1815B7C3DBBB385C 308736 ----a-w- C:\Windows\SysWOW64\Wpc.dll
2013-02-06 19:07:09 41CE7975CAD7BCF92538D2C452239523 40960 ----a-w- C:\Windows\SysWOW64\cob-au.rs
2013-02-06 19:07:09 27828AAA24AA46F11036954ADE355C1C 15360 ----a-w- C:\Windows\SysWOW64\djctq.rs
2013-02-06 19:07:08 DDD1C4AB9A9DAE6D4092C4C95E714650 51712 ----a-w- C:\Windows\SysWOW64\esrb.rs
2013-02-06 19:07:08 CBC69A055EF410CBD65593E4808B6DB4 23552 ----a-w- C:\Windows\SysWOW64\oflc.rs
2013-02-06 19:07:08 7752619457598CF057C4CC02A0867029 55296 ----a-w- C:\Windows\SysWOW64\cero.rs
2013-02-06 19:07:08 72035C97983745E742D71E9A8EF70BBB 20480 ----a-w- C:\Windows\SysWOW64\pegi-fi.rs
2013-02-06 19:07:01 B39B8CC163C41B12FE83E777199F3378 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
2013-02-06 19:06:58 770FEEA2823E463D68E170D7EA6FAEBA 3972464 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2013-02-06 19:06:58 5355A85D26EECFA3A68B1F55B0C59A20 3917168 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2013-02-06 19:06:56 D0961EA39C6472D9D27922ECE168808E 12874752 ----a-w- C:\Windows\SysWOW64\shell32.dll
2013-02-06 19:06:50 F93674263F6B07C77956E966953242D9 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2013-02-06 19:06:50 EDA7AD21DF8945528F01F0A86D69E524 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2013-02-06 19:06:50 3D3CBD1847F980FB03343A63671E7886 225280 ----a-w- C:\Windows\SysWOW64\schannel.dll
2013-02-06 19:06:49 EBD1AAA3612A3E37C616A057FD5F252C 2342912 ----a-w- C:\Windows\SysWOW64\msi.dll
2013-02-06 19:06:48 CCC588EF05A020C2CFABDB0523ED0AD9 195072 ----a-w- C:\Windows\SysWOW64\dhcpcore6.dll
2013-02-06 19:06:48 3230D18B564A6CD6D4B3451A6CA9ABEF 44032 ----a-w- C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-02-06 19:06:48 200C848129182E15A1E39E617DE4A054 257024 ----a-w- C:\Windows\SysWOW64\dhcpcore.dll
2013-02-06 19:06:44 3B7C1A53047FF6ACEFD9BA6E281DEBB7 805376 ----a-w- C:\Windows\SysWOW64\cdosys.dll
2013-02-06 19:06:42 C9DEA5A2B7A56C78879E0A07F423466E 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2013-02-06 19:06:40 57A5B9B0E4A668ADEAA38EC891AD2611 826880 ----a-w- C:\Windows\SysWOW64\rdpcore.dll
2013-02-06 19:06:39 7777D040440755FD93A70A319D6C2EB3 496128 ----a-w- C:\Windows\SysWOW64\win32spl.dll
2013-02-06 19:06:31 EAADD6E47ED2A7003ACE1793B98CF63F 1389568 ----a-w- C:\Windows\SysWOW64\msxml6.dll
2013-02-06 19:06:31 A067502DE2EC567CF90F24621211F4E3 1236480 ----a-w- C:\Windows\SysWOW64\msxml3.dll
2013-02-06 19:06:27 20104EA66332D24D7C65BBB087C56737 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe
2013-02-06 19:06:21 7D620B543F8FCCDDB1B07E2474A43E59 1077248 ----a-w- C:\Windows\SysWOW64\DWrite.dll
2013-02-06 19:06:18 17448AF0BBA9E7AB5EC955AF93F271BD 172544 ----a-w- C:\Windows\SysWOW64\wintrust.dll
2013-02-06 19:06:17 72910F1DEB838E6E08A9017BFB7D4F0B 41984 ----a-w- C:\Windows\SysWOW64\browcli.dll
2013-02-06 19:06:17 2FCA0D2C59A855C54BAFA22AA329DF0F 57344 ----a-w- C:\Windows\SysWOW64\netapi32.dll
2013-02-06 19:06:12 CA68408922B02E8D955A2967C7CBF8CE 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll
2013-02-06 19:06:08 54AF46DC37E63E1E85EB619033953309 490496 ----a-w- C:\Windows\SysWOW64\d3d10level9.dll
2013-02-06 19:06:07 D68258881C7849A7F4E4FCFE7CA0060F 543232 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2013-02-06 19:06:06 D23E615E0969AECC1134E372B0B295D1 78336 ----a-w- C:\Windows\SysWOW64\synceng.dll
2013-02-06 19:06:06 310F6F492A3B4B1020ED9BF9CCBBE6B6 376832 ----a-w- C:\Windows\SysWOW64\dpnet.dll
2013-02-06 19:06:05 A81331D7EB6C5D1F7B1E4E4FC15F3EC0 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2013-02-06 19:05:57 49BF8127A57231C6B2F6ADB17D543695 1160192 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2013-02-06 19:05:57 195315BDF59DC945E187C79780D2167C 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
2013-02-06 19:05:57 063DD65889D21035311463337BD268E7 142336 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2013-02-06 16:32:09 F78A65AADC6590943371DC606D1746A6 95648 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-02-06 19:19:41 51DFBD18A435BAEC1F71A692373ECE4F 9728 ----a-w- C:\Windows\Sysnative\Wdfres.dll
2013-02-06 19:14:08 85D6E8F735865B502D65D1D91A79E3F3 294912 ----a-w- C:\Windows\Sysnative\browserchoice.exe
2013-02-06 19:13:19 FD2031A7D5BBB95DC8A763D20B352A46 49664 ----a-w- C:\Windows\Sysnative\imgutil.dll
2013-02-06 19:13:19 F65BDB76207B49529268485AAE20AE34 267776 ----a-w- C:\Windows\Sysnative\ieaksie.dll
2013-02-06 19:13:19 EF303F9DEB696ABEA92F4A3BE6848C62 55296 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll
2013-02-06 19:13:19 E49EC15EFFC9F01298093DBD7E0A31AF 12288 ----a-w- C:\Windows\Sysnative\mshta.exe
2013-02-06 19:13:19 DA9648200FC010A6DF004FAC8A775FD9 10752 ----a-w- C:\Windows\Sysnative\msfeedssync.exe
2013-02-06 19:13:19 D6A99F26E31C9F15D8D8CC42FFE6D16B 452608 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2013-02-06 19:13:19 CFF3C4ABDCC5356B0674743BDF0FB674 17811968 ----a-w- C:\Windows\Sysnative\mshtml.dll
2013-02-06 19:13:19 C71E7ABB1A34E56CE73AE117C8DD566F 10925568 ----a-w- C:\Windows\Sysnative\ieframe.dll
2013-02-06 19:13:19 BD107CF53FA7142B4F06D6D71AFEB131 160256 ----a-w- C:\Windows\Sysnative\ieakeng.dll
2013-02-06 19:13:19 A3287F8EB6182FB060C818524C7D6A63 282112 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2013-02-06 19:13:19 A0F52880DDD164F968BE903C1FECD27E 2144768 ----a-w- C:\Windows\Sysnative\iertutil.dll
2013-02-06 19:13:19 A0C2D990ECD88630C159FD5A6700A6A5 197120 ----a-w- C:\Windows\Sysnative\msrating.dll
2013-02-06 19:13:19 9568BB33BBAD356EDD6CDE988E570523 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll
2013-02-06 19:13:19 94E2790F0F0BA0249EEA0EA745863A7B 91648 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe
2013-02-06 19:13:19 91F935162A73D667105203EF7ABA76E1 448512 ----a-w- C:\Windows\Sysnative\html.iec
2013-02-06 19:13:19 8EADA158D964E3FD1999AD96C9C507FF 534528 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2013-02-06 19:13:19 84827B0DCC0A535DB6CB0FC2FADFE38E 149504 ----a-w- C:\Windows\Sysnative\occache.dll
2013-02-06 19:13:19 83F5D4B41BB12CE146786E97F6AAD75E 3695416 ----a-w- C:\Windows\Sysnative\ieapfltr.dat
2013-02-06 19:13:19 82A4DB52E9C75A794EADCD510F6CDA65 111616 ----a-w- C:\Windows\Sysnative\iesysprep.dll
2013-02-06 19:13:19 7FCAB194F01E3403C300EB034E480B36 222208 ----a-w- C:\Windows\Sysnative\msls31.dll
2013-02-06 19:13:19 79F3FC1CF5AAC69BC6FB14521D6A3880 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2013-02-06 19:13:19 6B6A8ADF9892E76F59E3B17D01E29673 135168 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll
2013-02-06 19:13:19 673A1369C77B7A405B97A619848F6757 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2013-02-06 19:13:19 61E2B58F88F42BA4C808C7099EBE0BBA 76800 ----a-w- C:\Windows\Sysnative\tdc.ocx
2013-02-06 19:13:19 5121DB613E10A46A3C5085B479026AA7 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll
2013-02-06 19:13:19 50EF8F8DF559B7C5E72404F4B184FF17 163840 ----a-w- C:\Windows\Sysnative\ieakui.dll
2013-02-06 19:13:19 40E9C38018D1454E8F4308F2907A5A35 89088 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
2013-02-06 19:13:19 31525BC38F219E3E17D8AF11DA0FAE3E 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2013-02-06 19:13:19 2F31597DA72FE328E1F7FEBF8548759C 65024 ----a-w- C:\Windows\Sysnative\pngfilt.dll
2013-02-06 19:13:19 2984F4F93BB733CAAAB3F5BD33C4D457 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll
2013-02-06 19:13:19 1DBA462CF92D890D8F8E6472E7E8B4B4 1346048 ----a-w- C:\Windows\Sysnative\urlmon.dll
2013-02-06 19:13:19 18E10F42E7492151D279AC29622037B8 145920 ----a-w- C:\Windows\Sysnative\iepeers.dll
2013-02-06 19:13:19 141D3A9144344E5C37790F27EFE82683 114176 ----a-w- C:\Windows\Sysnative\admparse.dll
2013-02-06 19:13:19 08D0F87AA3F6DF47658E9ACD4D082027 248320 ----a-w- C:\Windows\Sysnative\ieui.dll
2013-02-06 19:13:19 046AD878F246D3801B719700B543A6EE 816640 ----a-w- C:\Windows\Sysnative\jscript.dll
2013-02-06 19:13:18 FD126186C7434D5214093A4A87A0D63F 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2013-02-06 19:13:18 D869ACB7C3DA1B823765DB3CBE2E3DD4 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2013-02-06 19:13:18 D7CEAEDD5F75D2C8A2E80887D7C114CE 249344 ----a-w- C:\Windows\Sysnative\webcheck.dll
2013-02-06 19:13:18 C3E98C42EDF7EF237A4BAB91FEAC7426 403248 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2013-02-06 19:13:18 B69A23F486D1687ACC36A6F4D9A217E2 103936 ----a-w- C:\Windows\Sysnative\inseng.dll
2013-02-06 19:13:18 B519848DFA30AE2B306576B51321D102 89088 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2013-02-06 19:13:18 93202ED0B473A8FEDFD9F5E668BE72ED 85504 ----a-w- C:\Windows\Sysnative\iesetup.dll
2013-02-06 19:13:18 778004F92FF1D92C327857250E9E9482 82432 ----a-w- C:\Windows\Sysnative\icardie.dll
2013-02-06 19:13:18 71E07C0950BB9F4450DD2DE59D77F603 165888 ----a-w- C:\Windows\Sysnative\iexpress.exe
2013-02-06 19:13:18 6E6602DE23AB3776007702FC9540E8E9 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll
2013-02-06 19:13:18 57569625CEB5989116C5BE70B77C29ED 160256 ----a-w- C:\Windows\Sysnative\wextract.exe
2013-02-06 19:13:18 56336BB69172A2CEE15B2491DB4C70C1 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2013-02-06 19:13:18 4B333D3CC96AE66BD754329FD2989EE2 72822 ----a-w- C:\Windows\Sysnative\ieuinit.inf
2013-02-06 19:13:18 478FDA5AB59331259538FB7B02026836 237056 ----a-w- C:\Windows\Sysnative\url.dll
2013-02-06 19:13:18 351DF61EF64D77C57A4B68C663E7279D 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
2013-02-06 19:13:18 1E2DD319BE9731A01CF0642D5B22714B 30720 ----a-w- C:\Windows\Sysnative\licmgr10.dll
2013-02-06 19:10:58 E59B615DE916273EEE72F643F97D7600 367616 ----a-w- C:\Windows\Sysnative\atmfd.dll
2013-02-06 19:10:58 AC298E820F444049A4C9AC64C1775B87 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll
2013-02-06 19:10:58 201FD2520C8DE44177BBA5161A263F68 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll
2013-02-06 19:10:27 B20F051B03A966392364C83F009F7D17 84992 ----a-w- C:\Windows\Sysnative\WUDFSvc.dll
2013-02-06 19:10:27 B1DF2D87DC8BF6072699AC8301B37796 194048 ----a-w- C:\Windows\Sysnative\WUDFPlatform.dll
2013-02-06 19:10:26 F1617F1014D51987D517A4C37A7C733B 45056 ----a-w- C:\Windows\Sysnative\WUDFCoinstaller.dll
2013-02-06 19:10:26 8ABFE00F213F2571498F1B8FD7939A98 229888 ----a-w- C:\Windows\Sysnative\WUDFHost.exe
2013-02-06 19:10:26 25AE683DCB4AE7E6F1B193A0CB9DB35F 744448 ----a-w- C:\Windows\Sysnative\WUDFx.dll
2013-02-06 19:09:13 C00DB14550E4BD49737F311C644E45FF 5120 ----a-w- C:\Windows\Sysnative\wmi.dll
2013-02-06 19:09:13 A1BE6A720D02E37F72E9CD89AE9CB3CF 81408 ----a-w- C:\Windows\Sysnative\imagehlp.dll
2013-02-06 19:08:20 1153AC6E133AA849853DFD407B086B80 420064 ----a-w- C:\Windows\Sysnative\locale.nls
2013-02-06 19:08:18 5FDE812D5609D724F902334368641B54 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll
2013-02-06 19:08:18 49A5AB4CC7856EFD83F55280E59043DC 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll
2013-02-06 19:08:18 25001506679B7A73C24F261F5EA7C859 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll
2013-02-06 19:08:18 0EC4A4C2595F23CE844A34B27464D715 243200 ----a-w- C:\Windows\Sysnative\wow64.dll
2013-02-06 19:08:17 C2B1F6196C7FE1EA1BF827312B095D06 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll
2013-02-06 19:08:17 B3BEA6420D482356E53B7C728E05C637 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll
2013-02-06 19:08:17 B19B30E594EE374C69F71DAD26198400 338432 ----a-w- C:\Windows\Sysnative\conhost.exe
2013-02-06 19:08:17 6072F9B801FD361ABCDD2A2C6D39D106 424448 ----a-w- C:\Windows\Sysnative\KernelBase.dll
2013-02-06 19:07:13 E7A16F71BA02F3AB9D549F226559266E 246272 ----a-w- C:\Windows\Sysnative\netcorehc.dll
2013-02-06 19:07:13 D4FAC263861BAE06971C7F7D0A8EBF15 216576 ----a-w- C:\Windows\Sysnative\ncsi.dll
2013-02-06 19:07:13 8AD77806D336673F270DB31645267293 303104 ----a-w- C:\Windows\Sysnative\nlasvc.dll
2013-02-06 19:07:13 5BDE9F50E48A6CD28353BAA238CC4A7D 18944 ----a-w- C:\Windows\Sysnative\netevent.dll
2013-02-06 19:07:13 46BB91A169B9B31FF44EB04C48EC1D41 70656 ----a-w- C:\Windows\Sysnative\nlaapi.dll
2013-02-06 19:07:13 4261F21A202746AC207CA9AA863D9FD4 570368 ----a-w- C:\Windows\Sysnative\iphlpsvc.dll
2013-02-06 19:07:09 EBB73E4E8CA01089CF74ECE506EB7607 43520 ----a-w- C:\Windows\Sysnative\csrr.rs
2013-02-06 19:07:09 C4B0793E4B97AA36A2A8C81A7AA1979A 44544 ----a-w- C:\Windows\Sysnative\pegibbfc.rs
2013-02-06 19:07:09 A2E0F1E01A0983E9C94565BBEC862BF7 40960 ----a-w- C:\Windows\Sysnative\cob-au.rs
2013-02-06 19:07:09 997938D423CE830161CB6059434E3C9F 45568 ----a-w- C:\Windows\Sysnative\oflc-nz.rs
2013-02-06 19:07:09 6D540AF9B183FC97DC4CC54369561548 20480 ----a-w- C:\Windows\Sysnative\pegi-pt.rs
2013-02-06 19:07:09 661AE5EAC62C4598DD01795CEB915BAE 20480 ----a-w- C:\Windows\Sysnative\pegi.rs
2013-02-06 19:07:09 65A8302C7551CFE45FAA2BC085C9E7E2 15360 ----a-w- C:\Windows\Sysnative\djctq.rs
2013-02-06 19:07:09 5C48A43FC30FC61ECB1335DC646686BC 30720 ----a-w- C:\Windows\Sysnative\usk.rs
2013-02-06 19:07:09 54B11BB2AFBC3D5EBA9C96F0C1820B9B 46592 ----a-w- C:\Windows\Sysnative\fpb.rs
2013-02-06 19:07:09 4489D5D2CB4BA0799F3FB4625DE181CF 21504 ----a-w- C:\Windows\Sysnative\grb.rs
2013-02-06 19:07:09 2BCBA6052374959A30BD7948444DBB79 2746368 ----a-w- C:\Windows\Sysnative\gameux.dll
2013-02-06 19:07:09 027675ED9B34EE1B91505C3B8752649F 441856 ----a-w- C:\Windows\Sysnative\Wpc.dll
2013-02-06 19:07:08 D0C01412FBF59C1C25630C49F0C1B803 55296 ----a-w- C:\Windows\Sysnative\cero.rs
2013-02-06 19:07:08 9BB05674E013C35F4DAED51F5015355D 20480 ----a-w- C:\Windows\Sysnative\pegi-fi.rs
2013-02-06 19:07:08 51D25C805A01A2C4F930F9720CF51FFE 51712 ----a-w- C:\Windows\Sysnative\esrb.rs
2013-02-06 19:07:08 4773EB5962548068547214A620E9ACC3 23552 ----a-w- C:\Windows\Sysnative\oflc.rs
2013-02-06 19:07:01 3D2D108E14AD21889A2621B94C80A3DD 2048 ----a-w- C:\Windows\Sysnative\tzres.dll
2013-02-06 19:06:58 A0D1C0E813A7C6E17C029375AC2ACE18 5562736 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2013-02-06 19:06:57 494935A017905BEBDAA56490FCAF683B 14175232 ----a-w- C:\Windows\Sysnative\shell32.dll
2013-02-06 19:06:55 A236B1646E96AB06BE0F8D592B6D9A0D 245760 ----a-w- C:\Windows\Sysnative\OxpsConverter.exe
2013-02-06 19:06:51 1573C45E65DE32B1BC3572634F8F1E8E 340992 ----a-w- C:\Windows\Sysnative\schannel.dll
2013-02-06 19:06:50 5864633FED2156AF701B99AFDF2683F9 3217408 ----a-w- C:\Windows\Sysnative\msi.dll
2013-02-06 19:06:48 E63C7FE43F390A2756D36B255F2C003F 226816 ----a-w- C:\Windows\Sysnative\dhcpcore6.dll
2013-02-06 19:06:48 E0B0E0BDE6508E5D27715E0F4C3F5079 55296 ----a-w- C:\Windows\Sysnative\dhcpcsvc6.dll
2013-02-06 19:06:48 3F221A7E3123773EE8F1DB200CDDB39E 318976 ----a-w- C:\Windows\Sysnative\dhcpcore.dll
2013-02-06 19:06:43 1FEB1694B13247A451B274E114AFAC45 1133568 ----a-w- C:\Windows\Sysnative\cdosys.dll
2013-02-06 19:06:42 79726C7D4E361AC1CE437316CC04AF58 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2013-02-06 19:06:40 5D57DAE7BB47FA2393084F68818749EB 1031680 ----a-w- C:\Windows\Sysnative\rdpcore.dll
2013-02-06 19:06:39 6F6D6B434A77124BD4BE085712DFE15E 755712 ----a-w- C:\Windows\Sysnative\win32spl.dll
2013-02-06 19:06:32 99B91C5D2FCEF218CAD3600ECB62A799 2002432 ----a-w- C:\Windows\Sysnative\msxml6.dll
2013-02-06 19:06:31 77F738FA45B7FC58290F1E2B0D04CC45 1879552 ----a-w- C:\Windows\Sysnative\msxml3.dll
2013-02-06 19:06:27 F28D6538F76DC6ECFABF6176DBDD2664 142336 ----a-w- C:\Windows\Sysnative\poqexec.exe
2013-02-06 19:06:22 C672AE7957256A51E4F4A0B16CFB8CDC 3152384 ----a-w- C:\Windows\Sysnative\win32k.sys
2013-02-06 19:06:21 E97BDB9B2A3D4A2EFAF320D9C0AF7002 1544704 ----a-w- C:\Windows\Sysnative\DWrite.dll
2013-02-06 19:06:18 AA06902362B1422D7A7DA7061E07C624 220160 ----a-w- C:\Windows\Sysnative\wintrust.dll
2013-02-06 19:06:17 EEEA40F0EDB0A6E5359E539E15D0BC77 73216 ----a-w- C:\Windows\Sysnative\netapi32.dll
2013-02-06 19:06:17 05F5A0D14A2EE1D8255C2AA0E9E8E694 136704 ----a-w- C:\Windows\Sysnative\browser.dll
2013-02-06 19:06:17 012787CEB35505EB78DF82E0A0072888 59392 ----a-w- C:\Windows\Sysnative\browcli.dll
2013-02-06 19:06:14 5CBC20E15923025997C2253A7DD5193F 212480 ----a-w- C:\Windows\Sysnative\profsvc.dll
2013-02-06 19:06:12 E4ACCC7927A1478DF636534864E03666 801280 ----a-w- C:\Windows\Sysnative\usp10.dll
2013-02-06 19:06:11 C34C6E1D0D469D737321F2EDCBE9BE6B 9216 ----a-w- C:\Windows\Sysnative\rdrmemptylst.exe
2013-02-06 19:06:11 6B7FBD65632F45FA52B23F788D71DF96 77312 ----a-w- C:\Windows\Sysnative\rdpwsx.dll
2013-02-06 19:06:11 50383C6280B31995D25C2662807709E4 149504 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll
2013-02-06 19:06:08 B8E693C547A15DEEF116D70985F7CC94 1112064 ----a-w- C:\Windows\Sysnative\rdpcorets.dll
2013-02-06 19:06:08 AD976778C4B92F9EC4842295974E9BD9 574464 ----a-w- C:\Windows\Sysnative\d3d10level9.dll
2013-02-06 19:06:07 E5A7D4E652D61D56FF015735F50567AD 716800 ----a-w- C:\Windows\Sysnative\kerberos.dll
2013-02-06 19:06:07 374CE9DAB2F0CB173B8FCF3AB8DB5D1B 478208 ----a-w- C:\Windows\Sysnative\dpnet.dll
2013-02-06 19:06:06 8699D17DFCFCD327784034DB6BD3A422 95744 ----a-w- C:\Windows\Sysnative\synceng.dll
2013-02-06 19:06:06 639774C9ACD063F028F6084ABF5593AD 68608 ----a-w- C:\Windows\Sysnative\taskhost.exe
2013-02-06 19:06:05 D5164131D596A070FF9C82BC4A488F1F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll
2013-02-06 19:06:02 954A25A7A9A5088602642F89EC0815ED 956416 ----a-w- C:\Windows\Sysnative\localspl.dll
2013-02-06 19:05:58 D3B5A88819F7B1D981ADCA3D95283D3A 1465344 ----a-w- C:\Windows\Sysnative\crypt32.dll
2013-02-06 19:05:57 A62114C4FCA2848B413BB7B6C690AF5C 140288 ----a-w- C:\Windows\Sysnative\cryptnet.dll
2013-02-06 19:05:57 7E7D2DACF65D750D466F36BD3D09AE20 186880 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
2013-02-06 19:01:10 B9D7A4858CF32A6A15D2763F1DE47E0E 559616 ----a-w- C:\Windows\Sysnative\spoolsv.exe
====== C:\Windows\Sysnative\drivers =====
2013-02-09 11:30:20 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
2013-02-06 19:19:42 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-02-06 19:19:41 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\Sysnative\drivers\WdfLdr.sys
2013-02-06 19:19:41 442783E2CB0DA19873B7A63833FF4CB4 785512 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2013-02-06 19:10:27 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys
2013-02-06 19:10:27 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys
2013-02-06 19:10:26 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-02-06 19:09:13 6BD9295CC032DD3077C671FCCF579A7B 23408 ----a-w- C:\Windows\Sysnative\drivers\fs_rec.sys
2013-02-06 19:07:13 FE80B66D2EEA1DA139516A19C04436B4 376688 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2013-02-06 19:07:13 D5707FC2300AA5B04B7BFE86D40C0133 1902472 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2013-02-06 19:07:13 31EE9F3E116A646B0D74527EAD207DF8 288648 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2013-02-06 19:07:13 1B16D0BD9841794A6E0CDE0CEF744ABC 45568 ----a-w- C:\Windows\Sysnative\drivers\tcpipreg.sys
2013-02-06 19:06:51 9AC4F97C2D3E93367E2148EA940CD2CD 458704 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2013-02-06 19:06:51 26C43A7C2862447EC59DEDA188D1DA07 151920 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2013-02-06 19:06:50 97A7070AEA4C058B6418519E869A63B4 95600 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2013-02-06 19:06:40 51C5ECEB1CDEE2468A1748BE550CFBC8 23552 ----a-w- C:\Windows\Sysnative\drivers\tdtcp.sys
2013-02-06 19:06:26 B2746D84DDF68D09B41B72DF745CCBA6 1687408 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
2013-02-06 19:06:18 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys
2013-02-06 19:06:17 FDD71F94CD5580E4C1D16F96EF6C2856 41472 ----a-w- C:\Windows\Sysnative\drivers\RNDISMP.sys
2013-02-06 19:06:16 E9766131EEADE40A27DC27D2D68FBA9C 75120 ----a-w- C:\Windows\Sysnative\drivers\partmgr.sys
2013-02-06 19:06:08 1FE9863C6C5CC71E8E7E70F9EFBD30E1 210944 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
======= C: =====
====== C:\Users\Gebruiker\AppData\Roaming ======
2013-02-09 11:30:10 -------- d-----w- C:\users\Gebruiker\AppData\Local\Programs
2013-02-08 11:19:21 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\Melesta
2013-02-06 11:57:47 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\HeroCraft
2013-02-03 20:02:31 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\World-Loom
2013-01-21 17:23:18 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\tor
2013-01-21 17:23:17 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\Yrizi
2013-01-21 17:23:17 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\Azacx
2013-01-21 17:22:51 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\Piezgy
2013-01-21 17:22:51 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\Kezyo
Tool run by Gebruiker on za 09-02-2013 at 13:22:52,81.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Registry Exports ======================
[HKEY_CLASSES_ROOT\.EXE]
@="exefile"
"Content Type"="application/x-msdownload"
[HKEY_CLASSES_ROOT\.EXE\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"
[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,\
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,\
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00
[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"
[HKEY_CLASSES_ROOT\exefile\shell]
[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runas]
"HasLUAShield"=""
[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runasuser]
@="@shell32.dll,-50944"
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"
[HKEY_CLASSES_ROOT\exefile\shell\runasuser\command]
"DelegateExecute"="{ea72d00e-4960-42fa-ba92-7792a7944c1d}"
[HKEY_CLASSES_ROOT\exefile\shellex]
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers]
@="Compatibility"
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\CmdLineExt]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility]
@="{1d27f844-3a1f-4410-85ac-14651078412d}"
[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"
==== Registry Exports x64 ======================
[HKEY_CLASSES_ROOT\.EXE]
@="exefile"
"Content Type"="application/x-msdownload"
[HKEY_CLASSES_ROOT\.EXE\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"
[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,\
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,\
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00
[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"
[HKEY_CLASSES_ROOT\exefile\shell]
[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runas]
"HasLUAShield"=""
[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runasuser]
@="@shell32.dll,-50944"
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"
[HKEY_CLASSES_ROOT\exefile\shell\runasuser\command]
"DelegateExecute"="{ea72d00e-4960-42fa-ba92-7792a7944c1d}"
[HKEY_CLASSES_ROOT\exefile\shellex]
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers]
@="Compatibility"
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\CmdLineExt]
@="{9869EFB4-18E9-11D3-A837-00104B9E30B5}"
[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility]
@="{1d27f844-3a1f-4410-85ac-14651078412d}"
[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2013-02-06 19:01:09 F4872D16F08BDA4250E97A58F9DAD555 67072 ----a-w- C:\Windows\splwow64.exe
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2013-01-30 23:58:57 F655170EB3DC3CBB3F564077C670A7E1 897448 ----a-w- C:\Users\GEBRUI~1\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
====== C:\Windows\SysWOW64 =====
2013-02-06 19:13:21 ED6F6FBBCDEC95483B7351E23F4FCDF6 110592 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll
2013-02-06 19:13:21 A3FA99A16F10D44EDB7A8C340FA2EE1B 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2013-02-06 19:13:21 90A57CA422923286838AAC7DE2D41B92 118784 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2013-02-06 19:13:21 8E38CE628D4817D949DD31D77A7F21CD 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-02-06 19:13:21 7FA3A810F383588D46220967DE8B64FF 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll
2013-02-06 19:13:21 780E80E5502015EDAEC91DC0A0C96A79 1793024 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2013-02-06 19:13:21 6B036492120E65C0C367DC31D01088A1 74752 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-02-06 19:13:21 4B80D1F847C0658977E1E8051A4DE002 41472 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll
2013-02-06 19:13:21 4266A3230981DD4434C55957F6DD497D 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2013-02-06 19:13:21 35AAE2E841AA1A949775168E119482C9 161792 ----a-w- C:\Windows\SysWOW64\msls31.dll
2013-02-06 19:13:21 1D3EE28BA231CBB9600F5D102EAF4EA7 10752 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe
2013-02-06 19:13:21 0B8FE658BD033EC8B1F6FBC305CC65E7 162304 ----a-w- C:\Windows\SysWOW64\msrating.dll
2013-02-06 19:13:21 0A866897039E42DF8080BE5DD83BC8E0 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll
2013-02-06 19:13:20 F9D038A8C2BDC3AE2548150A7AED0F8A 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll
2013-02-06 19:13:20 F83865A3007357A5E498EB9E3BED273D 31744 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2013-02-06 19:13:20 F0FEFB0B5D25A75D478A4317139D937E 353584 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2013-02-06 19:13:20 EE9D715AF1B928982F417238B9914484 434176 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2013-02-06 19:13:20 EE0AFCEE88098F754212F9069E80A766 86528 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2013-02-06 19:13:20 E290E3FDF645DF29D00D6368B9127E30 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-02-06 19:13:20 DE6652B4B4E9795B53142959FD02A4EB 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2013-02-06 19:13:20 DCFA393FA7F8FFAAE4A4A1F5E3E7CD64 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2013-02-06 19:13:20 DB754FF5F6ADBA2A25EC1B6672D1C91E 163840 ----a-w- C:\Windows\SysWOW64\ieakui.dll
2013-02-06 19:13:20 CA493A92DA9880B6F1A89C3DBD54BA5B 223232 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2013-02-06 19:13:20 C0B8B96D018849FD8CCF15FED84E8782 74240 ----a-w- C:\Windows\SysWOW64\ie4uinit.exe
2013-02-06 19:13:20 9D8D5E1F881DB5CD0E9C59166E7AC422 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2013-02-06 19:13:20 83F5D4B41BB12CE146786E97F6AAD75E 3695416 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat
2013-02-06 19:13:20 802B0229D904E28C1EA9A5274AB457FC 74752 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2013-02-06 19:13:20 7AC9B18F1BE210702DA5E586224B1571 66048 ----a-w- C:\Windows\SysWOW64\icardie.dll
2013-02-06 19:13:20 76EB0222590D5DCD050CF862237F414A 63488 ----a-w- C:\Windows\SysWOW64\tdc.ocx
2013-02-06 19:13:20 76E987D8CF0683337CF165363B6FDFD9 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll
2013-02-06 19:13:20 736D1B28224F9DF8008BE8B0DEDFC9EF 76800 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-02-06 19:13:20 6B4701D3D9724812E8C3801E7BF87157 23552 ----a-w- C:\Windows\SysWOW64\licmgr10.dll
2013-02-06 19:13:20 68563AC389F92EE79F1C714288BA1DCE 35840 ----a-w- C:\Windows\SysWOW64\imgutil.dll
2013-02-06 19:13:20 67BC2BA6F94D2D0C51213691FBFEEBB1 152064 ----a-w- C:\Windows\SysWOW64\wextract.exe
2013-02-06 19:13:20 60B4F624BB87A3B21D3EC68F38DA6B61 78848 ----a-w- C:\Windows\SysWOW64\inseng.dll
2013-02-06 19:13:20 5B37190F79F5D63C1033ED88C006080C 123392 ----a-w- C:\Windows\SysWOW64\occache.dll
2013-02-06 19:13:20 5466DCAEF5A648E04D1B6580F2C901B5 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2013-02-06 19:13:20 543BBE783E2CA0D58E1981BD75483BAD 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2013-02-06 19:13:20 51AF0A12CD86E22E1A027C38CC021AC6 150528 ----a-w- C:\Windows\SysWOW64\iexpress.exe
2013-02-06 19:13:20 5193DE33F3284C447E0D31DAFBF92570 203776 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2013-02-06 19:13:20 4B333D3CC96AE66BD754329FD2989EE2 72822 ----a-w- C:\Windows\SysWOW64\ieuinit.inf
2013-02-06 19:13:20 49729570B7FD369BBDEC16D7683324A0 227840 ----a-w- C:\Windows\SysWOW64\ieaksie.dll
2013-02-06 19:13:20 4312DEBDACBE338F0B90E7F08E7672BE 353792 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2013-02-06 19:13:20 4071D132E66ACDA3776F1FEAD19E6E01 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2013-02-06 19:13:20 3F7A8BCF37433A69CEEDE1E6AEE79784 101888 ----a-w- C:\Windows\SysWOW64\admparse.dll
2013-02-06 19:13:20 31B0448CC0694378106582F46D0D07E4 231936 ----a-w- C:\Windows\SysWOW64\url.dll
2013-02-06 19:13:20 1E7094AFAD0C369DD6D400C7047E4AB2 130560 ----a-w- C:\Windows\SysWOW64\ieakeng.dll
2013-02-06 19:13:20 09C9E7F477FB225FDB3B6DE8FED0AA9B 367104 ----a-w- C:\Windows\SysWOW64\html.iec
2013-02-06 19:13:20 07F649CD36F266BBE33B814FA678AA43 12320256 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2013-02-06 19:13:20 061CBB1058A10C0875D18CAFF835AE97 11776 ----a-w- C:\Windows\SysWOW64\mshta.exe
2013-02-06 19:13:20 04A8B2F67825380BC0C7C46D56776133 54272 ----a-w- C:\Windows\SysWOW64\pngfilt.dll
2013-02-06 19:10:58 D144A13DA2D98F454062F106DD47456A 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll
2013-02-06 19:10:58 22DC14043E0407A79DEB5E80926AEB40 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2013-02-06 19:10:58 18482E1819DB232062389A729CEEFBC3 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2013-02-06 19:09:13 B2DB6ABA2E292235749B80A9C3DFA867 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll
2013-02-06 19:09:13 907281ED4AD35D41B29FFDC211EBAD80 5120 ----a-w- C:\Windows\SysWOW64\wmi.dll
2013-02-06 19:08:20 1153AC6E133AA849853DFD407B086B80 420064 ----a-w- C:\Windows\SysWOW64\locale.nls
2013-02-06 19:08:19 EC10F0E7278272E392190292DD6324E0 275456 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2013-02-06 19:08:19 EAB15EA7F0897A468B3A2127C1FD2BFA 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2013-02-06 19:08:19 B0BA990781210836135C0ABC680A7448 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2013-02-06 19:08:19 B0404E8D7911552D8559C03CDD5DFBEC 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2013-02-06 19:08:19 9CC2571E3646B9A24296AD7ADCC71682 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2013-02-06 19:08:19 9BDC6304A6CF27B0A5A0FABCA56489D9 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2013-02-06 19:08:19 859085B54E35BE90BDB110FD229E671C 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2013-02-06 19:07:13 5FF9F07B268E5D5A1C321C3CF5C2CB9B 175104 ----a-w- C:\Windows\SysWOW64\netcorehc.dll
2013-02-06 19:07:13 4DB684167C3B220B556ECD0640715769 18944 ----a-w- C:\Windows\SysWOW64\netevent.dll
2013-02-06 19:07:13 140D9F911182357626165EA0BEB98C4F 156672 ----a-w- C:\Windows\SysWOW64\ncsi.dll
2013-02-06 19:07:09 ED59143843560B5EDB543C2A48CB9E4B 45568 ----a-w- C:\Windows\SysWOW64\oflc-nz.rs
2013-02-06 19:07:09 A704E750245D5D4EE4A23E99A00F27D5 46592 ----a-w- C:\Windows\SysWOW64\fpb.rs
2013-02-06 19:07:09 A067A19A91C2AA0198F9BD01A5CEF5C6 21504 ----a-w- C:\Windows\SysWOW64\grb.rs
2013-02-06 19:07:09 9EDCFA23CC081E38C86CA309D0F7E3DC 30720 ----a-w- C:\Windows\SysWOW64\usk.rs
2013-02-06 19:07:09 9B7D7F4D1F79E8B7D727BE94B1630D59 44544 ----a-w- C:\Windows\SysWOW64\pegibbfc.rs
2013-02-06 19:07:09 6EC618588447B82EA8D88719EE46F725 43520 ----a-w- C:\Windows\SysWOW64\csrr.rs
2013-02-06 19:07:09 64E211E0FDFCE4D186DF58BB7D0503BC 2576384 ----a-w- C:\Windows\SysWOW64\gameux.dll
2013-02-06 19:07:09 5109C45498BC709C8A7E016D5FFCCAC2 20480 ----a-w- C:\Windows\SysWOW64\pegi.rs
2013-02-06 19:07:09 4F5C56DBF076D5BBB1D22B37BF281396 20480 ----a-w- C:\Windows\SysWOW64\pegi-pt.rs
2013-02-06 19:07:09 43C9CF6825CEA58F1815B7C3DBBB385C 308736 ----a-w- C:\Windows\SysWOW64\Wpc.dll
2013-02-06 19:07:09 41CE7975CAD7BCF92538D2C452239523 40960 ----a-w- C:\Windows\SysWOW64\cob-au.rs
2013-02-06 19:07:09 27828AAA24AA46F11036954ADE355C1C 15360 ----a-w- C:\Windows\SysWOW64\djctq.rs
2013-02-06 19:07:08 DDD1C4AB9A9DAE6D4092C4C95E714650 51712 ----a-w- C:\Windows\SysWOW64\esrb.rs
2013-02-06 19:07:08 CBC69A055EF410CBD65593E4808B6DB4 23552 ----a-w- C:\Windows\SysWOW64\oflc.rs
2013-02-06 19:07:08 7752619457598CF057C4CC02A0867029 55296 ----a-w- C:\Windows\SysWOW64\cero.rs
2013-02-06 19:07:08 72035C97983745E742D71E9A8EF70BBB 20480 ----a-w- C:\Windows\SysWOW64\pegi-fi.rs
2013-02-06 19:07:01 B39B8CC163C41B12FE83E777199F3378 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
2013-02-06 19:06:58 770FEEA2823E463D68E170D7EA6FAEBA 3972464 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2013-02-06 19:06:58 5355A85D26EECFA3A68B1F55B0C59A20 3917168 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2013-02-06 19:06:56 D0961EA39C6472D9D27922ECE168808E 12874752 ----a-w- C:\Windows\SysWOW64\shell32.dll
2013-02-06 19:06:50 F93674263F6B07C77956E966953242D9 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2013-02-06 19:06:50 EDA7AD21DF8945528F01F0A86D69E524 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2013-02-06 19:06:50 3D3CBD1847F980FB03343A63671E7886 225280 ----a-w- C:\Windows\SysWOW64\schannel.dll
2013-02-06 19:06:49 EBD1AAA3612A3E37C616A057FD5F252C 2342912 ----a-w- C:\Windows\SysWOW64\msi.dll
2013-02-06 19:06:48 CCC588EF05A020C2CFABDB0523ED0AD9 195072 ----a-w- C:\Windows\SysWOW64\dhcpcore6.dll
2013-02-06 19:06:48 3230D18B564A6CD6D4B3451A6CA9ABEF 44032 ----a-w- C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-02-06 19:06:48 200C848129182E15A1E39E617DE4A054 257024 ----a-w- C:\Windows\SysWOW64\dhcpcore.dll
2013-02-06 19:06:44 3B7C1A53047FF6ACEFD9BA6E281DEBB7 805376 ----a-w- C:\Windows\SysWOW64\cdosys.dll
2013-02-06 19:06:42 C9DEA5A2B7A56C78879E0A07F423466E 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2013-02-06 19:06:40 57A5B9B0E4A668ADEAA38EC891AD2611 826880 ----a-w- C:\Windows\SysWOW64\rdpcore.dll
2013-02-06 19:06:39 7777D040440755FD93A70A319D6C2EB3 496128 ----a-w- C:\Windows\SysWOW64\win32spl.dll
2013-02-06 19:06:31 EAADD6E47ED2A7003ACE1793B98CF63F 1389568 ----a-w- C:\Windows\SysWOW64\msxml6.dll
2013-02-06 19:06:31 A067502DE2EC567CF90F24621211F4E3 1236480 ----a-w- C:\Windows\SysWOW64\msxml3.dll
2013-02-06 19:06:27 20104EA66332D24D7C65BBB087C56737 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe
2013-02-06 19:06:21 7D620B543F8FCCDDB1B07E2474A43E59 1077248 ----a-w- C:\Windows\SysWOW64\DWrite.dll
2013-02-06 19:06:18 17448AF0BBA9E7AB5EC955AF93F271BD 172544 ----a-w- C:\Windows\SysWOW64\wintrust.dll
2013-02-06 19:06:17 72910F1DEB838E6E08A9017BFB7D4F0B 41984 ----a-w- C:\Windows\SysWOW64\browcli.dll
2013-02-06 19:06:17 2FCA0D2C59A855C54BAFA22AA329DF0F 57344 ----a-w- C:\Windows\SysWOW64\netapi32.dll
2013-02-06 19:06:12 CA68408922B02E8D955A2967C7CBF8CE 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll
2013-02-06 19:06:08 54AF46DC37E63E1E85EB619033953309 490496 ----a-w- C:\Windows\SysWOW64\d3d10level9.dll
2013-02-06 19:06:07 D68258881C7849A7F4E4FCFE7CA0060F 543232 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2013-02-06 19:06:06 D23E615E0969AECC1134E372B0B295D1 78336 ----a-w- C:\Windows\SysWOW64\synceng.dll
2013-02-06 19:06:06 310F6F492A3B4B1020ED9BF9CCBBE6B6 376832 ----a-w- C:\Windows\SysWOW64\dpnet.dll
2013-02-06 19:06:05 A81331D7EB6C5D1F7B1E4E4FC15F3EC0 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2013-02-06 19:05:57 49BF8127A57231C6B2F6ADB17D543695 1160192 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2013-02-06 19:05:57 195315BDF59DC945E187C79780D2167C 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
2013-02-06 19:05:57 063DD65889D21035311463337BD268E7 142336 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2013-02-06 16:32:09 F78A65AADC6590943371DC606D1746A6 95648 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-02-06 19:19:41 51DFBD18A435BAEC1F71A692373ECE4F 9728 ----a-w- C:\Windows\Sysnative\Wdfres.dll
2013-02-06 19:14:08 85D6E8F735865B502D65D1D91A79E3F3 294912 ----a-w- C:\Windows\Sysnative\browserchoice.exe
2013-02-06 19:13:19 FD2031A7D5BBB95DC8A763D20B352A46 49664 ----a-w- C:\Windows\Sysnative\imgutil.dll
2013-02-06 19:13:19 F65BDB76207B49529268485AAE20AE34 267776 ----a-w- C:\Windows\Sysnative\ieaksie.dll
2013-02-06 19:13:19 EF303F9DEB696ABEA92F4A3BE6848C62 55296 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll
2013-02-06 19:13:19 E49EC15EFFC9F01298093DBD7E0A31AF 12288 ----a-w- C:\Windows\Sysnative\mshta.exe
2013-02-06 19:13:19 DA9648200FC010A6DF004FAC8A775FD9 10752 ----a-w- C:\Windows\Sysnative\msfeedssync.exe
2013-02-06 19:13:19 D6A99F26E31C9F15D8D8CC42FFE6D16B 452608 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2013-02-06 19:13:19 CFF3C4ABDCC5356B0674743BDF0FB674 17811968 ----a-w- C:\Windows\Sysnative\mshtml.dll
2013-02-06 19:13:19 C71E7ABB1A34E56CE73AE117C8DD566F 10925568 ----a-w- C:\Windows\Sysnative\ieframe.dll
2013-02-06 19:13:19 BD107CF53FA7142B4F06D6D71AFEB131 160256 ----a-w- C:\Windows\Sysnative\ieakeng.dll
2013-02-06 19:13:19 A3287F8EB6182FB060C818524C7D6A63 282112 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2013-02-06 19:13:19 A0F52880DDD164F968BE903C1FECD27E 2144768 ----a-w- C:\Windows\Sysnative\iertutil.dll
2013-02-06 19:13:19 A0C2D990ECD88630C159FD5A6700A6A5 197120 ----a-w- C:\Windows\Sysnative\msrating.dll
2013-02-06 19:13:19 9568BB33BBAD356EDD6CDE988E570523 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll
2013-02-06 19:13:19 94E2790F0F0BA0249EEA0EA745863A7B 91648 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe
2013-02-06 19:13:19 91F935162A73D667105203EF7ABA76E1 448512 ----a-w- C:\Windows\Sysnative\html.iec
2013-02-06 19:13:19 8EADA158D964E3FD1999AD96C9C507FF 534528 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2013-02-06 19:13:19 84827B0DCC0A535DB6CB0FC2FADFE38E 149504 ----a-w- C:\Windows\Sysnative\occache.dll
2013-02-06 19:13:19 83F5D4B41BB12CE146786E97F6AAD75E 3695416 ----a-w- C:\Windows\Sysnative\ieapfltr.dat
2013-02-06 19:13:19 82A4DB52E9C75A794EADCD510F6CDA65 111616 ----a-w- C:\Windows\Sysnative\iesysprep.dll
2013-02-06 19:13:19 7FCAB194F01E3403C300EB034E480B36 222208 ----a-w- C:\Windows\Sysnative\msls31.dll
2013-02-06 19:13:19 79F3FC1CF5AAC69BC6FB14521D6A3880 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2013-02-06 19:13:19 6B6A8ADF9892E76F59E3B17D01E29673 135168 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll
2013-02-06 19:13:19 673A1369C77B7A405B97A619848F6757 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2013-02-06 19:13:19 61E2B58F88F42BA4C808C7099EBE0BBA 76800 ----a-w- C:\Windows\Sysnative\tdc.ocx
2013-02-06 19:13:19 5121DB613E10A46A3C5085B479026AA7 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll
2013-02-06 19:13:19 50EF8F8DF559B7C5E72404F4B184FF17 163840 ----a-w- C:\Windows\Sysnative\ieakui.dll
2013-02-06 19:13:19 40E9C38018D1454E8F4308F2907A5A35 89088 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
2013-02-06 19:13:19 31525BC38F219E3E17D8AF11DA0FAE3E 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2013-02-06 19:13:19 2F31597DA72FE328E1F7FEBF8548759C 65024 ----a-w- C:\Windows\Sysnative\pngfilt.dll
2013-02-06 19:13:19 2984F4F93BB733CAAAB3F5BD33C4D457 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll
2013-02-06 19:13:19 1DBA462CF92D890D8F8E6472E7E8B4B4 1346048 ----a-w- C:\Windows\Sysnative\urlmon.dll
2013-02-06 19:13:19 18E10F42E7492151D279AC29622037B8 145920 ----a-w- C:\Windows\Sysnative\iepeers.dll
2013-02-06 19:13:19 141D3A9144344E5C37790F27EFE82683 114176 ----a-w- C:\Windows\Sysnative\admparse.dll
2013-02-06 19:13:19 08D0F87AA3F6DF47658E9ACD4D082027 248320 ----a-w- C:\Windows\Sysnative\ieui.dll
2013-02-06 19:13:19 046AD878F246D3801B719700B543A6EE 816640 ----a-w- C:\Windows\Sysnative\jscript.dll
2013-02-06 19:13:18 FD126186C7434D5214093A4A87A0D63F 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2013-02-06 19:13:18 D869ACB7C3DA1B823765DB3CBE2E3DD4 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2013-02-06 19:13:18 D7CEAEDD5F75D2C8A2E80887D7C114CE 249344 ----a-w- C:\Windows\Sysnative\webcheck.dll
2013-02-06 19:13:18 C3E98C42EDF7EF237A4BAB91FEAC7426 403248 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2013-02-06 19:13:18 B69A23F486D1687ACC36A6F4D9A217E2 103936 ----a-w- C:\Windows\Sysnative\inseng.dll
2013-02-06 19:13:18 B519848DFA30AE2B306576B51321D102 89088 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2013-02-06 19:13:18 93202ED0B473A8FEDFD9F5E668BE72ED 85504 ----a-w- C:\Windows\Sysnative\iesetup.dll
2013-02-06 19:13:18 778004F92FF1D92C327857250E9E9482 82432 ----a-w- C:\Windows\Sysnative\icardie.dll
2013-02-06 19:13:18 71E07C0950BB9F4450DD2DE59D77F603 165888 ----a-w- C:\Windows\Sysnative\iexpress.exe
2013-02-06 19:13:18 6E6602DE23AB3776007702FC9540E8E9 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll
2013-02-06 19:13:18 57569625CEB5989116C5BE70B77C29ED 160256 ----a-w- C:\Windows\Sysnative\wextract.exe
2013-02-06 19:13:18 56336BB69172A2CEE15B2491DB4C70C1 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2013-02-06 19:13:18 4B333D3CC96AE66BD754329FD2989EE2 72822 ----a-w- C:\Windows\Sysnative\ieuinit.inf
2013-02-06 19:13:18 478FDA5AB59331259538FB7B02026836 237056 ----a-w- C:\Windows\Sysnative\url.dll
2013-02-06 19:13:18 351DF61EF64D77C57A4B68C663E7279D 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
2013-02-06 19:13:18 1E2DD319BE9731A01CF0642D5B22714B 30720 ----a-w- C:\Windows\Sysnative\licmgr10.dll
2013-02-06 19:10:58 E59B615DE916273EEE72F643F97D7600 367616 ----a-w- C:\Windows\Sysnative\atmfd.dll
2013-02-06 19:10:58 AC298E820F444049A4C9AC64C1775B87 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll
2013-02-06 19:10:58 201FD2520C8DE44177BBA5161A263F68 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll
2013-02-06 19:10:27 B20F051B03A966392364C83F009F7D17 84992 ----a-w- C:\Windows\Sysnative\WUDFSvc.dll
2013-02-06 19:10:27 B1DF2D87DC8BF6072699AC8301B37796 194048 ----a-w- C:\Windows\Sysnative\WUDFPlatform.dll
2013-02-06 19:10:26 F1617F1014D51987D517A4C37A7C733B 45056 ----a-w- C:\Windows\Sysnative\WUDFCoinstaller.dll
2013-02-06 19:10:26 8ABFE00F213F2571498F1B8FD7939A98 229888 ----a-w- C:\Windows\Sysnative\WUDFHost.exe
2013-02-06 19:10:26 25AE683DCB4AE7E6F1B193A0CB9DB35F 744448 ----a-w- C:\Windows\Sysnative\WUDFx.dll
2013-02-06 19:09:13 C00DB14550E4BD49737F311C644E45FF 5120 ----a-w- C:\Windows\Sysnative\wmi.dll
2013-02-06 19:09:13 A1BE6A720D02E37F72E9CD89AE9CB3CF 81408 ----a-w- C:\Windows\Sysnative\imagehlp.dll
2013-02-06 19:08:20 1153AC6E133AA849853DFD407B086B80 420064 ----a-w- C:\Windows\Sysnative\locale.nls
2013-02-06 19:08:18 5FDE812D5609D724F902334368641B54 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll
2013-02-06 19:08:18 49A5AB4CC7856EFD83F55280E59043DC 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll
2013-02-06 19:08:18 25001506679B7A73C24F261F5EA7C859 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll
2013-02-06 19:08:18 0EC4A4C2595F23CE844A34B27464D715 243200 ----a-w- C:\Windows\Sysnative\wow64.dll
2013-02-06 19:08:17 C2B1F6196C7FE1EA1BF827312B095D06 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll
2013-02-06 19:08:17 B3BEA6420D482356E53B7C728E05C637 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll
2013-02-06 19:08:17 B19B30E594EE374C69F71DAD26198400 338432 ----a-w- C:\Windows\Sysnative\conhost.exe
2013-02-06 19:08:17 6072F9B801FD361ABCDD2A2C6D39D106 424448 ----a-w- C:\Windows\Sysnative\KernelBase.dll
2013-02-06 19:07:13 E7A16F71BA02F3AB9D549F226559266E 246272 ----a-w- C:\Windows\Sysnative\netcorehc.dll
2013-02-06 19:07:13 D4FAC263861BAE06971C7F7D0A8EBF15 216576 ----a-w- C:\Windows\Sysnative\ncsi.dll
2013-02-06 19:07:13 8AD77806D336673F270DB31645267293 303104 ----a-w- C:\Windows\Sysnative\nlasvc.dll
2013-02-06 19:07:13 5BDE9F50E48A6CD28353BAA238CC4A7D 18944 ----a-w- C:\Windows\Sysnative\netevent.dll
2013-02-06 19:07:13 46BB91A169B9B31FF44EB04C48EC1D41 70656 ----a-w- C:\Windows\Sysnative\nlaapi.dll
2013-02-06 19:07:13 4261F21A202746AC207CA9AA863D9FD4 570368 ----a-w- C:\Windows\Sysnative\iphlpsvc.dll
2013-02-06 19:07:09 EBB73E4E8CA01089CF74ECE506EB7607 43520 ----a-w- C:\Windows\Sysnative\csrr.rs
2013-02-06 19:07:09 C4B0793E4B97AA36A2A8C81A7AA1979A 44544 ----a-w- C:\Windows\Sysnative\pegibbfc.rs
2013-02-06 19:07:09 A2E0F1E01A0983E9C94565BBEC862BF7 40960 ----a-w- C:\Windows\Sysnative\cob-au.rs
2013-02-06 19:07:09 997938D423CE830161CB6059434E3C9F 45568 ----a-w- C:\Windows\Sysnative\oflc-nz.rs
2013-02-06 19:07:09 6D540AF9B183FC97DC4CC54369561548 20480 ----a-w- C:\Windows\Sysnative\pegi-pt.rs
2013-02-06 19:07:09 661AE5EAC62C4598DD01795CEB915BAE 20480 ----a-w- C:\Windows\Sysnative\pegi.rs
2013-02-06 19:07:09 65A8302C7551CFE45FAA2BC085C9E7E2 15360 ----a-w- C:\Windows\Sysnative\djctq.rs
2013-02-06 19:07:09 5C48A43FC30FC61ECB1335DC646686BC 30720 ----a-w- C:\Windows\Sysnative\usk.rs
2013-02-06 19:07:09 54B11BB2AFBC3D5EBA9C96F0C1820B9B 46592 ----a-w- C:\Windows\Sysnative\fpb.rs
2013-02-06 19:07:09 4489D5D2CB4BA0799F3FB4625DE181CF 21504 ----a-w- C:\Windows\Sysnative\grb.rs
2013-02-06 19:07:09 2BCBA6052374959A30BD7948444DBB79 2746368 ----a-w- C:\Windows\Sysnative\gameux.dll
2013-02-06 19:07:09 027675ED9B34EE1B91505C3B8752649F 441856 ----a-w- C:\Windows\Sysnative\Wpc.dll
2013-02-06 19:07:08 D0C01412FBF59C1C25630C49F0C1B803 55296 ----a-w- C:\Windows\Sysnative\cero.rs
2013-02-06 19:07:08 9BB05674E013C35F4DAED51F5015355D 20480 ----a-w- C:\Windows\Sysnative\pegi-fi.rs
2013-02-06 19:07:08 51D25C805A01A2C4F930F9720CF51FFE 51712 ----a-w- C:\Windows\Sysnative\esrb.rs
2013-02-06 19:07:08 4773EB5962548068547214A620E9ACC3 23552 ----a-w- C:\Windows\Sysnative\oflc.rs
2013-02-06 19:07:01 3D2D108E14AD21889A2621B94C80A3DD 2048 ----a-w- C:\Windows\Sysnative\tzres.dll
2013-02-06 19:06:58 A0D1C0E813A7C6E17C029375AC2ACE18 5562736 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2013-02-06 19:06:57 494935A017905BEBDAA56490FCAF683B 14175232 ----a-w- C:\Windows\Sysnative\shell32.dll
2013-02-06 19:06:55 A236B1646E96AB06BE0F8D592B6D9A0D 245760 ----a-w- C:\Windows\Sysnative\OxpsConverter.exe
2013-02-06 19:06:51 1573C45E65DE32B1BC3572634F8F1E8E 340992 ----a-w- C:\Windows\Sysnative\schannel.dll
2013-02-06 19:06:50 5864633FED2156AF701B99AFDF2683F9 3217408 ----a-w- C:\Windows\Sysnative\msi.dll
2013-02-06 19:06:48 E63C7FE43F390A2756D36B255F2C003F 226816 ----a-w- C:\Windows\Sysnative\dhcpcore6.dll
2013-02-06 19:06:48 E0B0E0BDE6508E5D27715E0F4C3F5079 55296 ----a-w- C:\Windows\Sysnative\dhcpcsvc6.dll
2013-02-06 19:06:48 3F221A7E3123773EE8F1DB200CDDB39E 318976 ----a-w- C:\Windows\Sysnative\dhcpcore.dll
2013-02-06 19:06:43 1FEB1694B13247A451B274E114AFAC45 1133568 ----a-w- C:\Windows\Sysnative\cdosys.dll
2013-02-06 19:06:42 79726C7D4E361AC1CE437316CC04AF58 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2013-02-06 19:06:40 5D57DAE7BB47FA2393084F68818749EB 1031680 ----a-w- C:\Windows\Sysnative\rdpcore.dll
2013-02-06 19:06:39 6F6D6B434A77124BD4BE085712DFE15E 755712 ----a-w- C:\Windows\Sysnative\win32spl.dll
2013-02-06 19:06:32 99B91C5D2FCEF218CAD3600ECB62A799 2002432 ----a-w- C:\Windows\Sysnative\msxml6.dll
2013-02-06 19:06:31 77F738FA45B7FC58290F1E2B0D04CC45 1879552 ----a-w- C:\Windows\Sysnative\msxml3.dll
2013-02-06 19:06:27 F28D6538F76DC6ECFABF6176DBDD2664 142336 ----a-w- C:\Windows\Sysnative\poqexec.exe
2013-02-06 19:06:22 C672AE7957256A51E4F4A0B16CFB8CDC 3152384 ----a-w- C:\Windows\Sysnative\win32k.sys
2013-02-06 19:06:21 E97BDB9B2A3D4A2EFAF320D9C0AF7002 1544704 ----a-w- C:\Windows\Sysnative\DWrite.dll
2013-02-06 19:06:18 AA06902362B1422D7A7DA7061E07C624 220160 ----a-w- C:\Windows\Sysnative\wintrust.dll
2013-02-06 19:06:17 EEEA40F0EDB0A6E5359E539E15D0BC77 73216 ----a-w- C:\Windows\Sysnative\netapi32.dll
2013-02-06 19:06:17 05F5A0D14A2EE1D8255C2AA0E9E8E694 136704 ----a-w- C:\Windows\Sysnative\browser.dll
2013-02-06 19:06:17 012787CEB35505EB78DF82E0A0072888 59392 ----a-w- C:\Windows\Sysnative\browcli.dll
2013-02-06 19:06:14 5CBC20E15923025997C2253A7DD5193F 212480 ----a-w- C:\Windows\Sysnative\profsvc.dll
2013-02-06 19:06:12 E4ACCC7927A1478DF636534864E03666 801280 ----a-w- C:\Windows\Sysnative\usp10.dll
2013-02-06 19:06:11 C34C6E1D0D469D737321F2EDCBE9BE6B 9216 ----a-w- C:\Windows\Sysnative\rdrmemptylst.exe
2013-02-06 19:06:11 6B7FBD65632F45FA52B23F788D71DF96 77312 ----a-w- C:\Windows\Sysnative\rdpwsx.dll
2013-02-06 19:06:11 50383C6280B31995D25C2662807709E4 149504 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll
2013-02-06 19:06:08 B8E693C547A15DEEF116D70985F7CC94 1112064 ----a-w- C:\Windows\Sysnative\rdpcorets.dll
2013-02-06 19:06:08 AD976778C4B92F9EC4842295974E9BD9 574464 ----a-w- C:\Windows\Sysnative\d3d10level9.dll
2013-02-06 19:06:07 E5A7D4E652D61D56FF015735F50567AD 716800 ----a-w- C:\Windows\Sysnative\kerberos.dll
2013-02-06 19:06:07 374CE9DAB2F0CB173B8FCF3AB8DB5D1B 478208 ----a-w- C:\Windows\Sysnative\dpnet.dll
2013-02-06 19:06:06 8699D17DFCFCD327784034DB6BD3A422 95744 ----a-w- C:\Windows\Sysnative\synceng.dll
2013-02-06 19:06:06 639774C9ACD063F028F6084ABF5593AD 68608 ----a-w- C:\Windows\Sysnative\taskhost.exe
2013-02-06 19:06:05 D5164131D596A070FF9C82BC4A488F1F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll
2013-02-06 19:06:02 954A25A7A9A5088602642F89EC0815ED 956416 ----a-w- C:\Windows\Sysnative\localspl.dll
2013-02-06 19:05:58 D3B5A88819F7B1D981ADCA3D95283D3A 1465344 ----a-w- C:\Windows\Sysnative\crypt32.dll
2013-02-06 19:05:57 A62114C4FCA2848B413BB7B6C690AF5C 140288 ----a-w- C:\Windows\Sysnative\cryptnet.dll
2013-02-06 19:05:57 7E7D2DACF65D750D466F36BD3D09AE20 186880 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
2013-02-06 19:01:10 B9D7A4858CF32A6A15D2763F1DE47E0E 559616 ----a-w- C:\Windows\Sysnative\spoolsv.exe
====== C:\Windows\Sysnative\drivers =====
2013-02-09 11:30:20 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
2013-02-06 19:19:42 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-02-06 19:19:41 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\Sysnative\drivers\WdfLdr.sys
2013-02-06 19:19:41 442783E2CB0DA19873B7A63833FF4CB4 785512 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2013-02-06 19:10:27 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys
2013-02-06 19:10:27 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys
2013-02-06 19:10:26 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-02-06 19:09:13 6BD9295CC032DD3077C671FCCF579A7B 23408 ----a-w- C:\Windows\Sysnative\drivers\fs_rec.sys
2013-02-06 19:07:13 FE80B66D2EEA1DA139516A19C04436B4 376688 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2013-02-06 19:07:13 D5707FC2300AA5B04B7BFE86D40C0133 1902472 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2013-02-06 19:07:13 31EE9F3E116A646B0D74527EAD207DF8 288648 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2013-02-06 19:07:13 1B16D0BD9841794A6E0CDE0CEF744ABC 45568 ----a-w- C:\Windows\Sysnative\drivers\tcpipreg.sys
2013-02-06 19:06:51 9AC4F97C2D3E93367E2148EA940CD2CD 458704 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2013-02-06 19:06:51 26C43A7C2862447EC59DEDA188D1DA07 151920 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2013-02-06 19:06:50 97A7070AEA4C058B6418519E869A63B4 95600 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2013-02-06 19:06:40 51C5ECEB1CDEE2468A1748BE550CFBC8 23552 ----a-w- C:\Windows\Sysnative\drivers\tdtcp.sys
2013-02-06 19:06:26 B2746D84DDF68D09B41B72DF745CCBA6 1687408 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
2013-02-06 19:06:18 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys
2013-02-06 19:06:17 FDD71F94CD5580E4C1D16F96EF6C2856 41472 ----a-w- C:\Windows\Sysnative\drivers\RNDISMP.sys
2013-02-06 19:06:16 E9766131EEADE40A27DC27D2D68FBA9C 75120 ----a-w- C:\Windows\Sysnative\drivers\partmgr.sys
2013-02-06 19:06:08 1FE9863C6C5CC71E8E7E70F9EFBD30E1 210944 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
======= C: =====
====== C:\Users\Gebruiker\AppData\Roaming ======
2013-02-09 11:30:10 -------- d-----w- C:\users\Gebruiker\AppData\Local\Programs
2013-02-08 11:19:21 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\Melesta
2013-02-06 11:57:47 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\HeroCraft
2013-02-03 20:02:31 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\World-Loom
2013-01-21 17:23:18 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\tor
2013-01-21 17:23:17 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\Yrizi
2013-01-21 17:23:17 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\Azacx
2013-01-21 17:22:51 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\Piezgy
2013-01-21 17:22:51 -------- d-----w- C:\users\Gebruiker\AppData\Roaming\Kezyo
10
PC Web Plus - Member
PC Web Plus - Member
====== C:\Users\Gebruiker ======
====== C: exe-files ==
2013-02-09 11:30:02 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A002VT91\mbam-setup-1.70.0.1100.exe
2013-02-06 19:14:08 85D6E8F735865B502D65D1D91A79E3F3 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2013-02-06 19:13:21 825E01EEC25E744FBCFB92F07FF411EE 307200 ----a-w- C:\Program Files (x86)\Internet Explorer\iediagcmd.exe
2013-02-06 19:13:21 73C8D00A87332F2DF0A7CFF87CEE1A82 107008 ----a-w- C:\Program Files (x86)\Internet Explorer\iecleanup.exe
2013-02-06 19:13:21 6B036492120E65C0C367DC31D01088A1 74752 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-02-06 19:13:21 1D3EE28BA231CBB9600F5D102EAF4EA7 10752 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe
2013-02-06 19:13:21 0D286C0FE561D1A7EB30E83A0FF305B2 757296 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2013-02-06 19:13:20 DCFA393FA7F8FFAAE4A4A1F5E3E7CD64 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2013-02-06 19:13:20 C0B8B96D018849FD8CCF15FED84E8782 74240 ----a-w- C:\Windows\SysWOW64\ie4uinit.exe
2013-02-06 19:13:20 A04CEF82046BCF539B33EEF62F0A3825 466432 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2013-02-06 19:13:20 8911702CC546B76FE8F9C61987C68C43 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2013-02-06 19:13:20 736D1B28224F9DF8008BE8B0DEDFC9EF 76800 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-02-06 19:13:20 67BC2BA6F94D2D0C51213691FBFEEBB1 152064 ----a-w- C:\Windows\SysWOW64\wextract.exe
2013-02-06 19:13:20 51AF0A12CD86E22E1A027C38CC021AC6 150528 ----a-w- C:\Windows\SysWOW64\iexpress.exe
2013-02-06 19:13:20 512C7881C3F7836455ADC9EBF0A0B167 22016 ----a-w- C:\Program Files (x86)\Internet Explorer\ExtExport.exe
2013-02-06 19:13:20 061CBB1058A10C0875D18CAFF835AE97 11776 ----a-w- C:\Windows\SysWOW64\mshta.exe
2013-02-06 19:13:19 FD0D2E1FAEBAE5031BE2EB8000D973F1 763424 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-02-06 19:13:19 E49EC15EFFC9F01298093DBD7E0A31AF 12288 ----a-w- C:\Windows\System32\mshta.exe
2013-02-06 19:13:19 DA9648200FC010A6DF004FAC8A775FD9 10752 ----a-w- C:\Windows\System32\msfeedssync.exe
2013-02-06 19:13:19 94E2790F0F0BA0249EEA0EA745863A7B 91648 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe
2013-02-06 19:13:19 673A1369C77B7A405B97A619848F6757 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-06 19:13:19 62D1AFEF89F77F808E023838F9370047 119808 ----a-w- C:\Program Files\Internet Explorer\iecleanup.exe
2013-02-06 19:13:19 530B34241856C2299382421C414F97EE 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2013-02-06 19:13:19 4DBB1710CEFDBFEEE3AB8DCBB2A4085E 480256 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2013-02-06 19:13:19 40E9C38018D1454E8F4308F2907A5A35 89088 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-02-06 19:13:18 B519848DFA30AE2B306576B51321D102 89088 ----a-w- C:\Windows\System32\ie4uinit.exe
2013-02-06 19:13:18 71E07C0950BB9F4450DD2DE59D77F603 165888 ----a-w- C:\Windows\System32\iexpress.exe
2013-02-06 19:13:18 57569625CEB5989116C5BE70B77C29ED 160256 ----a-w- C:\Windows\System32\wextract.exe
2013-02-06 19:10:26 8ABFE00F213F2571498F1B8FD7939A98 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-02-06 19:08:19 B0BA990781210836135C0ABC680A7448 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2013-02-06 19:08:19 B0404E8D7911552D8559C03CDD5DFBEC 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2013-02-06 19:08:19 9BDC6304A6CF27B0A5A0FABCA56489D9 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2013-02-06 19:08:17 B19B30E594EE374C69F71DAD26198400 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-02-06 19:06:58 A0D1C0E813A7C6E17C029375AC2ACE18 5562736 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-06 19:06:58 770FEEA2823E463D68E170D7EA6FAEBA 3972464 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2013-02-06 19:06:58 5355A85D26EECFA3A68B1F55B0C59A20 3917168 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2013-02-06 19:06:55 A236B1646E96AB06BE0F8D592B6D9A0D 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2013-02-06 19:06:27 F28D6538F76DC6ECFABF6176DBDD2664 142336 ----a-w- C:\Windows\System32\poqexec.exe
2013-02-06 19:06:27 20104EA66332D24D7C65BBB087C56737 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe
2013-02-06 19:06:21 C8DE35F71974AFE933E37C910D653E46 2163712 ----a-w- C:\Program Files\Windows Journal\Journal.exe
2013-02-06 19:06:11 C34C6E1D0D469D737321F2EDCBE9BE6B 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2013-02-06 19:06:06 639774C9ACD063F028F6084ABF5593AD 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-02-06 19:05:53 301C66D840537679A68A0D49725CB995 955392 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\GH-GardensInc.exe
2013-02-06 19:05:51 B936F0F378B9A35489353E878154E899 1821192 ----a-w- C:\Users\Gebruiker\Desktop\Airline Baggage Mania\vcredist_x86.exe
2013-02-06 19:05:50 BCBB7C0CD9696068988953990EC5BD11 292184 ----a-w- C:\Users\Gebruiker\Desktop\Airline Baggage Mania\dxwebsetup.exe
2013-02-06 19:05:45 183BF7E8CCEA894319F0D11CED49154A 2672440 ----a-w- C:\Users\Gebruiker\Desktop\Airline Baggage Mania\AirlineBaggageManiaDeluxe.exe
2013-02-06 19:01:10 B9D7A4858CF32A6A15D2763F1DE47E0E 559616 ----a-w- C:\Windows\System32\spoolsv.exe
2013-02-06 19:01:09 F4872D16F08BDA4250E97A58F9DAD555 67072 ----a-w- C:\Windows\splwow64.exe
2013-02-06 16:31:35 B936F0F378B9A35489353E878154E899 1821192 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Airline Baggage Mania\Airline Baggage Mania\vcredist_x86.exe
2013-02-06 16:31:34 BCBB7C0CD9696068988953990EC5BD11 292184 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Airline Baggage Mania\Airline Baggage Mania\dxwebsetup.exe
2013-02-06 16:31:29 183BF7E8CCEA894319F0D11CED49154A 2672440 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Airline Baggage Mania\Airline Baggage Mania\AirlineBaggageManiaDeluxe.exe
2013-02-06 16:25:28 B936F0F378B9A35489353E878154E899 1821192 ----a-w- C:\Users\Gebruiker\Desktop\spellen\Airline Baggage Mania\vcredist_x86.exe
2013-02-06 16:25:26 BCBB7C0CD9696068988953990EC5BD11 292184 ----a-w- C:\Users\Gebruiker\Desktop\spellen\Airline Baggage Mania\dxwebsetup.exe
2013-02-06 16:25:14 183BF7E8CCEA894319F0D11CED49154A 2672440 ----a-w- C:\Users\Gebruiker\Desktop\spellen\Airline Baggage Mania\AirlineBaggageManiaDeluxe.exe
2013-02-06 12:04:34 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe
2013-02-06 12:04:34 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateBroker.exe
2013-02-06 12:04:33 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateSetup.exe
2013-02-06 12:04:29 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
2013-02-06 12:04:29 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
2013-02-06 12:04:29 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdate.exe
2013-02-06 12:04:27 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe
2013-02-06 11:55:02 256B24E584FBE39A9481751D7C98ED0D 3724632 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Een Vies Spelletje [NL [1]\!RnE - 2012.07.25 17.46.49 - READER-Een Vies Spelletje\READER-Een Vies Spelletje\TheMicroBieStory.exe
2013-02-06 11:54:53 31D7661A2F79CC0BF7BB05EBFB62377E 1852760 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Een Vies Spelletje [NL [1]\!RnE - 2012.07.25 17.46.49 - READER-Een Vies Spelletje\READER-Een Vies Spelletje\pmfmnch.exe
2013-02-03 20:01:06 B449A66A70F32835227B907842D1D672 4828016 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\ZY-fiu80.exe
=== C: other files ==
2013-02-09 11:30:20 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-02-06 19:19:41 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-02-06 19:19:41 51DFBD18A435BAEC1F71A692373ECE4F 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-02-06 19:19:41 442783E2CB0DA19873B7A63833FF4CB4 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-02-06 19:13:21 ED6F6FBBCDEC95483B7351E23F4FCDF6 110592 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll
2013-02-06 19:13:21 CCA6A20181B7719B584AEE1DD6542A4E 149552 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-02-06 19:13:21 BC9CE770AB55DC36349517B4E5E74A12 66048 ----a-w- C:\Windows\SysWOW64\migration\WininetPlugin.dll
2013-02-06 19:13:21 A3FA99A16F10D44EDB7A8C340FA2EE1B 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2013-02-06 19:13:21 90A57CA422923286838AAC7DE2D41B92 118784 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2013-02-06 19:13:21 8E38CE628D4817D949DD31D77A7F21CD 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-02-06 19:13:21 7FA3A810F383588D46220967DE8B64FF 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll
2013-02-06 19:13:21 780E80E5502015EDAEC91DC0A0C96A79 1793024 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2013-02-06 19:13:21 6248C55FB0244054035199622FB792D2 149504 ----a-w- C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll
2013-02-06 19:13:21 4B80D1F847C0658977E1E8051A4DE002 41472 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll
2013-02-06 19:13:21 4266A3230981DD4434C55957F6DD497D 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2013-02-06 19:13:21 35AAE2E841AA1A949775168E119482C9 161792 ----a-w- C:\Windows\SysWOW64\msls31.dll
2013-02-06 19:13:21 0B8FE658BD033EC8B1F6FBC305CC65E7 162304 ----a-w- C:\Windows\SysWOW64\msrating.dll
2013-02-06 19:13:21 0A866897039E42DF8080BE5DD83BC8E0 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll
2013-02-06 19:13:20 FFAA209DE84D6D1849DEA6DF7A3F9D2F 104448 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
2013-02-06 19:13:20 F9D038A8C2BDC3AE2548150A7AED0F8A 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll
2013-02-06 19:13:20 F83865A3007357A5E498EB9E3BED273D 31744 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2013-02-06 19:13:20 F0FEFB0B5D25A75D478A4317139D937E 353584 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2013-02-06 19:13:20 EE9D715AF1B928982F417238B9914484 434176 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2013-02-06 19:13:20 EE0AFCEE88098F754212F9069E80A766 86528 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2013-02-06 19:13:20 E290E3FDF645DF29D00D6368B9127E30 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-02-06 19:13:20 DB754FF5F6ADBA2A25EC1B6672D1C91E 163840 ----a-w- C:\Windows\SysWOW64\ieakui.dll
2013-02-06 19:13:20 CA493A92DA9880B6F1A89C3DBD54BA5B 223232 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2013-02-06 19:13:20 802B0229D904E28C1EA9A5274AB457FC 74752 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2013-02-06 19:13:20 7AC9B18F1BE210702DA5E586224B1571 66048 ----a-w- C:\Windows\SysWOW64\icardie.dll
2013-02-06 19:13:20 76E987D8CF0683337CF165363B6FDFD9 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll
2013-02-06 19:13:20 7056A3F5FD9CE6066895DCAA9C32D89B 301056 ----a-w- C:\Program Files (x86)\Internet Explorer\networkinspection.dll
2013-02-06 19:13:20 6B4701D3D9724812E8C3801E7BF87157 23552 ----a-w- C:\Windows\SysWOW64\licmgr10.dll
2013-02-06 19:13:20 68563AC389F92EE79F1C714288BA1DCE 35840 ----a-w- C:\Windows\SysWOW64\imgutil.dll
2013-02-06 19:13:20 63861BA77FFAF9132DEE6211D1B5C1E5 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2013-02-06 19:13:20 631289583481C45C7342EFD57442B738 766976 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll
2013-02-06 19:13:20 62CBF36E3E10BAA74224BC7A6DD998B5 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2013-02-06 19:13:20 60B4F624BB87A3B21D3EC68F38DA6B61 78848 ----a-w- C:\Windows\SysWOW64\inseng.dll
2013-02-06 19:13:20 5B37190F79F5D63C1033ED88C006080C 123392 ----a-w- C:\Windows\SysWOW64\occache.dll
2013-02-06 19:13:20 5466DCAEF5A648E04D1B6580F2C901B5 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2013-02-06 19:13:20 543BBE783E2CA0D58E1981BD75483BAD 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2013-02-06 19:13:20 5193DE33F3284C447E0D31DAFBF92570 203776 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2013-02-06 19:13:20 4C34FD8C56DB38DF6F969AFDDDF4AB83 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2013-02-06 19:13:20 49729570B7FD369BBDEC16D7683324A0 227840 ----a-w- C:\Windows\SysWOW64\ieaksie.dll
2013-02-06 19:13:20 4312DEBDACBE338F0B90E7F08E7672BE 353792 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2013-02-06 19:13:20 4071D132E66ACDA3776F1FEAD19E6E01 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2013-02-06 19:13:20 3F7A8BCF37433A69CEEDE1E6AEE79784 101888 ----a-w- C:\Windows\SysWOW64\admparse.dll
2013-02-06 19:13:20 31B0448CC0694378106582F46D0D07E4 231936 ----a-w- C:\Windows\SysWOW64\url.dll
2013-02-06 19:13:20 1F31900AC922CAD5382FA462D2B17018 49664 ----a-w- C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll
2013-02-06 19:13:20 1E7094AFAD0C369DD6D400C7047E4AB2 130560 ----a-w- C:\Windows\SysWOW64\ieakeng.dll
2013-02-06 19:13:20 1D4127FE151165C5FB9C0EED8701A3D1 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-02-06 19:13:20 07F649CD36F266BBE33B814FA678AA43 12320256 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2013-02-06 19:13:20 04A8B2F67825380BC0C7C46D56776133 54272 ----a-w- C:\Windows\SysWOW64\pngfilt.dll
2013-02-06 19:13:19 FD2031A7D5BBB95DC8A763D20B352A46 49664 ----a-w- C:\Windows\System32\imgutil.dll
2013-02-06 19:13:19 F6DA3D82A7B6FFCEEBADFBEDA796C1A4 140800 ----a-w- C:\Program Files\Internet Explorer\jsdebuggeride.dll
2013-02-06 19:13:19 F65BDB76207B49529268485AAE20AE34 267776 ----a-w- C:\Windows\System32\ieaksie.dll
2013-02-06 19:13:19 EF303F9DEB696ABEA92F4A3BE6848C62 55296 ----a-w- C:\Windows\System32\msfeedsbs.dll
2013-02-06 19:13:19 E73D6F3160CE2FD1D59FF1EF6167DF02 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-06 19:13:19 DC7D3ADCC1F2729514780F611D6590EC 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll
2013-02-06 19:13:19 D6A99F26E31C9F15D8D8CC42FFE6D16B 452608 ----a-w- C:\Windows\System32\dxtmsft.dll
2013-02-06 19:13:19 CFF3C4ABDCC5356B0674743BDF0FB674 17811968 ----a-w- C:\Windows\System32\mshtml.dll
2013-02-06 19:13:19 C71E7ABB1A34E56CE73AE117C8DD566F 10925568 ----a-w- C:\Windows\System32\ieframe.dll
2013-02-06 19:13:19 BD107CF53FA7142B4F06D6D71AFEB131 160256 ----a-w- C:\Windows\System32\ieakeng.dll
2013-02-06 19:13:19 A3287F8EB6182FB060C818524C7D6A63 282112 ----a-w- C:\Windows\System32\dxtrans.dll
2013-02-06 19:13:19 A0F52880DDD164F968BE903C1FECD27E 2144768 ----a-w- C:\Windows\System32\iertutil.dll
2013-02-06 19:13:19 A0C2D990ECD88630C159FD5A6700A6A5 197120 ----a-w- C:\Windows\System32\msrating.dll
2013-02-06 19:13:19 9568BB33BBAD356EDD6CDE988E570523 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-06 19:13:19 9000CC4505B4545F2B51CFD34277B2E2 86528 ----a-w- C:\Windows\System32\migration\WininetPlugin.dll
2013-02-06 19:13:19 8EADA158D964E3FD1999AD96C9C507FF 534528 ----a-w- C:\Windows\System32\ieapfltr.dll
2013-02-06 19:13:19 84827B0DCC0A535DB6CB0FC2FADFE38E 149504 ----a-w- C:\Windows\System32\occache.dll
2013-02-06 19:13:19 82A4DB52E9C75A794EADCD510F6CDA65 111616 ----a-w- C:\Windows\System32\iesysprep.dll
2013-02-06 19:13:19 7FCAB194F01E3403C300EB034E480B36 222208 ----a-w- C:\Windows\System32\msls31.dll
2013-02-06 19:13:19 6B6A8ADF9892E76F59E3B17D01E29673 135168 ----a-w- C:\Windows\System32\IEAdvpack.dll
2013-02-06 19:13:19 6938377454A025812CA346B37962F522 182816 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-02-06 19:13:19 61F66A7C9890D025560F5887D7CD11C3 194560 ----a-w- C:\Program Files\Internet Explorer\jsprofilerui.dll
2013-02-06 19:13:19 5E78D5CAF5917FA1FDC71A80CF0D5234 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2013-02-06 19:13:19 551BBF7720F900C10439665DECE50EC1 537088 ----a-w- C:\Program Files\Internet Explorer\pdm.dll
2013-02-06 19:13:19 5121DB613E10A46A3C5085B479026AA7 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-06 19:13:19 50EF8F8DF559B7C5E72404F4B184FF17 163840 ----a-w- C:\Windows\System32\ieakui.dll
2013-02-06 19:13:19 31525BC38F219E3E17D8AF11DA0FAE3E 85504 ----a-w- C:\Windows\System32\jsproxy.dll
2013-02-06 19:13:19 2F31597DA72FE328E1F7FEBF8548759C 65024 ----a-w- C:\Windows\System32\pngfilt.dll
2013-02-06 19:13:19 2984F4F93BB733CAAAB3F5BD33C4D457 48640 ----a-w- C:\Windows\System32\mshtmler.dll
2013-02-06 19:13:19 1DBA462CF92D890D8F8E6472E7E8B4B4 1346048 ----a-w- C:\Windows\System32\urlmon.dll
2013-02-06 19:13:19 18E10F42E7492151D279AC29622037B8 145920 ----a-w- C:\Windows\System32\iepeers.dll
2013-02-06 19:13:19 141D3A9144344E5C37790F27EFE82683 114176 ----a-w- C:\Windows\System32\admparse.dll
2013-02-06 19:13:19 08D0F87AA3F6DF47658E9ACD4D082027 248320 ----a-w- C:\Windows\System32\ieui.dll
2013-02-06 19:13:19 046AD878F246D3801B719700B543A6EE 816640 ----a-w- C:\Windows\System32\jscript.dll
2013-02-06 19:13:18 D97D9F5C72774550160FD9ECCE0B6B4D 455680 ----a-w- C:\Program Files\Internet Explorer\networkinspection.dll
2013-02-06 19:13:18 D869ACB7C3DA1B823765DB3CBE2E3DD4 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2013-02-06 19:13:18 D7CEAEDD5F75D2C8A2E80887D7C114CE 249344 ----a-w- C:\Windows\System32\webcheck.dll
2013-02-06 19:13:18 C3E98C42EDF7EF237A4BAB91FEAC7426 403248 ----a-w- C:\Windows\System32\iedkcs32.dll
2013-02-06 19:13:18 C1D0691BE5DDB0C230D8370BD96BBE8B 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2013-02-06 19:13:18 B69A23F486D1687ACC36A6F4D9A217E2 103936 ----a-w- C:\Windows\System32\inseng.dll
2013-02-06 19:13:18 93202ED0B473A8FEDFD9F5E668BE72ED 85504 ----a-w- C:\Windows\System32\iesetup.dll
2013-02-06 19:13:18 778004F92FF1D92C327857250E9E9482 82432 ----a-w- C:\Windows\System32\icardie.dll
2013-02-06 19:13:18 6E6602DE23AB3776007702FC9540E8E9 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-06 19:13:18 56336BB69172A2CEE15B2491DB4C70C1 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2013-02-06 19:13:18 478FDA5AB59331259538FB7B02026836 237056 ----a-w- C:\Windows\System32\url.dll
2013-02-06 19:13:18 351DF61EF64D77C57A4B68C663E7279D 39936 ----a-w- C:\Windows\System32\iernonce.dll
2013-02-06 19:13:18 342E1CA601D835713C9083890521C316 66048 ----a-w- C:\Program Files\Internet Explorer\JSProfilerCore.dll
2013-02-06 19:13:18 1E2DD319BE9731A01CF0642D5B22714B 30720 ----a-w- C:\Windows\System32\licmgr10.dll
2013-02-06 19:13:18 04CD7AFC3D66345DE15130D44E1ABC36 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2013-02-06 19:10:58 E59B615DE916273EEE72F643F97D7600 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-02-06 19:10:58 D144A13DA2D98F454062F106DD47456A 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll
2013-02-06 19:10:58 AC298E820F444049A4C9AC64C1775B87 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-02-06 19:10:58 22DC14043E0407A79DEB5E80926AEB40 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2013-02-06 19:10:58 201FD2520C8DE44177BBA5161A263F68 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-02-06 19:10:58 18482E1819DB232062389A729CEEFBC3 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2013-02-06 19:10:27 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-02-06 19:10:27 B20F051B03A966392364C83F009F7D17 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-02-06 19:10:27 B1DF2D87DC8BF6072699AC8301B37796 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-02-06 19:10:27 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-02-06 19:10:26 F1617F1014D51987D517A4C37A7C733B 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-02-06 19:10:26 25AE683DCB4AE7E6F1B193A0CB9DB35F 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-02-06 19:09:13 C00DB14550E4BD49737F311C644E45FF 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-02-06 19:09:13 B2DB6ABA2E292235749B80A9C3DFA867 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll
2013-02-06 19:09:13 A1BE6A720D02E37F72E9CD89AE9CB3CF 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-02-06 19:09:13 907281ED4AD35D41B29FFDC211EBAD80 5120 ----a-w- C:\Windows\SysWOW64\wmi.dll
2013-02-06 19:09:13 6BD9295CC032DD3077C671FCCF579A7B 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-02-06 19:08:19 EC10F0E7278272E392190292DD6324E0 275456 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2013-02-06 19:08:19 EAB15EA7F0897A468B3A2127C1FD2BFA 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2013-02-06 19:08:19 9CC2571E3646B9A24296AD7ADCC71682 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2013-02-06 19:08:19 859085B54E35BE90BDB110FD229E671C 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2013-02-06 19:08:19 69164383EACC5A2F96DFD2CA217C346F 44032 ----a-w- C:\Windows\AppPatch\acwow64.dll
2013-02-06 19:08:18 5FDE812D5609D724F902334368641B54 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-02-06 19:08:18 49A5AB4CC7856EFD83F55280E59043DC 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-02-06 19:08:18 25001506679B7A73C24F261F5EA7C859 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-02-06 19:08:18 0EC4A4C2595F23CE844A34B27464D715 243200 ----a-w- C:\Windows\System32\wow64.dll
2013-02-06 19:08:17 C2B1F6196C7FE1EA1BF827312B095D06 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-06 19:08:17 B3BEA6420D482356E53B7C728E05C637 1163264 ----a-w- C:\Windows\System32\kernel32.dll
2013-02-06 19:08:17 6072F9B801FD361ABCDD2A2C6D39D106 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-02-06 19:07:35 B113791FD29603AB468EC69285D4090A 135168 ----a-w- C:\Windows\AppPatch\AppPatch64\AcXtrnal.dll
2013-02-06 19:07:35 96C70BD48D49B87475F4572DEDC62EB9 561664 ----a-w- C:\Windows\AppPatch\AcLayers.dll
2013-02-06 19:07:35 3306930FD3AC4ABB17A6DFC9222467F1 350208 ----a-w- C:\Windows\AppPatch\AppPatch64\AcLayers.dll
2013-02-06 19:07:13 FE80B66D2EEA1DA139516A19C04436B4 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-02-06 19:07:13 E7A16F71BA02F3AB9D549F226559266E 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2013-02-06 19:07:13 D5707FC2300AA5B04B7BFE86D40C0133 1902472 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-06 19:07:13 D4FAC263861BAE06971C7F7D0A8EBF15 216576 ----a-w- C:\Windows\System32\ncsi.dll
2013-02-06 19:07:13 B4E967889E5AEDA9D66F12676215EB5D 51200 ----a-w- C:\Windows\SysWOW64\migration\IphlpsvcMigPlugin.dll
2013-02-06 19:07:13 8AD77806D336673F270DB31645267293 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2013-02-06 19:07:13 6F5316AA686FDAA2B6945EABF16DAEFC 60416 ----a-w- C:\Windows\System32\migration\IphlpsvcMigPlugin.dll
2013-02-06 19:07:13 5FF9F07B268E5D5A1C321C3CF5C2CB9B 175104 ----a-w- C:\Windows\SysWOW64\netcorehc.dll
2013-02-06 19:07:13 5BDE9F50E48A6CD28353BAA238CC4A7D 18944 ----a-w- C:\Windows\System32\netevent.dll
2013-02-06 19:07:13 4DB684167C3B220B556ECD0640715769 18944 ----a-w- C:\Windows\SysWOW64\netevent.dll
2013-02-06 19:07:13 46BB91A169B9B31FF44EB04C48EC1D41 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2013-02-06 19:07:13 4261F21A202746AC207CA9AA863D9FD4 570368 ----a-w- C:\Windows\System32\iphlpsvc.dll
2013-02-06 19:07:13 31EE9F3E116A646B0D74527EAD207DF8 288648 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-06 19:07:13 1B16D0BD9841794A6E0CDE0CEF744ABC 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2013-02-06 19:07:13 140D9F911182357626165EA0BEB98C4F 156672 ----a-w- C:\Windows\SysWOW64\ncsi.dll
2013-02-06 19:07:09 64E211E0FDFCE4D186DF58BB7D0503BC 2576384 ----a-w- C:\Windows\SysWOW64\gameux.dll
2013-02-06 19:07:09 43C9CF6825CEA58F1815B7C3DBBB385C 308736 ----a-w- C:\Windows\SysWOW64\Wpc.dll
2013-02-06 19:07:09 2BCBA6052374959A30BD7948444DBB79 2746368 ----a-w- C:\Windows\System32\gameux.dll
2013-02-06 19:07:09 027675ED9B34EE1B91505C3B8752649F 441856 ----a-w- C:\Windows\System32\Wpc.dll
2013-02-06 19:07:01 B39B8CC163C41B12FE83E777199F3378 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
2013-02-06 19:07:01 3D2D108E14AD21889A2621B94C80A3DD 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-02-06 19:06:57 494935A017905BEBDAA56490FCAF683B 14175232 ----a-w- C:\Windows\System32\shell32.dll
2013-02-06 19:06:56 D0961EA39C6472D9D27922ECE168808E 12874752 ----a-w- C:\Windows\SysWOW64\shell32.dll
2013-02-06 19:06:51 9AC4F97C2D3E93367E2148EA940CD2CD 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-02-06 19:06:51 26C43A7C2862447EC59DEDA188D1DA07 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-02-06 19:06:51 1573C45E65DE32B1BC3572634F8F1E8E 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-02-06 19:06:50 F93674263F6B07C77956E966953242D9 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2013-02-06 19:06:50 EDA7AD21DF8945528F01F0A86D69E524 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2013-02-06 19:06:50 97A7070AEA4C058B6418519E869A63B4 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-02-06 19:06:50 5864633FED2156AF701B99AFDF2683F9 3217408 ----a-w- C:\Windows\System32\msi.dll
2013-02-06 19:06:50 3D3CBD1847F980FB03343A63671E7886 225280 ----a-w- C:\Windows\SysWOW64\schannel.dll
2013-02-06 19:06:49 EBD1AAA3612A3E37C616A057FD5F252C 2342912 ----a-w- C:\Windows\SysWOW64\msi.dll
2013-02-06 19:06:48 E63C7FE43F390A2756D36B255F2C003F 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2013-02-06 19:06:48 E0B0E0BDE6508E5D27715E0F4C3F5079 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2013-02-06 19:06:48 CCC588EF05A020C2CFABDB0523ED0AD9 195072 ----a-w- C:\Windows\SysWOW64\dhcpcore6.dll
2013-02-06 19:06:48 3F221A7E3123773EE8F1DB200CDDB39E 318976 ----a-w- C:\Windows\System32\dhcpcore.dll
2013-02-06 19:06:48 3230D18B564A6CD6D4B3451A6CA9ABEF 44032 ----a-w- C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-02-06 19:06:48 200C848129182E15A1E39E617DE4A054 257024 ----a-w- C:\Windows\SysWOW64\dhcpcore.dll
2013-02-06 19:06:44 F23231EF88039F73CC69C002F2993A02 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2013-02-06 19:06:44 DEC1426BF15A07E4B26DC7F479EDAA60 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2013-02-06 19:06:44 3B7C1A53047FF6ACEFD9BA6E281DEBB7 805376 ----a-w- C:\Windows\SysWOW64\cdosys.dll
2013-02-06 19:06:43 EA7DD5409284682BD65C4078FFF75F0E 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll
2013-02-06 19:06:43 D841D8118B06E5D528B5E9023CF93D39 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll
2013-02-06 19:06:43 9897B73497507D71F0FDFD0E96C68DE8 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2013-02-06 19:06:43 8DFB4B9989F81626ADC115DFADD7E42D 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2013-02-06 19:06:43 3B5116838A330132D406353E2BCBFB6F 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll
2013-02-06 19:06:43 3943DEC4AA1BE148F71F1CE0333F5F1C 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2013-02-06 19:06:43 3847472640ACA0816C85118A7395762C 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2013-02-06 19:06:43 2D34839A17EF7BDA968332AF195FCC9D 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2013-02-06 19:06:43 1FEB1694B13247A451B274E114AFAC45 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2013-02-06 19:06:43 08360AF9178A2436B6DD98815031DA56 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2013-02-06 19:06:42 C9DEA5A2B7A56C78879E0A07F423466E 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2013-02-06 19:06:42 79726C7D4E361AC1CE437316CC04AF58 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-02-06 19:06:40 5D57DAE7BB47FA2393084F68818749EB 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-02-06 19:06:40 57A5B9B0E4A668ADEAA38EC891AD2611 826880 ----a-w- C:\Windows\SysWOW64\rdpcore.dll
2013-02-06 19:06:40 51C5ECEB1CDEE2468A1748BE550CFBC8 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-02-06 19:06:39 7777D040440755FD93A70A319D6C2EB3 496128 ----a-w- C:\Windows\SysWOW64\win32spl.dll
2013-02-06 19:06:39 6F6D6B434A77124BD4BE085712DFE15E 755712 ----a-w- C:\Windows\System32\win32spl.dll
2013-02-06 19:06:32 99B91C5D2FCEF218CAD3600ECB62A799 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-02-06 19:06:31 EAADD6E47ED2A7003ACE1793B98CF63F 1389568 ----a-w- C:\Windows\SysWOW64\msxml6.dll
2013-02-06 19:06:31 A067502DE2EC567CF90F24621211F4E3 1236480 ----a-w- C:\Windows\SysWOW64\msxml3.dll
2013-02-06 19:06:31 77F738FA45B7FC58290F1E2B0D04CC45 1879552 ----a-w- C:\Windows\System32\msxml3.dll
2013-02-06 19:06:26 B2746D84DDF68D09B41B72DF745CCBA6 1687408 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-02-06 19:06:22 C672AE7957256A51E4F4A0B16CFB8CDC 3152384 ----a-w- C:\Windows\System32\win32k.sys
2013-02-06 19:06:21 F00703BA13A53DD7AA6F944A39E439CB 1416192 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\ink\InkObj.dll
2013-02-06 19:06:21 E97BDB9B2A3D4A2EFAF320D9C0AF7002 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2013-02-06 19:06:21 A77904EAC93C1F9181384B5805D950BE 2103808 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-02-06 19:06:21 7D620B543F8FCCDDB1B07E2474A43E59 1077248 ----a-w- C:\Windows\SysWOW64\DWrite.dll
2013-02-06 19:06:20 CAD1F7C2B45C67C15F4EFA20F7BCD47D 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-02-06 19:06:20 BA483389FB5F42015B575E49DE9B7B4C 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-02-06 19:06:20 ABE6C3EF31C3A19F74A788273B33AE09 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-02-06 19:06:20 62704AF332A0A86F3AF6E8C4EC775725 936960 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\ink\journal.dll
2013-02-06 19:06:20 00E7C91EB44FC0612E6AF42E294F4F6C 1402880 ----a-w- C:\Windows\System32\spool\drivers\x64\3\JNWDRV.dll
2013-02-06 19:06:20 00E7C91EB44FC0612E6AF42E294F4F6C 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-02-06 19:06:18 AA06902362B1422D7A7DA7061E07C624 220160 ----a-w- C:\Windows\System32\wintrust.dll
2013-02-06 19:06:18 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2013-02-06 19:06:18 17448AF0BBA9E7AB5EC955AF93F271BD 172544 ----a-w- C:\Windows\SysWOW64\wintrust.dll
2013-02-06 19:06:17 FDD71F94CD5580E4C1D16F96EF6C2856 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2013-02-06 19:06:17 EEEA40F0EDB0A6E5359E539E15D0BC77 73216 ----a-w- C:\Windows\System32\netapi32.dll
2013-02-06 19:06:17 72910F1DEB838E6E08A9017BFB7D4F0B 41984 ----a-w- C:\Windows\SysWOW64\browcli.dll
2013-02-06 19:06:17 2FCA0D2C59A855C54BAFA22AA329DF0F 57344 ----a-w- C:\Windows\SysWOW64\netapi32.dll
2013-02-06 19:06:17 05F5A0D14A2EE1D8255C2AA0E9E8E694 136704 ----a-w- C:\Windows\System32\browser.dll
2013-02-06 19:06:17 012787CEB35505EB78DF82E0A0072888 59392 ----a-w- C:\Windows\System32\browcli.dll
2013-02-06 19:06:16 E9766131EEADE40A27DC27D2D68FBA9C 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-02-06 19:06:14 5CBC20E15923025997C2253A7DD5193F 212480 ----a-w- C:\Windows\System32\profsvc.dll
2013-02-06 19:06:12 E4ACCC7927A1478DF636534864E03666 801280 ----a-w- C:\Windows\System32\usp10.dll
2013-02-06 19:06:12 CA68408922B02E8D955A2967C7CBF8CE 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll
2013-02-06 19:06:11 6B7FBD65632F45FA52B23F788D71DF96 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2013-02-06 19:06:11 50383C6280B31995D25C2662807709E4 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2013-02-06 19:06:08 B8E693C547A15DEEF116D70985F7CC94 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
2013-02-06 19:06:08 AD976778C4B92F9EC4842295974E9BD9 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-02-06 19:06:08 54AF46DC37E63E1E85EB619033953309 490496 ----a-w- C:\Windows\SysWOW64\d3d10level9.dll
2013-02-06 19:06:08 1FE9863C6C5CC71E8E7E70F9EFBD30E1 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2013-02-06 19:06:07 E5A7D4E652D61D56FF015735F50567AD 716800 ----a-w- C:\Windows\System32\kerberos.dll
2013-02-06 19:06:07 D68258881C7849A7F4E4FCFE7CA0060F 543232 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2013-02-06 19:06:07 374CE9DAB2F0CB173B8FCF3AB8DB5D1B 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-02-06 19:06:06 D23E615E0969AECC1134E372B0B295D1 78336 ----a-w- C:\Windows\SysWOW64\synceng.dll
2013-02-06 19:06:06 8699D17DFCFCD327784034DB6BD3A422 95744 ----a-w- C:\Windows\System32\synceng.dll
2013-02-06 19:06:06 310F6F492A3B4B1020ED9BF9CCBBE6B6 376832 ----a-w- C:\Windows\SysWOW64\dpnet.dll
2013-02-06 19:06:05 D5164131D596A070FF9C82BC4A488F1F 503808 ----a-w- C:\Windows\System32\srcore.dll
2013-02-06 19:06:05 A81331D7EB6C5D1F7B1E4E4FC15F3EC0 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2013-02-06 19:06:02 954A25A7A9A5088602642F89EC0815ED 956416 ----a-w- C:\Windows\System32\localspl.dll
2013-02-06 19:05:58 D3B5A88819F7B1D981ADCA3D95283D3A 1465344 ----a-w- C:\Windows\System32\crypt32.dll
2013-02-06 19:05:57 A62114C4FCA2848B413BB7B6C690AF5C 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2013-02-06 19:05:57 7E7D2DACF65D750D466F36BD3D09AE20 186880 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-02-06 19:05:57 49BF8127A57231C6B2F6ADB17D543695 1160192 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2013-02-06 19:05:57 195315BDF59DC945E187C79780D2167C 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
2013-02-06 19:05:57 063DD65889D21035311463337BD268E7 142336 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2013-02-06 19:05:54 F8D176DB5B14AED7C9B25E0640226BD1 258352 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\unicows.dll
2013-02-06 19:05:54 E19CCD189D7BB37DA3691BD794C38EF0 77824 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\glu2d3d.dll
2013-02-06 19:05:54 E072F97804B5BB32250D70BB80165C55 463360 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\opengl2d3d.dll
2013-02-06 19:05:54 CE0CDC5459EAA1D574AF781DDB8F2685 110592 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\OpenAl32.dll
2013-02-06 19:05:54 9C24ED831DDFA8319382B2BFD9691AA9 413696 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\wrap_oal.dll
2013-02-06 16:32:09 F78A65AADC6590943371DC606D1746A6 95648 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-02-06 12:04:33 E0FF893763BA82BAABB869A351F0C455 572808 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
2013-02-06 12:04:33 C56DE8185672B9F17F127EA282DD5E07 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psmachine.dll
2013-02-06 12:04:33 1C074E661B522E7F40D3534089FC225E 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psuser.dll
2013-02-06 12:04:32 EA1848EFE8F3B60C687D003977945289 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_th.dll
2013-02-06 12:04:32 E534BB37BF5C43826E748E1D89910253 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sk.dll
2013-02-06 12:04:32 DF1FAEC09D59CF8CDBC30D3455648F8C 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_uk.dll
2013-02-06 12:04:32 A613AEA586B0ADF6902A59F39C547DA6 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_tr.dll
2013-02-06 12:04:32 787B22D1B3551214EA18A438EB497BC2 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sr.dll
2013-02-06 12:04:32 6B3640EFF0DD461E27C36AD7EB469D44 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ro.dll
2013-02-06 12:04:32 6A2929FC5F24464DBDC0577DB6766DC1 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ru.dll
2013-02-06 12:04:32 59CBFB54ECC5FE93C74ECB2E4A1FF9A2 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-TW.dll
2013-02-06 12:04:32 51B96D72840AB9232225521102AB4962 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-CN.dll
2013-02-06 12:04:32 3ABFB1E60F232142271FAB79253786F4 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sl.dll
2013-02-06 12:04:32 326DC32156A3587395B6858C10D34B0E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sw.dll
2013-02-06 12:04:32 2A0309B546700308E7DF9ED9302E8E94 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_te.dll
2013-02-06 12:04:32 17EBF25727C05C7273AD72BADF1F7058 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ur.dll
2013-02-06 12:04:32 1359046E906BFC1147702E78442ADB1E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ta.dll
2013-02-06 12:04:32 0B09837C01231654CEA36BAD94F88994 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sv.dll
2013-02-06 12:04:32 0A6FD6C1F1E21A54CDC342616E8E4F82 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_vi.dll
2013-02-06 12:04:31 F7281230459DA9BF21EC099CA833CA03 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_id.dll
2013-02-06 12:04:31 F1B3D5D1D7A332FD6E24C4EB4844C7D5 23944 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ko.dll
2013-02-06 12:04:31 E849D447E038462CBE0B79655865CBB8 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_mr.dll
2013-02-06 12:04:31 AD7C821EDB54639DD23D745173938ED4 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_is.dll
2013-02-06 12:04:31 956C7CFAE0FCA13AE6592A72E681325A 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-BR.dll
2013-02-06 12:04:31 93545A29801793646159E248D69D337E 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_kn.dll
2013-02-06 12:04:31 8AAFF4EE2151DC1DBE13B1B42189A9A4 32136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ml.dll
2013-02-06 12:04:31 6E67575379F7CE795FF77CEC74F6D769 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lv.dll
2013-02-06 12:04:31 6D9CDB9FE405DB672187CA1F85B148FA 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-PT.dll
2013-02-06 12:04:31 6D8879BF56B5875E70508A6A20812BB1 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ms.dll
2013-02-06 12:04:31 648544BA93B4DD273DF243F9E72948EF 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_it.dll
2013-02-06 12:04:31 52E4EDF65BA65BEC4BA56D0B6E326F9E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_no.dll
2013-02-06 12:04:31 4CB3C4616DA0DDF3D03829D8B18C640E 24968 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ja.dll
2013-02-06 12:04:31 3CC2D1834C1292A11C963FD9523CC4EF 26504 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_iw.dll
2013-02-06 12:04:31 172724B5A3F3988A7FA0F038A92FF11E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_nl.dll
2013-02-06 12:04:31 0A119E73AB9ABCB87107B816B0FA74F9 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lt.dll
2013-02-06 12:04:31 00F8FEEFD4AE00EC5065B937BE00C595 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pl.dll
2013-02-06 12:04:30 FC5D9F5CBC46B3662DE958C682611296 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en-GB.dll
2013-02-06 12:04:30 F7C88FA49453C948D52D5350F16720D5 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es.dll
2013-02-06 12:04:30 DE939A1A8F7EA3C0E41E46F87A4F6EF5 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fil.dll
2013-02-06 12:04:30 DB9BE127989AF7386234BE8D746CE65D 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_da.dll
2013-02-06 12:04:30 D87B79DF28588640F027686FD1209DD4 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fi.dll
2013-02-06 12:04:30 C164FE32626724656C77362A88156684 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fa.dll
2013-02-06 12:04:30 A8D817072D08DB41F0BB193F234F43BB 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_de.dll
2013-02-06 12:04:30 8F1E180AF2F5B9AF234196DAFAB07E11 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_el.dll
2013-02-06 12:04:30 8D70A5894C60E412B4DF74B4EC049F13 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_et.dll
2013-02-06 12:04:30 8ABBEF4327C86834E25E979CEEB19605 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_cs.dll
2013-02-06 12:04:30 73CF46B4F2B54AF8D0BF940B12DF10A5 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hr.dll
2013-02-06 12:04:30 35DB83C4DE9FA3889E937125D115EAA0 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
2013-02-06 12:04:30 2E1685D3B946B8D4D199494AF700CD2E 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_gu.dll
2013-02-06 12:04:30 2D39FA2E03FCCBB4D76A33FA03C76FE9 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hu.dll
2013-02-06 12:04:30 2C42FE9ACCA5654AEA2D0C7734531DDA 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fr.dll
2013-02-06 12:04:30 0ABF233C089FB7E8191D29DA2C6AC0AF 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es-419.dll
2013-02-06 12:04:30 050448DEA40A5CED634C914DBE6336DE 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hi.dll
2013-02-06 12:04:29 EC724DAA39BEB13862324594100C1052 27016 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ar.dll
2013-02-06 12:04:29 98A4DF0939A0ECB3A1A7C7F9C3AA318F 25480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_am.dll
2013-02-06 12:04:29 8B572945FF7BED636A05A219DD78EC95 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bg.dll
2013-02-06 12:04:29 43BC38087C79995F7BEDEF8648D5B790 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bn.dll
2013-02-06 12:04:29 3781763F294C34D9F8A993B384A88FA2 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ca.dll
2013-02-06 12:04:29 2E5672EEA419A4DC9DACD714632E1DC3 835464 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
2013-02-06 11:54:53 14FDBCF78F39553202D382D9082DC9CB 512000 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Een Vies Spelletje [NL [1]\!RnE - 2012.07.25 17.46.49 - READER-Een Vies Spelletje\READER-Een Vies Spelletje\audiere.dll
2013-02-03 20:01:06 F8D176DB5B14AED7C9B25E0640226BD1 258352 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\unicows.dll
2013-02-03 20:01:06 E19CCD189D7BB37DA3691BD794C38EF0 77824 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\glu2d3d.dll
2013-02-03 20:01:06 E072F97804B5BB32250D70BB80165C55 463360 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\opengl2d3d.dll
2013-02-03 20:01:06 CE0CDC5459EAA1D574AF781DDB8F2685 110592 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\OpenAl32.dll
2013-02-03 20:01:06 9C24ED831DDFA8319382B2BFD9691AA9 413696 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\wrap_oal.dll
2013-02-02 16:52:45 62FD1461C7C88D9927CAFF8FA827DAA8 257024 ----a-w- C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-3899251529-2481488585-3776796876-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Gainward"="C:\Program Files (x86)\EXPERTool ATI\TBPanel.exe /A"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"AMD AVT"="Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gainward"="C:\Program Files (x86)\EXPERTool ATI\TBPanel.exe /A"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
==== Startup Folders ======================
2012-10-14 14:32:02 1003 ----a-w- C:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-02-2013 15:54]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23-08-2012 21:42]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23-08-2012 21:42]
====== C: exe-files ==
2013-02-09 11:30:02 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A002VT91\mbam-setup-1.70.0.1100.exe
2013-02-06 19:14:08 85D6E8F735865B502D65D1D91A79E3F3 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2013-02-06 19:13:21 825E01EEC25E744FBCFB92F07FF411EE 307200 ----a-w- C:\Program Files (x86)\Internet Explorer\iediagcmd.exe
2013-02-06 19:13:21 73C8D00A87332F2DF0A7CFF87CEE1A82 107008 ----a-w- C:\Program Files (x86)\Internet Explorer\iecleanup.exe
2013-02-06 19:13:21 6B036492120E65C0C367DC31D01088A1 74752 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-02-06 19:13:21 1D3EE28BA231CBB9600F5D102EAF4EA7 10752 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe
2013-02-06 19:13:21 0D286C0FE561D1A7EB30E83A0FF305B2 757296 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2013-02-06 19:13:20 DCFA393FA7F8FFAAE4A4A1F5E3E7CD64 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2013-02-06 19:13:20 C0B8B96D018849FD8CCF15FED84E8782 74240 ----a-w- C:\Windows\SysWOW64\ie4uinit.exe
2013-02-06 19:13:20 A04CEF82046BCF539B33EEF62F0A3825 466432 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2013-02-06 19:13:20 8911702CC546B76FE8F9C61987C68C43 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2013-02-06 19:13:20 736D1B28224F9DF8008BE8B0DEDFC9EF 76800 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-02-06 19:13:20 67BC2BA6F94D2D0C51213691FBFEEBB1 152064 ----a-w- C:\Windows\SysWOW64\wextract.exe
2013-02-06 19:13:20 51AF0A12CD86E22E1A027C38CC021AC6 150528 ----a-w- C:\Windows\SysWOW64\iexpress.exe
2013-02-06 19:13:20 512C7881C3F7836455ADC9EBF0A0B167 22016 ----a-w- C:\Program Files (x86)\Internet Explorer\ExtExport.exe
2013-02-06 19:13:20 061CBB1058A10C0875D18CAFF835AE97 11776 ----a-w- C:\Windows\SysWOW64\mshta.exe
2013-02-06 19:13:19 FD0D2E1FAEBAE5031BE2EB8000D973F1 763424 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-02-06 19:13:19 E49EC15EFFC9F01298093DBD7E0A31AF 12288 ----a-w- C:\Windows\System32\mshta.exe
2013-02-06 19:13:19 DA9648200FC010A6DF004FAC8A775FD9 10752 ----a-w- C:\Windows\System32\msfeedssync.exe
2013-02-06 19:13:19 94E2790F0F0BA0249EEA0EA745863A7B 91648 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe
2013-02-06 19:13:19 673A1369C77B7A405B97A619848F6757 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-06 19:13:19 62D1AFEF89F77F808E023838F9370047 119808 ----a-w- C:\Program Files\Internet Explorer\iecleanup.exe
2013-02-06 19:13:19 530B34241856C2299382421C414F97EE 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2013-02-06 19:13:19 4DBB1710CEFDBFEEE3AB8DCBB2A4085E 480256 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2013-02-06 19:13:19 40E9C38018D1454E8F4308F2907A5A35 89088 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-02-06 19:13:18 B519848DFA30AE2B306576B51321D102 89088 ----a-w- C:\Windows\System32\ie4uinit.exe
2013-02-06 19:13:18 71E07C0950BB9F4450DD2DE59D77F603 165888 ----a-w- C:\Windows\System32\iexpress.exe
2013-02-06 19:13:18 57569625CEB5989116C5BE70B77C29ED 160256 ----a-w- C:\Windows\System32\wextract.exe
2013-02-06 19:10:26 8ABFE00F213F2571498F1B8FD7939A98 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-02-06 19:08:19 B0BA990781210836135C0ABC680A7448 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2013-02-06 19:08:19 B0404E8D7911552D8559C03CDD5DFBEC 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2013-02-06 19:08:19 9BDC6304A6CF27B0A5A0FABCA56489D9 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2013-02-06 19:08:17 B19B30E594EE374C69F71DAD26198400 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-02-06 19:06:58 A0D1C0E813A7C6E17C029375AC2ACE18 5562736 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-06 19:06:58 770FEEA2823E463D68E170D7EA6FAEBA 3972464 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2013-02-06 19:06:58 5355A85D26EECFA3A68B1F55B0C59A20 3917168 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2013-02-06 19:06:55 A236B1646E96AB06BE0F8D592B6D9A0D 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2013-02-06 19:06:27 F28D6538F76DC6ECFABF6176DBDD2664 142336 ----a-w- C:\Windows\System32\poqexec.exe
2013-02-06 19:06:27 20104EA66332D24D7C65BBB087C56737 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe
2013-02-06 19:06:21 C8DE35F71974AFE933E37C910D653E46 2163712 ----a-w- C:\Program Files\Windows Journal\Journal.exe
2013-02-06 19:06:11 C34C6E1D0D469D737321F2EDCBE9BE6B 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2013-02-06 19:06:06 639774C9ACD063F028F6084ABF5593AD 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-02-06 19:05:53 301C66D840537679A68A0D49725CB995 955392 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\GH-GardensInc.exe
2013-02-06 19:05:51 B936F0F378B9A35489353E878154E899 1821192 ----a-w- C:\Users\Gebruiker\Desktop\Airline Baggage Mania\vcredist_x86.exe
2013-02-06 19:05:50 BCBB7C0CD9696068988953990EC5BD11 292184 ----a-w- C:\Users\Gebruiker\Desktop\Airline Baggage Mania\dxwebsetup.exe
2013-02-06 19:05:45 183BF7E8CCEA894319F0D11CED49154A 2672440 ----a-w- C:\Users\Gebruiker\Desktop\Airline Baggage Mania\AirlineBaggageManiaDeluxe.exe
2013-02-06 19:01:10 B9D7A4858CF32A6A15D2763F1DE47E0E 559616 ----a-w- C:\Windows\System32\spoolsv.exe
2013-02-06 19:01:09 F4872D16F08BDA4250E97A58F9DAD555 67072 ----a-w- C:\Windows\splwow64.exe
2013-02-06 16:31:35 B936F0F378B9A35489353E878154E899 1821192 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Airline Baggage Mania\Airline Baggage Mania\vcredist_x86.exe
2013-02-06 16:31:34 BCBB7C0CD9696068988953990EC5BD11 292184 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Airline Baggage Mania\Airline Baggage Mania\dxwebsetup.exe
2013-02-06 16:31:29 183BF7E8CCEA894319F0D11CED49154A 2672440 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Airline Baggage Mania\Airline Baggage Mania\AirlineBaggageManiaDeluxe.exe
2013-02-06 16:25:28 B936F0F378B9A35489353E878154E899 1821192 ----a-w- C:\Users\Gebruiker\Desktop\spellen\Airline Baggage Mania\vcredist_x86.exe
2013-02-06 16:25:26 BCBB7C0CD9696068988953990EC5BD11 292184 ----a-w- C:\Users\Gebruiker\Desktop\spellen\Airline Baggage Mania\dxwebsetup.exe
2013-02-06 16:25:14 183BF7E8CCEA894319F0D11CED49154A 2672440 ----a-w- C:\Users\Gebruiker\Desktop\spellen\Airline Baggage Mania\AirlineBaggageManiaDeluxe.exe
2013-02-06 12:04:34 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe
2013-02-06 12:04:34 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateBroker.exe
2013-02-06 12:04:33 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateSetup.exe
2013-02-06 12:04:29 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
2013-02-06 12:04:29 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
2013-02-06 12:04:29 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdate.exe
2013-02-06 12:04:27 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe
2013-02-06 11:55:02 256B24E584FBE39A9481751D7C98ED0D 3724632 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Een Vies Spelletje [NL [1]\!RnE - 2012.07.25 17.46.49 - READER-Een Vies Spelletje\READER-Een Vies Spelletje\TheMicroBieStory.exe
2013-02-06 11:54:53 31D7661A2F79CC0BF7BB05EBFB62377E 1852760 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Een Vies Spelletje [NL [1]\!RnE - 2012.07.25 17.46.49 - READER-Een Vies Spelletje\READER-Een Vies Spelletje\pmfmnch.exe
2013-02-03 20:01:06 B449A66A70F32835227B907842D1D672 4828016 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\ZY-fiu80.exe
=== C: other files ==
2013-02-09 11:30:20 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-02-06 19:19:41 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-02-06 19:19:41 51DFBD18A435BAEC1F71A692373ECE4F 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-02-06 19:19:41 442783E2CB0DA19873B7A63833FF4CB4 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-02-06 19:13:21 ED6F6FBBCDEC95483B7351E23F4FCDF6 110592 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll
2013-02-06 19:13:21 CCA6A20181B7719B584AEE1DD6542A4E 149552 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-02-06 19:13:21 BC9CE770AB55DC36349517B4E5E74A12 66048 ----a-w- C:\Windows\SysWOW64\migration\WininetPlugin.dll
2013-02-06 19:13:21 A3FA99A16F10D44EDB7A8C340FA2EE1B 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2013-02-06 19:13:21 90A57CA422923286838AAC7DE2D41B92 118784 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2013-02-06 19:13:21 8E38CE628D4817D949DD31D77A7F21CD 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-02-06 19:13:21 7FA3A810F383588D46220967DE8B64FF 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll
2013-02-06 19:13:21 780E80E5502015EDAEC91DC0A0C96A79 1793024 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2013-02-06 19:13:21 6248C55FB0244054035199622FB792D2 149504 ----a-w- C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll
2013-02-06 19:13:21 4B80D1F847C0658977E1E8051A4DE002 41472 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll
2013-02-06 19:13:21 4266A3230981DD4434C55957F6DD497D 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2013-02-06 19:13:21 35AAE2E841AA1A949775168E119482C9 161792 ----a-w- C:\Windows\SysWOW64\msls31.dll
2013-02-06 19:13:21 0B8FE658BD033EC8B1F6FBC305CC65E7 162304 ----a-w- C:\Windows\SysWOW64\msrating.dll
2013-02-06 19:13:21 0A866897039E42DF8080BE5DD83BC8E0 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll
2013-02-06 19:13:20 FFAA209DE84D6D1849DEA6DF7A3F9D2F 104448 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
2013-02-06 19:13:20 F9D038A8C2BDC3AE2548150A7AED0F8A 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll
2013-02-06 19:13:20 F83865A3007357A5E498EB9E3BED273D 31744 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2013-02-06 19:13:20 F0FEFB0B5D25A75D478A4317139D937E 353584 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2013-02-06 19:13:20 EE9D715AF1B928982F417238B9914484 434176 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2013-02-06 19:13:20 EE0AFCEE88098F754212F9069E80A766 86528 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2013-02-06 19:13:20 E290E3FDF645DF29D00D6368B9127E30 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-02-06 19:13:20 DB754FF5F6ADBA2A25EC1B6672D1C91E 163840 ----a-w- C:\Windows\SysWOW64\ieakui.dll
2013-02-06 19:13:20 CA493A92DA9880B6F1A89C3DBD54BA5B 223232 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2013-02-06 19:13:20 802B0229D904E28C1EA9A5274AB457FC 74752 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2013-02-06 19:13:20 7AC9B18F1BE210702DA5E586224B1571 66048 ----a-w- C:\Windows\SysWOW64\icardie.dll
2013-02-06 19:13:20 76E987D8CF0683337CF165363B6FDFD9 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll
2013-02-06 19:13:20 7056A3F5FD9CE6066895DCAA9C32D89B 301056 ----a-w- C:\Program Files (x86)\Internet Explorer\networkinspection.dll
2013-02-06 19:13:20 6B4701D3D9724812E8C3801E7BF87157 23552 ----a-w- C:\Windows\SysWOW64\licmgr10.dll
2013-02-06 19:13:20 68563AC389F92EE79F1C714288BA1DCE 35840 ----a-w- C:\Windows\SysWOW64\imgutil.dll
2013-02-06 19:13:20 63861BA77FFAF9132DEE6211D1B5C1E5 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2013-02-06 19:13:20 631289583481C45C7342EFD57442B738 766976 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll
2013-02-06 19:13:20 62CBF36E3E10BAA74224BC7A6DD998B5 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2013-02-06 19:13:20 60B4F624BB87A3B21D3EC68F38DA6B61 78848 ----a-w- C:\Windows\SysWOW64\inseng.dll
2013-02-06 19:13:20 5B37190F79F5D63C1033ED88C006080C 123392 ----a-w- C:\Windows\SysWOW64\occache.dll
2013-02-06 19:13:20 5466DCAEF5A648E04D1B6580F2C901B5 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2013-02-06 19:13:20 543BBE783E2CA0D58E1981BD75483BAD 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2013-02-06 19:13:20 5193DE33F3284C447E0D31DAFBF92570 203776 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2013-02-06 19:13:20 4C34FD8C56DB38DF6F969AFDDDF4AB83 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2013-02-06 19:13:20 49729570B7FD369BBDEC16D7683324A0 227840 ----a-w- C:\Windows\SysWOW64\ieaksie.dll
2013-02-06 19:13:20 4312DEBDACBE338F0B90E7F08E7672BE 353792 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2013-02-06 19:13:20 4071D132E66ACDA3776F1FEAD19E6E01 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2013-02-06 19:13:20 3F7A8BCF37433A69CEEDE1E6AEE79784 101888 ----a-w- C:\Windows\SysWOW64\admparse.dll
2013-02-06 19:13:20 31B0448CC0694378106582F46D0D07E4 231936 ----a-w- C:\Windows\SysWOW64\url.dll
2013-02-06 19:13:20 1F31900AC922CAD5382FA462D2B17018 49664 ----a-w- C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll
2013-02-06 19:13:20 1E7094AFAD0C369DD6D400C7047E4AB2 130560 ----a-w- C:\Windows\SysWOW64\ieakeng.dll
2013-02-06 19:13:20 1D4127FE151165C5FB9C0EED8701A3D1 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-02-06 19:13:20 07F649CD36F266BBE33B814FA678AA43 12320256 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2013-02-06 19:13:20 04A8B2F67825380BC0C7C46D56776133 54272 ----a-w- C:\Windows\SysWOW64\pngfilt.dll
2013-02-06 19:13:19 FD2031A7D5BBB95DC8A763D20B352A46 49664 ----a-w- C:\Windows\System32\imgutil.dll
2013-02-06 19:13:19 F6DA3D82A7B6FFCEEBADFBEDA796C1A4 140800 ----a-w- C:\Program Files\Internet Explorer\jsdebuggeride.dll
2013-02-06 19:13:19 F65BDB76207B49529268485AAE20AE34 267776 ----a-w- C:\Windows\System32\ieaksie.dll
2013-02-06 19:13:19 EF303F9DEB696ABEA92F4A3BE6848C62 55296 ----a-w- C:\Windows\System32\msfeedsbs.dll
2013-02-06 19:13:19 E73D6F3160CE2FD1D59FF1EF6167DF02 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-06 19:13:19 DC7D3ADCC1F2729514780F611D6590EC 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll
2013-02-06 19:13:19 D6A99F26E31C9F15D8D8CC42FFE6D16B 452608 ----a-w- C:\Windows\System32\dxtmsft.dll
2013-02-06 19:13:19 CFF3C4ABDCC5356B0674743BDF0FB674 17811968 ----a-w- C:\Windows\System32\mshtml.dll
2013-02-06 19:13:19 C71E7ABB1A34E56CE73AE117C8DD566F 10925568 ----a-w- C:\Windows\System32\ieframe.dll
2013-02-06 19:13:19 BD107CF53FA7142B4F06D6D71AFEB131 160256 ----a-w- C:\Windows\System32\ieakeng.dll
2013-02-06 19:13:19 A3287F8EB6182FB060C818524C7D6A63 282112 ----a-w- C:\Windows\System32\dxtrans.dll
2013-02-06 19:13:19 A0F52880DDD164F968BE903C1FECD27E 2144768 ----a-w- C:\Windows\System32\iertutil.dll
2013-02-06 19:13:19 A0C2D990ECD88630C159FD5A6700A6A5 197120 ----a-w- C:\Windows\System32\msrating.dll
2013-02-06 19:13:19 9568BB33BBAD356EDD6CDE988E570523 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-06 19:13:19 9000CC4505B4545F2B51CFD34277B2E2 86528 ----a-w- C:\Windows\System32\migration\WininetPlugin.dll
2013-02-06 19:13:19 8EADA158D964E3FD1999AD96C9C507FF 534528 ----a-w- C:\Windows\System32\ieapfltr.dll
2013-02-06 19:13:19 84827B0DCC0A535DB6CB0FC2FADFE38E 149504 ----a-w- C:\Windows\System32\occache.dll
2013-02-06 19:13:19 82A4DB52E9C75A794EADCD510F6CDA65 111616 ----a-w- C:\Windows\System32\iesysprep.dll
2013-02-06 19:13:19 7FCAB194F01E3403C300EB034E480B36 222208 ----a-w- C:\Windows\System32\msls31.dll
2013-02-06 19:13:19 6B6A8ADF9892E76F59E3B17D01E29673 135168 ----a-w- C:\Windows\System32\IEAdvpack.dll
2013-02-06 19:13:19 6938377454A025812CA346B37962F522 182816 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-02-06 19:13:19 61F66A7C9890D025560F5887D7CD11C3 194560 ----a-w- C:\Program Files\Internet Explorer\jsprofilerui.dll
2013-02-06 19:13:19 5E78D5CAF5917FA1FDC71A80CF0D5234 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2013-02-06 19:13:19 551BBF7720F900C10439665DECE50EC1 537088 ----a-w- C:\Program Files\Internet Explorer\pdm.dll
2013-02-06 19:13:19 5121DB613E10A46A3C5085B479026AA7 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-06 19:13:19 50EF8F8DF559B7C5E72404F4B184FF17 163840 ----a-w- C:\Windows\System32\ieakui.dll
2013-02-06 19:13:19 31525BC38F219E3E17D8AF11DA0FAE3E 85504 ----a-w- C:\Windows\System32\jsproxy.dll
2013-02-06 19:13:19 2F31597DA72FE328E1F7FEBF8548759C 65024 ----a-w- C:\Windows\System32\pngfilt.dll
2013-02-06 19:13:19 2984F4F93BB733CAAAB3F5BD33C4D457 48640 ----a-w- C:\Windows\System32\mshtmler.dll
2013-02-06 19:13:19 1DBA462CF92D890D8F8E6472E7E8B4B4 1346048 ----a-w- C:\Windows\System32\urlmon.dll
2013-02-06 19:13:19 18E10F42E7492151D279AC29622037B8 145920 ----a-w- C:\Windows\System32\iepeers.dll
2013-02-06 19:13:19 141D3A9144344E5C37790F27EFE82683 114176 ----a-w- C:\Windows\System32\admparse.dll
2013-02-06 19:13:19 08D0F87AA3F6DF47658E9ACD4D082027 248320 ----a-w- C:\Windows\System32\ieui.dll
2013-02-06 19:13:19 046AD878F246D3801B719700B543A6EE 816640 ----a-w- C:\Windows\System32\jscript.dll
2013-02-06 19:13:18 D97D9F5C72774550160FD9ECCE0B6B4D 455680 ----a-w- C:\Program Files\Internet Explorer\networkinspection.dll
2013-02-06 19:13:18 D869ACB7C3DA1B823765DB3CBE2E3DD4 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2013-02-06 19:13:18 D7CEAEDD5F75D2C8A2E80887D7C114CE 249344 ----a-w- C:\Windows\System32\webcheck.dll
2013-02-06 19:13:18 C3E98C42EDF7EF237A4BAB91FEAC7426 403248 ----a-w- C:\Windows\System32\iedkcs32.dll
2013-02-06 19:13:18 C1D0691BE5DDB0C230D8370BD96BBE8B 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2013-02-06 19:13:18 B69A23F486D1687ACC36A6F4D9A217E2 103936 ----a-w- C:\Windows\System32\inseng.dll
2013-02-06 19:13:18 93202ED0B473A8FEDFD9F5E668BE72ED 85504 ----a-w- C:\Windows\System32\iesetup.dll
2013-02-06 19:13:18 778004F92FF1D92C327857250E9E9482 82432 ----a-w- C:\Windows\System32\icardie.dll
2013-02-06 19:13:18 6E6602DE23AB3776007702FC9540E8E9 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-06 19:13:18 56336BB69172A2CEE15B2491DB4C70C1 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2013-02-06 19:13:18 478FDA5AB59331259538FB7B02026836 237056 ----a-w- C:\Windows\System32\url.dll
2013-02-06 19:13:18 351DF61EF64D77C57A4B68C663E7279D 39936 ----a-w- C:\Windows\System32\iernonce.dll
2013-02-06 19:13:18 342E1CA601D835713C9083890521C316 66048 ----a-w- C:\Program Files\Internet Explorer\JSProfilerCore.dll
2013-02-06 19:13:18 1E2DD319BE9731A01CF0642D5B22714B 30720 ----a-w- C:\Windows\System32\licmgr10.dll
2013-02-06 19:13:18 04CD7AFC3D66345DE15130D44E1ABC36 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2013-02-06 19:10:58 E59B615DE916273EEE72F643F97D7600 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-02-06 19:10:58 D144A13DA2D98F454062F106DD47456A 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll
2013-02-06 19:10:58 AC298E820F444049A4C9AC64C1775B87 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-02-06 19:10:58 22DC14043E0407A79DEB5E80926AEB40 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2013-02-06 19:10:58 201FD2520C8DE44177BBA5161A263F68 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-02-06 19:10:58 18482E1819DB232062389A729CEEFBC3 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2013-02-06 19:10:27 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-02-06 19:10:27 B20F051B03A966392364C83F009F7D17 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-02-06 19:10:27 B1DF2D87DC8BF6072699AC8301B37796 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-02-06 19:10:27 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-02-06 19:10:26 F1617F1014D51987D517A4C37A7C733B 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-02-06 19:10:26 25AE683DCB4AE7E6F1B193A0CB9DB35F 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-02-06 19:09:13 C00DB14550E4BD49737F311C644E45FF 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-02-06 19:09:13 B2DB6ABA2E292235749B80A9C3DFA867 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll
2013-02-06 19:09:13 A1BE6A720D02E37F72E9CD89AE9CB3CF 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-02-06 19:09:13 907281ED4AD35D41B29FFDC211EBAD80 5120 ----a-w- C:\Windows\SysWOW64\wmi.dll
2013-02-06 19:09:13 6BD9295CC032DD3077C671FCCF579A7B 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-02-06 19:08:19 EC10F0E7278272E392190292DD6324E0 275456 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2013-02-06 19:08:19 EAB15EA7F0897A468B3A2127C1FD2BFA 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2013-02-06 19:08:19 9CC2571E3646B9A24296AD7ADCC71682 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2013-02-06 19:08:19 859085B54E35BE90BDB110FD229E671C 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2013-02-06 19:08:19 69164383EACC5A2F96DFD2CA217C346F 44032 ----a-w- C:\Windows\AppPatch\acwow64.dll
2013-02-06 19:08:18 5FDE812D5609D724F902334368641B54 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-02-06 19:08:18 49A5AB4CC7856EFD83F55280E59043DC 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-02-06 19:08:18 25001506679B7A73C24F261F5EA7C859 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-02-06 19:08:18 0EC4A4C2595F23CE844A34B27464D715 243200 ----a-w- C:\Windows\System32\wow64.dll
2013-02-06 19:08:17 C2B1F6196C7FE1EA1BF827312B095D06 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-06 19:08:17 B3BEA6420D482356E53B7C728E05C637 1163264 ----a-w- C:\Windows\System32\kernel32.dll
2013-02-06 19:08:17 6072F9B801FD361ABCDD2A2C6D39D106 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-02-06 19:07:35 B113791FD29603AB468EC69285D4090A 135168 ----a-w- C:\Windows\AppPatch\AppPatch64\AcXtrnal.dll
2013-02-06 19:07:35 96C70BD48D49B87475F4572DEDC62EB9 561664 ----a-w- C:\Windows\AppPatch\AcLayers.dll
2013-02-06 19:07:35 3306930FD3AC4ABB17A6DFC9222467F1 350208 ----a-w- C:\Windows\AppPatch\AppPatch64\AcLayers.dll
2013-02-06 19:07:13 FE80B66D2EEA1DA139516A19C04436B4 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-02-06 19:07:13 E7A16F71BA02F3AB9D549F226559266E 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2013-02-06 19:07:13 D5707FC2300AA5B04B7BFE86D40C0133 1902472 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-06 19:07:13 D4FAC263861BAE06971C7F7D0A8EBF15 216576 ----a-w- C:\Windows\System32\ncsi.dll
2013-02-06 19:07:13 B4E967889E5AEDA9D66F12676215EB5D 51200 ----a-w- C:\Windows\SysWOW64\migration\IphlpsvcMigPlugin.dll
2013-02-06 19:07:13 8AD77806D336673F270DB31645267293 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2013-02-06 19:07:13 6F5316AA686FDAA2B6945EABF16DAEFC 60416 ----a-w- C:\Windows\System32\migration\IphlpsvcMigPlugin.dll
2013-02-06 19:07:13 5FF9F07B268E5D5A1C321C3CF5C2CB9B 175104 ----a-w- C:\Windows\SysWOW64\netcorehc.dll
2013-02-06 19:07:13 5BDE9F50E48A6CD28353BAA238CC4A7D 18944 ----a-w- C:\Windows\System32\netevent.dll
2013-02-06 19:07:13 4DB684167C3B220B556ECD0640715769 18944 ----a-w- C:\Windows\SysWOW64\netevent.dll
2013-02-06 19:07:13 46BB91A169B9B31FF44EB04C48EC1D41 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2013-02-06 19:07:13 4261F21A202746AC207CA9AA863D9FD4 570368 ----a-w- C:\Windows\System32\iphlpsvc.dll
2013-02-06 19:07:13 31EE9F3E116A646B0D74527EAD207DF8 288648 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-06 19:07:13 1B16D0BD9841794A6E0CDE0CEF744ABC 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2013-02-06 19:07:13 140D9F911182357626165EA0BEB98C4F 156672 ----a-w- C:\Windows\SysWOW64\ncsi.dll
2013-02-06 19:07:09 64E211E0FDFCE4D186DF58BB7D0503BC 2576384 ----a-w- C:\Windows\SysWOW64\gameux.dll
2013-02-06 19:07:09 43C9CF6825CEA58F1815B7C3DBBB385C 308736 ----a-w- C:\Windows\SysWOW64\Wpc.dll
2013-02-06 19:07:09 2BCBA6052374959A30BD7948444DBB79 2746368 ----a-w- C:\Windows\System32\gameux.dll
2013-02-06 19:07:09 027675ED9B34EE1B91505C3B8752649F 441856 ----a-w- C:\Windows\System32\Wpc.dll
2013-02-06 19:07:01 B39B8CC163C41B12FE83E777199F3378 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
2013-02-06 19:07:01 3D2D108E14AD21889A2621B94C80A3DD 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-02-06 19:06:57 494935A017905BEBDAA56490FCAF683B 14175232 ----a-w- C:\Windows\System32\shell32.dll
2013-02-06 19:06:56 D0961EA39C6472D9D27922ECE168808E 12874752 ----a-w- C:\Windows\SysWOW64\shell32.dll
2013-02-06 19:06:51 9AC4F97C2D3E93367E2148EA940CD2CD 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-02-06 19:06:51 26C43A7C2862447EC59DEDA188D1DA07 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-02-06 19:06:51 1573C45E65DE32B1BC3572634F8F1E8E 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-02-06 19:06:50 F93674263F6B07C77956E966953242D9 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2013-02-06 19:06:50 EDA7AD21DF8945528F01F0A86D69E524 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2013-02-06 19:06:50 97A7070AEA4C058B6418519E869A63B4 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-02-06 19:06:50 5864633FED2156AF701B99AFDF2683F9 3217408 ----a-w- C:\Windows\System32\msi.dll
2013-02-06 19:06:50 3D3CBD1847F980FB03343A63671E7886 225280 ----a-w- C:\Windows\SysWOW64\schannel.dll
2013-02-06 19:06:49 EBD1AAA3612A3E37C616A057FD5F252C 2342912 ----a-w- C:\Windows\SysWOW64\msi.dll
2013-02-06 19:06:48 E63C7FE43F390A2756D36B255F2C003F 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2013-02-06 19:06:48 E0B0E0BDE6508E5D27715E0F4C3F5079 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2013-02-06 19:06:48 CCC588EF05A020C2CFABDB0523ED0AD9 195072 ----a-w- C:\Windows\SysWOW64\dhcpcore6.dll
2013-02-06 19:06:48 3F221A7E3123773EE8F1DB200CDDB39E 318976 ----a-w- C:\Windows\System32\dhcpcore.dll
2013-02-06 19:06:48 3230D18B564A6CD6D4B3451A6CA9ABEF 44032 ----a-w- C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-02-06 19:06:48 200C848129182E15A1E39E617DE4A054 257024 ----a-w- C:\Windows\SysWOW64\dhcpcore.dll
2013-02-06 19:06:44 F23231EF88039F73CC69C002F2993A02 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2013-02-06 19:06:44 DEC1426BF15A07E4B26DC7F479EDAA60 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2013-02-06 19:06:44 3B7C1A53047FF6ACEFD9BA6E281DEBB7 805376 ----a-w- C:\Windows\SysWOW64\cdosys.dll
2013-02-06 19:06:43 EA7DD5409284682BD65C4078FFF75F0E 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll
2013-02-06 19:06:43 D841D8118B06E5D528B5E9023CF93D39 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll
2013-02-06 19:06:43 9897B73497507D71F0FDFD0E96C68DE8 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2013-02-06 19:06:43 8DFB4B9989F81626ADC115DFADD7E42D 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2013-02-06 19:06:43 3B5116838A330132D406353E2BCBFB6F 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll
2013-02-06 19:06:43 3943DEC4AA1BE148F71F1CE0333F5F1C 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2013-02-06 19:06:43 3847472640ACA0816C85118A7395762C 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2013-02-06 19:06:43 2D34839A17EF7BDA968332AF195FCC9D 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2013-02-06 19:06:43 1FEB1694B13247A451B274E114AFAC45 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2013-02-06 19:06:43 08360AF9178A2436B6DD98815031DA56 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2013-02-06 19:06:42 C9DEA5A2B7A56C78879E0A07F423466E 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2013-02-06 19:06:42 79726C7D4E361AC1CE437316CC04AF58 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-02-06 19:06:40 5D57DAE7BB47FA2393084F68818749EB 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-02-06 19:06:40 57A5B9B0E4A668ADEAA38EC891AD2611 826880 ----a-w- C:\Windows\SysWOW64\rdpcore.dll
2013-02-06 19:06:40 51C5ECEB1CDEE2468A1748BE550CFBC8 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-02-06 19:06:39 7777D040440755FD93A70A319D6C2EB3 496128 ----a-w- C:\Windows\SysWOW64\win32spl.dll
2013-02-06 19:06:39 6F6D6B434A77124BD4BE085712DFE15E 755712 ----a-w- C:\Windows\System32\win32spl.dll
2013-02-06 19:06:32 99B91C5D2FCEF218CAD3600ECB62A799 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-02-06 19:06:31 EAADD6E47ED2A7003ACE1793B98CF63F 1389568 ----a-w- C:\Windows\SysWOW64\msxml6.dll
2013-02-06 19:06:31 A067502DE2EC567CF90F24621211F4E3 1236480 ----a-w- C:\Windows\SysWOW64\msxml3.dll
2013-02-06 19:06:31 77F738FA45B7FC58290F1E2B0D04CC45 1879552 ----a-w- C:\Windows\System32\msxml3.dll
2013-02-06 19:06:26 B2746D84DDF68D09B41B72DF745CCBA6 1687408 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-02-06 19:06:22 C672AE7957256A51E4F4A0B16CFB8CDC 3152384 ----a-w- C:\Windows\System32\win32k.sys
2013-02-06 19:06:21 F00703BA13A53DD7AA6F944A39E439CB 1416192 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\ink\InkObj.dll
2013-02-06 19:06:21 E97BDB9B2A3D4A2EFAF320D9C0AF7002 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2013-02-06 19:06:21 A77904EAC93C1F9181384B5805D950BE 2103808 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-02-06 19:06:21 7D620B543F8FCCDDB1B07E2474A43E59 1077248 ----a-w- C:\Windows\SysWOW64\DWrite.dll
2013-02-06 19:06:20 CAD1F7C2B45C67C15F4EFA20F7BCD47D 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-02-06 19:06:20 BA483389FB5F42015B575E49DE9B7B4C 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-02-06 19:06:20 ABE6C3EF31C3A19F74A788273B33AE09 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-02-06 19:06:20 62704AF332A0A86F3AF6E8C4EC775725 936960 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\ink\journal.dll
2013-02-06 19:06:20 00E7C91EB44FC0612E6AF42E294F4F6C 1402880 ----a-w- C:\Windows\System32\spool\drivers\x64\3\JNWDRV.dll
2013-02-06 19:06:20 00E7C91EB44FC0612E6AF42E294F4F6C 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-02-06 19:06:18 AA06902362B1422D7A7DA7061E07C624 220160 ----a-w- C:\Windows\System32\wintrust.dll
2013-02-06 19:06:18 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2013-02-06 19:06:18 17448AF0BBA9E7AB5EC955AF93F271BD 172544 ----a-w- C:\Windows\SysWOW64\wintrust.dll
2013-02-06 19:06:17 FDD71F94CD5580E4C1D16F96EF6C2856 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2013-02-06 19:06:17 EEEA40F0EDB0A6E5359E539E15D0BC77 73216 ----a-w- C:\Windows\System32\netapi32.dll
2013-02-06 19:06:17 72910F1DEB838E6E08A9017BFB7D4F0B 41984 ----a-w- C:\Windows\SysWOW64\browcli.dll
2013-02-06 19:06:17 2FCA0D2C59A855C54BAFA22AA329DF0F 57344 ----a-w- C:\Windows\SysWOW64\netapi32.dll
2013-02-06 19:06:17 05F5A0D14A2EE1D8255C2AA0E9E8E694 136704 ----a-w- C:\Windows\System32\browser.dll
2013-02-06 19:06:17 012787CEB35505EB78DF82E0A0072888 59392 ----a-w- C:\Windows\System32\browcli.dll
2013-02-06 19:06:16 E9766131EEADE40A27DC27D2D68FBA9C 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-02-06 19:06:14 5CBC20E15923025997C2253A7DD5193F 212480 ----a-w- C:\Windows\System32\profsvc.dll
2013-02-06 19:06:12 E4ACCC7927A1478DF636534864E03666 801280 ----a-w- C:\Windows\System32\usp10.dll
2013-02-06 19:06:12 CA68408922B02E8D955A2967C7CBF8CE 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll
2013-02-06 19:06:11 6B7FBD65632F45FA52B23F788D71DF96 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2013-02-06 19:06:11 50383C6280B31995D25C2662807709E4 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2013-02-06 19:06:08 B8E693C547A15DEEF116D70985F7CC94 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
2013-02-06 19:06:08 AD976778C4B92F9EC4842295974E9BD9 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-02-06 19:06:08 54AF46DC37E63E1E85EB619033953309 490496 ----a-w- C:\Windows\SysWOW64\d3d10level9.dll
2013-02-06 19:06:08 1FE9863C6C5CC71E8E7E70F9EFBD30E1 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2013-02-06 19:06:07 E5A7D4E652D61D56FF015735F50567AD 716800 ----a-w- C:\Windows\System32\kerberos.dll
2013-02-06 19:06:07 D68258881C7849A7F4E4FCFE7CA0060F 543232 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2013-02-06 19:06:07 374CE9DAB2F0CB173B8FCF3AB8DB5D1B 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-02-06 19:06:06 D23E615E0969AECC1134E372B0B295D1 78336 ----a-w- C:\Windows\SysWOW64\synceng.dll
2013-02-06 19:06:06 8699D17DFCFCD327784034DB6BD3A422 95744 ----a-w- C:\Windows\System32\synceng.dll
2013-02-06 19:06:06 310F6F492A3B4B1020ED9BF9CCBBE6B6 376832 ----a-w- C:\Windows\SysWOW64\dpnet.dll
2013-02-06 19:06:05 D5164131D596A070FF9C82BC4A488F1F 503808 ----a-w- C:\Windows\System32\srcore.dll
2013-02-06 19:06:05 A81331D7EB6C5D1F7B1E4E4FC15F3EC0 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2013-02-06 19:06:02 954A25A7A9A5088602642F89EC0815ED 956416 ----a-w- C:\Windows\System32\localspl.dll
2013-02-06 19:05:58 D3B5A88819F7B1D981ADCA3D95283D3A 1465344 ----a-w- C:\Windows\System32\crypt32.dll
2013-02-06 19:05:57 A62114C4FCA2848B413BB7B6C690AF5C 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2013-02-06 19:05:57 7E7D2DACF65D750D466F36BD3D09AE20 186880 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-02-06 19:05:57 49BF8127A57231C6B2F6ADB17D543695 1160192 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2013-02-06 19:05:57 195315BDF59DC945E187C79780D2167C 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
2013-02-06 19:05:57 063DD65889D21035311463337BD268E7 142336 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2013-02-06 19:05:54 F8D176DB5B14AED7C9B25E0640226BD1 258352 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\unicows.dll
2013-02-06 19:05:54 E19CCD189D7BB37DA3691BD794C38EF0 77824 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\glu2d3d.dll
2013-02-06 19:05:54 E072F97804B5BB32250D70BB80165C55 463360 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\opengl2d3d.dll
2013-02-06 19:05:54 CE0CDC5459EAA1D574AF781DDB8F2685 110592 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\OpenAl32.dll
2013-02-06 19:05:54 9C24ED831DDFA8319382B2BFD9691AA9 413696 ----a-w- C:\Users\Gebruiker\Desktop\Gardens Inc- From Rakes To Riches\wrap_oal.dll
2013-02-06 16:32:09 F78A65AADC6590943371DC606D1746A6 95648 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-02-06 12:04:33 E0FF893763BA82BAABB869A351F0C455 572808 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
2013-02-06 12:04:33 C56DE8185672B9F17F127EA282DD5E07 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psmachine.dll
2013-02-06 12:04:33 1C074E661B522E7F40D3534089FC225E 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psuser.dll
2013-02-06 12:04:32 EA1848EFE8F3B60C687D003977945289 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_th.dll
2013-02-06 12:04:32 E534BB37BF5C43826E748E1D89910253 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sk.dll
2013-02-06 12:04:32 DF1FAEC09D59CF8CDBC30D3455648F8C 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_uk.dll
2013-02-06 12:04:32 A613AEA586B0ADF6902A59F39C547DA6 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_tr.dll
2013-02-06 12:04:32 787B22D1B3551214EA18A438EB497BC2 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sr.dll
2013-02-06 12:04:32 6B3640EFF0DD461E27C36AD7EB469D44 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ro.dll
2013-02-06 12:04:32 6A2929FC5F24464DBDC0577DB6766DC1 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ru.dll
2013-02-06 12:04:32 59CBFB54ECC5FE93C74ECB2E4A1FF9A2 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-TW.dll
2013-02-06 12:04:32 51B96D72840AB9232225521102AB4962 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-CN.dll
2013-02-06 12:04:32 3ABFB1E60F232142271FAB79253786F4 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sl.dll
2013-02-06 12:04:32 326DC32156A3587395B6858C10D34B0E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sw.dll
2013-02-06 12:04:32 2A0309B546700308E7DF9ED9302E8E94 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_te.dll
2013-02-06 12:04:32 17EBF25727C05C7273AD72BADF1F7058 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ur.dll
2013-02-06 12:04:32 1359046E906BFC1147702E78442ADB1E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ta.dll
2013-02-06 12:04:32 0B09837C01231654CEA36BAD94F88994 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sv.dll
2013-02-06 12:04:32 0A6FD6C1F1E21A54CDC342616E8E4F82 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_vi.dll
2013-02-06 12:04:31 F7281230459DA9BF21EC099CA833CA03 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_id.dll
2013-02-06 12:04:31 F1B3D5D1D7A332FD6E24C4EB4844C7D5 23944 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ko.dll
2013-02-06 12:04:31 E849D447E038462CBE0B79655865CBB8 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_mr.dll
2013-02-06 12:04:31 AD7C821EDB54639DD23D745173938ED4 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_is.dll
2013-02-06 12:04:31 956C7CFAE0FCA13AE6592A72E681325A 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-BR.dll
2013-02-06 12:04:31 93545A29801793646159E248D69D337E 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_kn.dll
2013-02-06 12:04:31 8AAFF4EE2151DC1DBE13B1B42189A9A4 32136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ml.dll
2013-02-06 12:04:31 6E67575379F7CE795FF77CEC74F6D769 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lv.dll
2013-02-06 12:04:31 6D9CDB9FE405DB672187CA1F85B148FA 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-PT.dll
2013-02-06 12:04:31 6D8879BF56B5875E70508A6A20812BB1 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ms.dll
2013-02-06 12:04:31 648544BA93B4DD273DF243F9E72948EF 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_it.dll
2013-02-06 12:04:31 52E4EDF65BA65BEC4BA56D0B6E326F9E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_no.dll
2013-02-06 12:04:31 4CB3C4616DA0DDF3D03829D8B18C640E 24968 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ja.dll
2013-02-06 12:04:31 3CC2D1834C1292A11C963FD9523CC4EF 26504 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_iw.dll
2013-02-06 12:04:31 172724B5A3F3988A7FA0F038A92FF11E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_nl.dll
2013-02-06 12:04:31 0A119E73AB9ABCB87107B816B0FA74F9 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lt.dll
2013-02-06 12:04:31 00F8FEEFD4AE00EC5065B937BE00C595 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pl.dll
2013-02-06 12:04:30 FC5D9F5CBC46B3662DE958C682611296 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en-GB.dll
2013-02-06 12:04:30 F7C88FA49453C948D52D5350F16720D5 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es.dll
2013-02-06 12:04:30 DE939A1A8F7EA3C0E41E46F87A4F6EF5 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fil.dll
2013-02-06 12:04:30 DB9BE127989AF7386234BE8D746CE65D 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_da.dll
2013-02-06 12:04:30 D87B79DF28588640F027686FD1209DD4 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fi.dll
2013-02-06 12:04:30 C164FE32626724656C77362A88156684 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fa.dll
2013-02-06 12:04:30 A8D817072D08DB41F0BB193F234F43BB 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_de.dll
2013-02-06 12:04:30 8F1E180AF2F5B9AF234196DAFAB07E11 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_el.dll
2013-02-06 12:04:30 8D70A5894C60E412B4DF74B4EC049F13 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_et.dll
2013-02-06 12:04:30 8ABBEF4327C86834E25E979CEEB19605 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_cs.dll
2013-02-06 12:04:30 73CF46B4F2B54AF8D0BF940B12DF10A5 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hr.dll
2013-02-06 12:04:30 35DB83C4DE9FA3889E937125D115EAA0 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
2013-02-06 12:04:30 2E1685D3B946B8D4D199494AF700CD2E 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_gu.dll
2013-02-06 12:04:30 2D39FA2E03FCCBB4D76A33FA03C76FE9 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hu.dll
2013-02-06 12:04:30 2C42FE9ACCA5654AEA2D0C7734531DDA 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fr.dll
2013-02-06 12:04:30 0ABF233C089FB7E8191D29DA2C6AC0AF 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es-419.dll
2013-02-06 12:04:30 050448DEA40A5CED634C914DBE6336DE 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hi.dll
2013-02-06 12:04:29 EC724DAA39BEB13862324594100C1052 27016 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ar.dll
2013-02-06 12:04:29 98A4DF0939A0ECB3A1A7C7F9C3AA318F 25480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_am.dll
2013-02-06 12:04:29 8B572945FF7BED636A05A219DD78EC95 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bg.dll
2013-02-06 12:04:29 43BC38087C79995F7BEDEF8648D5B790 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bn.dll
2013-02-06 12:04:29 3781763F294C34D9F8A993B384A88FA2 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ca.dll
2013-02-06 12:04:29 2E5672EEA419A4DC9DACD714632E1DC3 835464 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
2013-02-06 11:54:53 14FDBCF78F39553202D382D9082DC9CB 512000 ----a-w- C:\Users\Gebruiker\Desktop\Downloads\Een Vies Spelletje [NL [1]\!RnE - 2012.07.25 17.46.49 - READER-Een Vies Spelletje\READER-Een Vies Spelletje\audiere.dll
2013-02-03 20:01:06 F8D176DB5B14AED7C9B25E0640226BD1 258352 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\unicows.dll
2013-02-03 20:01:06 E19CCD189D7BB37DA3691BD794C38EF0 77824 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\glu2d3d.dll
2013-02-03 20:01:06 E072F97804B5BB32250D70BB80165C55 463360 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\opengl2d3d.dll
2013-02-03 20:01:06 CE0CDC5459EAA1D574AF781DDB8F2685 110592 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\OpenAl32.dll
2013-02-03 20:01:06 9C24ED831DDFA8319382B2BFD9691AA9 413696 ----a-w- C:\Zylom Games\Fix-it-Up 80's - Meet Kate's Parents\wrap_oal.dll
2013-02-02 16:52:45 62FD1461C7C88D9927CAFF8FA827DAA8 257024 ----a-w- C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-3899251529-2481488585-3776796876-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Gainward"="C:\Program Files (x86)\EXPERTool ATI\TBPanel.exe /A"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"AMD AVT"="Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gainward"="C:\Program Files (x86)\EXPERTool ATI\TBPanel.exe /A"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
==== Startup Folders ======================
2012-10-14 14:32:02 1003 ----a-w- C:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-02-2013 15:54]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23-08-2012 21:42]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23-08-2012 21:42]
11
Administrator
Administrator
Hoi,
Het systeem is al sinds 21-01-2013 geïnfecteerd Zeus/Zbot zo te zien dat geeft maar weer eens aan hoe slecht Microsoft Security Essentials is.
Download zoek.exe naar het bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
Het systeem is al sinds 21-01-2013 geïnfecteerd Zeus/Zbot zo te zien dat geeft maar weer eens aan hoe slecht Microsoft Security Essentials is.
Download zoek.exe naar het bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
- Dubbelklik op Zoek.exe om de tool te starten.
- Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
- Kopieer nu onderstaande code en plak die in het grote invulvenster:
- Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
Code: Selecteer alles
C:\users\Gebruiker\AppData\Roaming\tor;f C:\users\Gebruiker\AppData\Roaming\Yrizi;f C:\users\Gebruiker\AppData\Roaming\Azacx;f C:\users\Gebruiker\AppData\Roaming\Piezgy;f C:\users\Gebruiker\AppData\Roaming\Kezyo;f - Klik nu op de knop "Run script".
- Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
- Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
- Post nu de inhoud van het geopende logje in het volgende bericht.
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
12
PC Web Plus - Member
PC Web Plus - Member
Zoek.exe Version 4.0.0.2 Beta Updated 09-February-2013
Tool run by Gebruiker on za 09-02-2013 at 13:58:45,08.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Deleting Files \ Folders ======================
"C:\users\Gebruiker\AppData\Roaming\tor\cached-certs" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\cached-consensus" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\cached-descriptors" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\cached-descriptors.new" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\lock" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\state" deleted
"C:\users\Gebruiker\AppData\Roaming\Yrizi\voes.olu" deleted
"C:\users\Gebruiker\AppData\Roaming\Azacx\ohul.exe" deleted
"C:\users\Gebruiker\AppData\Roaming\Kezyo\tocy.tmp" deleted
"C:\users\Gebruiker\AppData\Roaming\Kezyo\tocy.zak" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\hidden_service\hostname" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\hidden_service\private_key" deleted
"C:\users\Gebruiker\AppData\Roaming\tor" deleted
"C:\users\Gebruiker\AppData\Roaming\Yrizi" deleted
"C:\users\Gebruiker\AppData\Roaming\Azacx" deleted
"C:\users\Gebruiker\AppData\Roaming\Piezgy" deleted
"C:\users\Gebruiker\AppData\Roaming\Kezyo" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\hidden_service" deleted
Tool run by Gebruiker on za 09-02-2013 at 13:58:45,08.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Deleting Files \ Folders ======================
"C:\users\Gebruiker\AppData\Roaming\tor\cached-certs" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\cached-consensus" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\cached-descriptors" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\cached-descriptors.new" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\lock" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\state" deleted
"C:\users\Gebruiker\AppData\Roaming\Yrizi\voes.olu" deleted
"C:\users\Gebruiker\AppData\Roaming\Azacx\ohul.exe" deleted
"C:\users\Gebruiker\AppData\Roaming\Kezyo\tocy.tmp" deleted
"C:\users\Gebruiker\AppData\Roaming\Kezyo\tocy.zak" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\hidden_service\hostname" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\hidden_service\private_key" deleted
"C:\users\Gebruiker\AppData\Roaming\tor" deleted
"C:\users\Gebruiker\AppData\Roaming\Yrizi" deleted
"C:\users\Gebruiker\AppData\Roaming\Azacx" deleted
"C:\users\Gebruiker\AppData\Roaming\Piezgy" deleted
"C:\users\Gebruiker\AppData\Roaming\Kezyo" deleted
"C:\users\Gebruiker\AppData\Roaming\tor\hidden_service" deleted
13
Administrator
Administrator
Hoi,
Dit is alvast netjes opgeruimd in ieder geval..
Download ComboFix van één van deze locaties:
Link 1
Link 2
* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.
Let op!!! Windows Vista & 7 gebruikers dienen ComboFix als administrator uit te voeren "Rechtermuisknop uitvoeren als"
Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.
* (hier of hier staat een handleiding over hoe je deze kan uitschakelen:)
Dit is alvast netjes opgeruimd in ieder geval..
Download ComboFix van één van deze locaties:
Link 1
Link 2
* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.
Let op!!! Windows Vista & 7 gebruikers dienen ComboFix als administrator uit te voeren "Rechtermuisknop uitvoeren als"
Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.
* (hier of hier staat een handleiding over hoe je deze kan uitschakelen:)
- Dubbelklik op "ComboFix.exe en ga "Akkoord" met de 'Disclaimer'
- Als er een melding komt dat er "Een nieuwere versie van ComboFix" beschikbaar is klik dan op "Ja" om te updaten.
- Klik na het update nogmaals op "Akkoord" en ComboFix zal nu starten.
- Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bij bijvoorbeeld een aanwezige rootkit, dit is normaal.
- Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)
14
PC Web Plus - Member
PC Web Plus - Member
ComboFix 13-02-07.02 - Gebruiker 09-02-2013 14:32:14.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.6135.4540 [GMT 1:00]
Gestart vanuit: \\MARCEL-PC\Apie\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-01-09 to 2013-02-09 ))))))))))))))))))))))))))))))
.
.
2013-02-09 13:34 . 2013-02-09 13:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-09 11:30 . 2013-02-09 11:30 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Malwarebytes
2013-02-09 11:30 . 2013-02-09 11:30 -------- d-----w- c:\programdata\Malwarebytes
2013-02-09 11:30 . 2013-02-09 11:30 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-09 11:30 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-09 11:30 . 2013-02-09 11:30 -------- d-----w- c:\users\Gebruiker\AppData\Local\Programs
2013-02-08 11:19 . 2013-02-08 11:19 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Melesta
2013-02-06 19:54 . 2013-02-06 19:54 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2013-02-06 19:54 . 2013-02-06 19:54 -------- d-----w- c:\windows\system32\wbem\en-US
2013-02-06 19:19 . 2012-07-26 07:49 2560 ----a-w- c:\windows\system32\drivers\nl-NL\wdf01000.sys.mui
2013-02-06 19:19 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-02-06 19:19 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-02-06 19:19 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-02-06 19:14 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-02-06 19:10 . 2012-12-16 18:35 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-02-06 19:10 . 2012-12-16 17:34 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-02-06 19:10 . 2012-12-16 17:32 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-02-06 19:10 . 2012-12-16 15:05 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-02-06 19:10 . 2012-12-16 14:44 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-02-06 19:10 . 2012-12-16 14:44 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-02-06 19:10 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-02-06 19:10 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-02-06 19:10 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-02-06 19:10 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-02-06 19:10 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-02-06 19:10 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-02-06 19:10 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-02-06 19:09 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-02-06 19:09 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-02-06 19:09 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-02-06 19:09 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-02-06 19:09 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-02-06 19:07 . 2012-10-03 17:44 1902472 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-06 19:06 . 2012-08-30 18:02 5562736 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-06 19:05 . 2012-06-04 07:52 1465344 ----a-w- c:\windows\system32\crypt32.dll
2013-02-06 19:05 . 2012-06-04 07:52 186880 ----a-w- c:\windows\system32\cryptsvc.dll
2013-02-06 19:05 . 2012-06-04 07:52 140288 ----a-w- c:\windows\system32\cryptnet.dll
2013-02-06 19:05 . 2012-06-02 04:52 142336 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-02-06 19:05 . 2012-06-02 04:52 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-02-06 19:05 . 2012-06-02 04:52 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-02-06 19:01 . 2012-02-11 06:20 559616 ----a-w- c:\windows\system32\spoolsv.exe
2013-02-06 19:01 . 2012-02-11 06:20 67072 ----a-w- c:\windows\splwow64.exe
2013-02-06 18:56 . 2013-02-06 18:56 -------- d-----w- c:\program files\CCleaner
2013-02-06 16:32 . 2013-02-06 16:32 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-06 16:32 . 2013-02-06 16:32 -------- d-----w- c:\program files (x86)\Java
2013-02-06 11:57 . 2013-02-06 11:57 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\HeroCraft
2013-02-03 20:02 . 2013-02-03 20:02 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\World-Loom
2013-02-02 16:52 . 2009-07-14 01:41 257024 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw72.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 14:54 . 2012-07-28 20:18 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 14:54 . 2012-07-28 20:18 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-06 16:32 . 2012-07-21 21:45 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-02-06 16:32 . 2012-07-21 21:45 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-01-30 10:53 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-03 12:32 . 2013-01-03 08:18 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2012-12-28 18:34 . 2012-12-28 18:34 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-12-28 18:34 . 2012-12-28 18:34 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-12-16 16:31 . 2012-03-04 16:19 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-11-30 04:59 . 2013-02-06 19:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gainward"="c:\program files (x86)\EXPERTool ATI\TBPanel.exe" [2008-07-31 2296360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-10-14 576000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
R3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiaga.sys [2010-12-16 88104]
R3 BFN7x64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x64.sys [2011-01-14 157288]
R3 BFNVis64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\XenoVa64.sys [2011-01-14 157288]
R3 BXOIS;BXOIS;c:\windows\system32\drivers\bxois.sys [2010-12-10 533544]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 IAMTVE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMTVE.sys [2007-04-11 43416]
R3 IAMTXPE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMTXPE.sys [2007-04-11 51096]
R3 IFCoEMP;IFCoEMP;c:\windows\system32\drivers\ifM60x64.sys [2011-09-13 388368]
R3 IFCoEVB;IFCoEVB;c:\windows\system32\drivers\ifP60X64.sys [2011-09-13 77584]
R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2009-11-16 40144]
R3 ioatdma2;Intel(R) QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [2009-11-16 42192]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2012-03-19 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-04 238080]
S2 ogmservice;Online Games Manager;c:\program files (x86)\Online Games Manager\ogmservice.exe [2012-06-08 521344]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2013-02-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-28 14:54]
.
2013-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 20:42]
.
2013-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 20:42]
.
.
--------- X64 Entries -----------
.
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-02-09 14:36:23
ComboFix-quarantined-files.txt 2013-02-09 13:36
.
Pre-Run: 229.066.199.040 bytes beschikbaar
Post-Run: 229.077.082.112 bytes beschikbaar
.
- - End Of File - - 12A7DA81D3CFA0961D769B084AD3C200
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.6135.4540 [GMT 1:00]
Gestart vanuit: \\MARCEL-PC\Apie\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-01-09 to 2013-02-09 ))))))))))))))))))))))))))))))
.
.
2013-02-09 13:34 . 2013-02-09 13:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-09 11:30 . 2013-02-09 11:30 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Malwarebytes
2013-02-09 11:30 . 2013-02-09 11:30 -------- d-----w- c:\programdata\Malwarebytes
2013-02-09 11:30 . 2013-02-09 11:30 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-09 11:30 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-09 11:30 . 2013-02-09 11:30 -------- d-----w- c:\users\Gebruiker\AppData\Local\Programs
2013-02-08 11:19 . 2013-02-08 11:19 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Melesta
2013-02-06 19:54 . 2013-02-06 19:54 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2013-02-06 19:54 . 2013-02-06 19:54 -------- d-----w- c:\windows\system32\wbem\en-US
2013-02-06 19:19 . 2012-07-26 07:49 2560 ----a-w- c:\windows\system32\drivers\nl-NL\wdf01000.sys.mui
2013-02-06 19:19 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-02-06 19:19 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-02-06 19:19 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-02-06 19:14 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-02-06 19:10 . 2012-12-16 18:35 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-02-06 19:10 . 2012-12-16 17:34 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-02-06 19:10 . 2012-12-16 17:32 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-02-06 19:10 . 2012-12-16 15:05 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-02-06 19:10 . 2012-12-16 14:44 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-02-06 19:10 . 2012-12-16 14:44 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-02-06 19:10 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-02-06 19:10 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-02-06 19:10 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-02-06 19:10 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-02-06 19:10 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-02-06 19:10 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-02-06 19:10 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-02-06 19:09 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-02-06 19:09 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-02-06 19:09 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-02-06 19:09 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-02-06 19:09 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-02-06 19:07 . 2012-10-03 17:44 1902472 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-06 19:06 . 2012-08-30 18:02 5562736 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-06 19:05 . 2012-06-04 07:52 1465344 ----a-w- c:\windows\system32\crypt32.dll
2013-02-06 19:05 . 2012-06-04 07:52 186880 ----a-w- c:\windows\system32\cryptsvc.dll
2013-02-06 19:05 . 2012-06-04 07:52 140288 ----a-w- c:\windows\system32\cryptnet.dll
2013-02-06 19:05 . 2012-06-02 04:52 142336 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-02-06 19:05 . 2012-06-02 04:52 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-02-06 19:05 . 2012-06-02 04:52 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-02-06 19:01 . 2012-02-11 06:20 559616 ----a-w- c:\windows\system32\spoolsv.exe
2013-02-06 19:01 . 2012-02-11 06:20 67072 ----a-w- c:\windows\splwow64.exe
2013-02-06 18:56 . 2013-02-06 18:56 -------- d-----w- c:\program files\CCleaner
2013-02-06 16:32 . 2013-02-06 16:32 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-06 16:32 . 2013-02-06 16:32 -------- d-----w- c:\program files (x86)\Java
2013-02-06 11:57 . 2013-02-06 11:57 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\HeroCraft
2013-02-03 20:02 . 2013-02-03 20:02 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\World-Loom
2013-02-02 16:52 . 2009-07-14 01:41 257024 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw72.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 14:54 . 2012-07-28 20:18 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 14:54 . 2012-07-28 20:18 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-06 16:32 . 2012-07-21 21:45 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-02-06 16:32 . 2012-07-21 21:45 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-01-30 10:53 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-03 12:32 . 2013-01-03 08:18 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2012-12-28 18:34 . 2012-12-28 18:34 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-12-28 18:34 . 2012-12-28 18:34 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-12-16 16:31 . 2012-03-04 16:19 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-11-30 04:59 . 2013-02-06 19:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gainward"="c:\program files (x86)\EXPERTool ATI\TBPanel.exe" [2008-07-31 2296360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-10-14 576000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
R3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiaga.sys [2010-12-16 88104]
R3 BFN7x64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x64.sys [2011-01-14 157288]
R3 BFNVis64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\XenoVa64.sys [2011-01-14 157288]
R3 BXOIS;BXOIS;c:\windows\system32\drivers\bxois.sys [2010-12-10 533544]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 IAMTVE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMTVE.sys [2007-04-11 43416]
R3 IAMTXPE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMTXPE.sys [2007-04-11 51096]
R3 IFCoEMP;IFCoEMP;c:\windows\system32\drivers\ifM60x64.sys [2011-09-13 388368]
R3 IFCoEVB;IFCoEVB;c:\windows\system32\drivers\ifP60X64.sys [2011-09-13 77584]
R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2009-11-16 40144]
R3 ioatdma2;Intel(R) QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [2009-11-16 42192]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2012-03-19 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-04 238080]
S2 ogmservice;Online Games Manager;c:\program files (x86)\Online Games Manager\ogmservice.exe [2012-06-08 521344]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2013-02-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-28 14:54]
.
2013-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 20:42]
.
2013-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 20:42]
.
.
--------- X64 Entries -----------
.
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-02-09 14:36:23
ComboFix-quarantined-files.txt 2013-02-09 13:36
.
Pre-Run: 229.066.199.040 bytes beschikbaar
Post-Run: 229.077.082.112 bytes beschikbaar
.
- - End Of File - - 12A7DA81D3CFA0961D769B084AD3C200
15
Administrator
Administrator
Hoi,
Dit ziet er verder allemaal prima uit, zo te zien is het uitvoeren van deze tools verder geen probleem.
Welke uitvoerbare bestanden hebben er nu nog problemen, zijn dit toevallig *.msi bestanden?
Dit ziet er verder allemaal prima uit, zo te zien is het uitvoeren van deze tools verder geen probleem.
Welke uitvoerbare bestanden hebben er nu nog problemen, zijn dit toevallig *.msi bestanden?
Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)