Madje1992
-
Items
64 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Madje1992
-
-
ComboFix 11-09-24.04 - Charlotte 24-09-2011 21:41:53.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4008.2488 [GMT 2:00]
Gestart vanuit: c:\users\Charlotte\Desktop\ComboFix.exe
AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfeeFirewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\FD.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-08-24 to 2011-09-24 ))))))))))))))))))))))))))))))
.
.
2011-09-22 14:41 . 2011-09-22 14:41 -------- d-----w- C:\rsit
2011-09-22 14:36 . 2011-09-22 14:41 -------- d-----w- c:\program files (x86)\Trend Micro
2011-09-22 14:36 . 2011-09-22 14:36 388096 ----a-r- c:\users\Charlotte\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-09-21 17:45 . 2011-09-21 17:45 -------- d-----w- c:\users\Charlotte\AppData\Local\ElevatedDiagnostics
2011-09-21 13:22 . 2011-08-16 06:48 8862544 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DBAD0E26-3605-40E3-9E34-CF3D8C06715D}\mpengine.dll
2011-09-18 18:44 . 2011-09-18 18:44 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2011-09-18 18:44 . 2011-09-18 18:44 -------- d-----w- c:\windows\system32\wbem\en-US
2011-09-18 16:07 . 2011-09-18 16:07 -------- d-----w- c:\windows\system32\SPReview
2011-09-18 16:05 . 2011-09-18 16:05 -------- d-----w- c:\windows\system32\EventProviders
2011-09-18 15:36 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-09-18 15:36 . 2011-02-19 12:04 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-09-18 15:36 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-09-18 15:36 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-09-18 15:36 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-09-18 14:49 . 2011-09-18 14:49 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-09-11 07:49 . 2011-03-13 09:20 9984 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-09-11 07:49 . 2011-03-13 09:45 158832 ----a-w- c:\windows\system32\mfevtps.exe
2011-09-09 15:11 . 2011-09-11 17:26 -------- d-----w- c:\program files (x86)\McAfee
2011-09-09 15:04 . 2011-09-09 15:16 -------- d-----w- c:\programdata\McAfee
2011-09-09 12:49 . 2010-11-20 13:33 95616 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-09-09 12:48 . 2010-11-20 13:27 392192 ----a-w- c:\windows\system32\WMPhoto.dll
2011-09-09 12:47 . 2010-11-20 13:34 2560 ----a-w- c:\windows\system32\drivers\nl-NL\rdpwd.sys.mui
2011-09-09 12:47 . 2010-11-20 13:33 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui
2011-09-09 12:47 . 2010-11-20 13:27 3072 ----a-w- c:\windows\system32\drivers\nl-NL\Dot4usb.sys.mui
2011-09-09 12:47 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-09-09 12:47 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2011-09-09 12:47 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2011-09-09 12:47 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-09-09 12:47 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2011-09-09 12:47 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-09-09 12:44 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-09-09 12:44 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2011-09-09 12:44 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2011-09-09 11:30 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-09-09 11:30 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-09-09 11:30 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-09-09 11:30 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-09-09 11:30 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-09-09 11:30 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-09-09 11:30 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-09-09 11:30 . 2011-04-28 03:55 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2011-09-09 11:30 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2011-09-09 11:30 . 2010-11-20 13:24 229376 ----a-w- c:\windows\system32\fsquirt.exe
2011-09-09 11:29 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-09-09 11:29 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2011-09-09 11:29 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2011-09-09 11:29 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2011-09-09 11:29 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-09-09 11:29 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-09-09 11:29 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-09-09 11:29 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-09-09 11:29 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-09-09 11:29 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-09-09 11:29 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-09-09 11:07 . 2011-09-09 11:07 -------- d-----w- c:\windows\SysWow64\Wat
2011-09-09 11:07 . 2011-09-09 11:07 -------- d-----w- c:\windows\system32\Wat
2011-08-29 18:57 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-08-29 07:37 . 2011-08-29 07:37 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-08-29 07:31 . 2011-07-16 05:21 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-29 07:30 . 2010-12-17 11:40 715776 ----a-w- c:\windows\system32\kerberos.dll
2011-08-29 07:29 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-08-29 07:29 . 2011-03-11 06:34 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-08-29 07:29 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-08-29 07:29 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-08-29 07:29 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-08-29 07:29 . 2011-02-19 09:00 367616 ----a-w- c:\windows\system32\atmfd.dll
2011-08-29 07:29 . 2011-02-19 12:03 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-08-29 07:29 . 2011-02-19 06:30 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-08-29 07:29 . 2011-02-19 04:34 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-08-29 07:29 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2011-08-29 07:29 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2011-08-29 07:27 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-08-29 07:27 . 2010-11-20 13:25 974336 ----a-w- c:\windows\system32\WFS.exe
2011-08-29 07:27 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-08-29 07:27 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-08-29 07:27 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-21 17:21 . 2011-08-05 10:10 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-09-18 16:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-09-18 16:22 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-08-31 15:00 . 2011-08-05 10:09 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-05 09:43 . 2011-08-05 09:43 6 ----a-w- c:\windows\silentOnce.tmp
2011-07-16 04:26 . 2011-08-29 07:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-07-13 1666144]
.
c:\users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS PC Sound.lnk - c:\program files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2011-1-14 1939800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 FARMNTIO;FARMNTIO;c:\windows\system32\drivers\farmntio.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 MGHwCtrl;MGHwCtrl;c:\utility\Silent\MGHwCtrl.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [x]
S2 GFNEXSrv;GFNEX Service;c:\program files (x86)\PHotkey\GFNEXSrv.exe [2010-12-10 159752]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-03-13 208272]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-12-24 1997416]
S2 PEGAGFN;PEGAGFN;c:\program files (x86)\PHotkey\PEGAGFN.sys [2010-12-10 14344]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-24 378984]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S3 acpials;ALS Sensor Filter;c:\windows\system32\DRIVERS\acpials.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\DRIVERS\fspad_wlh64.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*Deregistered* - mfeavfk01
.
Inhoud van de 'Gedeelde Taken' map
.
2011-09-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3708872907-2703013417-2447342661-1001Core.job
- c:\users\Charlotte\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-05 20:46]
.
2011-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3708872907-2703013417-2447342661-1001UA.job
- c:\users\Charlotte\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-05 20:46]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\system32\nvinitx.dll
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\PHotkey\ASLDRSrv.exe
c:\program files (x86)\PHotkey\PHotkey.exe
c:\program files (x86)\PHotkey\MsgTranAgt.exe
c:\program files (x86)\PHotkey\MsOsd.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Voltooingstijd: 2011-09-24 21:53:58 - machine werd herstart
ComboFix-quarantined-files.txt 2011-09-24 19:53
.
Pre-Run: 250.205.503.488 bytes beschikbaar
Post-Run: 250.356.977.664 bytes beschikbaar
.
- - End Of File - - CE602D10890C97645642F1A1E42B908A
-
HijackThis opende de log niet dus heb ik met RSIT het geprobeerd en werkte. Eerste logje:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Charlotte at 2011-09-22 16:41:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 239 GB (88%) free of 272 GB
Total RAM: 4008 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:41:50, on 22-9-2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Users\Charlotte\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Charlotte\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Charlotte\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Charlotte.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSI | MSN
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110921180325.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Google Update] "C:\Users\Charlotte\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3708872907-2703013417-2447342661-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3708872907-2703013417-2447342661-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: SRS PC Sound.lnk = C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10452 bytes
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3708872907-2703013417-2447342661-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3708872907-2703013417-2447342661-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110921180325.dll [2011-03-13 78456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2011-07-13 1666144]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"Google Update"=C:\Users\Charlotte\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-05 136176]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS PC Sound.lnk - C:\Program Files (x86)\SRS Labs\SRS Control Panel\SRSPanel_64.exe
C:\Users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\SysWOW64\nvinit.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2011-09-22 16:41:41 ----D---- C:\rsit
2011-09-22 16:36:07 ----D---- C:\Program Files (x86)\Trend Micro
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\wininet.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\wextract.exe
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\webcheck.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\vbscript.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\urlmon.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\url.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\SetIEInstalledDate.exe
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\RegisterIEPKEYs.exe
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\pngfilt.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\occache.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\msrating.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\msls31.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\mshtmler.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\mshtmled.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\mshtml.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\mshta.exe
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\msfeedssync.exe
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\msfeedsbs.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\msfeeds.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\licmgr10.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\jsproxy.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\jscript9.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\jscript.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\inseng.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\imgutil.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\iexpress.exe
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\ieUnatt.exe
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\ieui.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\iesysprep.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\iesetup.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\iertutil.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\iernonce.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\iepeers.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\ieframe.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\iedkcs32.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\ieapfltr.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\ieapfltr.dat
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\ieakui.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\ieaksie.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\ieakeng.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\IEAdvpack.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\ie4uinit.exe
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\icardie.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\dxtrans.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\dxtmsft.dll
2011-09-18 20:22:06 ----A---- C:\windows\SysWOW64\admparse.dll
2011-09-18 17:36:09 ----A---- C:\windows\SysWOW64\DWrite.dll
2011-09-18 17:36:08 ----A---- C:\windows\SysWOW64\d2d1.dll
2011-09-18 11:34:00 ----SHD---- C:\Config.Msi
2011-09-09 17:11:15 ----D---- C:\Program Files (x86)\Common Files\McAfee
2011-09-09 17:11:08 ----D---- C:\Program Files (x86)\McAfee.com
2011-09-09 17:11:07 ----D---- C:\Program Files (x86)\McAfee
2011-09-09 17:04:45 ----D---- C:\ProgramData\McAfee
2011-09-09 14:51:18 ----A---- C:\windows\SysWOW64\dfshim.dll
2011-09-09 14:51:09 ----A---- C:\windows\SysWOW64\mstscax.dll
2011-09-09 14:51:06 ----A---- C:\windows\SysWOW64\mfc40u.dll
2011-09-09 14:51:06 ----A---- C:\windows\SysWOW64\mfc40.dll
2011-09-09 14:51:06 ----A---- C:\windows\SysWOW64\d3d10warp.dll
2011-09-09 14:50:55 ----A---- C:\windows\SysWOW64\shell32.dll
2011-09-09 14:50:55 ----A---- C:\windows\SysWOW64\secproc_isv.dll
2011-09-09 14:50:54 ----A---- C:\windows\SysWOW64\secproc.dll
2011-09-09 14:50:54 ----A---- C:\windows\SysWOW64\RMActivate_isv.exe
2011-09-09 14:50:53 ----A---- C:\windows\SysWOW64\RMActivate.exe
2011-09-09 14:50:51 ----A---- C:\windows\SysWOW64\mscoree.dll
2011-09-09 14:50:49 ----A---- C:\windows\SysWOW64\mf.dll
2011-09-09 14:50:48 ----A---- C:\windows\SysWOW64\CertEnroll.dll
2011-09-09 14:50:45 ----A---- C:\windows\SysWOW64\wmp.dll
2011-09-09 14:50:42 ----A---- C:\windows\SysWOW64\PresentationHostProxy.dll
2011-09-09 14:50:42 ----A---- C:\windows\SysWOW64\PresentationHost.exe
2011-09-09 14:50:38 ----A---- C:\windows\SysWOW64\RacEngn.dll
2011-09-09 14:50:37 ----A---- C:\windows\SysWOW64\AuthFWSnapin.dll
2011-09-09 14:50:33 ----A---- C:\windows\SysWOW64\ExplorerFrame.dll
2011-09-09 14:50:32 ----A---- C:\windows\SysWOW64\ole32.dll
2011-09-09 14:50:29 ----A---- C:\windows\SysWOW64\vssapi.dll
2011-09-09 14:50:29 ----A---- C:\windows\SysWOW64\SearchFolder.dll
2011-09-09 14:50:29 ----A---- C:\windows\SysWOW64\d3d9.dll
2011-09-09 14:50:27 ----A---- C:\windows\SysWOW64\taskschd.dll
2011-09-09 14:50:27 ----A---- C:\windows\SysWOW64\crypt32.dll
2011-09-09 14:50:26 ----A---- C:\windows\SysWOW64\mstsc.exe
2011-09-09 14:50:25 ----A---- C:\windows\SysWOW64\wer.dll
2011-09-09 14:50:25 ----A---- C:\windows\SysWOW64\ntdll.dll
2011-09-09 14:50:24 ----A---- C:\windows\SysWOW64\msxml6.dll
2011-09-09 14:50:24 ----A---- C:\windows\SysWOW64\dwmcore.dll
2011-09-09 14:50:24 ----A---- C:\windows\SysWOW64\certcli.dll
2011-09-09 14:50:23 ----A---- C:\windows\SysWOW64\tcpmonui.dll
2011-09-09 14:50:23 ----A---- C:\windows\SysWOW64\odbc32.dll
2011-09-09 14:50:21 ----A---- C:\windows\SysWOW64\TSWorkspace.dll
2011-09-09 14:50:21 ----A---- C:\windows\SysWOW64\quartz.dll
2011-09-09 14:50:20 ----A---- C:\windows\SysWOW64\winhttp.dll
2011-09-09 14:50:20 ----A---- C:\windows\SysWOW64\tsmf.dll
2011-09-09 14:50:20 ----A---- C:\windows\SysWOW64\setupapi.dll
2011-09-09 14:50:20 ----A---- C:\windows\SysWOW64\dot3api.dll
2011-09-09 14:50:19 ----A---- C:\windows\SysWOW64\MSVidCtl.dll
2011-09-09 14:50:19 ----A---- C:\windows\SysWOW64\dbgeng.dll
2011-09-09 14:50:19 ----A---- C:\windows\SysWOW64\apphelp.dll
2011-09-09 14:50:18 ----A---- C:\windows\SysWOW64\WindowsCodecs.dll
2011-09-09 14:50:18 ----A---- C:\windows\SysWOW64\netlogon.dll
2011-09-09 14:50:18 ----A---- C:\windows\SysWOW64\netcfgx.dll
2011-09-09 14:50:18 ----A---- C:\windows\SysWOW64\d3d11.dll
2011-09-09 14:50:17 ----A---- C:\windows\SysWOW64\WMVDECOD.DLL
2011-09-09 14:50:17 ----A---- C:\windows\SysWOW64\webio.dll
2011-09-09 14:50:17 ----A---- C:\windows\SysWOW64\Query.dll
2011-09-09 14:50:16 ----A---- C:\windows\SysWOW64\WsmSvc.dll
2011-09-09 14:50:16 ----A---- C:\windows\SysWOW64\upnp.dll
2011-09-09 14:50:16 ----A---- C:\windows\SysWOW64\schannel.dll
2011-09-09 14:50:16 ----A---- C:\windows\SysWOW64\DShowRdpFilter.dll
2011-09-09 14:50:16 ----A---- C:\windows\SysWOW64\advapi32.dll
2011-09-09 14:50:15 ----A---- C:\windows\SysWOW64\netfxperf.dll
2011-09-09 14:50:15 ----A---- C:\windows\SysWOW64\msv1_0.dll
2011-09-09 14:50:15 ----A---- C:\windows\SysWOW64\msdrm.dll
2011-09-09 14:50:15 ----A---- C:\windows\SysWOW64\mmcndmgr.dll
2011-09-09 14:50:15 ----A---- C:\windows\SysWOW64\imapi2fs.dll
2011-09-09 14:50:14 ----A---- C:\windows\SysWOW64\usp10.dll
2011-09-09 14:50:14 ----A---- C:\windows\SysWOW64\shlwapi.dll
2011-09-09 14:50:14 ----A---- C:\windows\SysWOW64\SessEnv.dll
2011-09-09 14:50:14 ----A---- C:\windows\SysWOW64\PortableDeviceApi.dll
2011-09-09 14:50:14 ----A---- C:\windows\SysWOW64\authui.dll
2011-09-09 14:50:13 ----A---- C:\windows\SysWOW64\mcbuilder.exe
2011-09-09 14:50:12 ----A---- C:\windows\SysWOW64\xpsservices.dll
2011-09-09 14:50:12 ----A---- C:\windows\SysWOW64\userenv.dll
2011-09-09 14:50:12 ----A---- C:\windows\SysWOW64\drvstore.dll
2011-09-09 14:50:12 ----A---- C:\windows\SysWOW64\certmgr.dll
2011-09-09 14:50:11 ----A---- C:\windows\SysWOW64\WebClnt.dll
2011-09-09 14:50:11 ----A---- C:\windows\SysWOW64\comdlg32.dll
2011-09-09 14:50:10 ----A---- C:\windows\SysWOW64\cmd.exe
2011-09-09 14:50:08 ----A---- C:\windows\SysWOW64\Wldap32.dll
2011-09-09 14:50:08 ----A---- C:\windows\SysWOW64\win32spl.dll
2011-09-09 14:50:08 ----A---- C:\windows\SysWOW64\propsys.dll
2011-09-09 14:50:08 ----A---- C:\windows\SysWOW64\mfds.dll
2011-09-09 14:50:08 ----A---- C:\windows\SysWOW64\framedynos.dll
2011-09-09 14:50:07 ----A---- C:\windows\SysWOW64\user32.dll
2011-09-09 14:50:07 ----A---- C:\windows\SysWOW64\ncsi.dll
2011-09-09 14:50:06 ----A---- C:\windows\SysWOW64\azroles.dll
2011-09-09 14:50:05 ----A---- C:\windows\SysWOW64\themeui.dll
2011-09-09 14:50:05 ----A---- C:\windows\SysWOW64\taskeng.exe
2011-09-09 14:50:05 ----A---- C:\windows\SysWOW64\spp.dll
2011-09-09 14:50:05 ----A---- C:\windows\SysWOW64\mswsock.dll
2011-09-09 14:50:05 ----A---- C:\windows\SysWOW64\dhcpcore.dll
2011-09-09 14:50:05 ----A---- C:\windows\SysWOW64\credui.dll
2011-09-09 14:50:05 ----A---- C:\windows\splwow64.exe
2011-09-09 14:50:04 ----A---- C:\windows\SysWOW64\wintrust.dll
2011-09-09 14:50:04 ----A---- C:\windows\SysWOW64\NaturalLanguage6.dll
2011-09-09 14:50:04 ----A---- C:\windows\SysWOW64\msxml3.dll
2011-09-09 14:50:04 ----A---- C:\windows\SysWOW64\mfreadwrite.dll
2011-09-09 14:50:04 ----A---- C:\windows\SysWOW64\dxgi.dll
2011-09-09 14:50:04 ----A---- C:\windows\SysWOW64\dbghelp.dll
2011-09-09 14:50:04 ----A---- C:\windows\SysWOW64\basecsp.dll
2011-09-09 14:50:03 ----A---- C:\windows\SysWOW64\taskcomp.dll
2011-09-09 14:50:03 ----A---- C:\windows\SysWOW64\evr.dll
2011-09-09 14:50:02 ----A---- C:\windows\SysWOW64\WinSATAPI.dll
2011-09-09 14:50:02 ----A---- C:\windows\SysWOW64\calc.exe
2011-09-09 14:50:01 ----A---- C:\windows\SysWOW64\sqlsrv32.dll
2011-09-09 14:50:00 ----A---- C:\windows\SysWOW64\UIRibbon.dll
2011-09-09 14:50:00 ----A---- C:\windows\SysWOW64\sxs.dll
2011-09-09 14:50:00 ----A---- C:\windows\SysWOW64\cryptsvc.dll
2011-09-09 14:49:59 ----A---- C:\windows\SysWOW64\ws2_32.dll
2011-09-09 14:49:59 ----A---- C:\windows\SysWOW64\stobject.dll
2011-09-09 14:49:59 ----A---- C:\windows\SysWOW64\netshell.dll
2011-09-09 14:49:58 ----A---- C:\windows\SysWOW64\gdi32.dll
2011-09-09 14:49:57 ----A---- C:\windows\SysWOW64\prncache.dll
2011-09-09 14:49:57 ----A---- C:\windows\SysWOW64\comctl32.dll
2011-09-09 14:49:56 ----A---- C:\windows\SysWOW64\printui.dll
2011-09-09 14:49:56 ----A---- C:\windows\SysWOW64\msi.dll
2011-09-09 14:49:55 ----A---- C:\windows\SysWOW64\WSDApi.dll
2011-09-09 14:49:55 ----A---- C:\windows\SysWOW64\wmpeffects.dll
2011-09-09 14:49:55 ----A---- C:\windows\SysWOW64\rpchttp.dll
2011-09-09 14:49:55 ----A---- C:\windows\SysWOW64\net1.exe
2011-09-09 14:49:54 ----A---- C:\windows\SysWOW64\scansetting.dll
2011-09-09 14:49:53 ----A---- C:\windows\SysWOW64\MMDevAPI.dll
2011-09-09 14:49:53 ----A---- C:\windows\SysWOW64\davclnt.dll
2011-09-09 14:49:52 ----A---- C:\windows\SysWOW64\WMVCORE.DLL
2011-09-09 14:49:52 ----A---- C:\windows\SysWOW64\wlangpui.dll
2011-09-09 14:49:52 ----A---- C:\windows\SysWOW64\QSHVHOST.DLL
2011-09-09 14:49:52 ----A---- C:\windows\SysWOW64\aaclient.dll
2011-09-09 14:49:51 ----A---- C:\windows\SysWOW64\wpdshext.dll
2011-09-09 14:49:51 ----A---- C:\windows\SysWOW64\webservices.dll
2011-09-09 14:49:51 ----A---- C:\windows\SysWOW64\t2embed.dll
2011-09-09 14:49:51 ----A---- C:\windows\SysWOW64\pnidui.dll
2011-09-09 14:49:51 ----A---- C:\windows\SysWOW64\fde.dll
2011-09-09 14:49:50 ----A---- C:\windows\SysWOW64\wuapi.dll
2011-09-09 14:49:50 ----A---- C:\windows\SysWOW64\wscapi.dll
2011-09-09 14:49:50 ----A---- C:\windows\SysWOW64\SyncCenter.dll
2011-09-09 14:49:50 ----A---- C:\windows\SysWOW64\netdiagfx.dll
2011-09-09 14:49:49 ----A---- C:\windows\SysWOW64\WinSCard.dll
2011-09-09 14:49:49 ----A---- C:\windows\SysWOW64\pla.dll
2011-09-09 14:49:49 ----A---- C:\windows\SysWOW64\msasn1.dll
2011-09-09 14:49:48 ----A---- C:\windows\SysWOW64\winsta.dll
2011-09-09 14:49:48 ----A---- C:\windows\SysWOW64\rdpcore.dll
2011-09-09 14:49:48 ----A---- C:\windows\SysWOW64\MSMPEG2ENC.DLL
2011-09-09 14:49:48 ----A---- C:\windows\SysWOW64\imapi2.dll
2011-09-09 14:49:47 ----A---- C:\windows\SysWOW64\ntshrui.dll
2011-09-09 14:49:47 ----A---- C:\windows\SysWOW64\gameux.dll
2011-09-09 14:49:47 ----A---- C:\windows\SysWOW64\DXPTaskRingtone.dll
2011-09-09 14:49:46 ----A---- C:\windows\SysWOW64\WMPEncEn.dll
2011-09-09 14:49:46 ----A---- C:\windows\SysWOW64\winmm.dll
2011-09-09 14:49:46 ----A---- C:\windows\SysWOW64\shsvcs.dll
2011-09-09 14:49:46 ----A---- C:\windows\SysWOW64\onex.dll
2011-09-09 14:49:45 ----A---- C:\windows\SysWOW64\netiohlp.dll
2011-09-09 14:49:45 ----A---- C:\windows\SysWOW64\hbaapi.dll
2011-09-09 14:49:45 ----A---- C:\windows\SysWOW64\autofmt.exe
2011-09-09 14:49:44 ----A---- C:\windows\SysWOW64\samcli.dll
2011-09-09 14:49:44 ----A---- C:\windows\SysWOW64\proquota.exe
2011-09-09 14:49:44 ----A---- C:\windows\SysWOW64\IPHLPAPI.DLL
2011-09-09 14:49:44 ----A---- C:\windows\SysWOW64\autochk.exe
2011-09-09 14:49:43 ----A---- C:\windows\SysWOW64\msutb.dll
2011-09-09 14:49:42 ----A---- C:\windows\SysWOW64\thumbcache.dll
2011-09-09 14:49:42 ----A---- C:\windows\SysWOW64\msinfo32.exe
2011-09-09 14:49:42 ----A---- C:\windows\SysWOW64\autoconv.exe
2011-09-09 14:49:42 ----A---- C:\windows\SysWOW64\AudioSes.dll
2011-09-09 14:49:41 ----A---- C:\windows\SysWOW64\tcpipcfg.dll
2011-09-09 14:49:41 ----A---- C:\windows\SysWOW64\srchadmin.dll
2011-09-09 14:49:41 ----A---- C:\windows\SysWOW64\schtasks.exe
2011-09-09 14:49:41 ----A---- C:\windows\SysWOW64\regapi.dll
2011-09-09 14:49:41 ----A---- C:\windows\SysWOW64\powercpl.dll
2011-09-09 14:49:41 ----A---- C:\windows\SysWOW64\mimefilt.dll
2011-09-09 14:49:41 ----A---- C:\windows\SysWOW64\ipsmsnap.dll
2011-09-09 14:49:41 ----A---- C:\windows\SysWOW64\framedyn.dll
2011-09-09 14:49:41 ----A---- C:\windows\SysWOW64\eapphost.dll
2011-09-09 14:49:40 ----A---- C:\windows\SysWOW64\wcncsvc.dll
2011-09-09 14:49:40 ----A---- C:\windows\SysWOW64\msihnd.dll
2011-09-09 14:49:40 ----A---- C:\windows\SysWOW64\mscorier.dll
2011-09-09 14:49:40 ----A---- C:\windows\SysWOW64\AuxiliaryDisplayCpl.dll
2011-09-09 14:49:39 ----A---- C:\windows\SysWOW64\QAGENT.DLL
2011-09-09 14:49:39 ----A---- C:\windows\SysWOW64\netid.dll
2011-09-09 14:49:38 ----A---- C:\windows\SysWOW64\wdc.dll
2011-09-09 14:49:38 ----A---- C:\windows\SysWOW64\StructuredQuery.dll
2011-09-09 14:49:38 ----A---- C:\windows\SysWOW64\scesrv.dll
2011-09-09 14:49:38 ----A---- C:\windows\SysWOW64\actxprxy.dll
2011-09-09 14:49:37 ----A---- C:\windows\SysWOW64\WMNetMgr.dll
2011-09-09 14:49:37 ----A---- C:\windows\SysWOW64\wlanpref.dll
2011-09-09 14:49:37 ----A---- C:\windows\SysWOW64\Vault.dll
2011-09-09 14:49:37 ----A---- C:\windows\SysWOW64\untfs.dll
2011-09-09 14:49:37 ----A---- C:\windows\SysWOW64\RpcRtRemote.dll
2011-09-09 14:49:37 ----A---- C:\windows\SysWOW64\Robocopy.exe
2011-09-09 14:49:37 ----A---- C:\windows\SysWOW64\rastls.dll
2011-09-09 14:49:37 ----A---- C:\windows\SysWOW64\nci.dll
2011-09-09 14:49:35 ----A---- C:\windows\SysWOW64\taskmgr.exe
2011-09-09 14:49:35 ----A---- C:\windows\SysWOW64\mtxclu.dll
2011-09-09 14:49:35 ----A---- C:\windows\SysWOW64\DxpTaskSync.dll
2011-09-09 14:49:35 ----A---- C:\windows\SysWOW64\Display.dll
2011-09-09 14:49:34 ----A---- C:\windows\SysWOW64\XpsRasterService.dll
2011-09-09 14:49:34 ----A---- C:\windows\SysWOW64\userinit.exe
2011-09-09 14:49:34 ----A---- C:\windows\SysWOW64\termmgr.dll
2011-09-09 14:49:34 ----A---- C:\windows\SysWOW64\puiobj.dll
2011-09-09 14:49:33 ----A---- C:\windows\SysWOW64\eudcedit.exe
2011-09-09 14:49:31 ----A---- C:\windows\SysWOW64\wiadefui.dll
2011-09-09 14:49:31 ----A---- C:\windows\SysWOW64\sppcomapi.dll
2011-09-09 14:49:31 ----A---- C:\windows\SysWOW64\shsetup.dll
2011-09-09 14:49:31 ----A---- C:\windows\SysWOW64\rasppp.dll
2011-09-09 14:49:31 ----A---- C:\windows\SysWOW64\logoncli.dll
2011-09-09 14:49:31 ----A---- C:\windows\SysWOW64\cabview.dll
2011-09-09 14:49:30 ----A---- C:\windows\SysWOW64\FirewallControlPanel.dll
2011-09-09 14:49:29 ----A---- C:\windows\SysWOW64\themecpl.dll
2011-09-09 14:49:29 ----A---- C:\windows\SysWOW64\SensorsCpl.dll
2011-09-09 14:49:28 ----A---- C:\windows\SysWOW64\PhotoScreensaver.scr
2011-09-09 14:49:28 ----A---- C:\windows\SysWOW64\hgcpl.dll
2011-09-09 14:49:28 ----A---- C:\windows\SysWOW64\FWPUCLNT.DLL
2011-09-09 14:49:28 ----A---- C:\windows\SysWOW64\dnscmmc.dll
2011-09-09 14:49:26 ----A---- C:\windows\SysWOW64\tapisrv.dll
2011-09-09 14:49:26 ----A---- C:\windows\SysWOW64\scecli.dll
2011-09-09 14:49:26 ----A---- C:\windows\SysWOW64\mscories.dll
2011-09-09 14:49:26 ----A---- C:\windows\SysWOW64\mscms.dll
2011-09-09 14:49:26 ----A---- C:\windows\SysWOW64\mprddm.dll
2011-09-09 14:49:26 ----A---- C:\windows\SysWOW64\localsec.dll
2011-09-09 14:49:26 ----A---- C:\windows\SysWOW64\fontext.dll
2011-09-09 14:49:25 ----A---- C:\windows\SysWOW64\SndVolSSO.dll
2011-09-09 14:49:25 ----A---- C:\windows\SysWOW64\iasacct.dll
2011-09-09 14:49:24 ----A---- C:\windows\SysWOW64\wlanui.dll
2011-09-09 14:49:24 ----A---- C:\windows\SysWOW64\w32tm.exe
2011-09-09 14:49:24 ----A---- C:\windows\SysWOW64\VAN.dll
2011-09-09 14:49:24 ----A---- C:\windows\SysWOW64\usercpl.dll
2011-09-09 14:49:24 ----A---- C:\windows\SysWOW64\SndVol.exe
2011-09-09 14:49:24 ----A---- C:\windows\SysWOW64\qedit.dll
2011-09-09 14:49:24 ----A---- C:\windows\SysWOW64\qdvd.dll
2011-09-09 14:49:24 ----A---- C:\windows\SysWOW64\prntvpt.dll
2011-09-09 14:49:24 ----A---- C:\windows\SysWOW64\PerfCenterCPL.dll
2011-09-09 14:49:24 ----A---- C:\windows\SysWOW64\netcenter.dll
2011-09-09 14:49:24 ----A---- C:\windows\SysWOW64\batmeter.dll
2011-09-09 14:49:23 ----A---- C:\windows\SysWOW64\spwizeng.dll
2011-09-09 14:49:23 ----A---- C:\windows\SysWOW64\azroleui.dll
2011-09-09 14:49:23 ----A---- C:\windows\SysWOW64\accessibilitycpl.dll
2011-09-09 14:49:22 ----A---- C:\windows\SysWOW64\zipfldr.dll
2011-09-09 14:49:22 ----A---- C:\windows\SysWOW64\MSAC3ENC.DLL
2011-09-09 14:49:22 ----A---- C:\windows\SysWOW64\fdeploy.dll
2011-09-09 14:49:21 ----A---- C:\windows\SysWOW64\networkmap.dll
2011-09-09 14:49:21 ----A---- C:\windows\SysWOW64\netjoin.dll
2011-09-09 14:49:21 ----A---- C:\windows\SysWOW64\cryptui.dll
2011-09-09 14:49:21 ----A---- C:\windows\SysWOW64\adsldp.dll
2011-09-09 14:49:20 ----A---- C:\windows\SysWOW64\wusa.exe
2011-09-09 14:49:20 ----A---- C:\windows\SysWOW64\prnfldr.dll
2011-09-09 14:49:20 ----A---- C:\windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2011-09-09 14:49:20 ----A---- C:\windows\SysWOW64\Faultrep.dll
2011-09-09 14:49:19 ----A---- C:\windows\SysWOW64\sud.dll
2011-09-09 14:49:19 ----A---- C:\windows\SysWOW64\photowiz.dll
2011-09-09 14:49:19 ----A---- C:\windows\SysWOW64\OnLineIDCpl.dll
2011-09-09 14:49:19 ----A---- C:\windows\SysWOW64\msieftp.dll
2011-09-09 14:49:19 ----A---- C:\windows\SysWOW64\MediaMetadataHandler.dll
2011-09-09 14:49:19 ----A---- C:\windows\SysWOW64\credssp.dll
2011-09-09 14:49:19 ----A---- C:\windows\SysWOW64\ActionCenter.dll
2011-09-09 14:49:18 ----A---- C:\windows\SysWOW64\iprtrmgr.dll
2011-09-09 14:49:18 ----A---- C:\windows\SysWOW64\iasrad.dll
2011-09-09 14:49:18 ----A---- C:\windows\SysWOW64\dot3cfg.dll
2011-09-09 14:49:18 ----A---- C:\windows\SysWOW64\defaultlocationcpl.dll
2011-09-09 14:49:17 ----A---- C:\windows\SysWOW64\sisbkup.dll
2011-09-09 14:49:17 ----A---- C:\windows\SysWOW64\shwebsvc.dll
2011-09-09 14:49:17 ----A---- C:\windows\SysWOW64\ifsutil.dll
2011-09-09 14:49:17 ----A---- C:\windows\SysWOW64\ftp.exe
2011-09-09 14:49:17 ----A---- C:\windows\SysWOW64\efscore.dll
2011-09-09 14:49:16 ----A---- C:\windows\SysWOW64\syncui.dll
2011-09-09 14:49:16 ----A---- C:\windows\SysWOW64\autoplay.dll
2011-09-09 14:49:16 ----A---- C:\windows\SysWOW64\ActionCenterCPL.dll
2011-09-09 14:49:15 ----A---- C:\windows\SysWOW64\wmpmde.dll
2011-09-09 14:49:15 ----A---- C:\windows\SysWOW64\rtutils.dll
2011-09-09 14:49:15 ----A---- C:\windows\SysWOW64\ntlanman.dll
2011-09-09 14:49:15 ----A---- C:\windows\SysWOW64\dskquoui.dll
2011-09-09 14:49:15 ----A---- C:\windows\SysWOW64\DeviceCenter.dll
2011-09-09 14:49:14 ----A---- C:\windows\SysWOW64\systemcpl.dll
2011-09-09 14:49:14 ----A---- C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2011-09-09 14:49:14 ----A---- C:\windows\SysWOW64\sethc.exe
2011-09-09 14:49:14 ----A---- C:\windows\SysWOW64\riched20.dll
2011-09-09 14:49:14 ----A---- C:\windows\SysWOW64\OobeFldr.dll
2011-09-09 14:49:14 ----A---- C:\windows\SysWOW64\ntprint.dll
2011-09-09 14:49:14 ----A---- C:\windows\SysWOW64\nshwfp.dll
2011-09-09 14:49:13 ----A---- C:\windows\SysWOW64\NAPHLPR.DLL
2011-09-09 14:49:13 ----A---- C:\windows\SysWOW64\blackbox.dll
2011-09-09 14:49:13 ----A---- C:\windows\SysWOW64\activeds.dll
2011-09-09 14:49:12 ----A---- C:\windows\SysWOW64\wmpsrcwp.dll
2011-09-09 14:49:12 ----A---- C:\windows\SysWOW64\nshipsec.dll
2011-09-09 14:49:12 ----A---- C:\windows\SysWOW64\nlaapi.dll
2011-09-09 14:49:12 ----A---- C:\windows\SysWOW64\netplwiz.dll
2011-09-09 14:49:12 ----A---- C:\windows\SysWOW64\migisol.dll
2011-09-09 14:49:12 ----A---- C:\windows\SysWOW64\httpapi.dll
2011-09-09 14:49:12 ----A---- C:\windows\SysWOW64\fms.dll
2011-09-09 14:49:12 ----A---- C:\windows\SysWOW64\dpx.dll
2011-09-09 14:49:12 ----A---- C:\windows\SysWOW64\cdosys.dll
2011-09-09 14:49:12 ----A---- C:\windows\SysWOW64\asycfilt.dll
2011-09-09 14:49:11 ----A---- C:\windows\SysWOW64\wuwebv.dll
2011-09-09 14:49:11 ----A---- C:\windows\SysWOW64\wlanmsm.dll
2011-09-09 14:49:11 ----A---- C:\windows\SysWOW64\wavemsp.dll
2011-09-09 14:49:11 ----A---- C:\windows\SysWOW64\ReAgent.dll
2011-09-09 14:49:11 ----A---- C:\windows\SysWOW64\provsvc.dll
2011-09-09 14:49:11 ----A---- C:\windows\SysWOW64\msftedit.dll
2011-09-09 14:49:11 ----A---- C:\windows\SysWOW64\isoburn.exe
2011-09-09 14:49:11 ----A---- C:\windows\SysWOW64\dot3ui.dll
2011-09-09 14:49:10 ----A---- C:\windows\SysWOW64\wvc.dll
2011-09-09 14:49:10 ----A---- C:\windows\SysWOW64\wtsapi32.dll
2011-09-09 14:49:10 ----A---- C:\windows\SysWOW64\wimgapi.dll
2011-09-09 14:49:10 ----A---- C:\windows\SysWOW64\tzutil.exe
2011-09-09 14:49:10 ----A---- C:\windows\SysWOW64\PkgMgr.exe
2011-09-09 14:49:10 ----A---- C:\windows\SysWOW64\ocsetup.exe
2011-09-09 14:49:10 ----A---- C:\windows\SysWOW64\mstask.dll
2011-09-09 14:49:10 ----A---- C:\windows\SysWOW64\dsuiext.dll
2011-09-09 14:49:10 ----A---- C:\windows\SysWOW64\dfrgui.exe
2011-09-09 14:49:09 ----A---- C:\windows\twain_32.dll
2011-09-09 14:49:09 ----A---- C:\windows\SysWOW64\twext.dll
2011-09-09 14:49:09 ----A---- C:\windows\SysWOW64\shdocvw.dll
2011-09-09 14:49:09 ----A---- C:\windows\SysWOW64\setupugc.exe
2011-09-09 14:49:09 ----A---- C:\windows\SysWOW64\qcap.dll
2011-09-09 14:49:08 ----A---- C:\windows\SysWOW64\uxlib.dll
2011-09-09 14:49:08 ----A---- C:\windows\SysWOW64\ssText3d.scr
2011-09-09 14:49:08 ----A---- C:\windows\SysWOW64\slwga.dll
2011-09-09 14:49:08 ----A---- C:\windows\SysWOW64\qasf.dll
2011-09-09 14:49:07 ----A---- C:\windows\SysWOW64\wmdrmsdk.dll
2011-09-09 14:49:07 ----A---- C:\windows\SysWOW64\nslookup.exe
2011-09-09 14:49:07 ----A---- C:\windows\SysWOW64\msvfw32.dll
2011-09-09 14:49:07 ----A---- C:\windows\SysWOW64\mciavi32.dll
2011-09-09 14:49:07 ----A---- C:\windows\SysWOW64\DevicePairingFolder.dll
2011-09-09 14:49:07 ----A---- C:\windows\SysWOW64\clusapi.dll
2011-09-09 14:49:07 ----A---- C:\windows\SysWOW64\audiodev.dll
2011-09-09 14:49:06 ----A---- C:\windows\SysWOW64\WPDShServiceObj.dll
2011-09-09 14:49:06 ----A---- C:\windows\SysWOW64\wimserv.exe
2011-09-09 14:49:06 ----A---- C:\windows\SysWOW64\TSpkg.dll
2011-09-09 14:49:06 ----A---- C:\windows\SysWOW64\rpcrt4.dll
2011-09-09 14:49:06 ----A---- C:\windows\SysWOW64\msscp.dll
2011-09-09 14:49:06 ----A---- C:\windows\SysWOW64\diskraid.exe
2011-09-09 14:49:05 ----A---- C:\windows\SysWOW64\remotepg.dll
2011-09-09 14:49:05 ----A---- C:\windows\SysWOW64\rdpencom.dll
2011-09-09 14:49:05 ----A---- C:\windows\SysWOW64\raschap.dll
2011-09-09 14:49:05 ----A---- C:\windows\SysWOW64\perfmon.exe
2011-09-09 14:49:05 ----A---- C:\windows\SysWOW64\drmmgrtn.dll
2011-09-09 14:49:05 ----A---- C:\windows\SysWOW64\acppage.dll
2011-09-09 14:49:05 ----A---- C:\windows\bfsvc.exe
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\wpdwcn.dll
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\wmpdxm.dll
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\vpnikeapi.dll
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\vdsbas.dll
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\UserAccountControlSettings.dll
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\QUTIL.DLL
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\onexui.dll
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\olepro32.dll
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\ocsetapi.dll
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\networkexplorer.dll
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\NAPCRYPT.DLL
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\iTVData.dll
2011-09-09 14:49:04 ----A---- C:\windows\SysWOW64\input.dll
2011-09-09 14:49:03 ----A---- C:\windows\SysWOW64\runonce.exe
2011-09-09 14:49:03 ----A---- C:\windows\SysWOW64\msvidc32.dll
2011-09-09 14:49:03 ----A---- C:\windows\SysWOW64\MFPlay.dll
2011-09-09 14:49:03 ----A---- C:\windows\SysWOW64\logagent.exe
2011-09-09 14:49:03 ----A---- C:\windows\SysWOW64\eapp3hst.dll
2011-09-09 14:49:03 ----A---- C:\windows\SysWOW64\dxdiagn.dll
2011-09-09 14:49:02 ----A---- C:\windows\SysWOW64\wudriver.dll
2011-09-09 14:49:02 ----A---- C:\windows\SysWOW64\wmpshell.dll
2011-09-09 14:49:02 ----A---- C:\windows\SysWOW64\wmdrmdev.dll
2011-09-09 14:49:02 ----A---- C:\windows\SysWOW64\unimdmat.dll
2011-09-09 14:49:02 ----A---- C:\windows\SysWOW64\shacct.dll
2011-09-09 14:49:02 ----A---- C:\windows\SysWOW64\msiexec.exe
2011-09-09 14:49:02 ----A---- C:\windows\SysWOW64\lsmproxy.dll
2011-09-09 14:49:02 ----A---- C:\windows\SysWOW64\d3d10level9.dll
2011-09-09 14:49:02 ----A---- C:\windows\SysWOW64\bitsadmin.exe
2011-09-09 14:49:01 ----A---- C:\windows\SysWOW64\sqlcese30.dll
2011-09-09 14:49:01 ----A---- C:\windows\SysWOW64\rdpd3d.dll
2011-09-09 14:49:01 ----A---- C:\windows\SysWOW64\PortableDeviceSyncProvider.dll
2011-09-09 14:49:01 ----A---- C:\windows\SysWOW64\pdh.dll
2011-09-09 14:49:01 ----A---- C:\windows\SysWOW64\OpcServices.dll
2011-09-09 14:49:01 ----A---- C:\windows\SysWOW64\mprapi.dll
2011-09-09 14:49:01 ----A---- C:\windows\SysWOW64\iscsium.dll
2011-09-09 14:49:01 ----A---- C:\windows\SysWOW64\cscapi.dll
2011-09-09 14:49:01 ----A---- C:\windows\SysWOW64\Bubbles.scr
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\WPDSp.dll
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\WMPhoto.dll
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\utildll.dll
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\tsgqec.dll
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\srvcli.dll
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\Ribbons.scr
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\QSVRMGMT.DLL
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\PortableDeviceStatus.dll
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\olethk32.dll
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\ncryptui.dll
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\Mystify.scr
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\mapistub.dll
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\mapi32.dll
2011-09-09 14:49:00 ----A---- C:\windows\SysWOW64\logman.exe
2011-09-09 14:48:59 ----A---- C:\windows\SysWOW64\WMVSDECD.DLL
2011-09-09 14:48:59 ----A---- C:\windows\SysWOW64\WMADMOD.DLL
2011-09-09 14:48:59 ----A---- C:\windows\SysWOW64\wiavideo.dll
2011-09-09 14:48:59 ----A---- C:\windows\SysWOW64\takeown.exe
2011-09-09 14:48:59 ----A---- C:\windows\SysWOW64\iyuv_32.dll
2011-09-09 14:48:59 ----A---- C:\windows\SysWOW64\fphc.dll
2011-09-09 14:48:59 ----A---- C:\windows\SysWOW64\dot3msm.dll
2011-09-09 14:48:59 ----A---- C:\windows\SysWOW64\avifil32.dll
2011-09-09 14:48:58 ----A---- C:\windows\SysWOW64\wmdrmnet.dll
2011-09-09 14:48:58 ----A---- C:\windows\SysWOW64\sppinst.dll
2011-09-09 14:48:58 ----A---- C:\windows\SysWOW64\qdv.dll
2011-09-09 14:48:58 ----A---- C:\windows\SysWOW64\msyuv.dll
2011-09-09 14:48:58 ----A---- C:\windows\SysWOW64\msnetobj.dll
2011-09-09 14:48:58 ----A---- C:\windows\SysWOW64\imagehlp.dll
2011-09-09 14:48:58 ----A---- C:\windows\SysWOW64\EhStorAPI.dll
2011-09-09 14:48:57 ----A---- C:\windows\SysWOW64\wsnmp32.dll
2011-09-09 14:48:57 ----A---- C:\windows\SysWOW64\WMSPDMOD.DLL
2011-09-09 14:48:57 ----A---- C:\windows\SysWOW64\vfwwdm32.dll
2011-09-09 14:48:57 ----A---- C:\windows\SysWOW64\sspicli.dll
2011-09-09 14:48:57 ----A---- C:\windows\SysWOW64\QCLIPROV.DLL
2011-09-09 14:48:57 ----A---- C:\windows\SysWOW64\pdhui.dll
2011-09-09 14:48:57 ----A---- C:\windows\SysWOW64\MuiUnattend.exe
2011-09-09 14:48:57 ----A---- C:\windows\SysWOW64\msrle32.dll
2011-09-09 14:48:57 ----A---- C:\windows\SysWOW64\cmstp.exe
2011-09-09 14:48:57 ----A---- C:\windows\SysWOW64\cca.dll
2011-09-09 14:48:56 ----A---- C:\windows\SysWOW64\wkscli.dll
2011-09-09 14:48:56 ----A---- C:\windows\SysWOW64\tsbyuv.dll
2011-09-09 14:48:56 ----A---- C:\windows\SysWOW64\spbcd.dll
2011-09-09 14:48:56 ----A---- C:\windows\SysWOW64\setupcln.dll
2011-09-09 14:48:56 ----A---- C:\windows\SysWOW64\relog.exe
2011-09-09 14:48:56 ----A---- C:\windows\SysWOW64\netiougc.exe
2011-09-09 14:48:56 ----A---- C:\windows\SysWOW64\msorcl32.dll
2011-09-09 14:48:56 ----A---- C:\windows\SysWOW64\iscsicli.exe
2011-09-09 14:48:56 ----A---- C:\windows\SysWOW64\iasrecst.dll
2011-09-09 14:48:56 ----A---- C:\windows\SysWOW64\AzSqlExt.dll
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\wmpps.dll
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\syssetup.dll
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\secproc_ssp_isv.dll
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\secproc_ssp.dll
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\resutils.dll
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\rastapi.dll
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\netbtugc.exe
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\mydocs.dll
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\itircl.dll
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\diskpart.exe
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\CertPolEng.dll
2011-09-09 14:48:55 ----A---- C:\windows\SysWOW64\amstream.dll
2011-09-09 14:48:54 ----A---- C:\windows\SysWOW64\wuapp.exe
2011-09-09 14:48:54 ----A---- C:\windows\SysWOW64\WerFaultSecure.exe
2011-09-09 14:48:54 ----A---- C:\windows\SysWOW64\tlscsp.dll
2011-09-09 14:48:54 ----A---- C:\windows\SysWOW64\secur32.dll
2011-09-09 14:48:54 ----A---- C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2011-09-09 14:48:54 ----A---- C:\windows\SysWOW64\RMActivate_ssp.exe
2011-09-09 14:48:54 ----A---- C:\windows\SysWOW64\ReAgentc.exe
2011-09-09 14:48:54 ----A---- C:\windows\SysWOW64\netutils.dll
2011-09-09 14:48:54 ----A---- C:\windows\SysWOW64\mciqtz32.dll
2011-09-09 14:48:54 ----A---- C:\windows\SysWOW64\findstr.exe
2011-09-09 14:48:54 ----A---- C:\windows\SysWOW64\eappgnui.dll
2011-09-09 14:48:53 ----A---- C:\windows\SysWOW64\netapi32.dll
2011-09-09 14:48:53 ----A---- C:\windows\SysWOW64\muifontsetup.dll
2011-09-09 14:48:53 ----A---- C:\windows\SysWOW64\mobsync.exe
2011-09-09 14:48:53 ----A---- C:\windows\SysWOW64\cabinet.dll
2011-09-09 14:48:52 ----A---- C:\windows\SysWOW64\sppc.dll
2011-09-09 14:48:52 ----A---- C:\windows\SysWOW64\spopk.dll
2011-09-09 14:48:52 ----A---- C:\windows\SysWOW64\shimgvw.dll
2011-09-09 14:48:52 ----A---- C:\windows\SysWOW64\luainstall.dll
2011-09-09 14:48:52 ----A---- C:\windows\SysWOW64\iccvid.dll
2011-09-09 14:48:50 ----A---- C:\windows\SysWOW64\unlodctr.exe
2011-09-09 14:48:50 ----A---- C:\windows\SysWOW64\rdprefdrvapi.dll
2011-09-09 14:48:50 ----A---- C:\windows\SysWOW64\msdmo.dll
2011-09-09 14:48:49 ----A---- C:\windows\SysWOW64\UIRibbonRes.dll
2011-09-09 14:48:49 ----A---- C:\windows\SysWOW64\odbcconf.dll
2011-09-09 14:48:49 ----A---- C:\windows\SysWOW64\inetmib1.dll
2011-09-09 14:48:49 ----A---- C:\windows\SysWOW64\browcli.dll
2011-09-09 14:48:48 ----A---- C:\windows\SysWOW64\wups.dll
2011-09-09 14:48:48 ----A---- C:\windows\SysWOW64\perfts.dll
2011-09-09 14:48:48 ----A---- C:\windows\SysWOW64\imm32.dll
2011-09-09 14:48:47 ----A---- C:\windows\SysWOW64\wshbth.dll
2011-09-09 14:48:47 ----A---- C:\windows\SysWOW64\TRAPI.dll
2011-09-09 14:48:47 ----A---- C:\windows\SysWOW64\schedcli.dll
2011-09-09 14:48:47 ----A---- C:\windows\SysWOW64\napdsnap.dll
2011-09-09 14:48:47 ----A---- C:\windows\SysWOW64\elsTrans.dll
2011-09-09 14:48:47 ----A---- C:\windows\SysWOW64\dsauth.dll
2011-09-09 14:48:47 ----A---- C:\windows\SysWOW64\cscdll.dll
2011-09-09 14:48:47 ----A---- C:\windows\SysWOW64\bitsperf.dll
2011-09-09 14:48:46 ----A---- C:\windows\SysWOW64\wsdchngr.dll
2011-09-09 14:48:46 ----A---- C:\windows\SysWOW64\sscore.dll
2011-09-09 14:48:46 ----A---- C:\windows\SysWOW64\shgina.dll
2011-09-09 14:48:46 ----A---- C:\windows\SysWOW64\riched32.dll
2011-09-09 14:48:43 ----A---- C:\windows\SysWOW64\wshirda.dll
2011-09-09 14:48:42 ----A---- C:\windows\SysWOW64\spwmp.dll
2011-09-09 14:48:42 ----A---- C:\windows\SysWOW64\C_ISCII.DLL
2011-09-09 14:48:42 ----A---- C:\windows\SysWOW64\browseui.dll
2011-09-09 14:48:41 ----A---- C:\windows\SysWOW64\wmploc.DLL
2011-09-09 14:48:41 ----A---- C:\windows\SysWOW64\shunimpl.dll
2011-09-09 14:48:41 ----A---- C:\windows\SysWOW64\KBDTUQ.DLL
2011-09-09 14:48:41 ----A---- C:\windows\SysWOW64\KBDTUF.DLL
2011-09-09 14:48:41 ----A---- C:\windows\SysWOW64\KBDSG.DLL
2011-09-09 14:48:41 ----A---- C:\windows\SysWOW64\kbdlk41a.dll
2011-09-09 14:48:41 ----A---- C:\windows\SysWOW64\KBDGR1.DLL
2011-09-09 14:48:41 ----A---- C:\windows\SysWOW64\KBDGKL.DLL
2011-09-09 14:48:41 ----A---- C:\windows\SysWOW64\dxmasf.dll
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\spwizres.dll
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\pifmgr.dll
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\nlsbres.dll
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDUS.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDUGHR1.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDTURME.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDTAJIK.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDSF.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDPO.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDNEPR.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDMON.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDMAORI.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDLT1.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDINTEL.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDINTAM.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDINORI.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDINMAR.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDINKAN.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDINHIN.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDINBEN.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDGEO.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDCZ1.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDBULG.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDBLR.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\KBDBASH.DLL
2011-09-09 14:48:40 ----A---- C:\windows\SysWOW64\dpnaddr.dll
2011-09-09 14:47:36 ----A---- C:\windows\SysWOW64\wdscore.dll
2011-09-09 14:47:28 ----A---- C:\windows\SysWOW64\sqmapi.dll
2011-09-09 14:47:17 ----A---- C:\windows\SysWOW64\wbemcomn.dll
2011-09-09 13:29:55 ----A---- C:\windows\SysWOW64\esent.dll
2011-09-09 13:29:54 ----A---- C:\windows\SysWOW64\fsutil.exe
2011-09-09 13:07:33 ----D---- C:\windows\SysWOW64\Wat
2011-08-29 09:32:40 ----A---- C:\windows\SysWOW64\prevhost.exe
2011-08-29 09:32:33 ----A---- C:\windows\SysWOW64\tzres.dll
2011-08-29 09:32:15 ----A---- C:\windows\SysWOW64\xmllite.dll
2011-08-29 09:32:12 ----A---- C:\windows\SysWOW64\odbcjt32.dll
2011-08-29 09:32:11 ----A---- C:\windows\SysWOW64\odbctrac.dll
2011-08-29 09:32:11 ----A---- C:\windows\SysWOW64\odbccu32.dll
2011-08-29 09:32:11 ----A---- C:\windows\SysWOW64\odbccr32.dll
2011-08-29 09:32:11 ----A---- C:\windows\SysWOW64\odbccp32.dll
2011-08-29 09:32:01 ----A---- C:\windows\SysWOW64\KernelBase.dll
2011-08-29 09:32:01 ----A---- C:\windows\SysWOW64\kernel32.dll
2011-08-29 09:32:00 ----AH---- C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-29 09:32:00 ----A---- C:\windows\SysWOW64\setup16.exe
2011-08-29 09:32:00 ----A---- C:\windows\SysWOW64\ntvdm64.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-29 09:31:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-08-29 09:31:59 ----A---- C:\windows\SysWOW64\wow32.dll
2011-08-29 09:31:59 ----A---- C:\windows\SysWOW64\user.exe
2011-08-29 09:31:59 ----A---- C:\windows\SysWOW64\instnm.exe
2011-08-29 09:31:07 ----A---- C:\windows\SysWOW64\ntoskrnl.exe
2011-08-29 09:31:05 ----A---- C:\windows\SysWOW64\ntkrnlpa.exe
2011-08-29 09:30:59 ----A---- C:\windows\SysWOW64\kerberos.dll
2011-08-29 09:30:51 ----A---- C:\windows\SysWOW64\poqexec.exe
2011-08-29 09:30:46 ----A---- C:\windows\explorer.exe
2011-08-29 09:30:45 ----A---- C:\windows\SysWOW64\explorer.exe
2011-08-29 09:30:41 ----A---- C:\windows\SysWOW64\sbe.dll
2011-08-29 09:30:41 ----A---- C:\windows\SysWOW64\EncDec.dll
2011-08-29 09:30:41 ----A---- C:\windows\SysWOW64\CPFilters.dll
2011-08-29 09:30:35 ----A---- C:\windows\SysWOW64\tquery.dll
2011-08-29 09:30:35 ----A---- C:\windows\SysWOW64\mssrch.dll
2011-08-29 09:30:33 ----A---- C:\windows\SysWOW64\SearchProtocolHost.exe
2011-08-29 09:30:33 ----A---- C:\windows\SysWOW64\SearchIndexer.exe
2011-08-29 09:30:33 ----A---- C:\windows\SysWOW64\SearchFilterHost.exe
2011-08-29 09:30:33 ----A---- C:\windows\SysWOW64\mssvp.dll
2011-08-29 09:30:33 ----A---- C:\windows\SysWOW64\mssphtb.dll
2011-08-29 09:30:33 ----A---- C:\windows\SysWOW64\mssph.dll
2011-08-29 09:30:32 ----A---- C:\windows\SysWOW64\msscntrs.dll
2011-08-29 09:30:20 ----A---- C:\windows\SysWOW64\XpsGdiConverter.dll
2011-08-29 09:30:01 ----A---- C:\windows\SysWOW64\XpsPrint.dll
2011-08-29 09:29:56 ----A---- C:\windows\SysWOW64\mfc42u.dll
2011-08-29 09:29:56 ----A---- C:\windows\SysWOW64\mfc42.dll
2011-08-29 09:29:09 ----A---- C:\windows\SysWOW64\fontsub.dll
2011-08-29 09:29:09 ----A---- C:\windows\SysWOW64\atmlib.dll
2011-08-29 09:29:09 ----A---- C:\windows\SysWOW64\atmfd.dll
2011-08-29 09:28:44 ----A---- C:\windows\SysWOW64\dnscacheugc.exe
2011-08-29 09:28:44 ----A---- C:\windows\SysWOW64\dnsapi.dll
2011-08-29 09:28:41 ----A---- C:\windows\SysWOW64\d3d10_1core.dll
2011-08-29 09:28:40 ----A---- C:\windows\SysWOW64\d3d10_1.dll
2011-08-29 09:28:07 ----A---- C:\windows\SysWOW64\oleaut32.dll
2011-08-29 09:28:04 ----A---- C:\windows\SysWOW64\drvinst.exe
2011-08-29 09:28:04 ----A---- C:\windows\SysWOW64\devrtl.dll
2011-08-29 09:28:04 ----A---- C:\windows\SysWOW64\devobj.dll
2011-08-29 09:28:04 ----A---- C:\windows\SysWOW64\cfgmgr32.dll
2011-08-29 09:27:56 ----A---- C:\windows\SysWOW64\inetcomm.dll
2011-08-05 22:36:20 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2011-08-05 22:36:00 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-08-05 22:33:26 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2011-08-05 22:30:59 ----D---- C:\ProgramData\Microsoft Help
2011-08-05 22:29:57 ----RHD---- C:\MSOCache
2011-08-05 12:39:49 ----D---- C:\Program Files (x86)\Common Files\Symantec Shared
2011-08-05 12:10:05 ----D---- C:\Users\Charlotte\AppData\Roaming\Malwarebytes
2011-08-05 12:10:01 ----A---- C:\windows\SysWOW64\drivers\mbamswissarmy.sys
2011-08-05 12:10:00 ----D---- C:\ProgramData\Malwarebytes
2011-08-05 12:09:57 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-08-05 12:08:00 ----D---- C:\Users\Charlotte\AppData\Roaming\Macromedia
2011-08-05 12:04:49 ----D---- C:\Users\Charlotte\AppData\Roaming\Virtual Desktop Manager
2011-08-05 12:00:46 ----D---- C:\Users\Charlotte\AppData\Roaming\Adobe
2011-08-05 11:59:36 ----D---- C:\Users\Charlotte\AppData\Roaming\FLEXnet
2011-08-05 11:59:16 ----D---- C:\Users\Charlotte\AppData\Roaming\Identities
2011-08-05 11:55:38 ----D---- C:\ProgramData\Farstone
2011-08-05 11:55:27 ----D---- C:\ProgramData\Remind
2011-08-05 11:55:11 ----D---- C:\Users\Charlotte\AppData\Roaming\Zeon
2011-08-05 11:55:10 ----D---- C:\ProgramData\Nuance
2011-08-05 11:55:09 ----D---- C:\ProgramData\ScanSoft
2011-08-05 11:55:08 ----D---- C:\ProgramData\FLEXnet
2011-08-05 11:55:08 ----D---- C:\Program Files (x86)\Nuance
2011-08-05 11:55:06 ----D---- C:\ProgramData\Downloaded Installations
2011-08-05 11:53:08 ----D---- C:\Program Files (x86)\Microsoft Office
2011-08-05 11:51:37 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-08-05 11:51:02 ----A---- C:\windows\SysWOW64\d3dx9_32.dll
2011-08-05 11:49:54 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-08-05 11:49:18 ----D---- C:\Program Files (x86)\Microsoft
2011-08-05 11:49:04 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2011-08-05 11:48:50 ----D---- C:\Program Files (x86)\Windows Live
2011-08-05 11:48:32 ----D---- C:\windows\PCHEALTH
2011-08-05 11:47:49 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2011-08-05 11:43:11 ----A---- C:\windows\silentOnce.tmp
2011-08-05 11:43:00 ----SD---- C:\Users\Charlotte\AppData\Roaming\Microsoft
2011-08-05 11:43:00 ----D---- C:\Users\Charlotte\AppData\Roaming\Media Center Programs
======List of files/folders modified in the last 3 months======
2011-09-22 16:41:43 ----D---- C:\windows\TEMP
2011-09-22 16:41:07 ----D---- C:\windows\Prefetch
2011-09-22 16:36:07 ----SHD---- C:\windows\Installer
2011-09-22 16:36:07 ----RD---- C:\Program Files (x86)
2011-09-22 16:31:11 ----A---- C:\windows\SysWOW64\log.txt
2011-09-22 16:29:06 ----D---- C:\ProgramData\NVIDIA
2011-09-21 22:16:27 ----RD---- C:\Program Files
2011-09-21 22:12:19 ----SD---- C:\ProgramData\Microsoft
2011-09-21 19:21:08 ----D---- C:\windows\SysWOW64\drivers
2011-09-21 19:00:20 ----D---- C:\windows\system32
2011-09-21 19:00:20 ----D---- C:\windows\inf
2011-09-20 19:55:59 ----D---- C:\windows\Microsoft.NET
2011-09-20 19:55:48 ----RSD---- C:\windows\assembly
2011-09-20 18:24:49 ----D---- C:\windows\winsxs
2011-09-18 20:48:47 ----D---- C:\windows\SysWOW64\NV
2011-09-18 20:48:45 ----D---- C:\Windows
2011-09-18 20:44:49 ----D---- C:\windows\SysWOW64
2011-09-18 20:44:48 ----D---- C:\windows\SysWOW64\nl-NL
2011-09-18 20:44:48 ----D---- C:\windows\SysWOW64\migration
2011-09-18 20:44:47 ----D---- C:\windows\SysWOW64\wbem
2011-09-18 20:44:47 ----D---- C:\windows\SysWOW64\en-US
2011-09-18 20:44:46 ----D---- C:\windows\PolicyDefinitions
2011-09-18 20:44:45 ----D---- C:\Program Files (x86)\Internet Explorer
2011-09-18 20:32:51 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-09-18 20:32:51 ----D---- C:\Program Files (x86)\Windows Portable Devices
2011-09-18 20:32:51 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2011-09-18 20:32:51 ----D---- C:\Program Files (x86)\Windows Media Player
2011-09-18 20:32:51 ----D---- C:\Program Files (x86)\Windows Mail
2011-09-18 20:32:48 ----D---- C:\windows\servicing
2011-09-18 20:32:47 ----D---- C:\windows\ehome
2011-09-18 20:32:41 ----D---- C:\windows\SysWOW64\oobe
2011-09-18 20:32:41 ----D---- C:\windows\SysWOW64\da-DK
2011-09-18 20:32:40 ----D---- C:\windows\SysWOW64\sppui
2011-09-18 20:32:40 ----D---- C:\windows\SysWOW64\Setup
2011-09-18 20:32:40 ----D---- C:\windows\SysWOW64\manifeststore
2011-09-18 20:32:40 ----D---- C:\windows\SysWOW64\es-ES
2011-09-18 20:32:40 ----D---- C:\windows\SysWOW64\cs-CZ
2011-09-18 20:32:40 ----D---- C:\windows\SysWOW64\AdvancedInstallers
2011-09-18 20:32:37 ----D---- C:\windows\SysWOW64\migwiz
2011-09-18 20:32:37 ----D---- C:\windows\SysWOW64\Dism
2011-09-18 20:31:36 ----RSD---- C:\windows\Fonts
2011-09-18 20:31:35 ----D---- C:\windows\AppPatch
2011-09-18 20:23:34 ----D---- C:\windows\Logs
2011-09-18 18:34:01 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2011-09-18 18:22:00 ----A---- C:\windows\SysWOW64\msclmd.dll
2011-09-18 18:07:28 ----SHD---- C:\System Volume Information
2011-09-18 17:56:51 ----D---- C:\windows\debug
2011-09-18 16:44:35 ----D---- C:\windows\rescache
2011-09-18 10:26:13 ----D---- C:\Program Files (x86)\Windows Defender
2011-09-18 10:26:13 ----D---- C:\Program Files (x86)\Common Files\System
2011-09-18 10:26:11 ----D---- C:\windows\SysWOW64\XPSViewer
2011-09-18 10:26:11 ----D---- C:\windows\SysWOW64\winrm
2011-09-18 10:26:11 ----D---- C:\windows\SysWOW64\WCN
2011-09-18 10:26:11 ----D---- C:\windows\SysWOW64\sysprep
2011-09-18 10:26:11 ----D---- C:\windows\SysWOW64\slmgr
2011-09-18 10:26:11 ----D---- C:\windows\SysWOW64\Printing_Admin_Scripts
2011-09-18 10:26:11 ----D---- C:\windows\SysWOW64\MUI
2011-09-18 10:26:11 ----D---- C:\windows\SysWOW64\DriverStore
2011-09-18 10:26:11 ----D---- C:\windows\SysWOW64\drivers\UMDF
2011-09-18 10:26:10 ----D---- C:\windows\SysWOW64\sv-SE
2011-09-18 10:26:04 ----D---- C:\windows\SysWOW64\com
2011-09-18 10:26:04 ----D---- C:\windows\IME
2011-09-18 10:25:30 ----D---- C:\windows\SysWOW64\nb-NO
2011-09-18 10:24:57 ----D---- C:\windows\SysWOW64\it-IT
2011-09-18 10:24:57 ----D---- C:\windows\it-IT
2011-09-18 10:24:21 ----D---- C:\windows\SysWOW64\el-GR
2011-09-18 10:24:13 ----D---- C:\windows\en-US
2011-09-18 10:23:41 ----D---- C:\windows\fr-FR
2011-09-18 10:23:40 ----D---- C:\windows\SysWOW64\fr-FR
2011-09-18 10:23:09 ----D---- C:\windows\Speech
2011-09-18 10:22:54 ----D---- C:\windows\SysWOW64\fi-FI
2011-09-16 13:11:57 ----D---- C:\windows\SysWOW64\de-DE
2011-09-16 13:11:57 ----D---- C:\windows\de-DE
2011-09-11 09:49:20 ----D---- C:\windows\Tasks
2011-09-10 09:06:00 ----D---- C:\ProgramData\Norton
2011-09-09 17:14:40 ----A---- C:\windows\win.ini
2011-09-09 17:11:15 ----D---- C:\Program Files (x86)\Common Files
2011-09-09 17:10:01 ----HD---- C:\ProgramData
2011-08-06 19:47:52 ----SHD---- C:\$Recycle.Bin
2011-08-05 22:33:26 ----D---- C:\windows\ShellNew
2011-08-05 12:06:42 ----D---- C:\Utility
2011-08-05 12:00:12 ----D---- C:\windows\SoftwareDistribution
2011-08-05 11:58:11 ----D---- C:\log
2011-08-05 11:55:27 ----D---- C:\Program Files (x86)\msi
2011-08-05 11:43:00 ----RD---- C:\Users
2011-08-05 11:41:19 ----SHD---- C:\Recovery
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys []
R0 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys []
R0 mfewfpk;McAfee Inc. mfewfpk; C:\windows\system32\drivers\mfewfpk.sys []
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys []
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys []
R1 mfenlfk;McAfee NDIS Light Filter; C:\windows\system32\DRIVERS\mfenlfk.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys []
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2010-12-10 14344]
R3 acpials;ALS Sensor Filter; C:\windows\system32\DRIVERS\acpials.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys []
R3 cfwids;McAfee Inc. cfwids; C:\windows\system32\drivers\cfwids.sys []
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys []
R3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64; C:\windows\system32\DRIVERS\fspad_wlh64.sys []
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcDAud;Intel® Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys []
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys []
R3 MEIx64;Intel® Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys []
R3 mfeapfk;McAfee Inc. mfeapfk; C:\windows\system32\drivers\mfeapfk.sys []
R3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys []
R3 mfefirek;McAfee Inc. mfefirek; C:\windows\system32\drivers\mfefirek.sys []
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys []
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys []
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys []
S3 FARMNTIO;FARMNTIO; \??\c:\windows\system32\drivers\farmntio.sys []
S3 mfeavfk01;McAfee Inc.; C:\windows\SysWOW64\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\windows\system32\drivers\mferkdet.sys []
S3 MGHwCtrl;MGHwCtrl; \??\c:\Utility\Silent\MGHwCtrl.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [2010-12-10 104968]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe []
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2010-12-10 159752]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2011-03-13 197960]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-03-13 208272]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe []
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-12-24 1997416]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-24 378984]
R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2011-06-23 501768]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe []
-----------------EOF-----------------
---------- Post toegevoegd om 16:44 ---------- Vorige post was om 16:43 ----------
Tweede log (info)
info.txt logfile of random's system information tool 1.09 2011-09-22 16:41:52
======Uninstall list======
Adobe Flash Player 10 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{48106FE4-B1AF-4941-BF3D-83E6C4B7CAF3}\setup.exe -runfromtemp
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly
BurnRecovery-->C:\Program Files (x86)\InstallShield Installation Information\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}\setup.exe -runfromtemp -l0x0009 -removeonly
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{28857979-5507-4C10-A922-FF709A19D38C}" "1043" "0"
EasyFace2-->C:\Program Files (x86)\InstallShield Installation Information\{94DE7548-E449-4F7D-804F-0C5CDC3A1E6A}\setup.exe -runfromtemp -l0x0009 -removeonly
EasyViewer-->"C:\Program Files (x86)\InstallShield Installation Information\{EECD7B96-1416-4D3A-B12D-0D2512120C36}\setup.exe" -runfromtemp -l0x0409 -removeonly
EasyViewer-->MsiExec.exe /X{EECD7B96-1416-4D3A-B12D-0D2512120C36}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Intel® Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall
Intel® Processor Graphics-->C:\Program Files (x86)\Intel\Intel® Processor Graphics\Uninstall\setup.exe -uninstall
Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
Malwarebytes' Anti-Malware versie 1.51.2.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
McAfee AntiVirus Plus-->C:\Program Files\McAfee\MSC\mcuihost.exe /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{99ACCA38-6DD3-48A8-96AE-A283C9759279}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0413-0000-0000000FF1CE}" "{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0413-1000-0000000FF1CE}" "{B9427E36-0B0A-48F4-8A51-1C178708A28E}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0413-0000-0000000FF1CE}" "{D3B92058-CF96-445F-A297-F7ED19C4E841}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{047B0968-E622-4FAA-9B4B-121FA109EDDE}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0413-0000-0000000FF1CE}" "{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" "1043" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"
Microsoft Office Access MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0015-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0016-0413-0000-0000000FF1CE}
Microsoft Office Home and Student 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL
Microsoft Office OneNote MUI (Dutch) 2010-->MsiExec.exe /X{90140000-00A1-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001A-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0018-0413-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2010-->MsiExec.exe /X{90140000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2010-->MsiExec.exe /X{90140000-002C-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0019-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2010-->MsiExec.exe /X{90140000-006E-0413-0000-0000000FF1CE}
Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001B-0413-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
MSI Remind Manager-->MsiExec.exe /I{89F17DC5-A776-4DF4-8CD1-FAEF29BCE51A}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Nuance PDF Reader-->MsiExec.exe /X{B480904D-F73F-4673-B034-8A5F492C9184}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
PHotkey-->C:\Program Files (x86)\InstallShield Installation Information\{24047BE4-329D-46F7-9689-8684C7A1CFBB}\setup.exe -runfromtemp -l0x0009 -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x0409 -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996}
Security Update for Microsoft Excel 2010 (KB2553070)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{294BAA9E-9209-497F-A71F-7E52EFB194D4}" "1043" "0"
Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}" "1043" "0"
Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}" "1043" "0"
Security Update for Microsoft Office 2010 (KB2584066)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{EEB4DDD0-08EA-4787-BDAB-D38D67A35CD5}" "1043" "0"
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}" "1043" "0"
Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1043" "0"
Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{A8686D24-1E89-43A1-973E-05A258D2B3F8}" "1043" "0"
Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{EFB525A0-E1C0-4E32-9968-FE401BC87363}" "1043" "0"
Update for Microsoft Outlook Social Connector (KB2583935)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0413-0000-0000000FF1CE}" "{57EA56B8-02F2-4081-9C4A-13978F801479}" "1043" "0"
Update for Microsoft Outlook Social Connector (KB2583935)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{EDF9874C-9E37-4110-9FC3-094247E114DF}" "1043" "0"
Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live aanmeldhulp-->MsiExec.exe /I{1BD6AE96-4742-4498-9D03-9451C7E5A214}
Windows Live Call-->MsiExec.exe /I{C20C2630-B3A7-44BA-BDD0-31E256AE490E}
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}
Windows Live Mail-->MsiExec.exe /I{2869F5EA-93C3-48E5-80DF-DB696BC84A91}
Windows Live Messenger-->MsiExec.exe /X{CC38A00D-7EED-46CE-9281-D1D97B81F22A}
Windows Live Movie Maker-->MsiExec.exe /X{32061277-9F45-4C3B-8299-D106D5A502ED}
Windows Live Photo Gallery-->MsiExec.exe /X{6FEC9863-5EF2-4A07-9D0B-CA81B47E3F59}
Windows Live Sync-->MsiExec.exe /X{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}
Windows Live Writer-->MsiExec.exe /X{35CA031C-D3CD-4A28-8D9B-C71466C4F045}
WinFlash-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B39AA98E-C966-46C9-ACA2-D2586E300988}\Setup.exe" -l0x9
XW204E-->"C:\Program Files (x86)\InstallShield Installation Information\{5BFF7DE6-C3F0-40F8-AC32-75D628E46C6B}\setup.exe" -runfromtemp -l0x0409
======System event log======
Computer Name: WIN-GHQKFMUJGPO
Event Code: 7036
Message: De Windows Search-service heeft nu de status stopped.
Record Number: 1578
Source Name: Service Control Manager
Time Written: 20110321185749.798176-000
Event Type: Informatie
User:
Computer Name: WIN-GHQKFMUJGPO
Event Code: 7040
Message: Het opstarttype van de service Windows Search is gewijzigd van auto start in disabled.
Record Number: 1577
Source Name: Service Control Manager
Time Written: 20110321185748.394174-000
Event Type: Informatie
User: CharlotteDeij\Administrator
Computer Name: WIN-GHQKFMUJGPO
Event Code: 104
Message: Logboekbestand Setup is gewist.
Record Number: 1576
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110321185738.815757-000
Event Type: Informatie
User: CharlotteDeij\Administrator
Computer Name: WIN-GHQKFMUJGPO
Event Code: 104
Message: Logboekbestand Application is gewist.
Record Number: 1575
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110321185738.472556-000
Event Type: Informatie
User: CharlotteDeij\Administrator
Computer Name: WIN-GHQKFMUJGPO
Event Code: 104
Message: Logboekbestand System is gewist.
Record Number: 1574
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110321185738.441356-000
Event Type: Informatie
User: CharlotteDeij\Administrator
=====Application event log=====
Computer Name: WIN-GHQKFMUJGPO
Event Code: 1532
Message: De User Profile-service is gestopt.
Record Number: 483
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110321185756.194187-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
Computer Name: WIN-GHQKFMUJGPO
Event Code: 36
Message:
Record Number: 482
Source Name: NIS
Time Written: 20110321185756.000000-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
Computer Name: WIN-GHQKFMUJGPO
Event Code: 1003
Message: De Windows Search-service is gestart.
Record Number: 481
Source Name: Microsoft-Windows-Search
Time Written: 20110321185752.000000-000
Event Type: Informatie
User:
Computer Name: WIN-GHQKFMUJGPO
Event Code: 1013
Message: De Windows Search-service is normaal gestopt.
Record Number: 480
Source Name: Microsoft-Windows-Search
Time Written: 20110321185749.000000-000
Event Type: Informatie
User:
Computer Name: WIN-GHQKFMUJGPO
Event Code: 103
Message: Windows (1600) Windows: De database-engine heeft een nieuwe sessie (0) stopgezet.
Record Number: 479
Source Name: ESENT
Time Written: 20110321185749.000000-000
Event Type: Informatie
User:
=====Security event log=====
Computer Name: WIN-GHQKFMUJGPO
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 654
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110321185752.075780-000
Event Type: Controle geslaagd
User:
Computer Name: WIN-GHQKFMUJGPO
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: WIN-GHQKFMUJGPO$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldingstype: 5
Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x278
Naam proces: C:\Windows\system32\services.exe
Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 653
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110321185752.075780-000
Event Type: Controle geslaagd
User:
Computer Name: WIN-GHQKFMUJGPO
Event Code: 4738
Message: Er is een gebruikersaccount gewijzigd.
Onderwerp:
Beveiligings-id: S-1-5-21-3708872907-2703013417-2447342661-500
Accountnaam: Administrator
Accountdomein: WIN-GHQKFMUJGPO
Aanmeldings-id: 0x2628d
Doelaccount:
Beveiligings-id: S-1-5-21-3708872907-2703013417-2447342661-500
Accountnaam: Administrator
Accountdomein: WIN-GHQKFMUJGPO
Gewijzigde kenmerken:
SAM-accountnaam: -
Weergavenaam: -
Principal-naam van gebruiker: -
Basismap: -
Basisstation: -
Pad naar script: -
Pad naar profiel: -
Gebruikerswerkstations: -
Wachtwoord voor het laatst ingesteld: -
Account verloopt op: -
Primaire groeps-id: -
Mag overdragen aan: -
Oude UAC-waarde: 0x210
Nieuwe UAC-waarde: 0x211
Gebruikersaccountbeheer:
Account uitgeschakeld
Gebruikersparameters: -
SID-geschiedenis: -
Aantal uren aangemeld: -
Aanvullende gegevens:
Bevoegdheden: -
Record Number: 652
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110321185747.364572-000
Event Type: Controle geslaagd
User:
Computer Name: WIN-GHQKFMUJGPO
Event Code: 4725
Message: Er is een gebruikersaccount uitgeschakeld.
Onderwerp:
Beveiligings-id: S-1-5-21-3708872907-2703013417-2447342661-500
Accountnaam: Administrator
Accountdomein: WIN-GHQKFMUJGPO
Aanmeldings-id: 0x2628d
Doelaccount:
Beveiligings-id: S-1-5-21-3708872907-2703013417-2447342661-500
Accountnaam: Administrator
Accountdomein: WIN-GHQKFMUJGPO
Record Number: 651
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110321185747.364572-000
Event Type: Controle geslaagd
User:
Computer Name: WIN-GHQKFMUJGPO
Event Code: 1102
Message: Het controlelogboek is gewist.
Onderwerp:
Beveiligings-id: S-1-5-21-3708872907-2703013417-2447342661-500
Accountnaam: Administrator
Domeinnaam: WIN-GHQKFMUJGPO
Aanmeldings-id: 0x2628d
Record Number: 650
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110321185738.768957-000
Event Type: Controle geslaagd
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"configsetroot"=%SystemRoot%\ConfigSetRoot
-----------------EOF-----------------
-
Logfile of random's system information tool 1.09 (written by random/random)
Run by Madeleine at 2011-09-22 12:02:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 400 GB (86%) free of 462 GB
Total RAM: 3894 MB (60% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3419050245-142249360-2368368135-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3419050245-142249360-2368368135-1000UA.job
C:\Windows\tasks\HPCeeScheduleForMadeleine.job
C:\Windows\tasks\PerfectOptimizer_Home.Job
C:\Windows\tasks\vtscheduletask.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Madeleine\AppData\Roaming\Mozilla\Firefox\Profiles\p3masd02.default
prefs.js - "browser.startup.homepage" - "Search"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://www.searchqu.com/web?src=ffb&systemid=406&q="
"{B7082FAA-CB62-4872-9106-E42DD88EDE45}"=C:\Program
Files (x86)\McAfee\SiteAdvisor
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=c:\progra~2\mcafee\msc\npmcsn~1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MVT]
"Description"=McAfee Virtual Technician Plugin
"Path"=C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@novell.com/iPrint]
"Description"=Novell iPrint Control
"Path"=C:\Windows\SysWOW64
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
Scriptff.dll
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npnul32.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
bolcom-nl.xml
google.xml
marktplaats-nl.xml
McSiteAdvisor.xml
SearchquWebSearch.xml
vandale-nl.xml
wikipedia-nl.xml
yahoo-nl.xml
C:\Users\Madeleine\AppData\Roaming\Mozilla\Firefox\Profiles\p3masd02.default\searchplugins\
SearchquWebSearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll [2010-04-28 113512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110905175351.dll [2011-03-13 78456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2011-04-08 251928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2011-04-08 251928]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-01-25 61112]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2011-07-13 1666144]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-02-22 2363392]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [2011-05-13 4283256]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2009-10-09 25623336]
"Google Update"=C:\Users\Madeleine\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-22 136176]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe [2010-11-15 233936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-04-11 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRealMode"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2011-09-16 14:14:53 ----D---- C:\Users\Madeleine\AppData\Roaming\WildTangentv1002
2011-09-16 13:58:44 ----D---- C:\rsit
2011-09-15 11:43:22 ----D---- C:\Program Files (x86)\Trend Micro
2011-09-13 09:27:53 ----D---- C:\Users\Madeleine\AppData\Roaming\Faerie Solitaire
2011-09-12 09:45:33 ----HD---- C:\Windows\msdownld.tmp
2011-09-09 08:45:41 ----D---- C:\Windows\SysWOW64\BestPractices
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\wininet.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\wextract.exe
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\webcheck.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\vbscript.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\urlmon.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\url.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\pngfilt.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\occache.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\msrating.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\msls31.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\mshtmler.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\mshtml.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\mshta.exe
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\jscript9.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\jscript.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\inseng.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\imgutil.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\iexpress.exe
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\ieui.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\iesetup.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\iertutil.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\iernonce.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\iepeers.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\ieframe.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\ieapfltr.dat
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\ieakui.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\ieaksie.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\ieakeng.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\icardie.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2011-09-02 14:04:35 ----A---- C:\Windows\SysWOW64\admparse.dll
2011-09-02 11:42:55 ----D---- C:\Users\Madeleine\AppData\Roaming\FloodLightGames
2011-09-02 11:42:55 ----D---- C:\ProgramData\FloodLightGames
2011-08-29 09:57:11 ----D---- C:\Windows\nl
2011-08-29 09:21:05 ----D---- C:\Program Files (x86)\File Type Assistant
2011-08-29 09:12:37 ----D---- C:\Program Files (x86)\Adobe Download Assistant
2011-08-29 08:48:18 ----A---- C:\Windows\SysWOW64\tzres.dll
2011-08-29 08:47:41 ----A---- C:\Windows\SysWOW64\xmllite.dll
2011-08-29 08:47:37 ----A---- C:\Windows\SysWOW64\odbctrac.dll
2011-08-29 08:47:37 ----A---- C:\Windows\SysWOW64\odbcjt32.dll
2011-08-29 08:47:37 ----A---- C:\Windows\SysWOW64\odbccu32.dll
2011-08-29 08:47:37 ----A---- C:\Windows\SysWOW64\odbccr32.dll
2011-08-29 08:47:37 ----A---- C:\Windows\SysWOW64\odbccp32.dll
2011-08-29 08:47:01 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2011-08-29 08:47:00 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-29 08:47:00 ----A---- C:\Windows\SysWOW64\wow32.dll
2011-08-29 08:47:00 ----A---- C:\Windows\SysWOW64\setup16.exe
2011-08-29 08:47:00 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2011-08-29 08:47:00 ----A---- C:\Windows\SysWOW64\kernel32.dll
2011-08-29 08:47:00 ----A---- C:\Windows\SysWOW64\instnm.exe
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-08-29 08:46:59 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-29 08:46:58 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-08-29 08:46:58 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-08-29 08:46:58 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-29 08:46:58 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-29 08:46:58 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-29 08:46:57 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-08-29 08:46:57 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-08-29 08:46:57 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-29 08:46:57 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-08-29 08:46:57 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-08-29 08:46:57 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-08-29 08:46:57 ----A---- C:\Windows\SysWOW64\user.exe
2011-08-29 08:46:40 ----A---- C:\Windows\SysWOW64\tquery.dll
2011-08-29 08:46:40 ----A---- C:\Windows\SysWOW64\mssrch.dll
2011-08-29 08:46:39 ----A---- C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-08-29 08:46:39 ----A---- C:\Windows\SysWOW64\SearchIndexer.exe
2011-08-29 08:46:39 ----A---- C:\Windows\SysWOW64\mssph.dll
2011-08-29 08:46:38 ----A---- C:\Windows\SysWOW64\SearchFilterHost.exe
2011-08-29 08:46:38 ----A---- C:\Windows\SysWOW64\mssvp.dll
2011-08-29 08:46:38 ----A---- C:\Windows\SysWOW64\mssphtb.dll
2011-08-29 08:46:37 ----A---- C:\Windows\SysWOW64\msscntrs.dll
2011-08-29 08:43:44 ----A---- C:\Windows\SysWOW64\d3d10_1.dll
2011-08-29 08:43:35 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2011-08-29 08:43:30 ----A---- C:\Windows\SysWOW64\drvinst.exe
2011-08-29 08:43:30 ----A---- C:\Windows\SysWOW64\devrtl.dll
2011-08-29 08:43:30 ----A---- C:\Windows\SysWOW64\devobj.dll
2011-08-29 08:43:30 ----A---- C:\Windows\SysWOW64\cfgmgr32.dll
2011-08-29 08:35:39 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2011-08-29 08:35:37 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2011-08-29 08:31:17 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2011-07-24 11:39:48 ----D---- C:\Users\Madeleine\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
======List of files/folders modified in the last 3 months======
2011-09-22 12:02:56 ----D---- C:\Windows\Temp
2011-09-22 11:50:58 ----D---- C:\Users\Madeleine\AppData\Roaming\Skype
2011-09-22 11:48:48 ----A---- C:\Windows\SysWOW64\log.txt
2011-09-22 11:48:47 ----D---- C:\Program Files (x86)\Common Files\Akamai
2011-09-20 09:44:51 ----SHD---- C:\System Volume Information
2011-09-20 09:18:41 ----D---- C:\Windows\Tasks
2011-09-20 08:37:46 ----SHD---- C:\Windows\Installer
2011-09-20 08:37:46 ----SHD---- C:\Config.Msi
2011-09-20 08:37:43 ----D---- C:\Program Files (x86)\Microsoft Works
2011-09-16 15:28:15 ----D---- C:\ProgramData\Microsoft Help
2011-09-16 14:23:44 ----D---- C:\ProgramData\WildTangent
2011-09-16 13:12:09 ----D---- C:\Windows\System32
2011-09-16 13:12:09 ----D---- C:\Windows\inf
2011-09-15 12:06:32 ----D---- C:\Users\Madeleine\AppData\Roaming\gtk-2.0
2011-09-15 11:49:26 ----RD---- C:\Program Files
2011-09-15 11:43:22 ----RD---- C:\Program Files (x86)
2011-09-14 14:37:23 ----D---- C:\ProgramData\McAfee
2011-09-14 14:04:55 ----D---- C:\Windows\winsxs
2011-09-14 14:00:38 ----D---- C:\Windows\SysWOW64
2011-09-14 14:00:38 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2011-09-14 14:00:32 ----D---- C:\Program Files (x86)\Microsoft Application Virtualization Client
2011-09-12 09:45:34 ----D---- C:\Program Files (x86)\Internet Explorer
2011-09-12 09:45:33 ----D---- C:\Windows
2011-09-11 21:46:46 ----RSD---- C:\Windows\assembly
2011-09-11 21:46:46 ----D---- C:\Windows\Microsoft.NET
2011-09-09 08:45:43 ----D---- C:\Windows\SysWOW64\nl-NL
2011-09-09 08:45:42 ----D---- C:\Windows\SysWOW64\inetsrv
2011-09-09 08:45:38 ----D---- C:\inetpub
2011-09-06 12:00:53 ----SD---- C:\Users\Madeleine\AppData\Roaming\Microsoft
2011-09-02 14:06:47 ----D---- C:\Windows\SysWOW64\wbem
2011-09-02 14:06:47 ----D---- C:\Windows\SysWOW64\migration
2011-09-02 14:06:47 ----D---- C:\Windows\SysWOW64\en-US
2011-09-02 14:06:46 ----D---- C:\Windows\PolicyDefinitions
2011-09-02 14:03:45 ----D---- C:\Windows\Logs
2011-09-02 11:42:55 ----HD---- C:\ProgramData
2011-09-02 09:17:10 ----D---- C:\Program Files (x86)\Overhoor
2011-09-02 09:13:55 ----D---- C:\Users\Madeleine\AppData\Roaming\RagTime
2011-08-30 13:04:16 ----RSD---- C:\Windows\Fonts
2011-08-30 13:04:10 ----D---- C:\Windows\AppPatch
2011-08-30 12:43:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-08-29 09:54:20 ----D---- C:\Program Files (x86)\Windows Live
2011-08-29 08:30:02 ----D---- C:\Windows\SysWOW64\drivers
2011-08-09 12:04:06 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-08-09 12:04:06 ----D---- C:\Program Files (x86)\Windows Portable Devices
2011-08-09 12:04:06 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2011-08-09 12:04:06 ----D---- C:\Program Files (x86)\Windows Media Player
2011-08-09 12:04:06 ----D---- C:\Program Files (x86)\Windows Mail
2011-08-09 12:04:00 ----D---- C:\Windows\servicing
2011-08-09 12:04:00 ----D---- C:\Windows\ehome
2011-08-09 12:03:51 ----D---- C:\Windows\SysWOW64\Setup
2011-08-09 12:03:51 ----D---- C:\Windows\SysWOW64\oobe
2011-08-09 12:03:51 ----D---- C:\Windows\SysWOW64\manifeststore
2011-08-09 12:03:51 ----D---- C:\Windows\SysWOW64\da-DK
2011-08-09 12:03:51 ----D---- C:\Windows\SysWOW64\cs-CZ
2011-08-09 12:03:51 ----D---- C:\Windows\SysWOW64\AdvancedInstallers
2011-08-09 12:03:50 ----D---- C:\Windows\SysWOW64\sppui
2011-08-09 12:03:50 ----D---- C:\Windows\SysWOW64\es-ES
2011-08-09 12:03:47 ----D---- C:\Windows\SysWOW64\migwiz
2011-08-09 12:03:47 ----D---- C:\Windows\SysWOW64\Dism
2011-07-24 11:44:51 ----A---- C:\Windows\SysWOW64\msclmd.dll
2011-07-24 11:39:36 ----D---- C:\Program Files (x86)\Adobe
2011-07-24 11:39:33 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2011-07-24 11:34:35 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys []
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys []
R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys []
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys []
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys []
R3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys []
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys []
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys []
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys []
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys []
S3 mfeavfk01;McAfee Inc.; C:\Windows\SysWOW64\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys []
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-23 225280]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\System32\ezSharedSvcHost.exe [2010-01-25 514232]
R2 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-01-27 102968]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 HPWMISVC;HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]
R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-10-13 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-02-22 73728]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2011-03-13 197960]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-03-13 208272]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe []
R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe []
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-01-04 238328]
S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2011-06-23 501768]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files (x86)\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
-
Het is alleen die film
Het is een AVI formaat.
Sorry voor het late reageren.
Het is me gelukt de film te kijken. Ik heb eerst de dvd gewoon geopend via mijn computer, toen ben ik naar videos gegaan, en heb daar gewoon een fragmentje geselecteerd en toen kon ik de hele film zonder problemen kijken
-
Ik kan het nu inderdaad openen, bij de eerste keer kreeg ik wel de info erbij. Maar nu niet meer. Moet ik dan nog iets anders doen of niet? Want ik had het logje zelf dicht geklikt, en de info laten open staan. Want het logje had ik opgeslagen en de info wilde ik daarna doen. Want ik zat op dat moment niet op het internet.
Heb ik nu iets drastisch verkeerd gedaan???
-
De laptop van mijn zusje is misschien net 1 maand oud.
Maar helaas loopt hij heel vaak vast, en kan er met McAfee of Malware Antibytes niet gescand worden. Telkens als we dat proberen loopt de hele laptop vast en mag je de laptop opnieuw opstarten.
Daarnaast zet dit virus McAfee ook steeds weer op non-actief. Het real-time scannen wordt steeds uitgezet.
En we kunnen het wel aanzetten, maar een paar minuten later is het weer uit.
Iemand een idee wat het beste gedaan kan worden???
Het gaat om een MSI CX640 met Windows 7 64 bits erop.
Het gaat hierbij dus niet om mijn eigen laptop.
-
http://i54.tinypic.com/11agyo8.png
Ik heb maar een account op mijn laptop en dat is een administrator account. Maar zelfs als ik het via mijn computer het probeer krijg ik nog steeds hetzelfde scherm. Maar hij zegt steeds dat hij het niet kan vinden.
Heb er maar even een printscreen van gemaakt
Wat aangepast: in het mapje zelf kan ik niks zien, maar als ik bij klembord het logje wil opslaan kan ik het wel zien staan.
-
Zodra ik die scan laat doen en hij klembord opent zegt hij dat hij het bestand niet kan vinden en of ik een nieuw bestand aan wil maken. Als ik nee zeg krijg ik een wit scherm maar als ik ja zeg ook. Wat moet ik dan doen???
Link Speccy: http://speccy.piriform.com/results/IT7f0y8sEJ7ZTbFBLPKo4JD
-
Zal ik doen, zodra ik thuis ben, op school hebben ze me namelijk op de laptop van het draadloze netwerk gegooid. Dus kan nu ook niet veel met de laptop doen. Zit nu op een pc van school. Maar als ik thuis ben zal ik het zeker doen.
Wordt met de gegevens van de laptop bedoeld, dat ik de gegevens van de sticker van microsoft moet overschrijven?
Want ik weet wel dat ik een hp laptop heb, met een i3 processor en links onder het scherm staat G62 is dat dan het type???
Anders heb ik geen idee wat je bedoeld.
-
Nee dit gaat over een pc en geen laptop. Dvd's kijken doe ik altijd op de gewone pc. Mijn laptop gebruik ik voor school.
Maar dat topic gaat over de laptop inderdaad ja
-
McAfee was bij de 95 % toen die vast liep. Dus heb ik de computer opnieuw opgestart. En toen nog een keer Word geprobeerd, en toen lukte het weer. Was waarschijnlijk een virus of een Tjoriaans paard. En deze is gelukkig verwijderd door McAfee.
Dus dit probleem is opgelost.
Maar bedankt voor het snelle reageren.
-
Mijn pc loopt vast zodra ik de film mama maia wil gaan kijken.
Ik heb het al met windows media player geprobeerd, Quick time en cyberlink power dvd.
Ze lopen allemaal vast. Iemand enig idee hoe dat te verhelpen?
-
Ik kan op mijn laptop nog wel programma's openen. Maar zodra ik wil gaan typen gaat het fout. Dan crasht het programma ineens. het gaat hierbij om Microsoft offfice programma's, maar ook internet explorer en andere internet browsers en ook spelletjes. Zodra ik moet gaan typen loopt het programma vast.
Maar in kladblok kan ik nog wel typen. Iemand enig idee wat hier mis is.
Malwarebytes anti-malware heb ik al een volledige scan laten doen, maar heeft niks kunnen vinden. En ook McAfee is bezig met scannen en de 50 % voorbij geweest en ook nog niks gevonden.
niks vinden, maar er is wel iets
in Archief Bestrijding malware & virussen
Geplaatst:
Malware Antimalware, loopt nog steeds vast bij het scannen