Ga naar inhoud

Yvontje82

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    165

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Yvontje82

  1. Yvontje82
    ComboFix 12-10-14.02 - Yvonne 14-10-2012 9:52.5.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2669 [GMT 2:00] Gestart vanuit: c:\users\Yvonne\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\boost_interprocess\20121014094421.125600 c:\programdata\boost_interprocess\20121014094421.125600\Nobu64AgentService c:\programdata\boost_interprocess\20121014094421.125600\Nobu64TrayIcon c:\users\Yvonne\AppData\Roaming\Hiyhx c:\users\Yvonne\AppData\Roaming\Hiyhx\saro.nyo . . (((((((((((((((((((( Bestanden Gemaakt van 2012-09-14 to 2012-10-14 )))))))))))))))))))))))))))))) . . 2012-10-14 07:58 . 2012-10-14 07:58 -------- d-----w- c:\users\Werner\AppData\Local\temp 2012-10-14 07:58 . 2012-10-14 07:58 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-10-14 07:58 . 2012-10-14 07:58 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-10 12:36 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys 2012-10-10 12:36 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-10-10 12:36 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-10-10 12:36 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-09-28 13:25 . 2012-09-28 13:31 -------- d-----w- c:\program files\WinRAR 2012-09-28 13:17 . 2012-09-28 13:26 -------- d-----w- c:\programdata\WinZip 2012-09-28 08:09 . 2012-09-28 08:10 -------- d-----w- c:\users\Yvonne\AppData\Local\Alt.Binz 2012-09-26 03:41 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2012-09-17 00:12 . 2012-09-17 00:13 -------- d-----w- c:\programdata\ieojjrtllsxovlt . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-11 01:04 . 2011-05-23 07:31 65309168 ----a-w- c:\windows\system32\MRT.exe 2012-09-07 15:04 . 2012-01-05 20:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-03 20:20 . 2012-09-03 20:20 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2012-08-24 13:43 . 2012-08-24 13:43 384352 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2012-08-22 18:12 . 2012-09-12 13:45 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-22 18:12 . 2012-09-12 13:45 950128 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-08-22 18:12 . 2012-09-12 13:45 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2012-08-22 18:12 . 2012-09-12 13:45 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-08-20 17:38 . 2012-10-10 12:35 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-08-02 17:58 . 2012-09-12 13:45 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-02 16:57 . 2012-09-12 13:45 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2012-07-26 01:21 . 2012-07-26 01:21 291680 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2012-07-18 18:15 . 2012-08-15 07:39 3148800 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-09-03 20:20 1734240 ----a-w- c:\program files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll" [2012-09-03 1734240] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-08 98304] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-05-01 3151512] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-06 658424] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-11-01 593920] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-09-03 947808] "HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960] "ROC_ROC_JULY_P1"="c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-09-03 1022048] . c:\users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 136176] R2 HitmanPro36CrusaderBoot;HitmanPro 3.6 Crusader (Boot);c:\program files\HitmanPro\HitmanPro.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 136176] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-02 113120] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-21 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-07-26 291680] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-09-03 31080] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-08 203264] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-09-03 722528] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-08 7767552] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-08 279040] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-08-16 116240] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . Inhoud van de 'Gedeelde Taken' map . 2012-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 11:38] . 2012-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 11:38] . 2012-09-14 c:\windows\Tasks\HPCeeScheduleForYVONNE-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . 2012-10-14 c:\windows\Tasks\HPCeeScheduleForYvonne.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm IE: Free YouTube to MP3 Converter - c:\users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.1.254 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll FF - ProfilePath - c:\users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - prefs.js: network.proxy.type - 0 FF - user.js: extentions.y2layers.installId - 3d8c62c3-e8a9-4ad3-bc79-bc61006110b3 FF - user.js: extentions.y2layers.defaultEnableAppsList - BestVideoDownloader . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{25515A79-C1C7-4B97-97F8-31A711694487} - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HitmanPro36CrusaderBoot] "ImagePath"="\"c:\program files\HitmanPro\HitmanPro.exe\" /crusader:boot" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8, 89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8, 7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de "{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4, 91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27 "{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}"=hex:51,66,7a,6c,4c,1d,38,12,81,2d,20, 35,ad,85,e1,00,d0,fd,90,4e,9f,38,f2,ae "{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1, 38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4 "{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39, 64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c "{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40, 69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18 "{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac, 6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96, 76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd, d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47, 2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85 "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16, fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17 "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9, b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b "{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,6b,7c, 1a,82,e9,65,3d,9d,e9,17,af,a2,b0,e5,ab . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem)
  2. Yvontje82
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:20:59, on 13-10-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\adb.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Users\Yvonne\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro 3.6 Crusader (Boot) (HitmanPro36CrusaderBoot) - Unknown owner - C:\Program Files\HitmanPro\HitmanPro.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11883 bytes Toen ik MBAM liet draaien was ik eerst vergeten om AVG uit te zetten, en toen kreeg ik de melding dat er een meervoudige bedreiging is gevonden. Nu heb ik hier nog niets mee gedaan, want ik dacht dat het mogelijk een melding zou kunnen zijn die opkomt omdat ik AVG niet had uitgezet. Graag hoor ik of dit in derdaad zo is en anders probeer ik die melding alsnog een keertje te voorschijn te toveren. Zie in de bijgevoegde foto voor melding die ik kreeg. Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Databaseversie: v2012.10.13.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Yvonne :: YVONNE-HP [administrator] 13-10-2012 16:30:11 mbam-log-2012-10-13 (16-30-11).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 216730 Verstreken tijd: 3 minuut/minuten, 5 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  3. Yvontje82
    Beste, Hierbij het logje. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:29:19, on 12-10-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Users\Yvonne\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro 3.6 Crusader (Boot) (HitmanPro36CrusaderBoot) - Unknown owner - C:\Program Files\HitmanPro\HitmanPro.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11951 bytes
  4. Yvontje82
    Hallo, Zonet werd ik plots verrast door een melding van AVG anti-virus dat er een trojaanspaard was gedetecteerd. Deze heb ik meteen in quarantaine geplaatst. (Zie de bijlage voor de melding). De melding kwam opzetten toen ik een zojuist gescand bestand wilde zoeken. Het betreffen bestand die als trojaanspaard werd aangeduidt stond in mijn lijst in de map "Mijn afbeeldingen". ik weet of deze info van belang kan zijn voor jullie, maar ik geef het maar even mee. Graag zou ik een PC-check willen doen om te kijken of er mogelijk nog meer geinfecteerde bestanden op mijn PC staan. Met vriendelijke groet, Yvonne
  5. Yvontje82
    Hoi Kape, Volgens mij niet (voor zover ik dat merk aan mijn pc). Ik kon mijn PC al na de eerste verwijdering weer gewoon gebruiken Groetjes en bedankt. Yvonne
  6. Yvontje82
    Nou, hopelijk ben ik er nu vanaf ComboFix 12-07-31.03 - Yvonne 02-08-2012 22:45:16.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2715 [GMT 2:00] Gestart vanuit: c:\users\Yvonne\Desktop\ComboFix1.exe gebruikte Opdracht switches :: c:\users\Yvonne\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Web Assistant c:\program files\Web Assistant\Extension64.dll c:\program files\Web Assistant\ExtensionUpdaterService.exe c:\program files\Web Assistant\Firefox\chrome.manifest c:\program files\Web Assistant\Firefox\chrome\content\libraries\DataExchangeScript.js c:\program files\Web Assistant\Firefox\chrome\content\main.js c:\program files\Web Assistant\Firefox\chrome\content\main.xul c:\program files\Web Assistant\Firefox\chrome\content\resources\localscript.js c:\program files\Web Assistant\Firefox\chrome\locale\en-US\overlay.dtd c:\program files\Web Assistant\Firefox\chrome\skin\overlay.css c:\program files\Web Assistant\Firefox\defaults\preferences\defaults.js c:\program files\Web Assistant\Firefox\install.rdf c:\program files\Web Assistant\InstallerHelper.dll c:\program files\Web Assistant\libraries\DataExchangeScript.js c:\program files\Web Assistant\resources\localscript.js c:\program files\Web Assistant\source.crx c:\program files\Web Assistant\unins000.dat c:\program files\Web Assistant\unins000.exe c:\programdata\boost_interprocess\20120802224023.125600 c:\programdata\boost_interprocess\20120802224023.125600\Nobu64AgentService c:\programdata\boost_interprocess\20120802224023.125600\Nobu64TrayIcon . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_Web Assistant Updater . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-02 to 2012-08-02 )))))))))))))))))))))))))))))) . . 2012-08-02 20:51 . 2012-08-02 20:51 -------- d-----w- c:\users\Werner\AppData\Local\temp 2012-08-02 20:51 . 2012-08-02 20:51 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-08-02 20:51 . 2012-08-02 20:51 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-10 22:16 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-10 21:05 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-07-10 21:05 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-07-10 21:05 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-07-10 21:05 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-07-10 21:05 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll 2012-07-10 21:05 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll 2012-07-10 21:05 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-07-10 21:05 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-07-10 21:05 . 2012-06-02 05:48 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-07-10 21:05 . 2012-06-02 05:45 340992 ----a-w- c:\windows\system32\schannel.dll 2012-07-10 21:05 . 2012-06-02 05:44 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-10 21:05 . 2012-06-02 04:39 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-07-08 11:08 . 2012-07-08 11:08 -------- d-----w- c:\program files (x86)\Gamers Unite! Snag Bar 2012-07-04 17:33 . 2012-07-04 17:33 -------- d-----w- c:\users\Yvonne\AppData\Roaming\ICQ 2012-07-04 15:18 . 2012-07-04 15:18 -------- d-----w- c:\users\Yvonne\AppData\Roaming\Windows Desktop Search 2012-07-04 14:46 . 2012-07-04 15:34 -------- d-----w- c:\users\Yvonne\AppData\Roaming\Media Player Classic 2012-07-04 11:34 . 2012-07-04 11:34 -------- d-----w- c:\users\Yvonne\AppData\Roaming\Microsoft Corporation 2012-07-04 11:18 . 2012-07-04 14:30 -------- d-----w- c:\users\Yvonne\AppData\Roaming\vlc 2012-07-04 10:26 . 2012-07-04 17:17 -------- d-----w- c:\users\Yvonne\AppData\Roaming\Google Inc 2012-07-04 10:26 . 2012-07-04 10:26 -------- d-----w- c:\users\Yvonne\AppData\Roaming\TeamViewer . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-10 22:12 . 2011-05-23 07:31 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll 2012-06-02 22:19 . 2012-06-21 15:01 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 15:01 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-21 15:01 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 15:01 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 15:01 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-21 15:01 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-21 15:01 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 15:01 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-21 15:01 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-09 01:19 . 2012-05-09 01:19 0 ----a-w- c:\windows\SysWow64\shoB9BF.tmp . . ((((((((((((((((((((((((((((( SnapShot_2012-08-02_04.35.55 ))))))))))))))))))))))))))))))))))))))))) . + 2012-08-02 20:52 . 2012-08-02 20:52 12411 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat - 2012-08-02 04:34 . 2012-08-02 04:34 12411 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat - 2009-07-14 04:54 . 2012-08-01 14:52 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-08-02 20:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-08-01 14:52 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-08-02 20:40 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-08-02 20:40 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-08-01 14:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-05-21 05:15 . 2012-08-02 20:42 56764 c:\windows\system64\wdi\ShutdownPerformanceDiagnostics_SystemData.bin - 2011-05-21 05:15 . 2012-08-02 04:37 56764 c:\windows\system64\wdi\ShutdownPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2012-08-02 04:37 39542 c:\windows\system64\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-08-02 20:42 39542 c:\windows\system64\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-05-20 18:49 . 2012-08-02 20:42 24650 c:\windows\system64\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2155248324-3539292037-1374523505-1000_UserData.bin + 2011-05-21 05:15 . 2012-08-02 20:42 56764 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-08-02 20:42 39542 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2012-08-02 04:17 39542 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-05-20 18:49 . 2012-08-02 20:42 24650 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2155248324-3539292037-1374523505-1000_UserData.bin + 2012-08-02 20:52 . 2012-08-02 20:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-08-02 04:35 . 2012-08-02 04:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-08-02 04:35 . 2012-08-02 04:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-08-02 20:52 . 2012-08-02 20:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-02-01 23:34 . 2012-08-02 04:19 701992 c:\windows\system64\perfh013.dat + 2011-02-01 23:34 . 2012-08-02 20:57 701992 c:\windows\system64\perfh013.dat + 2009-07-14 02:36 . 2012-08-02 20:57 616476 c:\windows\system64\perfh009.dat - 2009-07-14 02:36 . 2012-08-02 04:19 616476 c:\windows\system64\perfh009.dat + 2011-02-01 23:34 . 2012-08-02 20:57 133766 c:\windows\system64\perfc013.dat - 2011-02-01 23:34 . 2012-08-02 04:19 133766 c:\windows\system64\perfc013.dat - 2009-07-14 02:36 . 2012-08-02 04:19 106598 c:\windows\system64\perfc009.dat + 2009-07-14 02:36 . 2012-08-02 20:57 106598 c:\windows\system64\perfc009.dat + 2011-02-01 23:34 . 2012-08-02 20:57 701992 c:\windows\system32\perfh013.dat - 2011-02-01 23:34 . 2012-08-02 04:19 701992 c:\windows\system32\perfh013.dat + 2009-07-14 02:36 . 2012-08-02 20:57 616476 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2012-08-02 04:19 616476 c:\windows\system32\perfh009.dat - 2011-02-01 23:34 . 2012-08-02 04:19 133766 c:\windows\system32\perfc013.dat + 2011-02-01 23:34 . 2012-08-02 20:57 133766 c:\windows\system32\perfc013.dat - 2009-07-14 02:36 . 2012-08-02 04:19 106598 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2012-08-02 20:57 106598 c:\windows\system32\perfc009.dat - 2009-07-14 05:01 . 2012-08-02 04:34 395992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-08-02 20:52 395992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-05-20 22:06 . 2012-08-02 20:52 4087736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2155248324-3539292037-1374523505-1000-8192.dat - 2011-06-10 23:28 . 2012-08-02 03:03 3157972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2155248324-3539292037-1374523505-1000-12288.dat + 2011-06-10 23:28 . 2012-08-02 15:42 3157972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2155248324-3539292037-1374523505-1000-12288.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-04 12:34 2074208 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-06-04 2074208] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-08 98304] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-05-01 3151512] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-06 658424] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-11-01 593920] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-06-04 1107552] "HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960] . c:\users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 136176] R2 HitmanPro36CrusaderBoot;HitmanPro 3.6 Crusader (Boot);c:\program files\HitmanPro\HitmanPro.exe [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 136176] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-02 113120] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-21 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-08 203264] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-06-04 935008] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-08 7767552] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-08 279040] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-08-16 116240] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . Inhoud van de 'Gedeelde Taken' map . 2012-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 11:38] . 2012-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 11:38] . 2012-07-16 c:\windows\Tasks\HPCeeScheduleForYVONNE-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . 2012-07-28 c:\windows\Tasks\HPCeeScheduleForYvonne.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896] "combofix"="c:\combofix1\CF26738.3XE" [2010-11-20 345088] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to MP3 Converter - c:\users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.1.254 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll FF - ProfilePath - c:\users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . BHO-{336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\Web Assistant\Extension64.dll WebBrowser-{25515A79-C1C7-4B97-97F8-31A711694487} - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HitmanPro36CrusaderBoot] "ImagePath"="\"c:\program files\HitmanPro\HitmanPro.exe\" /crusader:boot" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8, 89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8, 7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de "{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4, 91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27 "{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}"=hex:51,66,7a,6c,4c,1d,38,12,81,2d,20, 35,ad,85,e1,00,d0,fd,90,4e,9f,38,f2,ae "{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1, 38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4 "{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39, 64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c "{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40, 69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18 "{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac, 6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96, 76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd, d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47, 2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85 "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16, fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17 "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9, b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b "{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,6b,7c, 1a,82,e9,65,3d,9d,e9,17,af,a2,b0,e5,ab . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:c0,1e,2d,53,55,1d,cd,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\SysWOW64\ezSharedSvcHost.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe . ************************************************************************** . Voltooingstijd: 2012-08-02 23:27:33 - machine werd herstart ComboFix-quarantined-files.txt 2012-08-02 21:27 ComboFix2.txt 2012-08-02 04:40 ComboFix3.txt 2012-07-02 18:13 ComboFix4.txt 2012-03-02 16:18 . Pre-Run: 912.595.025.920 bytes beschikbaar Post-Run: 912.299.237.376 bytes beschikbaar . - - End Of File - - CD98BECE3322F91E73292C177AFC89A0
  7. Yvontje82
    ComboFix 12-07-31.03 - Yvonne 02-08-2012 6:28.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2884 [GMT 2:00] Gestart vanuit: c:\users\Yvonne\Desktop\ComboFix1.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\boost_interprocess\20120802061426.125600 c:\programdata\boost_interprocess\20120802061426.125600\Nobu64AgentService c:\programdata\boost_interprocess\20120802061426.125600\Nobu64TrayIcon c:\programdata\wiapzgmykxiykzx c:\users\Yvonne\AppData\Roaming\Help\coredb\storage . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-02 to 2012-08-02 )))))))))))))))))))))))))))))) . . 2012-08-02 04:34 . 2012-08-02 04:34 -------- d-----w- c:\users\Werner\AppData\Local\temp 2012-08-02 04:34 . 2012-08-02 04:34 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-08-02 04:34 . 2012-08-02 04:34 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-10 22:16 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-10 21:05 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-07-10 21:05 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-07-10 21:05 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-07-10 21:05 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-07-10 21:05 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll 2012-07-10 21:05 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll 2012-07-10 21:05 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-07-10 21:05 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-07-10 21:05 . 2012-06-02 05:48 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-07-10 21:05 . 2012-06-02 05:45 340992 ----a-w- c:\windows\system32\schannel.dll 2012-07-10 21:05 . 2012-06-02 05:44 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-10 21:05 . 2012-06-02 04:39 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-07-08 11:08 . 2012-07-08 11:08 -------- d-----w- c:\program files (x86)\Gamers Unite! Snag Bar 2012-07-04 17:33 . 2012-07-04 17:33 -------- d-----w- c:\users\Yvonne\AppData\Roaming\ICQ 2012-07-04 15:18 . 2012-07-04 15:18 -------- d-----w- c:\users\Yvonne\AppData\Roaming\Windows Desktop Search 2012-07-04 14:46 . 2012-07-04 15:34 -------- d-----w- c:\users\Yvonne\AppData\Roaming\Media Player Classic 2012-07-04 11:34 . 2012-07-04 11:34 -------- d-----w- c:\users\Yvonne\AppData\Roaming\Microsoft Corporation 2012-07-04 11:18 . 2012-07-04 14:30 -------- d-----w- c:\users\Yvonne\AppData\Roaming\vlc 2012-07-04 10:26 . 2012-07-04 17:17 -------- d-----w- c:\users\Yvonne\AppData\Roaming\Google Inc 2012-07-04 10:26 . 2012-07-04 10:26 -------- d-----w- c:\users\Yvonne\AppData\Roaming\TeamViewer . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-10 22:12 . 2011-05-23 07:31 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll 2012-06-02 22:19 . 2012-06-21 15:01 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 15:01 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-21 15:01 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 15:01 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 15:01 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-21 15:01 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-21 15:01 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 15:01 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-21 15:01 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-09 01:19 . 2012-05-09 01:19 0 ----a-w- c:\windows\SysWow64\shoB9BF.tmp 2012-05-04 11:06 . 2012-06-13 06:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:03 . 2012-06-13 06:06 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03 . 2012-06-13 06:06 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe . . ((((((((((((((((((((((((((((( SnapShot_2012-07-02_18.09.38 ))))))))))))))))))))))))))))))))))))))))) . - 2012-01-31 03:04 . 2011-11-17 05:28 96768 c:\windows\SysWOW64\sspicli.dll + 2012-07-10 21:04 . 2012-06-02 04:34 96768 c:\windows\SysWOW64\sspicli.dll + 2012-07-10 21:04 . 2012-06-02 04:40 22016 c:\windows\SysWOW64\secur32.dll - 2012-01-31 03:04 . 2011-11-17 05:34 22016 c:\windows\SysWOW64\secur32.dll + 2012-07-10 22:11 . 2012-06-02 08:17 73216 c:\windows\SysWOW64\mshtmled.dll - 2012-06-13 14:57 . 2012-05-17 22:25 73216 c:\windows\SysWOW64\mshtmled.dll - 2012-06-13 14:57 . 2012-05-17 22:31 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll + 2012-07-10 22:11 . 2012-06-02 08:22 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll - 2012-06-13 14:57 . 2012-05-17 22:31 65024 c:\windows\SysWOW64\jsproxy.dll + 2012-07-10 22:11 . 2012-06-02 08:21 65024 c:\windows\SysWOW64\jsproxy.dll + 2012-08-02 04:34 . 2012-08-02 04:34 12411 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat - 2012-07-02 18:08 . 2012-07-02 18:08 12411 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat - 2009-07-14 04:54 . 2012-07-01 20:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-08-01 14:52 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-08-01 14:52 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-07-01 20:40 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-08-01 14:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-07-01 20:40 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-05-21 05:15 . 2012-08-02 04:37 56764 c:\windows\system64\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-08-02 04:37 39542 c:\windows\system64\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-05-20 18:49 . 2012-08-02 04:37 24618 c:\windows\system64\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2155248324-3539292037-1374523505-1000_UserData.bin - 2012-06-13 14:57 . 2012-05-18 01:51 96768 c:\windows\system64\mshtmled.dll + 2012-07-10 22:11 . 2012-06-02 11:57 96768 c:\windows\system64\mshtmled.dll - 2012-06-13 14:57 . 2012-05-18 01:56 86528 c:\windows\system64\migration\WininetPlugin.dll + 2012-07-10 22:11 . 2012-06-02 12:03 86528 c:\windows\system64\migration\WininetPlugin.dll - 2012-06-13 14:57 . 2012-05-18 01:56 85504 c:\windows\system64\jsproxy.dll + 2012-07-10 22:11 . 2012-06-02 12:03 85504 c:\windows\system64\jsproxy.dll + 2012-07-10 21:04 . 2012-06-02 05:48 95600 c:\windows\system64\drivers\ksecdd.sys - 2012-01-31 03:04 . 2011-11-17 06:49 95600 c:\windows\system64\drivers\ksecdd.sys - 2011-05-21 03:44 . 2012-06-30 18:34 16384 c:\windows\system64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-05-21 03:44 . 2012-08-02 04:25 16384 c:\windows\system64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-05-21 03:44 . 2012-06-30 18:34 32768 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-05-21 03:44 . 2012-08-02 04:25 32768 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-06-30 18:34 16384 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-08-02 04:25 16384 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-05-21 05:15 . 2012-08-02 04:17 56342 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-08-02 04:17 39542 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-05-20 18:49 . 2012-08-02 04:17 24378 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2155248324-3539292037-1374523505-1000_UserData.bin - 2012-06-13 14:57 . 2012-05-18 01:51 96768 c:\windows\system32\mshtmled.dll + 2012-07-10 22:11 . 2012-06-02 11:57 96768 c:\windows\system32\mshtmled.dll - 2012-06-13 14:57 . 2012-05-18 01:56 86528 c:\windows\system32\migration\WininetPlugin.dll + 2012-07-10 22:11 . 2012-06-02 12:03 86528 c:\windows\system32\migration\WininetPlugin.dll - 2012-06-13 14:57 . 2012-05-18 01:56 85504 c:\windows\system32\jsproxy.dll + 2012-07-10 22:11 . 2012-06-02 12:03 85504 c:\windows\system32\jsproxy.dll - 2012-01-31 03:04 . 2011-11-17 06:49 95600 c:\windows\system32\drivers\ksecdd.sys + 2012-07-10 21:04 . 2012-06-02 05:48 95600 c:\windows\system32\drivers\ksecdd.sys - 2011-05-21 03:44 . 2012-06-30 18:34 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-05-21 03:44 . 2012-08-02 04:25 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-05-21 03:44 . 2012-06-30 18:34 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-05-21 03:44 . 2012-08-02 04:25 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-06-30 18:34 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-08-02 04:25 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:46 . 2012-06-30 18:26 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2009-07-14 04:46 . 2012-07-16 20:16 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2011-05-20 18:56 . 2012-03-29 02:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-05-20 18:56 . 2012-07-12 04:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-07-20 00:58 . 2012-07-20 00:58 25600 c:\windows\Installer\b6993.msi + 2011-08-28 13:42 . 2012-07-10 22:16 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2011-08-28 13:42 . 2012-06-13 15:07 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2011-08-28 13:42 . 2012-06-13 15:07 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2011-08-28 13:42 . 2012-07-10 22:16 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2011-08-28 13:42 . 2012-06-13 15:07 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2011-08-28 13:42 . 2012-07-10 22:16 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2011-07-20 05:28 . 2011-07-20 05:28 54104 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\SCANOST.EXE + 2011-07-20 05:28 . 2011-07-20 05:28 75624 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\RM.DLL + 2011-07-20 05:28 . 2011-07-20 05:28 38248 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\RECALL.DLL + 2011-05-26 19:18 . 2011-05-26 19:18 52088 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OUTLVBA.DLL + 2011-07-20 05:28 . 2011-07-20 05:28 34208 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\DUMPSTER.DLL + 2011-07-20 05:28 . 2011-07-20 05:28 87408 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\DLGSETP.DLL - 2009-07-14 00:41 . 2009-07-14 01:30 2048 c:\windows\system64\msxml3r.dll + 2012-07-10 21:05 . 2010-06-26 03:55 2048 c:\windows\system64\msxml3r.dll + 2012-08-02 04:35 . 2012-08-02 04:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-02 18:09 . 2012-07-02 18:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-02 18:09 . 2012-07-02 18:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-08-02 04:35 . 2012-08-02 04:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-07-10 22:11 . 2012-06-02 08:23 231936 c:\windows\SysWOW64\url.dll - 2012-06-13 14:57 . 2012-05-17 22:33 231936 c:\windows\SysWOW64\url.dll + 2012-07-10 21:04 . 2012-06-02 04:40 225280 c:\windows\SysWOW64\schannel.dll - 2012-06-13 14:57 . 2012-05-17 22:29 716800 c:\windows\SysWOW64\jscript.dll + 2012-07-10 22:11 . 2012-06-02 08:19 716800 c:\windows\SysWOW64\jscript.dll + 2012-07-10 22:11 . 2012-06-02 08:20 142848 c:\windows\SysWOW64\ieUnatt.exe - 2012-06-13 14:57 . 2012-05-17 22:29 142848 c:\windows\SysWOW64\ieUnatt.exe + 2012-07-10 22:11 . 2012-06-02 08:14 176640 c:\windows\SysWOW64\ieui.dll - 2012-06-13 14:57 . 2012-05-17 22:20 176640 c:\windows\SysWOW64\ieui.dll + 2012-07-10 21:04 . 2012-06-06 05:03 805376 c:\windows\SysWOW64\cdosys.dll - 2011-06-06 23:35 . 2010-11-20 12:18 805376 c:\windows\SysWOW64\cdosys.dll + 2011-05-21 20:57 . 2012-08-01 12:44 264214 c:\windows\system64\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin + 2012-07-10 22:11 . 2012-06-02 12:04 237056 c:\windows\system64\url.dll - 2012-06-13 14:57 . 2012-05-18 01:58 237056 c:\windows\system64\url.dll + 2012-07-10 21:05 . 2012-06-02 05:45 340992 c:\windows\system64\schannel.dll - 2012-01-31 03:04 . 2011-11-17 06:35 340992 c:\windows\system64\schannel.dll + 2011-02-01 23:34 . 2012-08-02 04:19 701992 c:\windows\system64\perfh013.dat - 2011-02-01 23:34 . 2012-07-02 16:42 701992 c:\windows\system64\perfh013.dat + 2009-07-14 02:36 . 2012-08-02 04:19 616476 c:\windows\system64\perfh009.dat - 2009-07-14 02:36 . 2012-07-02 16:42 616476 c:\windows\system64\perfh009.dat - 2011-02-01 23:34 . 2012-07-02 16:42 133766 c:\windows\system64\perfc013.dat + 2011-02-01 23:34 . 2012-08-02 04:19 133766 c:\windows\system64\perfc013.dat - 2009-07-14 02:36 . 2012-07-02 16:42 106598 c:\windows\system64\perfc009.dat + 2009-07-14 02:36 . 2012-08-02 04:19 106598 c:\windows\system64\perfc009.dat - 2009-07-13 23:49 . 2009-07-14 01:41 307200 c:\windows\system64\ncrypt.dll + 2012-07-10 21:05 . 2012-06-02 05:44 307200 c:\windows\system64\ncrypt.dll + 2012-07-10 22:11 . 2012-06-02 12:00 818688 c:\windows\system64\jscript.dll - 2012-06-13 14:57 . 2012-05-18 01:55 818688 c:\windows\system64\jscript.dll + 2012-07-10 22:11 . 2012-06-02 12:01 173056 c:\windows\system64\ieUnatt.exe - 2012-06-13 14:57 . 2012-05-18 01:55 173056 c:\windows\system64\ieUnatt.exe + 2012-07-10 22:11 . 2012-06-02 11:54 248320 c:\windows\system64\ieui.dll - 2012-06-13 14:57 . 2012-05-18 01:47 248320 c:\windows\system64\ieui.dll - 2009-07-14 04:45 . 2012-06-13 22:26 424424 c:\windows\system64\FNTCACHE.DAT + 2009-07-14 04:45 . 2012-07-11 03:48 424424 c:\windows\system64\FNTCACHE.DAT + 2012-07-10 21:05 . 2012-06-02 05:48 151920 c:\windows\system64\drivers\ksecpkg.sys + 2012-07-10 21:05 . 2012-06-02 05:50 458704 c:\windows\system64\drivers\cng.sys + 2011-05-21 20:57 . 2012-08-01 12:44 264214 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin - 2012-06-13 14:57 . 2012-05-18 01:58 237056 c:\windows\system32\url.dll + 2012-07-10 22:11 . 2012-06-02 12:04 237056 c:\windows\system32\url.dll - 2011-02-01 23:34 . 2012-07-02 16:42 701992 c:\windows\system32\perfh013.dat + 2011-02-01 23:34 . 2012-08-02 04:19 701992 c:\windows\system32\perfh013.dat - 2009-07-14 02:36 . 2012-07-02 16:42 616476 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-08-02 04:19 616476 c:\windows\system32\perfh009.dat + 2011-02-01 23:34 . 2012-08-02 04:19 133766 c:\windows\system32\perfc013.dat - 2011-02-01 23:34 . 2012-07-02 16:42 133766 c:\windows\system32\perfc013.dat + 2009-07-14 02:36 . 2012-08-02 04:19 106598 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-07-02 16:42 106598 c:\windows\system32\perfc009.dat + 2012-07-10 22:11 . 2012-06-02 12:00 818688 c:\windows\system32\jscript.dll - 2012-06-13 14:57 . 2012-05-18 01:55 818688 c:\windows\system32\jscript.dll + 2012-07-10 22:11 . 2012-06-02 12:01 173056 c:\windows\system32\ieUnatt.exe - 2012-06-13 14:57 . 2012-05-18 01:55 173056 c:\windows\system32\ieUnatt.exe + 2012-07-10 22:11 . 2012-06-02 11:54 248320 c:\windows\system32\ieui.dll - 2012-06-13 14:57 . 2012-05-18 01:47 248320 c:\windows\system32\ieui.dll - 2009-07-14 04:45 . 2012-06-13 22:26 424424 c:\windows\system32\FNTCACHE.DAT + 2009-07-14 04:45 . 2012-07-11 03:48 424424 c:\windows\system32\FNTCACHE.DAT - 2009-07-14 05:01 . 2012-07-02 18:08 395992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-08-02 04:34 395992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-08-28 13:42 . 2012-06-13 15:07 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2011-08-28 13:42 . 2012-07-10 22:16 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2011-08-28 13:42 . 2012-07-10 22:16 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2011-08-28 13:42 . 2012-06-13 15:07 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2011-08-28 13:42 . 2012-07-10 22:16 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2011-08-28 13:42 . 2012-06-13 15:07 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2011-08-28 13:42 . 2012-06-13 15:07 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2011-08-28 13:42 . 2012-07-10 22:16 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2011-08-28 13:42 . 2012-07-10 22:16 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2011-08-28 13:42 . 2012-06-13 15:07 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2011-08-28 13:42 . 2012-07-10 22:16 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2011-08-28 13:42 . 2012-06-13 15:07 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2011-08-28 13:42 . 2012-07-10 22:16 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2011-08-28 13:42 . 2012-06-13 15:07 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2011-07-20 05:28 . 2011-07-20 05:28 282032 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\SCNPST64.DLL + 2011-07-20 05:28 . 2011-07-20 05:28 273832 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\SCNPST32.DLL + 2011-07-27 03:55 . 2011-07-27 03:55 410992 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\RTFHTML.DLL + 2011-07-20 06:06 . 2011-07-20 06:06 770480 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\REGFORM.EXE + 2011-07-20 05:28 . 2011-07-20 05:28 421736 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\PSTPRX32.DLL + 2011-05-31 15:15 . 2011-05-31 15:15 177040 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OUTLPH.DLL + 2011-07-27 03:55 . 2011-07-27 03:55 596888 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OUTLMIME.DLL + 2011-05-26 19:18 . 2011-05-26 19:18 136536 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OUTLCTL.DLL + 2011-07-27 05:03 . 2011-07-27 05:03 194448 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OMSXP32.DLL + 2011-07-27 05:03 . 2011-07-27 05:03 661888 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OMSMAIN.DLL + 2011-07-20 05:28 . 2011-07-20 05:28 253824 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OLKFSTUB.DLL + 2011-07-20 05:28 . 2011-07-20 05:28 340320 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\MIMEDIR.DLL + 2012-03-07 02:03 . 2012-03-07 02:03 117160 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\IPOMINT.DLL + 2011-07-20 06:06 . 2011-07-20 06:06 176024 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\IPOLK.DLL + 2011-07-20 05:28 . 2011-07-20 05:28 138088 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\IMPMAIL.DLL + 2009-02-26 11:09 . 2009-02-26 11:09 154000 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\ENVELOPE.DLL + 2011-05-26 19:18 . 2011-05-26 19:18 115584 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\EMABLT32.DLL + 2011-07-27 03:55 . 2011-07-27 03:55 128376 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\CONTAB32.DLL + 2012-07-10 22:12 . 2012-07-10 22:12 117160 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll - 2012-03-07 02:03 . 2012-03-07 02:03 117160 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll + 2012-07-10 22:11 . 2012-06-02 08:25 1129472 c:\windows\SysWOW64\wininet.dll - 2012-06-13 14:57 . 2012-05-17 22:35 1129472 c:\windows\SysWOW64\wininet.dll + 2012-07-10 22:11 . 2012-06-02 08:26 1103872 c:\windows\SysWOW64\urlmon.dll - 2012-06-13 14:57 . 2012-05-17 22:36 1103872 c:\windows\SysWOW64\urlmon.dll + 2012-07-10 22:11 . 2012-06-02 08:33 1800192 c:\windows\SysWOW64\jscript9.dll - 2012-06-13 14:57 . 2012-05-17 22:45 1800192 c:\windows\SysWOW64\jscript9.dll + 2012-07-10 22:11 . 2012-06-02 08:19 1793024 c:\windows\SysWOW64\iertutil.dll - 2012-06-13 14:57 . 2012-05-17 22:27 1793024 c:\windows\SysWOW64\iertutil.dll - 2012-06-13 14:57 . 2012-05-17 22:48 9737728 c:\windows\SysWOW64\ieframe.dll + 2012-07-10 22:11 . 2012-06-02 08:43 9737728 c:\windows\SysWOW64\ieframe.dll + 2012-07-10 22:11 . 2012-06-02 12:05 1392128 c:\windows\system64\wininet.dll - 2012-06-13 14:57 . 2012-05-18 01:59 1392128 c:\windows\system64\wininet.dll + 2012-07-10 22:16 . 2012-06-12 03:08 3148800 c:\windows\system64\win32k.sys - 2012-06-13 14:57 . 2012-05-18 01:59 1346048 c:\windows\system64\urlmon.dll + 2012-07-10 22:11 . 2012-06-02 12:05 1346048 c:\windows\system64\urlmon.dll + 2012-07-10 21:05 . 2012-06-06 06:06 2004480 c:\windows\system64\msxml6.dll - 2011-06-06 23:35 . 2010-11-20 13:27 2004480 c:\windows\system64\msxml6.dll + 2012-07-10 21:05 . 2012-06-06 06:06 1881600 c:\windows\system64\msxml3.dll - 2012-06-13 14:57 . 2012-05-18 02:06 2311680 c:\windows\system64\jscript9.dll + 2012-07-10 22:11 . 2012-06-02 12:12 2311680 c:\windows\system64\jscript9.dll - 2012-06-13 14:57 . 2012-05-18 01:54 2144768 c:\windows\system64\iertutil.dll + 2012-07-10 22:11 . 2012-06-02 11:59 2144768 c:\windows\system64\iertutil.dll - 2011-06-06 23:35 . 2010-11-20 13:25 1133568 c:\windows\system64\cdosys.dll + 2012-07-10 21:04 . 2012-06-06 06:02 1133568 c:\windows\system64\cdosys.dll + 2012-07-10 22:11 . 2012-06-02 12:05 1392128 c:\windows\system32\wininet.dll - 2012-06-13 14:57 . 2012-05-18 01:59 1392128 c:\windows\system32\wininet.dll - 2012-06-13 14:57 . 2012-05-18 01:59 1346048 c:\windows\system32\urlmon.dll + 2012-07-10 22:11 . 2012-06-02 12:05 1346048 c:\windows\system32\urlmon.dll + 2012-07-10 22:11 . 2012-06-02 12:12 2311680 c:\windows\system32\jscript9.dll - 2012-06-13 14:57 . 2012-05-18 02:06 2311680 c:\windows\system32\jscript9.dll + 2012-07-10 22:11 . 2012-06-02 11:59 2144768 c:\windows\system32\iertutil.dll - 2012-06-13 14:57 . 2012-05-18 01:54 2144768 c:\windows\system32\iertutil.dll + 2012-07-10 21:04 . 2012-06-06 06:02 1133568 c:\windows\system32\cdosys.dll - 2011-06-06 23:35 . 2010-11-20 13:25 1133568 c:\windows\system32\cdosys.dll - 2009-07-14 04:45 . 2012-06-23 10:02 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2009-07-14 04:45 . 2012-07-11 03:51 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2011-05-20 18:46 . 2012-06-30 18:57 1752696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2011-05-20 18:46 . 2012-07-28 10:39 1752696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2011-05-20 22:06 . 2012-08-02 04:34 1606716 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2155248324-3539292037-1374523505-1000-8192.dat + 2011-06-10 23:28 . 2012-08-02 03:03 3157972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2155248324-3539292037-1374523505-1000-12288.dat + 2012-05-30 05:19 . 2012-05-30 05:19 1732608 c:\windows\Installer\b84bf6.msp + 2012-06-25 15:02 . 2012-06-25 15:02 2460672 c:\windows\Installer\b84bec.msi + 2012-06-19 10:54 . 2012-06-19 10:54 2239488 c:\windows\Installer\b84be3.msp + 2012-06-19 10:54 . 2012-06-19 10:54 5009920 c:\windows\Installer\b84bcb.msp + 2012-04-04 20:37 . 2012-04-04 20:37 2540544 c:\windows\Installer\b84bb3.msp + 2012-04-04 20:37 . 2012-04-04 20:37 3149824 c:\windows\Installer\b84b8d.msp + 2012-07-16 20:18 . 2012-07-16 20:18 8452608 c:\windows\Installer\66da8.msi + 2011-08-28 13:42 . 2012-07-10 22:16 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - 2011-08-28 13:42 . 2012-06-13 15:07 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2011-08-28 13:42 . 2012-07-10 22:16 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2011-08-28 13:42 . 2012-06-13 15:07 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2011-07-27 03:55 . 2011-07-27 03:55 3004800 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OLMAPI32.DLL + 2011-07-27 04:09 . 2011-07-27 04:09 5310848 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\IPEDITOR.DLL + 2011-07-27 04:09 . 2011-07-27 04:09 5484416 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\IPDESIGN.DLL + 2011-07-27 04:09 . 2011-07-27 04:09 1460088 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\INFOPATH.EXE + 2012-07-10 21:05 . 2012-06-09 04:41 12873728 c:\windows\SysWOW64\shell32.dll - 2012-06-13 14:57 . 2012-05-17 23:11 12314624 c:\windows\SysWOW64\mshtml.dll + 2012-07-10 22:11 . 2012-06-02 09:07 12314624 c:\windows\SysWOW64\mshtml.dll + 2009-07-14 02:34 . 2012-07-11 03:47 11010048 c:\windows\system64\SMI\Store\Machine\SCHEMA.DAT + 2012-07-10 21:05 . 2012-06-09 05:43 14172672 c:\windows\system64\shell32.dll - 2012-02-16 19:44 . 2012-01-04 10:44 14172672 c:\windows\system64\shell32.dll - 2012-06-13 14:57 . 2012-05-18 02:47 17807360 c:\windows\system64\mshtml.dll + 2012-07-10 22:11 . 2012-06-02 12:49 17807360 c:\windows\system64\mshtml.dll + 2011-05-23 07:31 . 2012-07-10 22:12 59701280 c:\windows\system64\MRT.exe - 2012-06-13 14:57 . 2012-05-18 02:16 10924032 c:\windows\system64\ieframe.dll + 2012-07-10 22:11 . 2012-06-02 12:17 10924032 c:\windows\system64\ieframe.dll + 2009-07-14 02:34 . 2012-07-11 03:47 11010048 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2012-07-10 22:11 . 2012-06-02 12:49 17807360 c:\windows\system32\mshtml.dll - 2012-06-13 14:57 . 2012-05-18 02:47 17807360 c:\windows\system32\mshtml.dll - 2012-06-13 14:57 . 2012-05-18 02:16 10924032 c:\windows\system32\ieframe.dll + 2012-07-10 22:11 . 2012-06-02 12:17 10924032 c:\windows\system32\ieframe.dll + 2012-05-30 05:18 . 2012-05-30 05:18 11885056 c:\windows\Installer\b84c27.msp + 2011-08-03 17:18 . 2011-08-03 17:18 12997488 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OUTLOOK.EXE . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-04 12:34 2074208 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-06-04 2074208] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-08 98304] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-05-01 3151512] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-06 658424] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-11-01 593920] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-06-04 1107552] "HF_G_Jul"="c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960] . c:\users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 136176] R2 HitmanPro36CrusaderBoot;HitmanPro 3.6 Crusader (Boot);c:\program files\HitmanPro\HitmanPro.exe [x] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 136176] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-02 113120] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-21 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-08 203264] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-06-04 935008] S2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-05-08 185856] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-08 7767552] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-08 279040] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-08-16 116240] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . Inhoud van de 'Gedeelde Taken' map . 2012-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 11:38] . 2012-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 11:38] . 2012-07-16 c:\windows\Tasks\HPCeeScheduleForYVONNE-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . 2012-07-28 c:\windows\Tasks\HPCeeScheduleForYvonne.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}] 2012-05-08 13:15 201728 ----a-w- c:\program files\Web Assistant\Extension64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to MP3 Converter - c:\users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.1.254 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll FF - ProfilePath - c:\users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{25515A79-C1C7-4B97-97F8-31A711694487} - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HitmanPro36CrusaderBoot] "ImagePath"="\"c:\program files\HitmanPro\HitmanPro.exe\" /crusader:boot" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8, 89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8, 7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de "{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4, 91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27 "{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}"=hex:51,66,7a,6c,4c,1d,38,12,81,2d,20, 35,ad,85,e1,00,d0,fd,90,4e,9f,38,f2,ae "{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1, 38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4 "{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39, 64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c "{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40, 69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18 "{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac, 6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96, 76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd, d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47, 2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85 "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16, fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17 "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9, b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b "{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,6b,7c, 1a,82,e9,65,3d,9d,e9,17,af,a2,b0,e5,ab . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:c0,1e,2d,53,55,1d,cd,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\SysWOW64\ezSharedSvcHost.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe . ************************************************************************** . Voltooingstijd: 2012-08-02 06:40:05 - machine werd herstart ComboFix-quarantined-files.txt 2012-08-02 04:40 ComboFix2.txt 2012-07-02 18:13 ComboFix3.txt 2012-03-02 16:18 . Pre-Run: 913.367.568.384 bytes beschikbaar Post-Run: 913.034.825.728 bytes beschikbaar . - - End Of File - - 30227979F75C010512D60F239BE5C5D0
  8. Yvontje82
    Zo hierbij het logje. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:26:12, on 1-8-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\HJT\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro 3.6 Crusader (Boot) (HitmanPro36CrusaderBoot) - Unknown owner - C:\Program Files\HitmanPro\HitmanPro.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11779 bytes
  9. Yvontje82
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:46:17, on 31-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Safe mode Running processes: C:\HJT\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro 3.6 Crusader (Boot) (HitmanPro36CrusaderBoot) - Unknown owner - C:\Program Files\HitmanPro\HitmanPro.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11312 bytes Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.06.21.10 Windows 7 Service Pack 1 x64 NTFS (Veilige modus) Internet Explorer 9.0.8112.16421 Yvonne :: YVONNE-HP [administrator] 31-7-2012 21:46:28 mbam-log-2012-07-31 (21-46-28).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 230833 Verstreken tijd: 5 minuut/minuten, 22 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Users\Yvonne\0.3501714381902584.exe (Trojan.Agent.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  10. Yvontje82
    Beste, Ik heb alweer last van een UKASH virus of trojan. De laatste keer was dit in mei 2012. Hieronder heb ik vast een MBAM en HJT logje geplaatst. Groetjes Yvonne Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.06.21.10 Windows 7 Service Pack 1 x64 FAT (Veilige modus) Internet Explorer 9.0.8112.16421 Yvonne :: YVONNE-HP [administrator] 31-7-2012 20:48:51 mbam-log-2012-07-31 (21-10-40).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 230843 Verstreken tijd: 5 minuut/minuten, 34 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Users\Yvonne\0.3501714381902584.exe (Trojan.Agent.Gen) -> Geen actie ondernomen. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:12:03, on 31-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Safe mode Running processes: C:\HJT\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R3 - URLSearchHook: FCToolbarURLSearchHook Class - {b843a48a-b70f-45cd-a15a-6c2b30c2c11e} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Helper.dll R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: FCTBPos00Pos - {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O3 - Toolbar: Gamers Unite! Snag Bar - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction O4 - HKCU\..\Run: [upgrade] C:\Users\Yvonne\AppData\Roaming\Google Inc.\{FB263410-1DFF-4B4F-85CF-3D215C04B7C9}\Upgrade.exe O4 - HKCU\..\Run: [uzoqyoglslkyecu] C:\ProgramData\uzoqyogl.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro 3.6 Crusader (Boot) (HitmanPro36CrusaderBoot) - Unknown owner - C:\Program Files\HitmanPro\HitmanPro.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11961 bytes
  11. Yvontje82
    Beste, Ik heb wederom (laatste keer in mei 2012) last van een Ukash virus of trojan. Ik heb alvast een MBAM en Hijackthis gemaakt. Zie voor de logjes hieronder. Groetjes Yvonne Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.06.21.10 Windows 7 Service Pack 1 x64 FAT (Veilige modus) Internet Explorer 9.0.8112.16421 Yvonne :: YVONNE-HP [administrator] 31-7-2012 20:48:51 mbam-log-2012-07-31 (21-10-40).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 230843 Verstreken tijd: 5 minuut/minuten, 34 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Users\Yvonne\0.3501714381902584.exe (Trojan.Agent.Gen) -> Geen actie ondernomen. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:12:03, on 31-7-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Safe mode Running processes: C:\HJT\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R3 - URLSearchHook: FCToolbarURLSearchHook Class - {b843a48a-b70f-45cd-a15a-6c2b30c2c11e} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Helper.dll R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: FCTBPos00Pos - {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O3 - Toolbar: Gamers Unite! Snag Bar - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction O4 - HKCU\..\Run: [upgrade] C:\Users\Yvonne\AppData\Roaming\Google Inc.\{FB263410-1DFF-4B4F-85CF-3D215C04B7C9}\Upgrade.exe O4 - HKCU\..\Run: [uzoqyoglslkyecu] C:\ProgramData\uzoqyogl.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro 3.6 Crusader (Boot) (HitmanPro36CrusaderBoot) - Unknown owner - C:\Program Files\HitmanPro\HitmanPro.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11961 bytes
  12. Yvontje82
    Hoi hoi, Hier dan eindelijk mijn combofixlogje. Ben benieuwd of je nu nog iets bijzonders ziet.... ComboFix 12-07-02.01 - Yvonne 02-07-2012 20:02:57.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2840 [GMT 2:00] Gestart vanuit: c:\users\Yvonne\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\22cd857d c:\programdata\boost_interprocess\20120702183757.124601 c:\programdata\boost_interprocess\20120702183757.124601\Nobu64AgentService c:\programdata\boost_interprocess\20120702183757.124601\Nobu64TrayIcon c:\programdata\boost_interprocess\20120702183757.125600 c:\programdata\boost_interprocess\20120702183757.125600\Nobu64AgentService c:\programdata\boost_interprocess\20120702183757.125600\Nobu64TrayIcon c:\programdata\zgifhflkaupcbid c:\users\Yvonne\AppData\Roaming\e03b5f16 c:\users\Yvonne\AppData\Roaming\Ovyn c:\users\Yvonne\AppData\Roaming\Ovyn\yqfoz.fyb . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-02 to 2012-07-02 )))))))))))))))))))))))))))))) . . 2012-07-02 18:08 . 2012-07-02 18:08 -------- d-----w- c:\users\Werner\AppData\Local\temp 2012-07-02 18:08 . 2012-07-02 18:08 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-07-02 18:08 . 2012-07-02 18:08 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-28 21:24 . 2012-06-28 21:24 -------- d-----w- c:\programdata\Symantec 2012-06-28 21:14 . 2012-06-28 21:15 -------- d-----w- c:\users\Yvonne\AppData\Local\NPE 2012-06-28 21:11 . 2012-06-28 21:11 -------- d-s---w- c:\windows\SysWow64\Microsoft 2012-06-27 12:09 . 2012-06-27 12:09 -------- d-----w- c:\programdata\tmiygbotsgdxpyp 2012-06-21 15:01 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 15:01 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 15:01 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 15:01 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 15:01 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-21 15:01 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 15:01 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 15:01 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 15:01 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-15 01:15 . 2012-06-15 18:08 -------- d-----w- c:\users\Yvonne\AppData\Roaming\Dava 2012-06-15 01:15 . 2012-06-15 01:41 -------- d-----w- c:\users\Yvonne\AppData\Roaming\Opewn 2012-06-13 06:06 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-12 12:16 . 2012-06-28 21:18 -------- d-----w- c:\windows\system32\drivers\NISx64\1207020.003 2012-06-10 09:05 . 2012-06-10 09:05 447 ----a-w- C:\user.js 2012-06-10 09:05 . 2012-06-28 14:43 -------- d-----w- c:\program files\Web Assistant 2012-06-10 09:05 . 2012-06-10 09:05 -------- d-----w- c:\users\Yvonne\AppData\Local\Apple Computer 2012-06-10 09:05 . 2012-06-10 09:05 -------- d-----w- c:\users\Yvonne\AppData\Roaming\Apple Computer 2012-06-10 09:05 . 2012-06-10 09:05 -------- d-----w- c:\programdata\Apple Computer 2012-06-10 09:04 . 2012-06-10 09:04 -------- d-----w- c:\users\Yvonne\AppData\Local\Apple 2012-06-10 09:04 . 2012-06-10 09:04 -------- d-----w- c:\programdata\Apple . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-09 01:19 . 2012-05-09 01:19 0 ----a-w- c:\windows\SysWow64\shoB9BF.tmp 2012-04-19 02:50 . 2012-04-19 02:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys 2012-04-18 11:49 . 2012-05-27 08:01 405176 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll 2012-04-04 13:56 . 2012-01-05 20:50 24904 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-03-02_16.14.46 ))))))))))))))))))))))))))))))))))))))))) . + 2012-04-23 22:18 . 2007-04-04 16:53 81768 c:\windows\SysWOW64\xinput1_3.dll + 2012-04-23 22:17 . 2006-07-28 07:30 62744 c:\windows\SysWOW64\xinput1_2.dll + 2012-04-23 22:18 . 2010-06-02 02:55 74072 c:\windows\SysWOW64\XAPOFX1_5.dll + 2012-04-23 22:18 . 2010-02-04 08:01 74072 c:\windows\SysWOW64\XAPOFX1_4.dll + 2012-04-23 22:18 . 2008-10-27 08:04 70992 c:\windows\SysWOW64\XAPOFX1_2.dll + 2012-04-23 22:18 . 2008-07-31 08:41 68616 c:\windows\SysWOW64\XAPOFX1_1.dll + 2012-04-23 22:18 . 2008-05-30 12:17 65032 c:\windows\SysWOW64\XAPOFX1_0.dll + 2012-04-23 22:18 . 2010-02-04 08:01 22360 c:\windows\SysWOW64\X3DAudio1_7.dll + 2012-04-23 22:18 . 2009-03-16 12:18 22360 c:\windows\SysWOW64\X3DAudio1_6.dll + 2012-04-23 22:18 . 2008-10-27 08:04 23376 c:\windows\SysWOW64\X3DAudio1_5.dll + 2012-04-23 22:18 . 2008-05-30 12:17 25608 c:\windows\SysWOW64\X3DAudio1_4.dll + 2012-04-23 22:18 . 2008-03-05 14:00 25608 c:\windows\SysWOW64\X3DAudio1_3.dll + 2012-04-23 22:18 . 2007-10-22 01:37 17928 c:\windows\SysWOW64\X3DAudio1_2.dll + 2012-04-23 22:17 . 2007-03-05 10:42 15128 c:\windows\SysWOW64\x3daudio1_1.dll + 2012-06-13 14:57 . 2012-05-17 22:25 73216 c:\windows\SysWOW64\mshtmled.dll + 2012-06-13 14:57 . 2012-05-17 22:31 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll - 2012-02-17 00:22 . 2011-12-14 02:54 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll - 2012-02-17 00:22 . 2011-12-14 02:54 65024 c:\windows\SysWOW64\jsproxy.dll + 2012-06-13 14:57 . 2012-05-17 22:31 65024 c:\windows\SysWOW64\jsproxy.dll - 2012-03-02 16:13 . 2012-03-02 16:13 12411 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat + 2012-07-02 18:08 . 2012-07-02 18:08 12411 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat + 2012-04-18 11:20 . 2012-04-18 11:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\PrivacIE\index.dat - 2009-07-14 04:54 . 2012-02-28 14:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-07-01 20:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-07-01 20:40 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2012-04-18 11:21 . 2012-04-18 11:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012041820120419\index.dat + 2009-07-14 04:54 . 2012-07-01 20:40 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-02-28 14:47 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-04-18 11:20 . 2010-08-13 23:19 96008 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Toolbar\Applications\scextension.dll + 2012-04-18 11:20 . 2012-04-18 11:20 49120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT + 2012-04-18 11:21 . 2012-04-18 11:21 17407 c:\windows\SysWOW64\config\systemprofile\AppData\Local\dt.dat + 2012-04-23 22:17 . 2006-07-28 07:31 83736 c:\windows\system64\xinput1_2.dll + 2012-04-23 22:18 . 2010-06-02 02:55 77656 c:\windows\system64\XAPOFX1_5.dll + 2012-04-23 22:18 . 2010-02-04 08:01 78680 c:\windows\system64\XAPOFX1_4.dll + 2012-04-23 22:18 . 2009-09-04 15:44 73544 c:\windows\system64\XAPOFX1_3.dll + 2012-04-23 22:18 . 2008-10-27 08:04 74576 c:\windows\system64\XAPOFX1_2.dll + 2012-04-23 22:18 . 2008-07-31 08:41 72200 c:\windows\system64\XAPOFX1_1.dll + 2012-04-23 22:18 . 2008-05-30 12:17 68104 c:\windows\system64\XAPOFX1_0.dll + 2012-04-23 22:18 . 2010-02-04 08:01 24920 c:\windows\system64\X3DAudio1_7.dll + 2012-04-23 22:18 . 2009-03-16 12:18 24920 c:\windows\system64\X3DAudio1_6.dll + 2012-04-23 22:18 . 2008-10-27 08:04 25936 c:\windows\system64\X3DAudio1_5.dll + 2012-04-23 22:18 . 2008-05-30 12:16 28168 c:\windows\system64\X3DAudio1_4.dll + 2012-04-23 22:18 . 2008-03-05 14:00 28168 c:\windows\system64\X3DAudio1_3.dll + 2012-04-23 22:18 . 2007-10-22 01:37 21000 c:\windows\system64\X3DAudio1_2.dll + 2012-04-23 22:17 . 2007-03-05 10:42 17688 c:\windows\system64\x3daudio1_1.dll + 2012-06-21 15:01 . 2012-06-02 22:19 44056 c:\windows\system64\wups2.dll + 2012-06-21 15:01 . 2012-06-02 22:19 38424 c:\windows\system64\wups.dll + 2012-06-21 15:01 . 2012-06-02 22:15 99840 c:\windows\system64\wudriver.dll + 2012-06-21 15:01 . 2012-06-02 22:19 57880 c:\windows\system64\wuauclt.exe - 2011-06-06 23:34 . 2010-11-20 13:25 36864 c:\windows\system64\wuapp.exe + 2012-06-21 15:01 . 2012-06-02 13:15 36864 c:\windows\system64\wuapp.exe + 2011-05-21 05:15 . 2012-07-01 20:42 56164 c:\windows\system64\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-01 20:42 39510 c:\windows\system64\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-05-20 18:49 . 2012-07-01 20:42 23438 c:\windows\system64\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2155248324-3539292037-1374523505-1000_UserData.bin + 2011-08-28 13:42 . 2009-02-27 02:42 66440 c:\windows\system64\spool\drivers\x64\msonpui.dll + 2012-06-13 06:06 . 2012-04-26 05:41 77312 c:\windows\system64\rdpwsx.dll - 2011-06-06 23:35 . 2010-11-20 13:27 77312 c:\windows\system64\rdpwsx.dll + 2012-06-13 14:57 . 2012-05-18 01:51 96768 c:\windows\system64\mshtmled.dll + 2012-06-13 14:57 . 2012-05-18 01:56 86528 c:\windows\system64\migration\WininetPlugin.dll - 2012-02-17 00:22 . 2011-12-14 07:02 86528 c:\windows\system64\migration\WininetPlugin.dll - 2012-02-17 00:22 . 2011-12-14 07:01 85504 c:\windows\system64\jsproxy.dll + 2012-06-13 14:57 . 2012-05-18 01:56 85504 c:\windows\system64\jsproxy.dll + 2012-04-11 02:17 . 2012-03-01 06:33 81408 c:\windows\system64\imagehlp.dll - 2009-07-14 05:30 . 2011-12-29 12:50 86016 c:\windows\system64\DriverStore\infpub.dat + 2009-07-14 05:30 . 2012-04-25 19:54 86016 c:\windows\system64\DriverStore\infpub.dat + 2012-03-14 08:47 . 2012-02-17 04:57 23552 c:\windows\system64\drivers\tdtcp.sys - 2009-07-14 00:16 . 2009-07-14 00:16 23552 c:\windows\system64\drivers\tdtcp.sys + 2012-05-08 21:14 . 2012-03-17 07:58 75120 c:\windows\system64\drivers\partmgr.sys + 2012-01-05 20:50 . 2012-04-04 13:56 24904 c:\windows\system64\drivers\mbam.sys + 2012-04-11 02:17 . 2012-03-01 06:46 23408 c:\windows\system64\drivers\fs_rec.sys + 2012-01-31 02:46 . 2012-01-31 02:46 36944 c:\windows\system64\drivers\avgrkx64.sys + 2011-12-23 11:32 . 2011-12-23 11:32 47696 c:\windows\system64\drivers\avgmfx64.sys + 2012-04-19 02:50 . 2012-04-19 02:50 28480 c:\windows\system64\drivers\avgidsha.sys + 2011-12-23 11:32 . 2011-12-23 11:32 29776 c:\windows\system64\drivers\avgidsfiltera.sys - 2011-05-21 03:44 . 2012-03-01 17:48 16384 c:\windows\system64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-05-21 03:44 . 2012-06-30 18:34 16384 c:\windows\system64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-05-21 03:44 . 2012-06-30 18:34 32768 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-05-21 03:44 . 2012-03-01 17:48 32768 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-03-01 17:48 16384 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-06-30 18:34 16384 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-04-23 22:17 . 2006-07-28 07:31 83736 c:\windows\system32\xinput1_2.dll + 2012-04-23 22:18 . 2010-06-02 02:55 77656 c:\windows\system32\XAPOFX1_5.dll + 2012-04-23 22:18 . 2010-02-04 08:01 78680 c:\windows\system32\XAPOFX1_4.dll + 2012-04-23 22:18 . 2009-09-04 15:44 73544 c:\windows\system32\XAPOFX1_3.dll + 2012-04-23 22:18 . 2008-10-27 08:04 74576 c:\windows\system32\XAPOFX1_2.dll + 2012-04-23 22:18 . 2008-07-31 08:41 72200 c:\windows\system32\XAPOFX1_1.dll + 2012-04-23 22:18 . 2008-05-30 12:17 68104 c:\windows\system32\XAPOFX1_0.dll + 2012-04-23 22:18 . 2010-02-04 08:01 24920 c:\windows\system32\X3DAudio1_7.dll + 2012-04-23 22:18 . 2009-03-16 12:18 24920 c:\windows\system32\X3DAudio1_6.dll + 2012-04-23 22:18 . 2008-10-27 08:04 25936 c:\windows\system32\X3DAudio1_5.dll + 2012-04-23 22:18 . 2008-05-30 12:16 28168 c:\windows\system32\X3DAudio1_4.dll + 2012-04-23 22:18 . 2008-03-05 14:00 28168 c:\windows\system32\X3DAudio1_3.dll + 2012-04-23 22:18 . 2007-10-22 01:37 21000 c:\windows\system32\X3DAudio1_2.dll + 2012-04-23 22:17 . 2007-03-05 10:42 17688 c:\windows\system32\x3daudio1_1.dll + 2011-05-21 05:15 . 2012-07-01 20:42 56164 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-01 20:42 39510 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-05-20 18:49 . 2012-07-01 20:42 23438 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2155248324-3539292037-1374523505-1000_UserData.bin + 2011-08-28 13:42 . 2009-02-27 02:42 66440 c:\windows\system32\spool\drivers\x64\msonpui.dll - 2011-06-06 23:35 . 2010-11-20 13:27 77312 c:\windows\system32\rdpwsx.dll + 2012-06-13 06:06 . 2012-04-26 05:41 77312 c:\windows\system32\rdpwsx.dll + 2012-06-13 14:57 . 2012-05-18 01:51 96768 c:\windows\system32\mshtmled.dll + 2012-06-13 14:57 . 2012-05-18 01:56 86528 c:\windows\system32\migration\WininetPlugin.dll - 2012-02-17 00:22 . 2011-12-14 07:02 86528 c:\windows\system32\migration\WininetPlugin.dll - 2012-02-17 00:22 . 2011-12-14 07:01 85504 c:\windows\system32\jsproxy.dll + 2012-06-13 14:57 . 2012-05-18 01:56 85504 c:\windows\system32\jsproxy.dll + 2012-04-11 02:17 . 2012-03-01 06:33 81408 c:\windows\system32\imagehlp.dll + 2009-07-14 05:30 . 2012-04-25 19:54 86016 c:\windows\system32\DriverStore\infpub.dat - 2009-07-14 05:30 . 2011-12-29 12:50 86016 c:\windows\system32\DriverStore\infpub.dat - 2009-07-14 00:16 . 2009-07-14 00:16 23552 c:\windows\system32\drivers\tdtcp.sys + 2012-03-14 08:47 . 2012-02-17 04:57 23552 c:\windows\system32\drivers\tdtcp.sys + 2012-05-08 21:14 . 2012-03-17 07:58 75120 c:\windows\system32\drivers\partmgr.sys + 2012-04-11 02:17 . 2012-03-01 06:46 23408 c:\windows\system32\drivers\fs_rec.sys + 2012-01-31 02:46 . 2012-01-31 02:46 36944 c:\windows\system32\drivers\avgrkx64.sys + 2011-12-23 11:32 . 2011-12-23 11:32 47696 c:\windows\system32\drivers\avgmfx64.sys + 2011-12-23 11:32 . 2011-12-23 11:32 29776 c:\windows\system32\drivers\avgidsfiltera.sys + 2011-05-21 03:44 . 2012-06-30 18:34 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-05-21 03:44 . 2012-03-01 17:48 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-05-21 03:44 . 2012-03-01 17:48 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-05-21 03:44 . 2012-06-30 18:34 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-06-30 18:34 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-03-01 17:48 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:46 . 2012-06-30 18:26 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2009-07-14 04:46 . 2012-02-22 11:59 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2011-05-20 18:56 . 2012-03-29 02:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-05-20 18:56 . 2012-02-20 19:41 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-12-15 12:01 . 2011-12-15 12:01 68880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll + 2011-12-15 11:08 . 2011-12-15 11:08 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll + 2012-06-13 15:06 . 2012-06-13 15:06 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll - 2012-02-17 00:27 . 2012-02-17 00:27 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll + 2012-06-13 15:06 . 2012-06-13 15:06 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll - 2012-02-17 00:27 . 2012-02-17 00:27 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll - 2012-02-17 00:27 . 2012-02-17 00:27 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll + 2012-06-13 15:06 . 2012-06-13 15:06 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll + 2012-06-13 15:06 . 2012-06-13 15:06 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll - 2012-02-17 00:27 . 2012-02-17 00:27 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll - 2012-02-17 00:27 . 2012-02-17 00:27 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll + 2012-06-13 15:06 . 2012-06-13 15:06 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll + 2012-06-13 15:06 . 2012-06-13 15:06 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll - 2012-02-17 00:27 . 2012-02-17 00:27 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll + 2012-06-13 15:06 . 2012-06-13 15:06 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll - 2012-02-17 00:27 . 2012-02-17 00:27 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll - 2012-02-17 00:27 . 2012-02-17 00:27 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll + 2012-06-13 15:06 . 2012-06-13 15:06 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll - 2012-02-17 00:27 . 2012-02-17 00:27 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll + 2012-06-13 15:06 . 2012-06-13 15:06 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll + 2012-06-13 15:06 . 2012-06-13 15:06 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll - 2012-02-17 00:27 . 2012-02-17 00:27 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll + 2012-06-13 15:06 . 2012-06-13 15:06 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll - 2012-02-17 00:27 . 2012-02-17 00:27 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll - 2012-02-17 00:27 . 2012-02-17 00:27 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2012-06-13 15:06 . 2012-06-13 15:06 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2012-06-13 15:06 . 2012-06-13 15:06 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll - 2012-02-17 00:27 . 2012-02-17 00:27 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll + 2012-06-13 15:06 . 2012-06-13 15:06 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll - 2012-02-17 00:27 . 2012-02-17 00:27 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2012-06-13 15:06 . 2012-06-13 15:06 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll - 2012-02-17 00:27 . 2012-02-17 00:27 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll + 2012-06-13 15:06 . 2012-06-13 15:06 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2012-02-17 00:27 . 2012-02-17 00:27 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2012-06-13 15:06 . 2012-06-13 15:06 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2012-02-17 00:27 . 2012-02-17 00:27 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2012-06-13 15:06 . 2012-06-13 15:06 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2012-02-17 00:27 . 2012-02-17 00:27 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2012-06-13 15:06 . 2012-06-13 15:06 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2012-02-17 00:27 . 2012-02-17 00:27 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2012-02-17 00:27 . 2012-02-17 00:27 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-06-13 15:06 . 2012-06-13 15:06 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2012-02-17 00:26 . 2012-02-17 00:26 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2012-06-13 15:05 . 2012-06-13 15:05 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2012-06-13 15:05 . 2012-06-13 15:05 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2012-02-17 00:26 . 2012-02-17 00:26 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-03-28 13:53 . 2012-03-28 13:53 25600 c:\windows\Installer\353416c.msi + 2011-08-28 13:42 . 2012-06-13 15:07 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2011-08-28 13:42 . 2012-02-17 00:24 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2011-08-28 13:42 . 2012-06-13 15:07 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2011-08-28 13:42 . 2012-02-17 00:24 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2011-08-28 13:42 . 2012-02-17 00:24 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2011-08-28 13:42 . 2012-06-13 15:07 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2011-02-01 23:33 . 2012-05-09 01:02 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - 2011-02-01 23:33 . 2012-02-17 00:25 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2006-07-24 08:50 . 2006-07-24 08:50 47920 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\VBAME.DLL + 2009-02-26 13:24 . 2009-02-26 13:24 71536 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\ONFILTER.DLL + 2009-02-26 13:24 . 2009-02-26 13:24 97680 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\ONENOTEM.EXE + 2011-08-28 13:39 . 2011-08-28 13:39 35648 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\OLCTLPIA.DLL + 2009-04-02 10:01 . 2009-04-02 10:01 56680 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\EXP_XPS.DLL + 2009-04-03 16:46 . 2009-04-03 16:46 97640 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\EXP_PDF.DLL + 2006-10-26 18:13 . 2006-10-26 18:13 56192 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACECNFLT.EXE + 2012-05-09 17:02 . 2012-05-09 17:02 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7fa267d10b2df6dbd00d00d130715f0a\System.Xml.Serialization.ni.dll + 2012-05-09 17:02 . 2012-05-09 17:02 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\054fce9466c6cef615b2f7cc9ff4e7f8\System.Windows.Presentation.ni.dll + 2012-05-09 17:01 . 2012-05-09 17:01 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\ff78ec1b5bf38a8fb74c2d4f41bb308a\System.Web.ApplicationServices.ni.dll + 2012-05-09 16:59 . 2012-05-09 16:59 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\e144d0028365c62178eb0662911ac910\System.AddIn.Contract.ni.dll + 2012-05-09 16:57 . 2012-05-09 16:57 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\93295f3771dc9e5be2d49d5f5d76a7a6\Microsoft.VisualC.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\5ea625ce2d6c08687f70cb81a003a28b\dfsvc.ni.exe + 2012-05-09 16:56 . 2012-05-09 16:56 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\061cbee19075e086d675a9e1f65725d7\Accessibility.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\05787d96761cf20b76b927ace10ef1d3\UIAutomationProvider.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\f3a9c6e87bfa4bab3689ec1cdb56964f\System.Windows.Presentation.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\9b418f37f4594806e1f4b0ed6d083a95\System.Web.ApplicationServices.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d09c237ee72af3935f1a01388ef8e315\System.ServiceModel.Channels.ni.dll + 2012-05-09 16:49 . 2012-05-09 16:49 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\59be5fb54e018032511415f0b0523ee3\System.AddIn.Contract.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\46f273930666397a8cb538ffe9190eef\Microsoft.VisualC.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\fb4bc14964a1d415bdbe55b62ce73a52\System.Windows.Presentation.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\eef76dd965ea0a8ae5fb0c734d84389c\System.Web.DynamicData.Design.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\ee709a01b51c82626f4b2c1173f2db28\stdole.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\78f495970511b726a0ca7b8119360e25\PresentationFontCache.ni.exe + 2012-05-09 01:26 . 2012-05-09 01:26 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\1a359e9b908a2565c546a8ca04b241c2\PresentationCFFRasterizer.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\9d57c4bbbc0b3243046fc7839da71b00\Microsoft.WSMan.Runtime.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\d6578432220dbabf2b15027681327bf8\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\66deb65a87750efddf62d1e0c0655352\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\4b6402dc918e41b8de8c501f29833d91\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\28545d2b6a0aaef4aa168f9808603bc5\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\1d8a17a2c1416a8ad4d6ad2a28b4c5fd\Microsoft.Windows.Diagnosis.SDEngine.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\0abc7256549c204f39af7dcc52c9e5d5\Microsoft.Windows.Diagnosis.SDHost.ni.dll + 2012-05-09 01:19 . 2012-05-09 01:19 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\3c3a6cce983114e7406e0a6e6116ecd8\Microsoft.VisualC.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\6ab0575bf49b60fd4b697d47e1754072\Microsoft.MediaCenter.iTv.Hosting.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\1569a004b1f41193818e3b3777f2c73d\LoadMxf.ni.exe + 2012-05-09 16:52 . 2012-05-09 16:52 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\3ee98e8b2084e27d65953bbd7e362bf8\ehiUPnP.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\1cd9f92749d29b9fd61fcb1c4ae84294\ehiTVMSMusic.ni.dll + 2012-05-09 16:51 . 2012-05-09 16:51 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\0811f67973c32efb2bfad62a4a2592b5\dfsvc.ni.exe + 2012-05-09 01:26 . 2012-05-09 01:26 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\ae9311dcb0e713330a2a86b04cf361dc\Accessibility.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\876f4df16291d2b14c21e2a14afb60c9\WindowsLiveWriter.ni.exe + 2012-05-09 16:46 . 2012-05-09 16:46 80896 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4bd9d7d8d3686f779672029df66df150\WindowsLive.Writer.Passport.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\66d750f3f8dde0cc865f921497ab3545\System.Windows.Presentation.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\2b97ccae44726f13c418f1406180c3e8\System.Web.DynamicData.Design.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\543b0e12423bcec010bdd2ac27c5dc04\System.ComponentModel.DataAnnotations.ni.dll + 2012-05-09 01:28 . 2012-05-09 01:28 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f34410ab8e82063735d876533db26c49\System.AddIn.Contract.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\d246780b91fd9f6393e85fb13bde94a6\stdole.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\d24744f15243e28ea541a459ff7ff5d5\PresentationFontCache.ni.exe + 2012-05-09 01:24 . 2012-05-09 01:24 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5a9d0ff936810991cedd098fe006a9be\PresentationCFFRasterizer.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\87a30ba337ed55d0905f19742e2985bc\napcrypt.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\9f2e8e0df9ff39ad21088f1d66cfadb1\Microsoft.WSMan.Runtime.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d797123d55bb7b823120d0a7ffbbc2a7\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb8ad29814d9e5589bd400d38e7a0b10\Microsoft.Windows.Diagnosis.SDHost.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb42a0f25b7608b2675080081b03f6e5\Microsoft.Windows.Diagnosis.SDEngine.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\c6e9143be5afb36345875d56b61c444f\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\91767cf3facefe10e00734c815e925ad\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\66cd99d2f576cde047074e98bd5e1848\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\4308e1bdc640e1c3f1ea966e84e48900\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\06fcf2fbbe38d9425fc49d935498ec93\Microsoft.Vsa.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\55c57057dc81a5e8c5bde3a230f0bcb9\Microsoft.VisualC.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e3ef400b1f37e4d3b79a42a8a602ea02\Microsoft.Build.Framework.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\2095344bf8c40f8baa94ba53a993fb4c\Microsoft.Build.Framework.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\dc93539af5a961641a26ada75f730136\ehiUserXp.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\53d03b0e238c77cf7e5ac88e02aecd2c\dfsvc.ni.exe + 2012-05-09 01:24 . 2012-05-09 01:24 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll - 2011-02-01 23:33 . 2011-02-01 23:33 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Drawing.resources.dll + 2012-04-11 01:19 . 2010-11-13 00:34 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Drawing.resources.dll + 2012-03-07 02:03 . 2012-03-07 02:03 11144 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll + 2012-03-07 02:03 . 2012-03-07 02:03 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll - 2011-08-30 01:03 . 2011-08-30 01:03 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll + 2012-03-07 02:03 . 2012-03-07 02:03 34696 c:\windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll + 2012-04-11 02:17 . 2012-03-01 05:29 5120 c:\windows\SysWOW64\wmi.dll - 2009-07-14 00:19 . 2009-07-14 01:11 5120 c:\windows\SysWOW64\wmi.dll - 2009-07-14 00:41 . 2009-07-14 01:33 5120 c:\windows\system64\wmi.dll + 2012-04-11 02:17 . 2012-03-01 06:28 5120 c:\windows\system64\wmi.dll + 2012-06-13 06:06 . 2012-04-26 05:34 9216 c:\windows\system64\rdrmemptylst.exe - 2011-05-20 18:55 . 2011-05-20 18:55 9560 c:\windows\system64\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_48.bin + 2011-05-20 18:55 . 2012-03-05 16:30 9560 c:\windows\system64\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_48.bin + 2011-05-20 18:55 . 2012-03-05 16:30 4280 c:\windows\system64\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_32.bin - 2011-05-20 18:55 . 2011-05-20 18:55 4280 c:\windows\system64\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_32.bin - 2011-05-20 18:55 . 2011-05-20 18:55 2456 c:\windows\system64\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_24.bin + 2011-05-20 18:55 . 2012-03-05 16:30 2456 c:\windows\system64\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_24.bin + 2012-04-11 02:17 . 2012-03-01 06:28 5120 c:\windows\system32\wmi.dll - 2009-07-14 00:41 . 2009-07-14 01:33 5120 c:\windows\system32\wmi.dll + 2012-06-13 06:06 . 2012-04-26 05:34 9216 c:\windows\system32\rdrmemptylst.exe + 2011-05-20 18:55 . 2012-03-05 16:30 9560 c:\windows\system32\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_48.bin - 2011-05-20 18:55 . 2011-05-20 18:55 9560 c:\windows\system32\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_48.bin + 2011-05-20 18:55 . 2012-03-05 16:30 4280 c:\windows\system32\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_32.bin - 2011-05-20 18:55 . 2011-05-20 18:55 4280 c:\windows\system32\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_32.bin + 2011-05-20 18:55 . 2012-03-05 16:30 2456 c:\windows\system32\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_24.bin - 2011-05-20 18:55 . 2011-05-20 18:55 2456 c:\windows\system32\NetworkList\Icons\{98A8768A-5ED5-45BA-8007-076E418025D6}_24.bin + 2012-07-02 18:09 . 2012-07-02 18:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-03-02 16:14 . 2012-03-02 16:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-02 18:09 . 2012-07-02 18:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-03-02 16:14 . 2012-03-02 16:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-05-09 16:50 . 2012-05-09 16:50 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\fd866b4158c3bd2a26c875f2896c5573\dfsvc.ni.exe + 2012-04-23 22:18 . 2010-06-02 02:55 527192 c:\windows\SysWOW64\XAudio2_7.dll + 2012-04-23 22:18 . 2010-02-04 08:01 528216 c:\windows\SysWOW64\XAudio2_6.dll + 2012-04-23 22:18 . 2009-03-16 12:18 517448 c:\windows\SysWOW64\XAudio2_4.dll + 2012-04-23 22:18 . 2008-10-27 08:04 514384 c:\windows\SysWOW64\XAudio2_3.dll + 2012-04-23 22:18 . 2008-07-31 08:40 509448 c:\windows\SysWOW64\XAudio2_2.dll + 2012-04-23 22:18 . 2008-05-30 12:19 507400 c:\windows\SysWOW64\XAudio2_1.dll + 2012-04-23 22:18 . 2008-03-05 14:03 479752 c:\windows\SysWOW64\XAudio2_0.dll + 2012-04-23 22:18 . 2010-06-02 02:55 239960 c:\windows\SysWOW64\xactengine3_7.dll + 2012-04-23 22:18 . 2010-02-04 08:01 238936 c:\windows\SysWOW64\xactengine3_6.dll + 2012-04-23 22:18 . 2009-09-04 15:44 238936 c:\windows\SysWOW64\xactengine3_5.dll + 2012-04-23 22:18 . 2009-03-16 12:18 235352 c:\windows\SysWOW64\xactengine3_4.dll + 2012-04-23 22:18 . 2008-10-27 08:04 235856 c:\windows\SysWOW64\xactengine3_3.dll + 2012-04-23 22:18 . 2008-07-31 08:41 238088 c:\windows\SysWOW64\xactengine3_2.dll + 2012-04-23 22:18 . 2008-05-30 12:18 238088 c:\windows\SysWOW64\xactengine3_1.dll + 2012-04-23 22:18 . 2008-03-05 14:03 238088 c:\windows\SysWOW64\xactengine3_0.dll + 2012-04-23 22:18 . 2007-07-19 22:57 267112 c:\windows\SysWOW64\xactengine2_9.dll + 2012-04-23 22:18 . 2007-06-20 18:46 266088 c:\windows\SysWOW64\xactengine2_8.dll + 2012-04-23 22:18 . 2007-04-04 16:55 261480 c:\windows\SysWOW64\xactengine2_7.dll + 2012-04-23 22:17 . 2007-01-24 13:27 255848 c:\windows\SysWOW64\xactengine2_6.dll + 2012-04-23 22:17 . 2006-12-08 10:02 251672 c:\windows\SysWOW64\xactengine2_5.dll + 2012-04-23 22:17 . 2006-09-28 14:05 237848 c:\windows\SysWOW64\xactengine2_4.dll + 2012-04-23 22:17 . 2006-07-28 07:30 236824 c:\windows\SysWOW64\xactengine2_3.dll + 2012-04-23 22:17 . 2006-05-31 05:24 230168 c:\windows\SysWOW64\xactengine2_2.dll + 2012-04-23 22:18 . 2007-10-22 01:39 267272 c:\windows\SysWOW64\xactengine2_10.dll + 2012-04-11 02:17 . 2012-03-01 05:37 172544 c:\windows\SysWOW64\wintrust.dll + 2012-06-13 14:57 . 2012-05-17 22:33 231936 c:\windows\SysWOW64\url.dll - 2012-02-17 00:22 . 2011-12-14 02:55 231936 c:\windows\SysWOW64\url.dll + 2012-03-14 08:47 . 2012-02-17 05:34 826880 c:\windows\SysWOW64\rdpcore.dll + 2012-06-10 09:05 . 2012-06-10 09:05 144808 c:\windows\SysWOW64\mlfcache.dat + 2012-03-13 16:46 . 2012-03-13 16:46 250528 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe + 2012-03-13 16:46 . 2012-03-13 16:46 335520 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.dll - 2012-02-17 00:22 . 2011-12-14 02:53 716800 c:\windows\SysWOW64\jscript.dll + 2012-06-13 14:57 . 2012-05-17 22:29 716800 c:\windows\SysWOW64\jscript.dll + 2012-04-11 02:17 . 2012-03-01 05:33 159232 c:\windows\SysWOW64\imagehlp.dll - 2011-05-21 21:02 . 2011-05-21 21:02 142848 c:\windows\SysWOW64\ieUnatt.exe + 2012-06-13 14:57 . 2012-05-17 22:29 142848 c:\windows\SysWOW64\ieUnatt.exe + 2012-06-13 14:57 . 2012-05-17 22:20 176640 c:\windows\SysWOW64\ieui.dll - 2012-02-17 00:22 . 2011-12-14 02:47 176640 c:\windows\SysWOW64\ieui.dll + 2012-04-23 22:18 . 2010-05-26 09:41 248672 c:\windows\SysWOW64\d3dx11_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 235344 c:\windows\SysWOW64\d3dx11_42.dll + 2012-04-23 22:18 . 2010-05-26 09:41 470880 c:\windows\SysWOW64\d3dx10_43.dll + 2012-04-23 22:18 . 2008-10-10 02:52 452440 c:\windows\SysWOW64\d3dx10_40.dll + 2012-04-23 22:18 . 2008-07-10 09:01 467984 c:\windows\SysWOW64\d3dx10_39.dll + 2012-04-23 22:18 . 2008-05-30 12:11 467984 c:\windows\SysWOW64\d3dx10_38.dll + 2012-04-23 22:18 . 2008-02-05 21:07 462864 c:\windows\SysWOW64\d3dx10_37.dll + 2012-04-23 22:18 . 2007-10-02 07:56 444776 c:\windows\SysWOW64\d3dx10_36.dll + 2012-04-23 22:18 . 2007-07-19 16:14 444776 c:\windows\SysWOW64\d3dx10_35.dll + 2012-04-23 22:18 . 2007-05-16 14:45 443752 c:\windows\SysWOW64\d3dx10_34.dll + 2012-04-23 22:17 . 2007-03-15 14:57 443752 c:\windows\SysWOW64\d3dx10_33.dll + 2012-04-23 22:17 . 2006-11-29 11:06 440080 c:\windows\SysWOW64\d3dx10.dll + 2012-06-13 06:06 . 2012-04-24 04:36 140288 c:\windows\SysWOW64\cryptsvc.dll + 2012-06-13 06:06 . 2012-04-24 04:36 103936 c:\windows\SysWOW64\cryptnet.dll + 2012-06-28 21:11 . 2012-06-28 21:11 262144 c:\windows\SysWOW64\config\TxR\NTUSER.DAT + 2012-04-18 11:21 . 2012-04-18 11:20 376832 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat + 2012-04-18 11:20 . 2010-08-13 23:19 461576 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Toolbar\Applications\wlextension.dll + 2012-04-18 11:20 . 2010-08-13 23:19 131336 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Toolbar\Applications\searchappextension.dll + 2012-04-18 11:20 . 2010-08-13 23:19 335112 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Toolbar\Applications\appmgr.dll + 2012-06-28 21:11 . 2012-06-28 21:11 262144 c:\windows\SysWOW64\config\RegBack\NTUSER.DAT + 2012-06-28 21:11 . 2012-06-28 21:11 262144 c:\windows\SysWOW64\config\Journal\NTUSER.DAT + 2012-04-23 22:18 . 2007-04-04 16:54 107368 c:\windows\system64\xinput1_3.dll + 2012-04-23 22:18 . 2010-06-02 02:55 518488 c:\windows\system64\XAudio2_7.dll + 2012-04-23 22:18 . 2010-02-04 08:01 530776 c:\windows\system64\XAudio2_6.dll + 2012-04-23 22:18 . 2009-09-04 15:44 517960 c:\windows\system64\XAudio2_5.dll + 2012-04-23 22:18 . 2009-03-16 12:18 521560 c:\windows\system64\XAudio2_4.dll + 2012-04-23 22:18 . 2008-10-27 08:04 518480 c:\windows\system64\XAudio2_3.dll + 2012-04-23 22:18 . 2008-07-31 08:40 513544 c:\windows\system64\XAudio2_2.dll + 2012-04-23 22:18 . 2008-05-30 12:19 511496 c:\windows\system64\XAudio2_1.dll + 2012-04-23 22:18 . 2008-03-05 14:04 489480 c:\windows\system64\XAudio2_0.dll + 2012-04-23 22:18 . 2010-06-02 02:55 176984 c:\windows\system64\xactengine3_7.dll + 2012-04-23 22:18 . 2010-02-04 08:01 176984 c:\windows\system64\xactengine3_6.dll + 2012-04-23 22:18 . 2009-09-04 15:44 176968 c:\windows\system64\xactengine3_5.dll + 2012-04-23 22:18 . 2009-03-16 12:18 174936 c:\windows\system64\xactengine3_4.dll + 2012-04-23 22:18 . 2008-10-27 08:04 175440 c:\windows\system64\xactengine3_3.dll + 2012-04-23 22:18 . 2008-07-31 08:41 177672 c:\windows\system64\xactengine3_2.dll + 2012-04-23 22:18 . 2008-05-30 12:18 177672 c:\windows\system64\xactengine3_1.dll + 2012-04-23 22:18 . 2008-03-05 14:03 177672 c:\windows\system64\xactengine3_0.dll + 2012-04-23 22:18 . 2007-07-19 22:57 411496 c:\windows\system64\xactengine2_9.dll + 2012-04-23 22:18 . 2007-06-20 18:49 409960 c:\windows\system64\xactengine2_8.dll + 2012-04-23 22:18 . 2007-04-04 16:55 403304 c:\windows\system64\xactengine2_7.dll + 2012-04-23 22:17 . 2007-01-24 13:27 393576 c:\windows\system64\xactengine2_6.dll + 2012-04-23 22:17 . 2006-12-08 10:00 390424 c:\windows\system64\xactengine2_5.dll + 2012-04-23 22:17 . 2006-09-28 14:04 364824 c:\windows\system64\xactengine2_4.dll + 2012-04-23 22:17 . 2006-07-28 07:30 363288 c:\windows\system64\xactengine2_3.dll + 2012-04-23 22:17 . 2006-05-31 05:22 354072 c:\windows\system64\xactengine2_2.dll + 2012-04-23 22:18 . 2007-10-22 01:40 411656 c:\windows\system64\xactengine2_10.dll + 2012-06-21 15:01 . 2012-06-02 13:19 186752 c:\windows\system64\wuwebv.dll + 2012-06-21 15:01 . 2012-06-02 22:19 701976 c:\windows\system64\wuapi.dll - 2011-06-06 23:35 . 2010-11-20 13:27 220672 c:\windows\system64\wintrust.dll + 2012-04-11 02:17 . 2012-03-01 06:38 220672 c:\windows\system64\wintrust.dll + 2011-05-21 20:57 . 2012-07-01 11:07 264206 c:\windows\system64\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin + 2012-06-13 14:57 . 2012-05-18 01:58 237056 c:\windows\system64\url.dll - 2012-02-17 00:22 . 2011-12-14 07:03 237056 c:\windows\system64\url.dll + 2011-08-28 13:42 . 2009-02-27 02:42 863128 c:\windows\system64\spool\drivers\x64\msonpdrv.dll + 2012-06-13 06:06 . 2012-04-26 05:41 149504 c:\windows\system64\rdpcorekmts.dll - 2011-06-06 23:35 . 2010-11-20 13:27 149504 c:\windows\system64\rdpcorekmts.dll - 2011-06-06 23:35 . 2010-11-20 13:27 209920 c:\windows\system64\profsvc.dll + 2012-06-13 06:06 . 2012-05-01 05:40 209920 c:\windows\system64\profsvc.dll - 2011-02-01 23:34 . 2012-02-28 20:26 701992 c:\windows\system64\perfh013.dat + 2011-02-01 23:34 . 2012-07-02 16:42 701992 c:\windows\system64\perfh013.dat - 2009-07-14 02:36 . 2012-02-28 20:26 616476 c:\windows\system64\perfh009.dat + 2009-07-14 02:36 . 2012-07-02 16:42 616476 c:\windows\system64\perfh009.dat - 2011-02-01 23:34 . 2012-02-28 20:26 133766 c:\windows\system64\perfc013.dat + 2011-02-01 23:34 . 2012-07-02 16:42 133766 c:\windows\system64\perfc013.dat + 2009-07-14 02:36 . 2012-07-02 16:42 106598 c:\windows\system64\perfc009.dat - 2009-07-14 02:36 . 2012-02-28 20:26 106598 c:\windows\system64\perfc009.dat + 2011-07-20 18:14 . 2012-02-23 08:18 279656 c:\windows\system64\MpSigStub.exe + 2011-11-30 11:41 . 2012-03-13 16:46 465568 c:\windows\system64\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe + 2011-11-30 11:41 . 2012-03-13 16:46 376480 c:\windows\system64\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.dll - 2011-11-30 11:41 . 2011-11-30 11:41 376480 c:\windows\system64\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.dll - 2012-02-17 00:22 . 2011-12-14 07:00 818688 c:\windows\system64\jscript.dll + 2012-06-13 14:57 . 2012-05-18 01:55 818688 c:\windows\system64\jscript.dll + 2012-06-13 14:57 . 2012-05-18 01:55 173056 c:\windows\system64\ieUnatt.exe - 2011-05-21 21:02 . 2011-05-21 21:02 173056 c:\windows\system64\ieUnatt.exe - 2012-02-17 00:22 . 2011-12-14 06:53 248320 c:\windows\system64\ieui.dll + 2012-06-13 14:57 . 2012-05-18 01:47 248320 c:\windows\system64\ieui.dll - 2009-07-14 04:45 . 2012-02-17 01:02 424424 c:\windows\system64\FNTCACHE.DAT + 2009-07-14 04:45 . 2012-06-13 22:26 424424 c:\windows\system64\FNTCACHE.DAT - 2009-07-14 05:30 . 2011-12-29 12:50 143360 c:\windows\system64\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2012-04-25 19:54 143360 c:\windows\system64\DriverStore\infstrng.dat + 2012-06-13 06:06 . 2012-04-28 03:55 210944 c:\windows\system64\drivers\rdpwd.sys - 2011-06-06 23:35 . 2010-11-20 11:04 210944 c:\windows\system64\drivers\rdpwd.sys + 2012-03-19 03:17 . 2012-03-19 03:17 383808 c:\windows\system64\drivers\avgtdia.sys + 2012-02-22 03:25 . 2012-02-22 03:25 289872 c:\windows\system64\drivers\avgldx64.sys + 2011-12-23 11:31 . 2011-12-23 11:31 124496 c:\windows\system64\drivers\avgidsdrivera.sys + 2012-04-23 22:18 . 2010-05-26 09:41 276832 c:\windows\system64\d3dx11_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 285024 c:\windows\system64\d3dx11_42.dll + 2012-04-23 22:18 . 2010-05-26 09:41 511328 c:\windows\system64\d3dx10_43.dll + 2012-04-23 22:18 . 2009-03-09 13:27 520544 c:\windows\system64\d3dx10_41.dll + 2012-04-23 22:18 . 2008-10-10 02:52 519000 c:\windows\system64\d3dx10_40.dll + 2012-04-23 22:18 . 2008-07-10 09:00 540688 c:\windows\system64\d3dx10_39.dll + 2012-04-23 22:18 . 2008-05-30 12:11 540688 c:\windows\system64\d3dx10_38.dll + 2012-04-23 22:18 . 2008-02-05 21:07 529424 c:\windows\system64\d3dx10_37.dll + 2012-04-23 22:18 . 2007-10-02 07:56 508264 c:\windows\system64\d3dx10_36.dll + 2012-04-23 22:18 . 2007-07-19 16:14 508264 c:\windows\system64\d3dx10_35.dll + 2012-04-23 22:18 . 2007-05-16 14:45 506728 c:\windows\system64\d3dx10_34.dll + 2012-04-23 22:17 . 2007-03-15 14:57 506728 c:\windows\system64\d3dx10_33.dll + 2012-04-23 22:17 . 2006-11-29 11:06 469264 c:\windows\system64\d3dx10.dll + 2012-06-13 06:06 . 2012-04-24 05:37 184320 c:\windows\system64\cryptsvc.dll + 2012-06-13 06:06 . 2012-04-24 05:37 140288 c:\windows\system64\cryptnet.dll + 2012-04-23 22:18 . 2007-04-04 16:54 107368 c:\windows\system32\xinput1_3.dll + 2012-04-23 22:18 . 2010-06-02 02:55 518488 c:\windows\system32\XAudio2_7.dll + 2012-04-23 22:18 . 2010-02-04 08:01 530776 c:\windows\system32\XAudio2_6.dll + 2012-04-23 22:18 . 2009-09-04 15:44 517960 c:\windows\system32\XAudio2_5.dll + 2012-04-23 22:18 . 2009-03-16 12:18 521560 c:\windows\system32\XAudio2_4.dll + 2012-04-23 22:18 . 2008-10-27 08:04 518480 c:\windows\system32\XAudio2_3.dll + 2012-04-23 22:18 . 2008-07-31 08:40 513544 c:\windows\system32\XAudio2_2.dll + 2012-04-23 22:18 . 2008-05-30 12:19 511496 c:\windows\system32\XAudio2_1.dll + 2012-04-23 22:18 . 2008-03-05 14:04 489480 c:\windows\system32\XAudio2_0.dll + 2012-04-23 22:18 . 2010-06-02 02:55 176984 c:\windows\system32\xactengine3_7.dll + 2012-04-23 22:18 . 2010-02-04 08:01 176984 c:\windows\system32\xactengine3_6.dll + 2012-04-23 22:18 . 2009-09-04 15:44 176968 c:\windows\system32\xactengine3_5.dll + 2012-04-23 22:18 . 2009-03-16 12:18 174936 c:\windows\system32\xactengine3_4.dll + 2012-04-23 22:18 . 2008-10-27 08:04 175440 c:\windows\system32\xactengine3_3.dll + 2012-04-23 22:18 . 2008-07-31 08:41 177672 c:\windows\system32\xactengine3_2.dll + 2012-04-23 22:18 . 2008-05-30 12:18 177672 c:\windows\system32\xactengine3_1.dll + 2012-04-23 22:18 . 2008-03-05 14:03 177672 c:\windows\system32\xactengine3_0.dll + 2012-04-23 22:18 . 2007-07-19 22:57 411496 c:\windows\system32\xactengine2_9.dll + 2012-04-23 22:18 . 2007-06-20 18:49 409960 c:\windows\system32\xactengine2_8.dll + 2012-04-23 22:18 . 2007-04-04 16:55 403304 c:\windows\system32\xactengine2_7.dll + 2012-04-23 22:17 . 2007-01-24 13:27 393576 c:\windows\system32\xactengine2_6.dll + 2012-04-23 22:17 . 2006-12-08 10:00 390424 c:\windows\system32\xactengine2_5.dll + 2012-04-23 22:17 . 2006-09-28 14:04 364824 c:\windows\system32\xactengine2_4.dll + 2012-04-23 22:17 . 2006-07-28 07:30 363288 c:\windows\system32\xactengine2_3.dll + 2012-04-23 22:17 . 2006-05-31 05:22 354072 c:\windows\system32\xactengine2_2.dll + 2012-04-23 22:18 . 2007-10-22 01:40 411656 c:\windows\system32\xactengine2_10.dll - 2011-06-06 23:35 . 2010-11-20 13:27 220672 c:\windows\system32\wintrust.dll + 2012-04-11 02:17 . 2012-03-01 06:38 220672 c:\windows\system32\wintrust.dll + 2011-05-21 20:57 . 2012-07-01 11:07 264206 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin + 2012-06-13 14:57 . 2012-05-18 01:58 237056 c:\windows\system32\url.dll - 2012-02-17 00:22 . 2011-12-14 07:03 237056 c:\windows\system32\url.dll + 2011-08-28 13:42 . 2009-02-27 02:42 863128 c:\windows\system32\spool\drivers\x64\msonpdrv.dll - 2011-06-06 23:35 . 2010-11-20 13:27 209920 c:\windows\system32\profsvc.dll + 2012-06-13 06:06 . 2012-05-01 05:40 209920 c:\windows\system32\profsvc.dll - 2011-02-01 23:34 . 2012-02-28 20:26 701992 c:\windows\system32\perfh013.dat + 2011-02-01 23:34 . 2012-07-02 16:42 701992 c:\windows\system32\perfh013.dat + 2009-07-14 02:36 . 2012-07-02 16:42 616476 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2012-02-28 20:26 616476 c:\windows\system32\perfh009.dat + 2011-02-01 23:34 . 2012-07-02 16:42 133766 c:\windows\system32\perfc013.dat - 2011-02-01 23:34 . 2012-02-28 20:26 133766 c:\windows\system32\perfc013.dat - 2009-07-14 02:36 . 2012-02-28 20:26 106598 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2012-07-02 16:42 106598 c:\windows\system32\perfc009.dat + 2011-07-20 18:14 . 2012-02-23 08:18 279656 c:\windows\system32\MpSigStub.exe + 2011-11-30 11:41 . 2012-03-13 16:46 465568 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe - 2011-11-30 11:41 . 2011-11-30 11:41 376480 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.dll + 2011-11-30 11:41 . 2012-03-13 16:46 376480 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.dll + 2012-06-13 14:57 . 2012-05-18 01:55 818688 c:\windows\system32\jscript.dll - 2012-02-17 00:22 . 2011-12-14 07:00 818688 c:\windows\system32\jscript.dll - 2011-05-21 21:02 . 2011-05-21 21:02 173056 c:\windows\system32\ieUnatt.exe + 2012-06-13 14:57 . 2012-05-18 01:55 173056 c:\windows\system32\ieUnatt.exe + 2012-06-13 14:57 . 2012-05-18 01:47 248320 c:\windows\system32\ieui.dll - 2012-02-17 00:22 . 2011-12-14 06:53 248320 c:\windows\system32\ieui.dll + 2009-07-14 04:45 . 2012-06-13 22:26 424424 c:\windows\system32\FNTCACHE.DAT - 2009-07-14 04:45 . 2012-02-17 01:02 424424 c:\windows\system32\FNTCACHE.DAT - 2009-07-14 05:30 . 2011-12-29 12:50 143360 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2012-04-25 19:54 143360 c:\windows\system32\DriverStore\infstrng.dat + 2012-06-13 06:06 . 2012-04-28 03:55 210944 c:\windows\system32\drivers\rdpwd.sys - 2011-06-06 23:35 . 2010-11-20 11:04 210944 c:\windows\system32\drivers\rdpwd.sys + 2012-03-19 03:17 . 2012-03-19 03:17 383808 c:\windows\system32\drivers\avgtdia.sys + 2012-02-22 03:25 . 2012-02-22 03:25 289872 c:\windows\system32\drivers\avgldx64.sys + 2011-12-23 11:31 . 2011-12-23 11:31 124496 c:\windows\system32\drivers\avgidsdrivera.sys + 2012-04-23 22:18 . 2010-05-26 09:41 276832 c:\windows\system32\d3dx11_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 285024 c:\windows\system32\d3dx11_42.dll + 2012-04-23 22:18 . 2010-05-26 09:41 511328 c:\windows\system32\d3dx10_43.dll + 2012-04-23 22:18 . 2009-03-09 13:27 520544 c:\windows\system32\d3dx10_41.dll + 2012-04-23 22:18 . 2008-10-10 02:52 519000 c:\windows\system32\d3dx10_40.dll + 2012-04-23 22:18 . 2008-07-10 09:00 540688 c:\windows\system32\d3dx10_39.dll + 2012-04-23 22:18 . 2008-05-30 12:11 540688 c:\windows\system32\d3dx10_38.dll + 2012-04-23 22:18 . 2008-02-05 21:07 529424 c:\windows\system32\d3dx10_37.dll + 2012-04-23 22:18 . 2007-10-02 07:56 508264 c:\windows\system32\d3dx10_36.dll + 2012-04-23 22:18 . 2007-07-19 16:14 508264 c:\windows\system32\d3dx10_35.dll + 2012-04-23 22:18 . 2007-05-16 14:45 506728 c:\windows\system32\d3dx10_34.dll + 2012-04-23 22:17 . 2007-03-15 14:57 506728 c:\windows\system32\d3dx10_33.dll + 2012-04-23 22:17 . 2006-11-29 11:06 469264 c:\windows\system32\d3dx10.dll + 2012-06-13 06:06 . 2012-04-24 05:37 184320 c:\windows\system32\cryptsvc.dll + 2012-06-13 06:06 . 2012-04-24 05:37 140288 c:\windows\system32\cryptnet.dll - 2009-07-14 05:01 . 2012-03-02 16:13 395992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-07-02 18:08 395992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-04-18 15:28 . 2012-04-18 15:28 396760 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-8192.dat + 2011-12-15 12:01 . 2011-12-15 12:01 226600 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationHost_v0400.dll + 2012-04-21 09:03 . 2012-04-21 09:03 616024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll + 2011-12-15 11:08 . 2011-12-15 11:08 156440 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.AddIn.dll + 2011-12-15 12:01 . 2011-12-15 12:01 598784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll + 2012-05-08 21:14 . 2012-02-10 23:29 172320 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationHostDLL.dll + 2012-06-13 06:05 . 2012-04-23 22:33 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll + 2012-05-08 21:14 . 2012-01-04 03:34 486144 c:\windows\Microsoft.NET\Framework64\v2.0.50727\SOS.dll + 2011-12-15 11:08 . 2011-12-15 11:08 182056 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationHost_v0400.dll + 2012-04-21 09:03 . 2012-04-21 09:03 616024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll + 2011-12-15 11:08 . 2011-12-15 11:08 156440 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.dll + 2011-12-15 11:08 . 2011-12-15 11:08 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll + 2011-12-15 11:08 . 2011-12-15 11:08 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll + 2011-12-15 11:08 . 2011-12-15 11:08 386824 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll + 2012-05-08 21:14 . 2012-02-10 23:31 131360 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll + 2012-06-13 06:05 . 2012-04-23 22:35 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2012-05-08 21:14 . 2012-01-04 02:51 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2012-05-08 21:14 . 2012-01-04 02:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2012-05-08 21:14 . 2012-01-04 02:50 996624 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll - 2012-02-17 00:27 . 2012-02-17 00:27 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2012-06-13 15:06 . 2012-06-13 15:06 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2012-06-13 15:06 . 2012-06-13 15:06 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll - 2012-02-17 00:27 . 2012-02-17 00:27 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll - 2012-02-17 00:27 . 2012-02-17 00:27 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll + 2012-06-13 15:06 . 2012-06-13 15:06 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll + 2012-06-13 15:06 . 2012-06-13 15:06 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll - 2012-02-17 00:27 . 2012-02-17 00:27 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll - 2012-02-17 00:27 . 2012-02-17 00:27 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2012-06-13 15:06 . 2012-06-13 15:06 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2012-02-17 00:27 . 2012-02-17 00:27 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll + 2012-06-13 15:06 . 2012-06-13 15:06 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll + 2012-06-13 15:06 . 2012-06-13 15:06 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2012-02-17 00:27 . 2012-02-17 00:27 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2012-02-17 00:27 . 2012-02-17 00:27 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll + 2012-06-13 15:06 . 2012-06-13 15:06 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll + 2012-06-13 15:06 . 2012-06-13 15:06 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll - 2012-02-17 00:27 . 2012-02-17 00:27 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll - 2012-02-17 00:27 . 2012-02-17 00:27 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll + 2012-06-13 15:06 . 2012-06-13 15:06 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll + 2012-06-13 15:06 . 2012-06-13 15:06 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2012-02-17 00:27 . 2012-02-17 00:27 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2012-02-17 00:27 . 2012-02-17 00:27 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2012-06-13 15:06 . 2012-06-13 15:06 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2012-02-17 00:27 . 2012-02-17 00:27 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2012-06-13 15:06 . 2012-06-13 15:06 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2012-02-17 00:27 . 2012-02-17 00:27 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll + 2012-06-13 15:06 . 2012-06-13 15:06 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll + 2012-06-13 15:06 . 2012-06-13 15:06 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll - 2012-02-17 00:27 . 2012-02-17 00:27 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll - 2012-02-17 00:27 . 2012-02-17 00:27 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2012-06-13 15:06 . 2012-06-13 15:06 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2012-06-13 15:06 . 2012-06-13 15:06 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2012-02-17 00:27 . 2012-02-17 00:27 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-06-13 15:06 . 2012-06-13 15:06 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll - 2012-02-17 00:27 . 2012-02-17 00:27 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll + 2012-06-13 15:06 . 2012-06-13 15:06 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll - 2012-02-17 00:27 . 2012-02-17 00:27 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll - 2012-02-17 00:27 . 2012-02-17 00:27 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2012-06-13 15:06 . 2012-06-13 15:06 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2012-06-13 15:06 . 2012-06-13 15:06 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll - 2012-02-17 00:27 . 2012-02-17 00:27 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll - 2012-02-17 00:27 . 2012-02-17 00:27 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll + 2012-06-13 15:06 . 2012-06-13 15:06 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll + 2012-06-13 15:06 . 2012-06-13 15:06 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2012-06-13 15:06 . 2012-06-13 15:06 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2012-02-17 00:27 . 2012-02-17 00:27 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2012-02-17 00:27 . 2012-02-17 00:27 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2012-06-13 15:06 . 2012-06-13 15:06 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2012-02-17 00:27 . 2012-02-17 00:27 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll + 2012-06-13 15:06 . 2012-06-13 15:06 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll - 2012-02-17 00:27 . 2012-02-17 00:27 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2012-06-13 15:06 . 2012-06-13 15:06 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2012-02-17 00:27 . 2012-02-17 00:27 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-06-13 15:06 . 2012-06-13 15:06 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-06-13 15:06 . 2012-06-13 15:06 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll - 2012-02-17 00:27 . 2012-02-17 00:27 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll - 2012-02-17 00:27 . 2012-02-17 00:27 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll + 2012-06-13 15:06 . 2012-06-13 15:06 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll + 2012-06-13 15:06 . 2012-06-13 15:06 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2012-02-17 00:27 . 2012-02-17 00:27 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2012-02-17 00:27 . 2012-02-17 00:27 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll + 2012-06-13 15:06 . 2012-06-13 15:06 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll + 2012-06-13 15:06 . 2012-06-13 15:06 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll - 2012-02-17 00:27 . 2012-02-17 00:27 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll + 2012-06-13 15:06 . 2012-06-13 15:06 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll + 2012-06-13 15:06 . 2012-06-13 15:06 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll - 2012-02-17 00:27 . 2012-02-17 00:27 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll + 2012-06-13 15:06 . 2012-06-13 15:06 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2012-02-17 00:27 . 2012-02-17 00:27 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2012-06-13 15:06 . 2012-06-13 15:06 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll - 2012-02-17 00:27 . 2012-02-17 00:27 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll - 2012-02-17 00:27 . 2012-02-17 00:27 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll + 2012-06-13 15:06 . 2012-06-13 15:06 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll - 2012-02-17 00:27 . 2012-02-17 00:27 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll + 2012-06-13 15:06 . 2012-06-13 15:06 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll + 2012-06-13 15:06 . 2012-06-13 15:06 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll - 2012-02-17 00:27 . 2012-02-17 00:27 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll - 2012-02-17 00:27 . 2012-02-17 00:27 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll + 2012-06-13 15:06 . 2012-06-13 15:06 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll + 2012-06-13 15:06 . 2012-06-13 15:06 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll - 2012-02-17 00:27 . 2012-02-17 00:27 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll + 2012-06-13 15:06 . 2012-06-13 15:06 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2012-02-17 00:27 . 2012-02-17 00:27 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2012-06-13 15:06 . 2012-06-13 15:06 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2012-02-17 00:27 . 2012-02-17 00:27 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2012-06-13 15:06 . 2012-06-13 15:06 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll - 2012-02-17 00:27 . 2012-02-17 00:27 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll + 2012-06-13 15:06 . 2012-06-13 15:06 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2012-02-17 00:27 . 2012-02-17 00:27 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2012-02-17 00:27 . 2012-02-17 00:27 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll + 2012-06-13 15:06 . 2012-06-13 15:06 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll - 2012-02-17 00:27 . 2012-02-17 00:27 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll + 2012-06-13 15:06 . 2012-06-13 15:06 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - 2012-02-17 00:27 . 2012-02-17 00:27 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll + 2012-06-13 15:06 . 2012-06-13 15:06 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll - 2012-02-17 00:27 . 2012-02-17 00:27 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-06-13 15:06 . 2012-06-13 15:06 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-06-13 15:06 . 2012-06-13 15:06 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2012-02-17 00:27 . 2012-02-17 00:27 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2012-02-17 00:27 . 2012-02-17 00:27 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll + 2012-06-13 15:06 . 2012-06-13 15:06 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll + 2012-06-13 15:06 . 2012-06-13 15:06 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - 2012-02-17 00:27 . 2012-02-17 00:27 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll + 2012-06-13 15:06 . 2012-06-13 15:06 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll - 2012-02-17 00:27 . 2012-02-17 00:27 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll + 2012-06-13 15:05 . 2012-06-13 15:05 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2012-02-17 00:26 . 2012-02-17 00:26 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2012-02-17 00:26 . 2012-02-17 00:26 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2012-06-13 15:05 . 2012-06-13 15:05 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2012-06-13 15:06 . 2012-06-13 15:06 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2012-02-17 00:27 . 2012-02-17 00:27 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll + 2011-08-28 13:42 . 2012-06-13 15:07 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2011-08-28 13:42 . 2012-02-17 00:24 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2011-08-28 13:42 . 2012-06-13 15:07 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2011-08-28 13:42 . 2012-02-17 00:24 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2011-08-28 13:42 . 2012-02-17 00:24 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2011-08-28 13:42 . 2012-06-13 15:07 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2011-08-28 13:42 . 2012-06-13 15:07 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2011-08-28 13:42 . 2012-02-17 00:24 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2011-08-28 13:42 . 2012-02-17 00:24 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2011-08-28 13:42 . 2012-06-13 15:07 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2011-08-28 13:42 . 2012-06-13 15:07 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2011-08-28 13:42 . 2012-02-17 00:24 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2011-08-28 13:42 . 2012-06-13 15:07 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2011-08-28 13:42 . 2012-02-17 00:24 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2012-03-07 02:01 . 2012-03-07 02:01 217864 c:\windows\Installer\{90120000-006E-0413-0000-0000000FF1CE}\misc.exe - 2011-08-30 01:01 . 2011-08-30 01:01 217864 c:\windows\Installer\{90120000-006E-0413-0000-0000000FF1CE}\misc.exe + 2010-03-18 11:16 . 2010-03-18 11:16 181096 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationHostDLL_X86.dll + 2010-03-18 12:27 . 2010-03-18 12:27 225640 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationHostDLL_AMD64.dll + 2012-02-19 03:03 . 2012-02-19 03:03 949088 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgxpl.dll + 2012-02-22 03:25 . 2012-02-22 03:25 299472 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgtdix.sys + 2012-03-19 03:17 . 2012-03-19 03:17 383808 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgtdia.sys + 2012-03-09 19:39 . 2012-03-09 19:39 980352 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgssff11.dll + 2012-02-14 02:53 . 2012-02-14 02:53 502624 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgsrmx.dll + 2012-02-14 02:53 . 2012-02-14 02:53 951648 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgsrma.dll + 2012-02-14 02:53 . 2012-02-14 02:53 986464 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgscanx.exe + 2012-02-14 02:52 . 2012-02-14 02:52 769376 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgrkta.dll + 2012-02-14 02:53 . 2012-02-14 02:53 168800 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgppa.dll + 2012-02-18 03:04 . 2012-02-18 03:04 122208 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgpp.dll + 2012-02-14 02:52 . 2012-02-14 02:52 103776 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgmvflx.dll + 2012-02-14 02:53 . 2012-02-14 02:53 154464 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgmvfla.dll + 2012-02-20 03:04 . 2012-02-20 03:04 898912 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgdtiex.dll + 2012-02-14 02:52 . 2012-02-14 02:52 382816 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgdecider.dll + 2012-02-14 02:53 . 2012-02-14 02:53 873824 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgcmgr.exe + 2012-02-14 02:52 . 2012-02-14 02:52 630112 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgchjwa.dll + 2012-02-14 02:52 . 2012-02-14 02:52 226656 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgcertx.dll + 2012-02-14 02:52 . 2012-02-14 02:52 330080 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgcerta.dll + 2012-02-14 02:52 . 2012-02-14 02:52 513888 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgapix.dll + 2012-02-14 02:53 . 2012-02-14 02:53 900960 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgapia.dll + 2011-09-15 19:41 . 2011-09-15 19:41 408936 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\WINWORD.EXE + 2007-06-07 17:51 . 2007-06-07 17:51 125320 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\SSGEN.DLL + 2007-06-07 17:51 . 2007-06-07 17:51 465800 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OUTLFLTR.DLL + 2008-03-19 04:27 . 2008-03-19 04:27 661536 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OGALEGIT.DLL + 2000-05-24 04:45 . 2000-05-24 04:45 118784 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\MSSTDFMT.DLL + 2008-10-25 04:18 . 2008-10-25 04:18 172880 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\IEAWSDC.DLL + 2006-10-27 13:35 . 2006-10-27 13:35 436512 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\UMOUTLOOKADDIN.DLL + 2006-10-26 18:13 . 2006-10-26 18:13 764800 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACECNF.DLL + 2012-06-13 23:25 . 2012-06-13 23:25 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\08becdcc9bd647c4e4d07ceea7fe4895\WindowsFormsIntegration.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\fb43d84bc59b21e8a7f3e36d616eea90\UIAutomationTypes.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\26f12a0a3baed2a227cf30aaeae03913\UIAutomationProvider.ni.dll + 2012-05-09 17:02 . 2012-05-09 17:02 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\1c3c298326e9ac14796516ac1da09a16\UIAutomationClient.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\307eea660f877dc40ae90882ce554757\System.Xml.Linq.ni.dll + 2012-05-09 16:59 . 2012-05-09 16:59 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\b4afa252d0f0e27b0b5e8fcb2cc5b3a7\System.Windows.Input.Manipulations.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\8c0ee7b970cc4e8c2986c7898af71661\System.Transactions.ni.dll + 2012-06-13 23:24 . 2012-06-13 23:24 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ca5505a49a075ee7ad2535f89d9ea992\System.ServiceProcess.ni.dll + 2012-05-09 17:01 . 2012-05-09 17:01 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\eb4fb369926faaffede7aaf317fd6532\System.ServiceModel.Channels.ni.dll + 2012-05-09 17:01 . 2012-05-09 17:01 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\e5ab3c37897bb578bdbfe6b7e0558ad8\System.ServiceModel.Routing.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\e48b6a8c491a96d1bc601795532af605\System.Security.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7590828d50338d512b11a4d3f87d69a2\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\21d5b44ef01ccfa69e79674a51707de0\System.Runtime.Remoting.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\5f2bfb0585061dc256ee9587d430959f\System.Numerics.ni.dll + 2012-05-09 17:01 . 2012-05-09 17:01 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\6996a415485a84fef2d2556b0462336f\System.Net.ni.dll + 2012-06-13 23:24 . 2012-06-13 23:24 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\0d8257087be3e57b071d1d5ccd705c2f\System.Messaging.ni.dll + 2012-05-09 17:00 . 2012-05-09 17:00 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\92d266f677605e5475b7f39c063c4a9d\System.Management.Instrumentation.ni.dll + 2012-05-09 17:00 . 2012-05-09 17:00 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\07a0e1efc063042be3e8faf62b413a12\System.IO.Log.ni.dll + 2012-05-09 17:00 . 2012-05-09 17:00 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\7fd39b9a208214e6e5eba4e9396409f1\System.IdentityModel.Selectors.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\8e10d4f2a408dc5a9740f8d0df5cebac\System.EnterpriseServices.Wrapper.dll + 2012-05-09 16:56 . 2012-05-09 16:56 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\521f5bccf74318a4777597b0c01fda1e\System.Dynamic.ni.dll + 2012-05-09 17:00 . 2012-05-09 17:00 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\6a8bd7d373c988a585e90bb61c5ec8cc\System.DirectoryServices.Protocols.ni.dll + 2012-05-09 17:00 . 2012-05-09 17:00 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\78dd02d104bb15bc3820c06bd2876239\System.Device.ni.dll + 2012-05-09 16:59 . 2012-05-09 16:59 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\97d1aaf3733b107ecdbecb9d21050ff4\System.Data.DataSetExtensions.ni.dll + 2012-06-13 23:24 . 2012-06-13 23:24 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\52792a7ce63196551c29f5201562c1ae\System.Configuration.Install.ni.dll + 2012-05-09 16:59 . 2012-05-09 16:59 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\a4f91f2dfd1656ef2e42917963f6bf50\System.ComponentModel.DataAnnotations.ni.dll + 2012-05-09 16:59 . 2012-05-09 16:59 871936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\b1c67ee2e0e6e78c31985069fbc82596\System.AddIn.ni.dll + 2012-05-09 16:59 . 2012-05-09 16:59 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\c69fb0f955adc7ca80cd5f2fd730edea\System.Activities.DurableInstancing.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\11fc863fa4f5092fca4f2ce25a9ac361\SMSvcHost.ni.exe + 2012-05-09 16:58 . 2012-05-09 16:58 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\50e8e826488639e549589ba34666933e\SMDiagnostics.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\722c0236432dd5ccc047481d3ebbd49e\PresentationFramework.Royale.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\6739c3715c9e38dbdfbfd57b424a3094\PresentationFramework.Aero.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\3e7359f5f0fb68565314f88f6ec2d67a\PresentationFramework.Luna.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\263748f3d18955b9e467710da1e8546f\PresentationFramework.Classic.ni.dll + 2012-06-13 15:04 . 2012-06-13 15:04 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\58441b4216f3051caa7041fa1cd9476d\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\097137b03ff37196b4b8ba62db34d64a\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\6480551111832c83ee88bcf756a72533\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\0e81a3996f7cbff23fc01bea4185a918\CustomMarshalers.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\44752ffa92ebb7170951a41898d8b9c6\WindowsFormsIntegration.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\0a80fd3af7e48eb9cc9099fee5814dff\UIAutomationTypes.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\7a9f70fa774076a7ec19bc03e7064d0d\UIAutomationClient.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\c477bbff1e4662263255a1bf17bd9c2a\System.Windows.Input.Manipulations.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dc86fe1c7a6e3a7ce9e9c1f13d9b1e8e\System.ServiceModel.Routing.ni.dll + 2012-05-09 01:08 . 2012-05-09 01:08 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\5a3beae8b211b91bfc620c029cf4c2d4\System.Security.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll + 2012-05-09 01:08 . 2012-05-09 01:08 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd25ddcfa0417d40e3f1385e30abcd6f\System.Net.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\a730931e386537e3c229e049c9a6d271\System.Messaging.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\08397796343d5730a29f42e61c7f6ee7\System.Management.Instrumentation.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\ff1250d2409bd16283c423650d6fd3f6\System.IO.Log.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\e60675d3ba7fa94924489dc8466ebff5\System.IdentityModel.Selectors.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.Wrapper.dll + 2012-05-09 16:48 . 2012-05-09 16:48 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll + 2012-05-09 01:08 . 2012-05-09 01:08 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\a9b1e597aaa263dea2cf8754440bd271\System.Dynamic.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\e41e86da56bb60523251e0e08210a77b\System.DirectoryServices.Protocols.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\94d45f7f28d81304d7fa83bcea849141\System.DirectoryServices.AccountManagement.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\4c50d8a951546d6dffdc8bcb23f47a7b\System.Device.ni.dll + 2012-05-09 16:49 . 2012-05-09 16:49 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\7803f4398a527a87d5cace8023e93e8b\System.Data.DataSetExtensions.ni.dll + 2012-05-09 01:08 . 2012-05-09 01:08 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\c7d60a49e43964b1ae17e9a080376c6d\System.Configuration.Install.ni.dll + 2012-05-09 01:08 . 2012-05-09 01:08 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\877ef74350e6d374ca8f80b489a8cc8e\System.ComponentModel.Composition.ni.dll + 2012-05-09 16:49 . 2012-05-09 16:49 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\4330e93f9d0ef85f1a972e11c2ac5156\System.ComponentModel.DataAnnotations.ni.dll + 2012-05-09 16:49 . 2012-05-09 16:49 624128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\0c67d9fc14856eb7d8b4e405aef79960\System.AddIn.ni.dll + 2012-05-09 16:49 . 2012-05-09 16:49 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\2b046f2d5f056b906d7b25b75ca23575\System.Activities.DurableInstancing.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\4847f66153121ec4ed532909f7c152be\SMSvcHost.ni.exe + 2012-05-09 16:48 . 2012-05-09 16:48 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll + 2012-05-09 01:11 . 2012-05-09 01:11 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ef6e3eb351fe12a5766be7c956c35d95\PresentationFramework.Classic.ni.dll + 2012-05-09 01:11 . 2012-05-09 01:11 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e49a124fdad0f1db135f03a49f18fb48\PresentationFramework.Royale.ni.dll + 2012-05-09 01:11 . 2012-05-09 01:11 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll + 2012-05-09 01:11 . 2012-05-09 01:11 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\141f0a8fbfb83604fa3dd43dbe8fa0f4\PresentationFramework.Luna.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\8cc4dd9babffe370cf375925fba15f84\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\01c5ff7a1ea0463414736df5d449e0a9\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\f11d5fea7ded12068e8cdb8b2f1bdbd9\CustomMarshalers.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\ad7f43afb4f124acae4d503b40f591c1\WsatConfig.ni.exe + 2012-06-13 23:22 . 2012-06-13 23:22 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f4d304fcbfda323997083a1f88b83719\WindowsFormsIntegration.ni.dll + 2012-05-09 01:26 . 2012-05-09 01:26 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\bf634b0e2e28466c6ed6ae1eb602b09f\UIAutomationTypes.ni.dll + 2012-05-09 01:26 . 2012-05-09 01:26 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\1ff8fb81d6f045f1dc6f50be95444292\UIAutomationProvider.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\1f36e020c3563e0ff414f13138e238e1\UIAutomationClient.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\681410f842337dccc72eb059738c3ced\TaskScheduler.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\de45d043775d8c805f6feca40d7a9ed2\System.Xml.Linq.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\72b4992e45d232251a273a59eb3333d5\System.Web.Routing.ni.dll + 2012-05-09 01:28 . 2012-05-09 01:28 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\76662ce36d2141e45513e64386073cc2\System.Web.RegularExpressions.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\b905eb57b631a30c60caa4d68c186963\System.Web.Entity.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\e412dfbf1aa49bbe345a02a4d23104f5\System.Web.Entity.Design.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\815769f953ebe3f84439d522c97317b8\System.Web.DynamicData.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\c8144ee08dccdac183527e53c86aa901\System.Web.Abstractions.ni.dll + 2012-05-09 01:27 . 2012-05-09 01:27 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\ec95ad2463c5588fc8ef552b3f375ee6\System.Transactions.ni.dll + 2012-06-13 22:29 . 2012-06-13 22:29 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll + 2012-05-09 01:25 . 2012-05-09 01:25 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\1875b50d0228f29aef00bed38ab594d6\System.Security.ni.dll + 2012-05-09 01:26 . 2012-05-09 01:26 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\807759890a40e4047c35a24e64dc76d5\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\3b3581851a728bef36f319e9d4c72499\System.Net.ni.dll + 2012-06-13 23:20 . 2012-06-13 23:20 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\d5d612f7d372f500e3062e3814e79d75\System.Messaging.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\599954438a668c94dd38e8e7e506ac2a\System.Management.Instrumentation.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\fd51741bfd973ad507bbd141e98932f8\System.IO.Log.ni.dll + 2012-05-09 16:51 . 2012-05-09 16:51 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\ef6abe121bb11bff2514bfdfb7e76b7a\System.IdentityModel.Selectors.ni.dll + 2012-05-09 01:27 . 2012-05-09 01:27 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.Wrapper.dll + 2012-06-13 22:29 . 2012-06-13 22:29 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\fbc02e9f5a14bb93082ebc88bc577413\System.Drawing.Design.ni.dll + 2012-05-09 01:28 . 2012-05-09 01:28 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\4bb1134d9b166434327385ddf3c5dd54\System.DirectoryServices.Protocols.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\7c4ce1b8a2f83ef29aa6d5f126ab5b71\System.Data.Services.Design.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\19d1414f1ca718ce4d0c07e7305b3450\System.Data.DataSetExtensions.ni.dll + 2012-06-13 22:29 . 2012-06-13 22:29 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\a88ca70ab9641b8236149bc5dd8d1564\System.Configuration.Install.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\9536bb262c4f1ea389d287ab669767d4\System.ComponentModel.DataAnnotations.ni.dll + 2012-05-09 01:28 . 2012-05-09 01:28 890880 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\84262138e2e9f34c88fd282caa82baa5\System.AddIn.ni.dll + 2012-05-09 01:28 . 2012-05-09 01:28 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\176899be7b920fb20408ff49e636a776\System.AddIn.Contract.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\ee0608cd62dfb37016016884fc39e425\sysglobl.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\9fa1abf006689e262527ae50d452e97e\SMSvcHost.ni.exe + 2012-05-09 16:51 . 2012-05-09 16:51 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\2eac9c598de3341eba5c16787c74f220\SMDiagnostics.ni.dll + 2012-05-09 01:28 . 2012-05-09 01:28 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\89de197bdde5984658045ade41c2c9b9\PresentationFramework.Classic.ni.dll + 2012-05-09 01:28 . 2012-05-09 01:28 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\7ffb91db770d0b09921f623bc5d68b4f\PresentationFramework.Luna.ni.dll + 2012-05-09 01:28 . 2012-05-09 01:28 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\4f3567165e2a444fc9a62980c4d0ea82\PresentationFramework.Aero.ni.dll + 2012-05-09 01:28 . 2012-05-09 01:28 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\205bb33cef9ae6b906ceadd6f2861c86\PresentationFramework.Royale.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\2f1bad2fb963482a02443d5e7fece2b6\napsnap.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\bb4947f0ecc925a7bcfd129b6eec8f9b\napinit.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\5f0ae15f9d1cade37fbfaacff7e64bff\naphlpr.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\5346ceca518baf5e5fa3fed9f900f792\napcrypt.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\8f792883d0adad8c7beccf24aed65817\MSBuild.ni.exe + 2012-06-13 23:21 . 2012-06-13 23:21 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\67240ddde494b9cc05cd732ccd099668\MMCFxCommon.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\b78beede8a3c9720095dde4a4a162acc\Microsoft.WSMan.Management.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\83222514e209f186ad3a1c3794168bfd\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\a843956bb452503139683304de4cc8f6\Microsoft.Vsa.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\c56d6513e4b239b1b1dbe29b0588321a\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\fb0d102ca78bd05fe7064b9e6be30fc7\Microsoft.PowerShell.ConsoleHost.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b21fa6ff448b99a97319e18c166c03e2\Microsoft.PowerShell.Security.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6c3fe42a14ac5b48ebd43be290973d24\Microsoft.PowerShell.GraphicalHost.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\2572e94f9d0b412cdc529c8d74fdb689\Microsoft.PowerShell.Commands.Diagnostics.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f04ccbbf5199d2b264f1b1175be44686\Microsoft.MediaCenter.Mheg.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f015188310f7613f819fcf032f98705a\Microsoft.MediaCenter.iTv.Media.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\e29cbd30a31d3c8dae19eb17f70c4ec4\Microsoft.MediaCenter.iTv.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\6dbd502a13b5e3caae0b1f2b4847612f\Microsoft.MediaCenter.Playback.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\514667153fd74307d21e7f50b79858c9\Microsoft.MediaCenter.Interop.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\409dae089f2e041343cff71f822cd505\Microsoft.MediaCenter.ITVVM.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\18367b9a0b9e9261d1d9e371230af87c\Microsoft.MediaCenter.Sports.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\803188573fb19785a94284e097c48a67\Microsoft.ManagementConsole.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\d68a27daca73749e4438a47e61643c3c\Microsoft.Build.Utilities.v3.5.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\3151235c1c38db94fd44e3c6f290ff38\Microsoft.Build.Utilities.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 121344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\cf5e9b5d10682467a9e03358a6d6258f\Microsoft.Build.Framework.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\0f233d0eb396065719e83ab573a72cc5\Microsoft.Build.Framework.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\2416af06edb993f98a751acb69f67016\Microsoft.Build.Conversion.v3.5.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 107520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\69286d5692277a166404cb897a8b2e7a\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\74e4adc90675c3b1365825c7e78b5ce9\Mcx2Dvcs.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 547328 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\4a1f9a648a3928d42b77a91666d9aa8a\mcupdate.ni.exe + 2012-05-09 16:52 . 2012-05-09 16:52 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\40d70417c04f9ccb5fdecb5b9be5a6a3\mcstoredb.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\4ae6ccc32dafb4e3765b9db05585bd48\mcplayerinterop.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\b0db345fd62a84c98fd8b0bf3c72e8bb\mcGlidHostObj.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\3fc113fe40d0145cd87afca2d107bf6d\MCESidebarCtrl.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\bc5df15ee827e248dd6f819874a85718\EventViewer.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\584d419d4c837ea19f7f450a807b0273\ehRecObj.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\20c3505378a50f4859c9b2e7dcbb5fa2\ehiWUapi.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\2f9f48ad6496c9103043db1c21a651fd\ehiwmp.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\0955237aa3c1cb3a643248b8c58ec34c\ehiUserXp.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\7998173654fa518876cc97e37b86d465\ehiiTv.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\6c97aa6908f96ac9816ce74e4f6251ac\ehiExtens.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\a501747a95523297a8a1f119df8b1642\ehiBmlDataCarousel.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 126976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\414bbac4e1d7761a336bb9d74b9b243a\ehiActivScp.ni.dll + 2012-06-13 23:20 . 2012-06-13 23:20 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\08c9aa18b306aa47ddc0ae4a63b05d04\ehExtHost.ni.exe + 2012-05-09 16:51 . 2012-05-09 16:51 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\ff7ef4caed03d6934669d1a39877a8ac\ehCIR.ni.dll + 2012-05-09 16:51 . 2012-05-09 16:51 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\b7916689137fd0bc9ba1ba5a27e2a38a\CustomMarshalers.ni.dll + 2012-05-09 16:51 . 2012-05-09 16:51 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\cc6e6febcd804604bf4d92d0eb8ec6ae\ComSvcConfig.ni.exe + 2012-05-09 16:51 . 2012-05-09 16:51 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\d18719c2df1334364cac199bb9c86adf\BDATunePIA.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\9d60139fdead64a892985181d663989f\WsatConfig.ni.exe + 2012-06-13 23:25 . 2012-06-13 23:25 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\62cec20b82795b936aa2ebe09cf390b3\WindowsLiveLocal.WriterPlugin.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f061177fad83e0d31527ca85a7b9447d\WindowsLive.Writer.FileDestinations.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ebda5533597f76b6f088db06a3c9bf89\WindowsLive.Writer.Controls.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dbbb5914ff727ce0f6793177c4da31ba\WindowsLive.Writer.Interop.SHDocVw.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c9819eac00ff9d58e19599438e5ac742\WindowsLive.Writer.Api.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 891392 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c1c69dc861cc74197d32851f14e7072a\WindowsLive.Writer.HtmlEditor.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a4ebb53e20a38dcf5d65f12abffd64a8\WindowsLive.Writer.Interop.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9b8dc38b0c2427faeb5e306a453d251a\WindowsLive.Writer.BlogClient.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8c2ee846c46973e97e706f39bb72e2e8\WindowsLive.Writer.SpellChecker.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8aaba9a485b995efaac2c1a59051e676\WindowsLive.Writer.Mshtml.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 374272 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\853c1f1b75d33bbc710d95042876c71b\WindowsLive.Writer.Interop.Mshtml.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7039bba7ff166706ab0b2cd61ff38302\WindowsLive.Writer.Instrumentation.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 156672 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4f6aeeee01549f796d40a3af7b166d86\WindowsLive.Writer.HtmlParser.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\26a195621994dccb5a5f9c06ce1e5fd7\WindowsLive.Writer.Extensibility.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0ccb4a3228a1ca615f849ebfe8d4daee\WindowsLive.Writer.BrowserControl.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\ad66e359fad3f5ace031f71737b111a0\WindowsLive.Client.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 185344 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\d8af9a65cf0ed85d47360796e2645a06\UIAutomationTypes.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\779b08c46960a1824503aa6f089673fa\UIAutomationClient.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\f3e052584df9c614407da662dd3c3df3\TaskScheduler.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\64de6810023adccdc56ddae13bdd6b03\System.Xml.Linq.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\06e4119a0a3484bb0ca667a16145ce74\System.Web.Routing.ni.dll + 2012-05-09 01:25 . 2012-05-09 01:25 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\2b129372a27469195acbe3b6b81786ef\System.Web.RegularExpressions.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\4f13c2c06fb97f6659473f02802b377b\System.Web.Extensions.Design.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\bc239944bca7cc6b6ddb473259183c7d\System.Web.Entity.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\3701488fb9e601ebe963db25b784d684\System.Web.Entity.Design.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a09cc9877f51f16a4610b702155e8b70\System.Web.DynamicData.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c6aad1edcc51862ceb26b6b65dad1490\System.Web.Abstractions.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\0b5f082230e3486412e0fa333290e85a\System.Net.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\8280490a2939075b726fd051d9010cc0\System.Management.Instrumentation.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\a03191ed937f6c1dc827b53d94ea0176\System.IO.Log.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\100d39c2f8985cb93e26feef86ba5212\System.IdentityModel.Selectors.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.Wrapper.dll + 2012-05-09 01:24 . 2012-05-09 01:24 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\912a0776c2bfd35ff76bd0b8ba977ed4\System.Drawing.Design.ni.dll + 2012-05-09 01:25 . 2012-05-09 01:25 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\55545e89f96539ef93375524d1145a6f\System.DirectoryServices.Protocols.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\4d73a7649876bb6e54a01ccbf235919b\System.DirectoryServices.AccountManagement.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\4665930daf80e181c25371066401cce1\System.Data.Services.Design.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\5a29fff52e2c3d13ec15e8701027ab17\System.Data.Entity.Design.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\940f62a5d077405e0b324422afb6ff2c\System.Data.DataSetExtensions.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\498d2033c60fe5b777cf923b71b25972\System.Configuration.Install.ni.dll + 2012-05-09 01:28 . 2012-05-09 01:28 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\a90ec436f1d2c5cb0133a53c2e47d61a\System.AddIn.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\1ed79278fe139272e868e3a53d736f22\sysglobl.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\1b0b19607668635281fa260707f4352f\SMSvcHost.ni.exe + 2012-05-09 16:46 . 2012-05-09 16:46 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll + 2012-05-09 01:25 . 2012-05-09 01:25 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ae55e761d480fe15781156d1311a1837\PresentationFramework.Classic.ni.dll + 2012-05-09 01:25 . 2012-05-09 01:25 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll + 2012-05-09 01:25 . 2012-05-09 01:25 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7df1f379457aa5f39183903d115b5479\PresentationFramework.Royale.ni.dll + 2012-05-09 01:25 . 2012-05-09 01:25 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\496bc57a53989bb83ec58865fa34be1d\PresentationFramework.Luna.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\acfafa161ea232928cb02b01c50acf1c\napsnap.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\0abec246c5ca6ec4858bfd3ab84da0ec\napinit.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\e0c40329b9cdd7f141a3702d79eb4bda\naphlpr.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\74a8b6419deb005337a1e43ec2502134\MSBuild.ni.exe + 2012-06-13 23:25 . 2012-06-13 23:25 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\1e03b7c2539c5376f0665a4aba04efbd\MMCFxCommon.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\070505350ec9daa3343b3cd2bc8cf59e\Microsoft.WSMan.Management.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1e639225ba30d7f182b893ddacea506b\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d4c36b363fcd1ca494218e74ba606e99\Microsoft.PowerShell.Commands.Diagnostics.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ba2ca86f5d270f493501848843d2f227\Microsoft.PowerShell.Commands.Management.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\607324a312b1c6d7fbede8300e8cee91\Microsoft.PowerShell.GraphicalHost.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1f1185444c8a12ace85ba4c2d49f41f8\Microsoft.PowerShell.Security.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\12715b7e3e89758161053520b57764b2\Microsoft.PowerShell.ConsoleHost.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\622b582866fca37f113bd97ae4c6d1f6\Microsoft.ManagementConsole.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\7e59b3b84ca3c61adfc0dc74a65ea177\Microsoft.Build.Utilities.v3.5.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\07e346ee0e3f7433f2de7a72fadd6713\Microsoft.Build.Utilities.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\432160eff3b1f9301c6a74c2e647e03d\Microsoft.Build.Engine.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\8297305de86377d0070a983d99a7f943\Microsoft.Build.Conversion.v3.5.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\541a5bb4d0f8490e506f885a4b435566\mcstoredb.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\02577b78c6ed2f9bda301de888dccad8\EventViewer.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\5ae5c6732ef8e7115baaeb66fd69cdd2\ehRecObj.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\c4a5ce4f89c53b9601d13d22d01cf0bf\ehiVidCtl.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\cbf3a07d3ab873b19f47d6a24f06c796\ehiProxy.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\5cc4a5672758f4732ef430b3431f47fc\ehiExtens.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\a6b8eb80cfbdd927b2fa4ecb69fc0209\ehExtHost32.ni.exe + 2012-05-09 16:46 . 2012-05-09 16:46 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\3912b69593af13d0922279a063e5af66\ComSvcConfig.ni.exe + 2012-05-09 16:45 . 2012-05-09 16:45 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\e1c3540ffb669448747187f76c6ebe82\BDATunePIA.ni.dll - 2011-06-28 17:34 . 2010-11-12 23:33 446464 c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_nl_b77a5c561934e089\System.Windows.Forms.resources.dll + 2011-06-28 17:34 . 2010-11-13 00:34 446464 c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_nl_b77a5c561934e089\System.Windows.Forms.resources.dll + 2012-06-13 06:05 . 2012-04-23 22:35 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2011-02-01 23:33 . 2011-02-01 23:33 544768 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Design.resources.dll + 2012-06-13 06:06 . 2010-11-12 23:33 544768 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Design.resources.dll + 2012-05-08 21:14 . 2012-01-04 02:50 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll - 2011-06-06 23:34 . 2010-11-05 01:53 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll - 2011-06-06 23:35 . 2010-11-05 01:53 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll + 2012-05-08 21:14 . 2012-02-10 23:31 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll + 2012-05-27 08:01 . 2012-05-27 08:01 405176 c:\windows\assembly\GAC_MSIL\Newtonsoft.Json.Net20\4.0.0.0__30ad4fe6b2a6aeed\Newtonsoft.Json.Net20.dll + 2012-05-27 08:01 . 2012-05-27 08:01 110232 c:\windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.dll - 2012-01-10 21:47 . 2012-01-10 21:47 110232 c:\windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.dll + 2012-05-27 08:01 . 2012-05-27 08:01 546968 c:\windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack.Shell\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.Shell.dll - 2012-01-10 21:47 . 2012-01-10 21:47 546968 c:\windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack.Shell\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.Shell.dll + 2012-03-07 02:03 . 2012-03-07 02:03 608136 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll + 2012-02-05 12:45 . 2012-04-22 19:39 877952 c:\windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll + 2012-05-08 21:14 . 2012-02-10 23:29 358912 c:\windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll - 2011-06-06 23:35 . 2010-11-05 01:52 358912 c:\windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll + 2012-05-08 21:14 . 2012-02-10 23:31 372736 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll - 2011-06-06 23:35 . 2010-11-05 01:53 372736 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll + 2012-03-07 02:03 . 2012-03-07 02:03 117160 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll + 2012-03-07 02:03 . 2012-03-07 02:03 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll - 2011-08-30 01:03 . 2011-08-30 01:03 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll + 2012-03-07 02:03 . 2012-03-07 02:03 149368 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll + 2012-06-13 14:57 . 2012-05-17 22:35 1129472 c:\windows\SysWOW64\wininet.dll + 2012-06-13 14:57 . 2012-05-17 22:36 1103872 c:\windows\SysWOW64\urlmon.dll + 2012-05-27 08:01 . 2012-03-22 11:43 2557952 c:\windows\SysWOW64\QtCore4.dll + 2012-06-13 06:06 . 2012-05-04 10:03 3913072 c:\windows\SysWOW64\ntoskrnl.exe + 2012-06-13 06:06 . 2012-05-04 10:03 3968368 c:\windows\SysWOW64\ntkrnlpa.exe + 2012-06-13 06:06 . 2012-04-07 11:26 2342400 c:\windows\SysWOW64\msi.dll + 2012-06-13 14:57 . 2012-05-17 22:45 1800192 c:\windows\SysWOW64\jscript9.dll + 2012-06-13 14:57 . 2012-05-17 22:27 1793024 c:\windows\SysWOW64\iertutil.dll + 2012-06-13 14:57 . 2012-05-17 22:48 9737728 c:\windows\SysWOW64\ieframe.dll + 2011-07-07 01:28 . 2011-07-07 01:28 1193320 c:\windows\SysWOW64\FM20.DLL + 2012-05-08 21:15 . 2012-03-03 05:31 1077248 c:\windows\SysWOW64\DWrite.dll + 2012-04-23 22:18 . 2010-05-26 09:41 1998168 c:\windows\SysWOW64\D3DX9_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 1892184 c:\windows\SysWOW64\D3DX9_42.dll + 2012-04-23 22:18 . 2009-03-09 13:27 4178264 c:\windows\SysWOW64\D3DX9_41.dll + 2012-04-23 22:18 . 2008-10-10 02:52 4379984 c:\windows\SysWOW64\D3DX9_40.dll + 2012-04-23 22:18 . 2008-07-10 09:00 3851784 c:\windows\SysWOW64\D3DX9_39.dll + 2012-04-23 22:18 . 2008-05-30 12:11 3850760 c:\windows\SysWOW64\D3DX9_38.dll + 2012-04-23 22:18 . 2008-03-05 13:56 3786760 c:\windows\SysWOW64\D3DX9_37.dll + 2012-04-23 22:18 . 2007-10-12 13:14 3734536 c:\windows\SysWOW64\d3dx9_36.dll + 2012-04-23 22:18 . 2007-07-19 16:14 3727720 c:\windows\SysWOW64\d3dx9_35.dll + 2012-04-23 22:18 . 2007-05-16 14:45 3497832 c:\windows\SysWOW64\d3dx9_34.dll + 2012-04-23 22:17 . 2007-03-12 14:42 3495784 c:\windows\SysWOW64\d3dx9_33.dll + 2012-04-23 22:17 . 2006-09-28 14:05 2414360 c:\windows\SysWOW64\d3dx9_31.dll + 2012-04-23 22:18 . 2010-05-26 09:41 1868128 c:\windows\SysWOW64\d3dcsx_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 5501792 c:\windows\SysWOW64\d3dcsx_42.dll + 2012-04-23 22:18 . 2010-05-26 09:41 2106216 c:\windows\SysWOW64\D3DCompiler_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 1974616 c:\windows\SysWOW64\D3DCompiler_42.dll + 2012-04-23 22:18 . 2008-10-10 02:52 2036576 c:\windows\SysWOW64\D3DCompiler_40.dll + 2012-04-23 22:18 . 2008-07-10 09:00 1493528 c:\windows\SysWOW64\D3DCompiler_39.dll + 2012-04-23 22:18 . 2008-05-30 12:11 1491992 c:\windows\SysWOW64\D3DCompiler_38.dll + 2012-04-23 22:18 . 2008-03-05 13:56 1420824 c:\windows\SysWOW64\D3DCompiler_37.dll + 2012-04-23 22:18 . 2007-10-12 13:14 1374232 c:\windows\SysWOW64\D3DCompiler_36.dll + 2012-04-23 22:18 . 2007-07-19 16:14 1358192 c:\windows\SysWOW64\D3DCompiler_35.dll + 2012-04-23 22:18 . 2007-05-16 14:45 1124720 c:\windows\SysWOW64\D3DCompiler_34.dll + 2012-04-23 22:17 . 2007-03-12 14:42 1123696 c:\windows\SysWOW64\D3DCompiler_33.dll + 2012-06-13 06:06 . 2012-04-24 04:36 1158656 c:\windows\SysWOW64\crypt32.dll + 2012-04-18 11:20 . 2012-04-18 11:20 1000000 c:\windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\Search Enhancement Pack\Search Box Extension\searchhs.dat + 2012-04-18 11:20 . 2010-08-06 22:40 1048064 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Toolbar\Applications\bingrewardsclient.dll + 2012-06-21 15:01 . 2012-06-02 22:15 2622464 c:\windows\system64\wucltux.dll + 2012-06-21 15:01 . 2012-06-02 22:19 2428952 c:\windows\system64\wuaueng.dll + 2012-06-13 14:57 . 2012-05-18 01:59 1392128 c:\windows\system64\wininet.dll + 2012-06-13 06:06 . 2012-05-15 01:32 3146752 c:\windows\system64\win32k.sys + 2012-06-13 14:57 . 2012-05-18 01:59 1346048 c:\windows\system64\urlmon.dll - 2009-07-14 00:03 . 2009-07-14 01:41 1402880 c:\windows\system64\spool\drivers\x64\3\JNWDRV.dll + 2012-05-08 21:14 . 2012-03-31 05:40 1402880 c:\windows\system64\spool\drivers\x64\3\JNWDRV.dll + 2012-03-14 08:47 . 2012-02-17 06:38 1031680 c:\windows\system64\rdpcore.dll - 2011-06-06 23:35 . 2010-11-20 13:27 1031680 c:\windows\system64\rdpcore.dll + 2012-06-13 06:06 . 2012-05-04 11:06 5559664 c:\windows\system64\ntoskrnl.exe + 2012-06-13 06:06 . 2012-04-07 12:31 3216384 c:\windows\system64\msi.dll + 2012-06-13 14:57 . 2012-05-18 02:06 2311680 c:\windows\system64\jscript9.dll + 2012-06-13 14:57 . 2012-05-18 01:54 2144768 c:\windows\system64\iertutil.dll + 2012-05-08 21:15 . 2012-03-03 06:35 1544704 c:\windows\system64\DWrite.dll + 2012-05-08 21:14 . 2012-03-30 11:35 1918320 c:\windows\system64\drivers\tcpip.sys + 2012-04-23 22:18 . 2010-05-26 09:41 2401112 c:\windows\system64\D3DX9_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 2475352 c:\windows\system64\D3DX9_42.dll + 2012-04-23 22:18 . 2009-03-09 13:27 5425496 c:\windows\system64\D3DX9_41.dll + 2012-04-23 22:18 . 2008-10-10 02:52 5631312 c:\windows\system64\D3DX9_40.dll + 2012-04-23 22:18 . 2008-07-10 09:00 4992520 c:\windows\system64\D3DX9_39.dll + 2012-04-23 22:18 . 2008-05-30 12:11 4991496 c:\windows\system64\D3DX9_38.dll + 2012-04-23 22:18 . 2008-03-05 13:56 4910088 c:\windows\system64\D3DX9_37.dll + 2012-04-23 22:18 . 2007-10-12 13:14 5081608 c:\windows\system64\d3dx9_36.dll + 2012-04-23 22:18 . 2007-07-19 16:14 5073256 c:\windows\system64\d3dx9_35.dll + 2012-04-23 22:18 . 2007-05-16 14:45 4496232 c:\windows\system64\d3dx9_34.dll + 2012-04-23 22:17 . 2007-03-12 14:42 4494184 c:\windows\system64\d3dx9_33.dll + 2012-04-23 22:17 . 2006-09-28 14:05 3977496 c:\windows\system64\d3dx9_31.dll + 2012-04-23 22:18 . 2010-05-26 09:41 1907552 c:\windows\system64\d3dcsx_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 5554512 c:\windows\system64\d3dcsx_42.dll + 2012-04-23 22:18 . 2010-05-26 09:41 2526056 c:\windows\system64\D3DCompiler_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 2582888 c:\windows\system64\D3DCompiler_42.dll + 2012-04-23 22:18 . 2009-03-09 13:27 2430312 c:\windows\system64\D3DCompiler_41.dll + 2012-04-23 22:18 . 2008-10-10 02:52 2605920 c:\windows\system64\D3DCompiler_40.dll + 2012-04-23 22:18 . 2008-07-10 09:00 1942552 c:\windows\system64\D3DCompiler_39.dll + 2012-04-23 22:18 . 2008-05-30 12:11 1941528 c:\windows\system64\D3DCompiler_38.dll + 2012-04-23 22:18 . 2008-03-05 13:56 1860120 c:\windows\system64\D3DCompiler_37.dll + 2012-04-23 22:18 . 2007-10-12 13:14 2006552 c:\windows\system64\D3DCompiler_36.dll + 2012-04-23 22:18 . 2007-07-19 16:14 1985904 c:\windows\system64\D3DCompiler_35.dll + 2012-04-23 22:18 . 2007-05-16 14:45 1401200 c:\windows\system64\D3DCompiler_34.dll + 2012-04-23 22:17 . 2007-03-12 14:42 1400176 c:\windows\system64\D3DCompiler_33.dll + 2012-06-13 06:06 . 2012-04-24 05:37 1462272 c:\windows\system64\crypt32.dll + 2012-06-13 14:57 . 2012-05-18 01:59 1392128 c:\windows\system32\wininet.dll + 2012-06-13 06:06 . 2012-05-15 01:32 3146752 c:\windows\system32\win32k.sys + 2012-06-13 14:57 . 2012-05-18 01:59 1346048 c:\windows\system32\urlmon.dll + 2012-05-08 21:14 . 2012-03-31 05:40 1402880 c:\windows\system32\spool\drivers\x64\3\JNWDRV.dll - 2009-07-14 00:03 . 2009-07-14 01:41 1402880 c:\windows\system32\spool\drivers\x64\3\JNWDRV.dll + 2012-03-14 08:47 . 2012-02-17 06:38 1031680 c:\windows\system32\rdpcore.dll - 2011-06-06 23:35 . 2010-11-20 13:27 1031680 c:\windows\system32\rdpcore.dll + 2012-06-13 06:06 . 2012-05-04 11:06 5559664 c:\windows\system32\ntoskrnl.exe + 2012-06-13 06:06 . 2012-04-07 12:31 3216384 c:\windows\system32\msi.dll + 2012-06-13 14:57 . 2012-05-18 02:06 2311680 c:\windows\system32\jscript9.dll + 2012-06-13 14:57 . 2012-05-18 01:54 2144768 c:\windows\system32\iertutil.dll + 2012-05-08 21:15 . 2012-03-03 06:35 1544704 c:\windows\system32\DWrite.dll + 2012-05-08 21:14 . 2012-03-30 11:35 1918320 c:\windows\system32\drivers\tcpip.sys + 2012-04-23 22:18 . 2010-05-26 09:41 2401112 c:\windows\system32\D3DX9_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 2475352 c:\windows\system32\D3DX9_42.dll + 2012-04-23 22:18 . 2009-03-09 13:27 5425496 c:\windows\system32\D3DX9_41.dll + 2012-04-23 22:18 . 2008-10-10 02:52 5631312 c:\windows\system32\D3DX9_40.dll + 2012-04-23 22:18 . 2008-07-10 09:00 4992520 c:\windows\system32\D3DX9_39.dll + 2012-04-23 22:18 . 2008-05-30 12:11 4991496 c:\windows\system32\D3DX9_38.dll + 2012-04-23 22:18 . 2008-03-05 13:56 4910088 c:\windows\system32\D3DX9_37.dll + 2012-04-23 22:18 . 2007-10-12 13:14 5081608 c:\windows\system32\d3dx9_36.dll + 2012-04-23 22:18 . 2007-07-19 16:14 5073256 c:\windows\system32\d3dx9_35.dll + 2012-04-23 22:18 . 2007-05-16 14:45 4496232 c:\windows\system32\d3dx9_34.dll + 2012-04-23 22:17 . 2007-03-12 14:42 4494184 c:\windows\system32\d3dx9_33.dll + 2012-04-23 22:17 . 2006-09-28 14:05 3977496 c:\windows\system32\d3dx9_31.dll + 2012-04-23 22:18 . 2010-05-26 09:41 1907552 c:\windows\system32\d3dcsx_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 5554512 c:\windows\system32\d3dcsx_42.dll + 2012-04-23 22:18 . 2010-05-26 09:41 2526056 c:\windows\system32\D3DCompiler_43.dll + 2012-04-23 22:18 . 2009-09-04 15:29 2582888 c:\windows\system32\D3DCompiler_42.dll + 2012-04-23 22:18 . 2009-03-09 13:27 2430312 c:\windows\system32\D3DCompiler_41.dll + 2012-04-23 22:18 . 2008-10-10 02:52 2605920 c:\windows\system32\D3DCompiler_40.dll + 2012-04-23 22:18 . 2008-07-10 09:00 1942552 c:\windows\system32\D3DCompiler_39.dll + 2012-04-23 22:18 . 2008-05-30 12:11 1941528 c:\windows\system32\D3DCompiler_38.dll + 2012-04-23 22:18 . 2008-03-05 13:56 1860120 c:\windows\system32\D3DCompiler_37.dll + 2012-04-23 22:18 . 2007-10-12 13:14 2006552 c:\windows\system32\D3DCompiler_36.dll + 2012-04-23 22:18 . 2007-07-19 16:14 1985904 c:\windows\system32\D3DCompiler_35.dll + 2012-04-23 22:18 . 2007-05-16 14:45 1401200 c:\windows\system32\D3DCompiler_34.dll + 2012-04-23 22:17 . 2007-03-12 14:42 1400176 c:\windows\system32\D3DCompiler_33.dll + 2012-06-13 06:06 . 2012-04-24 05:37 1462272 c:\windows\system32\crypt32.dll + 2009-07-14 04:45 . 2012-06-23 10:02 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:45 . 2012-02-17 01:04 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2011-05-20 18:46 . 2012-03-02 05:02 1752696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2011-05-20 18:46 . 2012-06-30 18:57 1752696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2011-06-10 23:28 . 2012-07-02 13:29 3119796 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2155248324-3539292037-1374523505-1000-12288.dat + 2012-01-19 11:08 . 2012-01-19 11:08 1369872 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WindowsBase.dll + 2012-01-19 11:08 . 2012-01-19 11:08 6429992 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.dll + 2012-01-19 11:52 . 2012-01-19 11:52 3825952 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationCore.dll + 2012-03-15 11:17 . 2012-03-15 11:17 5029672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll + 2011-12-15 11:08 . 2011-12-15 11:08 3512072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll + 2011-12-15 12:01 . 2011-12-15 12:01 4970768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll + 2011-12-15 12:01 . 2011-12-15 12:01 1455376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll + 2011-12-15 12:01 . 2011-12-15 12:01 1515792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll + 2011-12-15 12:01 . 2011-12-15 12:01 1512712 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll + 2011-12-15 12:01 . 2011-12-15 12:01 9793280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll + 2012-05-08 21:14 . 2012-02-10 23:29 2256152 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - 2011-06-28 17:34 . 2011-03-29 22:32 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll + 2012-06-13 06:06 . 2012-03-21 22:30 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll - 2012-02-16 19:43 . 2011-10-31 23:15 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll + 2012-05-08 21:14 . 2012-01-04 03:34 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll + 2012-06-13 06:06 . 2012-03-21 22:30 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll - 2011-06-06 23:34 . 2010-11-05 01:56 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll + 2012-05-08 21:14 . 2012-01-04 03:34 9992464 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - 2011-10-14 03:05 . 2011-07-08 22:31 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll + 2012-05-08 21:14 . 2012-01-04 03:34 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll + 2012-05-08 21:14 . 2012-01-04 03:34 1577232 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll + 2012-05-08 21:14 . 2012-01-04 03:34 1756432 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscordacwks.dll + 2012-01-19 11:08 . 2012-01-19 11:08 1369872 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll + 2012-01-19 11:08 . 2012-01-19 11:08 6429992 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll + 2012-01-19 11:08 . 2012-01-19 11:08 3790112 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll + 2012-03-15 11:17 . 2012-03-15 11:17 5029672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll + 2011-12-15 11:08 . 2011-12-15 11:08 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll + 2011-12-15 11:08 . 2011-12-15 11:08 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll + 2011-12-15 11:08 . 2011-12-15 11:08 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll + 2011-12-15 11:08 . 2011-12-15 11:08 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll + 2012-05-08 21:14 . 2012-02-10 23:31 1737496 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - 2011-06-28 17:34 . 2011-03-29 22:33 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2012-06-13 06:06 . 2012-03-21 22:32 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2012-05-08 21:14 . 2012-01-04 02:51 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll - 2012-02-16 19:43 . 2011-10-31 23:16 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2012-06-13 06:06 . 2012-03-21 22:32 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll - 2011-06-06 23:34 . 2010-11-05 01:58 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2012-05-08 21:14 . 2012-01-04 02:51 5925136 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - 2011-10-14 03:05 . 2011-07-08 22:33 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2012-05-08 21:14 . 2012-01-04 02:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2012-06-13 15:06 . 2012-06-13 15:06 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll + 2012-06-13 15:06 . 2012-06-13 15:06 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll - 2012-02-17 00:27 . 2012-02-17 00:27 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll + 2012-06-13 15:06 . 2012-06-13 15:06 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll + 2012-06-13 15:06 . 2012-06-13 15:06 5029672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-06-13 15:06 . 2012-06-13 15:06 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll - 2012-02-17 00:27 . 2012-02-17 00:27 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll + 2012-06-13 15:06 . 2012-06-13 15:06 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll - 2012-02-17 00:27 . 2012-02-17 00:27 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll + 2012-06-13 15:06 . 2012-06-13 15:06 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll - 2012-02-17 00:27 . 2012-02-17 00:27 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll + 2012-06-13 15:06 . 2012-06-13 15:06 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll - 2012-02-17 00:27 . 2012-02-17 00:27 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll + 2012-06-13 15:06 . 2012-06-13 15:06 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll - 2012-02-17 00:27 . 2012-02-17 00:27 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll - 2012-02-17 00:27 . 2012-02-17 00:27 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll + 2012-06-13 15:06 . 2012-06-13 15:06 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll + 2012-06-13 15:06 . 2012-06-13 15:06 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll - 2012-02-17 00:27 . 2012-02-17 00:27 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll + 2012-06-13 15:06 . 2012-06-13 15:06 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll - 2012-02-17 00:27 . 2012-02-17 00:27 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll + 2012-06-13 15:06 . 2012-06-13 15:06 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll + 2012-06-13 15:06 . 2012-06-13 15:06 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2012-06-13 15:06 . 2012-06-13 15:06 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll - 2012-02-17 00:27 . 2012-02-17 00:27 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll + 2012-06-13 15:06 . 2012-06-13 15:06 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll + 2012-06-13 15:05 . 2012-06-13 15:05 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - 2012-02-17 00:26 . 2012-02-17 00:26 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll + 2012-06-13 15:06 . 2012-06-13 15:06 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2012-06-13 15:05 . 2012-06-13 15:05 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-06-13 15:06 . 2012-06-13 15:06 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll - 2012-02-17 00:27 . 2012-02-17 00:27 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll + 2012-04-27 06:11 . 2012-04-27 06:11 8451072 c:\windows\Installer\dd1ae5.msi + 2012-05-04 09:43 . 2012-05-04 09:43 8449024 c:\windows\Installer\a55e963.msi + 2011-09-15 17:40 . 2011-09-15 17:40 4760064 c:\windows\Installer\98fbe4.msp + 2011-09-15 17:40 . 2011-09-15 17:40 7959552 c:\windows\Installer\98fbdc.msp + 2011-09-15 17:34 . 2011-09-15 17:34 8499712 c:\windows\Installer\98fbb8.msp + 2012-04-10 20:48 . 2012-04-10 20:48 8399360 c:\windows\Installer\86323.msi + 2012-04-10 20:50 . 2012-04-10 20:50 8544256 c:\windows\Installer\8631b.msi + 2012-04-04 20:38 . 2012-04-04 20:38 2831360 c:\windows\Installer\81c60e1.msp + 2012-04-28 19:44 . 2012-04-28 19:44 9101824 c:\windows\Installer\81c60c9.msp + 2012-04-28 19:44 . 2012-04-28 19:44 9586176 c:\windows\Installer\81c60b1.msp + 2012-04-30 12:38 . 2012-04-30 12:38 5011456 c:\windows\Installer\81c608a.msp + 2012-04-04 20:38 . 2012-04-04 20:38 3620864 c:\windows\Installer\81c604e.msp + 2012-03-15 00:24 . 2012-03-15 00:24 1795584 c:\windows\Installer\81c6036.msp + 2012-04-28 19:43 . 2012-04-28 19:43 8459264 c:\windows\Installer\81c601e.msp + 2012-02-17 06:45 . 2012-02-17 06:45 2299392 c:\windows\Installer\81c6006.msp + 2012-05-29 08:13 . 2012-05-29 08:13 8449024 c:\windows\Installer\69544.msi + 2012-06-12 12:01 . 2012-06-12 12:01 8449024 c:\windows\Installer\68933.msi + 2012-06-19 13:26 . 2012-06-19 13:26 2871808 c:\windows\Installer\5ea47.msi + 2012-05-30 05:17 . 2012-05-30 05:17 5010432 c:\windows\Installer\4569cdc.msp + 2012-04-22 20:46 . 2012-04-22 20:46 1187328 c:\windows\Installer\4569cc5.msp + 2012-03-15 12:26 . 2012-03-15 12:26 4212736 c:\windows\Installer\4569cbb.msp + 2012-05-16 06:28 . 2012-05-16 06:28 8449024 c:\windows\Installer\43e5f.msi + 2012-01-22 08:20 . 2012-01-22 08:20 1707520 c:\windows\Installer\3d3b20.msp + 2012-03-26 22:28 . 2012-03-26 22:28 5009920 c:\windows\Installer\3d3b15.msp + 2012-03-23 12:59 . 2012-03-23 12:59 7899648 c:\windows\Installer\3d3afd.msp + 2011-11-01 11:34 . 2011-11-01 11:34 1169920 c:\windows\Installer\3d3ae5.msp + 2012-02-29 22:45 . 2012-02-29 22:45 4989440 c:\windows\Installer\264d2cb.msp + 2012-05-01 10:08 . 2012-05-01 10:08 9351168 c:\windows\Installer\1dff1.msi + 2011-08-28 13:42 . 2012-06-13 15:07 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - 2011-08-28 13:42 . 2012-02-17 00:24 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - 2011-08-28 13:42 . 2012-02-17 00:24 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2011-08-28 13:42 . 2012-06-13 15:07 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2012-02-19 03:03 . 2012-02-19 03:03 1442656 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgxpla.dll + 2012-02-22 03:27 . 2012-02-22 03:27 1962816 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgwd.dll + 2012-02-16 02:57 . 2012-02-16 02:57 2636640 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avguiadv.dll + 2012-02-18 03:05 . 2012-02-18 03:05 4347744 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgui.exe + 2012-02-16 02:57 . 2012-02-16 02:57 2575712 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgtray.exe + 2012-02-28 09:36 . 2012-02-28 09:36 9460064 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\AVGTBInstall.exe + 2012-02-14 02:53 . 2012-02-14 02:53 1987936 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgssiea.dll + 2012-02-14 02:53 . 2012-02-14 02:53 1408352 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgssie.dll + 2012-02-14 02:53 . 2012-02-14 02:53 1721696 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgscana.exe + 2012-02-23 02:36 . 2012-02-23 02:36 2039648 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgnsa.exe + 2012-02-14 02:52 . 2012-02-14 02:52 5104992 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\AVGIDSAgent.exe + 2012-02-14 02:52 . 2012-02-14 02:52 1601888 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgemca.exe + 2012-02-20 03:04 . 2012-02-20 03:04 1321824 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgdtiea.dll + 2012-02-14 02:53 . 2012-02-14 02:53 2680160 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgdiagex.exe + 2012-02-16 02:57 . 2012-02-16 02:57 1261408 c:\windows\Installer\$PatchCache$\Managed\C2876669BBECA2D46815A520EAAC0843\12.0.2127\avgabout.dll + 2012-04-08 09:27 . 2012-04-08 09:27 5158992 c:\windows\Installer\$PatchCache$\Managed\965E9A3EC929617428117D2DDA4C764E\12.0.2169\AVGIDSAgent.exe + 2011-08-17 08:49 . 2011-08-17 08:49 4683624 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\WRD12CNV.DLL + 2009-10-09 21:10 . 2009-10-09 21:10 2594632 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\VBE6.DLL + 2011-07-07 01:58 . 2011-07-07 01:58 1616240 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\OGL.DLL + 2006-10-26 18:25 . 2006-10-26 18:25 2172688 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\PSRCHFEA.DLL + 2012-05-09 16:57 . 2012-05-09 16:57 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e41f5739292f4771c64a55940369efd2\WindowsBase.ni.dll + 2012-06-13 23:23 . 2012-06-13 23:23 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e286701acf74012d3aa4a21953f03b6b\WindowsBase.ni.dll + 2012-05-09 17:02 . 2012-05-09 17:02 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\6ee9d76d9f1e618cd6fb94b13355bcc9\UIAutomationClientsideProviders.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\28ca4f076264ab07f1d00a6c9623dc49\System.Xml.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\df013cbfec0defc7e9997cdaa90b89bc\System.Xaml.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\950f64ba9fb22ca06c5b2b9cf6f5f4b4\System.Windows.Forms.DataVisualization.ni.dll + 2012-05-09 17:01 . 2012-05-09 17:01 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\bc6df78c506c89659ab7be738179b2ba\System.Web.Services.ni.dll + 2012-05-09 17:01 . 2012-05-09 17:01 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\cd7c3aed4408c3554c30a8f0236b90e1\System.Speech.ni.dll + 2012-05-09 17:01 . 2012-05-09 17:01 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\94289b88c5b494f572cd7114fa995487\System.ServiceModel.Activities.ni.dll + 2012-05-09 17:01 . 2012-05-09 17:01 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\2dbc7aabd92cc0d470acb455c498d919\System.ServiceModel.Discovery.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\affb28e2d9cc3c19de0758e7e8c68e8f\System.Runtime.Serialization.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\b37e6f4b1d742031f328504eb99d0f6c\System.Runtime.DurableInstancing.ni.dll + 2012-06-13 23:24 . 2012-06-13 23:24 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\d2de16284459454472a6875185c64d08\System.Printing.ni.dll + 2012-05-09 16:59 . 2012-05-09 16:59 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\682ea473b36fc9043d982c4f5a667568\System.Printing.ni.dll + 2012-05-09 17:00 . 2012-05-09 17:00 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\b83f2453b4538b2e80fe09cfd94dce00\System.Management.ni.dll + 2012-05-09 17:00 . 2012-05-09 17:00 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\60bf6251873ef465abcebeb9a24b7932\System.IdentityModel.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\8e10d4f2a408dc5a9740f8d0df5cebac\System.EnterpriseServices.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 2303488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\dadeee26c90fecbf3196eba10dc077b4\System.Drawing.ni.dll + 2012-06-13 23:24 . 2012-06-13 23:24 2305024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1225ef41527a975de83f22328d0a3b93\System.Drawing.ni.dll + 2012-05-09 17:00 . 2012-05-09 17:00 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\a68116468a194678fd04167067134712\System.DirectoryServices.AccountManagement.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\3a737af86a6a819af97a6d1a04c0e944\System.DirectoryServices.ni.dll + 2012-06-13 23:24 . 2012-06-13 23:24 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\ad9ff5d55f7ea22e80c39e0ff0240984\System.Deployment.ni.dll + 2012-06-13 15:04 . 2012-06-13 15:04 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\8fce722dc334f83b7695e7f64a629986\System.Deployment.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\0ec8effb7b9d03ae69d37922813bc880\System.Data.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\0eb72df497fad5c273ff16f88b0fb950\System.Data.SqlXml.ni.dll + 2012-05-09 17:00 . 2012-05-09 17:00 1799168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\536e12016ad3adc78e0708b77e6b9219\System.Data.Services.Client.ni.dll + 2012-05-09 17:00 . 2012-05-09 17:00 3386368 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\86553c1d7f3e66c17fc3e0274de7a2de\System.Data.Linq.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\6aea67f24827961ce1d48356715389d8\System.Configuration.ni.dll + 2012-05-09 16:59 . 2012-05-09 16:59 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\eac19ca5a18a6d08cd247e68b618ba68\System.ComponentModel.Composition.ni.dll + 2012-05-09 16:59 . 2012-05-09 16:59 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\3869077874ba987242c791b3a18b2f8b\System.Activities.ni.dll + 2012-06-13 23:24 . 2012-06-13 23:24 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\707f90689caf41ad429bf3ad373503cb\System.Activities.Presentation.ni.dll + 2012-05-09 16:59 . 2012-05-09 16:59 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\96083298999a677341c98fc2bf01b248\System.Activities.Core.Presentation.ni.dll + 2012-05-09 16:59 . 2012-05-09 16:59 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\fe1704ff12348776e6b70dd4a2c69163\ReachFramework.ni.dll + 2012-06-13 23:24 . 2012-06-13 23:24 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\16c9569b75a9f47c38b60ba733936e1a\ReachFramework.ni.dll + 2012-06-13 23:24 . 2012-06-13 23:24 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\9c3d6b3ddef66cac069b6ab1fec514f8\PresentationUI.ni.dll + 2012-06-13 15:04 . 2012-06-13 15:04 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\32bece98175466e5a63d120d96e33269\PresentationUI.ni.dll + 2012-06-13 15:04 . 2012-06-13 15:04 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\f866554cae3c9bf97ef2fa2e90f4ebda\Microsoft.VisualBasic.Compatibility.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\e4d308f69077903e24de92fe4fc06d29\Microsoft.VisualBasic.Compatibility.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\70e2694fe050bd480b9f61f935ca2da5\Microsoft.VisualBasic.ni.dll + 2012-06-13 15:04 . 2012-06-13 15:04 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\44f8907ea08f9c7ff390b17a925a98fd\Microsoft.VisualBasic.ni.dll + 2012-05-09 16:57 . 2012-05-09 16:57 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\16425c121db8083cbaa51f619c9e51e7\Microsoft.VisualBasic.Activities.Compiler.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\5284682fcf04815a86233bcaf696da66\Microsoft.Transactions.Bridge.ni.dll + 2012-05-09 17:01 . 2012-05-09 17:01 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\4b1d24a96b3882f9e77445e48a7c59ee\Microsoft.JScript.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\1ff62486cdefbfc2dab41b686a9aa4e2\Microsoft.CSharp.ni.dll + 2012-06-13 15:06 . 2012-06-13 15:06 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\24ed0e1df6a605cdb2088f87ae2ab8ff\UIAutomationClientsideProviders.ni.dll + 2012-05-09 01:08 . 2012-05-09 01:08 9091584 c:\windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll + 2012-05-09 01:08 . 2012-05-09 01:08 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\7f0476e4df01ca2219f7db531408e91c\System.Windows.Forms.DataVisualization.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\b37cc0aa41e7feaba9f290da4da91d71\System.Web.Services.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\f368c85283c4e6c9650dd1c8d369dcc5\System.Speech.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ec057796972ce41b751eaa3a8306fbcb\System.ServiceModel.Discovery.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 1393152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5055b60e339143bbace5871f5fe4b114\System.ServiceModel.Activities.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\f87f8bc0bc9563096150f23f6c220e7b\System.Printing.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll + 2012-06-13 15:06 . 2012-06-13 15:06 1666048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\0fe1e56d17858b6156a3a46330f75f27\System.DirectoryServices.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\e899cda47704280f54949c69b78c55cc\System.Deployment.ni.dll + 2012-05-09 01:09 . 2012-05-09 01:09 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll + 2012-05-09 01:08 . 2012-05-09 01:08 2550272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\fdb98c6d783fe167c1dc0022f27b7cd6\System.Data.SqlXml.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\b894a1df3e6d58ada8f1aa303465ca23\System.Data.Services.Client.ni.dll + 2012-05-09 01:09 . 2012-05-09 01:09 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\82c0c56ff8259e1440cfd0d5727a26d8\System.Data.Linq.ni.dll + 2012-05-09 01:08 . 2012-05-09 01:08 7069184 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll + 2012-05-09 16:49 . 2012-05-09 16:49 4129280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\51025a1c89f6fd752a5396a059d608b2\System.Activities.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\36299fad6b7b591cfb6bd9e50dbd33df\System.Activities.Presentation.ni.dll + 2012-05-09 16:49 . 2012-05-09 16:49 1546752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\66893548d2b2cad29cabf3b3578f356f\System.Activities.Core.Presentation.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\442af6f7c8b447bdec3ad8d23da89c5a\ReachFramework.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\cf455da9b8fedf66767c1a7ab3eea9c9\PresentationUI.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\42a7f127f3fda82fb12c6a6e144d08c1\Microsoft.VisualBasic.Activities.Compiler.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 1139712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2ed0173a2e75b1a3943bd2d96649a50c\Microsoft.VisualBasic.Compatibility.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09c2f8f606e09d85cfe6e0ad89fbe729\Microsoft.VisualBasic.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9a37f4e64ce5b856ac3892fef064c7de\Microsoft.Transactions.Bridge.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\cfcc92c125ddfaabad24abe61cfc0471\Microsoft.JScript.ni.dll + 2012-05-09 01:09 . 2012-05-09 01:09 1616896 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\9912b6d76c1017b5af6ef24730f550ca\Microsoft.CSharp.ni.dll + 2012-05-09 01:25 . 2012-05-09 01:25 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\783df1ee260d3df406fa80afa38502d4\UIAutomationClientsideProviders.ni.dll + 2012-05-09 01:25 . 2012-05-09 01:25 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\70cc5e8a5a3372fe0b104c1b20392cd2\System.WorkflowServices.ni.dll + 2012-06-13 22:29 . 2012-06-13 22:29 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\aa638ba79250284eb4af4adaa4a4117b\System.Workflow.Runtime.ni.dll + 2012-06-13 22:29 . 2012-06-13 22:29 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\996dc2af3b9e5c111130935f298908c6\System.Workflow.ComponentModel.ni.dll + 2012-06-13 22:29 . 2012-06-13 22:29 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\178797db84abae2eeaed835bd28ca52c\System.Workflow.Activities.ni.dll + 2012-06-13 22:29 . 2012-06-13 22:29 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\a32734087cd0db5607d5744ca63235d7\System.Web.Services.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\af7689e8cbec5d2755497be23c30e293\System.Web.Mobile.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\768ea257d75839979b4efb2d49d653f6\System.Web.Extensions.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\2c47bc5d426a7cf9ffef1425eda08184\System.Web.Extensions.Design.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\ca51f026916139f886519fdf6d6c73e9\System.Speech.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\56ee9b5f220583c1c7374a61ad904044\System.ServiceModel.Web.ni.dll + 2012-05-09 16:51 . 2012-05-09 16:51 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll + 2012-05-09 01:27 . 2012-05-09 01:27 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll + 2012-06-13 22:28 . 2012-06-13 22:28 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\b964519964d302b4977e1380d8d15f1a\System.Printing.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll + 2012-05-09 16:51 . 2012-05-09 16:51 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\d1f21a29e79e73b5401fae156f339f67\System.IdentityModel.ni.dll + 2012-05-09 01:27 . 2012-05-09 01:27 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.ni.dll + 2012-06-13 22:27 . 2012-06-13 22:27 2318848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\39d16229a3d5c6e7c1594ef10758bf75\System.DirectoryServices.AccountManagement.ni.dll + 2012-05-09 01:27 . 2012-05-09 01:27 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\152ef61928f1c300fdad8fa6d5905880\System.DirectoryServices.ni.dll + 2012-06-13 22:27 . 2012-06-13 22:27 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\6e4e9b07f376d445df1718c0011fa99b\System.Deployment.ni.dll + 2012-05-09 01:27 . 2012-05-09 01:27 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\ea1848ec07c70f3d3c3445f4fbdae87a\System.Data.ni.dll + 2012-05-09 01:25 . 2012-05-09 01:25 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\7f6f74f1cc0ea6c40a2d6707b12af818\System.Data.SqlXml.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\0679fe5f3f9164f499e50cdade962ba3\System.Data.Services.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\2e9de1acfb7974cad94b747442ca325f\System.Data.Services.Client.ni.dll + 2012-05-09 01:28 . 2012-05-09 01:28 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\97429a1c70c94c49850be3f944a32a2e\System.Data.OracleClient.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\2ec3d436b861d35c586b710a570e170d\System.Data.Linq.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\b7b5364bc524988f7ca5b8c20a24119d\System.Data.Entity.Design.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\766ce7ee1a2e4f2a85fd90e7572f5d53\System.Core.ni.dll + 2012-05-09 01:19 . 2012-05-09 01:19 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll + 2012-06-13 22:28 . 2012-06-13 22:28 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\1f88a3693c8ddd527a130aff49dc58b3\ReachFramework.ni.dll + 2012-06-13 22:28 . 2012-06-13 22:28 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\b91c32fab08ba62d8c7681cc596895be\PresentationUI.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\4fbff79b8ebf082d08c0080923ff5036\PresentationBuildTasks.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\ac1ba76ed19d668ce53a74593f040453\Narrator.ni.exe + 2012-06-13 23:22 . 2012-06-13 23:22 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\df2557ab1b8e4389d846e13dc82eba57\MMCEx.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\61812970c4743b686a67f28687e1dcb6\MIGUIControls.ni.dll + 2012-06-13 23:22 . 2012-06-13 23:22 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1586ee919f86130df9771cf9b8d95d3a\Microsoft.VisualBasic.ni.dll + 2012-05-09 16:51 . 2012-05-09 16:51 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\28ba52bc122353647f1b547506e2df7c\Microsoft.Transactions.Bridge.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f5790625975320b1ffad63b476da9132\Microsoft.PowerShell.Commands.Management.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\ca7e936eed0de2436d87b2601ee3a20a\Microsoft.PowerShell.Editor.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6caa366471176a065a96d77e8ba01eeb\Microsoft.PowerShell.Commands.Utility.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3040e2de07177c0a6a66a49de61fdc59\Microsoft.PowerShell.GPowerShell.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c057be8bb6614cce013af3721fe34983\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll + 2012-06-13 23:20 . 2012-06-13 23:20 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b2afc0af3d89ae00e973b4e6e9db382c\Microsoft.MediaCenter.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\73bfbdccdc1b0ae87f70a0ec594fee3c\Microsoft.MediaCenter.Bml.ni.dll + 2012-06-13 23:20 . 2012-06-13 23:20 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\653e1ee01f10d658d52ca42e17e74283\Microsoft.MediaCenter.UI.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\260d83ee2128a3388051cf416d4450b0\Microsoft.MediaCenter.Shell.ni.dll + 2012-05-09 16:54 . 2012-05-09 16:54 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\094f6a515ca31504f96b4bad5848d692\Microsoft.JScript.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\dac69844e6333484159a4cf544190906\Microsoft.Ink.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4b362e9e25c33e371f06403edec8849a\Microsoft.Build.Tasks.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\33730d136a34d2f4e56a0322f49ee9b6\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\f1a0df6a86ceb708c5e50338f12b77ba\Microsoft.Build.Engine.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\6b727c7aa69ae3e04a869908bfbae696\Microsoft.Build.Engine.ni.dll + 2012-06-13 23:20 . 2012-06-13 23:20 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\cc4844e7242c1e35d145bf2439f944c5\mcstore.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 4088320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\596902addad034f4df2caf291b12d61d\mcepg.ni.dll + 2012-05-09 16:52 . 2012-05-09 16:52 2184192 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\cdad46cd58389f53308b735e6f29ce1f\ehiVidCtl.ni.dll + 2012-05-09 16:51 . 2012-05-09 16:51 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\0423915e377ec85d71ac216fafa77ab0\ehiProxy.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fe29ec14034fcf7bd83f609ee5327f03\WindowsLive.Writer.Localization.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 1285632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ccb5629a16edaafb40d3bdec51c70451\WindowsLive.Writer.ApplicationFramework.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\81c0c8525a9f6ff5c97e95a331eba69c\WindowsLive.Writer.CoreServices.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 7025152 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\369eb9f2556436aadf9bc93610124d3b\WindowsLive.Writer.PostEditor.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\3b452cde57280624e1085699fe8beb03\UIAutomationClientsideProviders.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 7967232 c:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 5452800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e3e5aa45736b95804bf6bb7eca08a57b\System.WorkflowServices.ni.dll + 2012-06-13 22:31 . 2012-06-13 22:31 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\88bfc62ac0195a8ae673c444a3339505\System.Workflow.Runtime.ni.dll + 2012-06-13 22:31 . 2012-06-13 22:31 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\cfb739be21092d5b8f7b4fde529e6aaa\System.Workflow.ComponentModel.ni.dll + 2012-06-13 22:31 . 2012-06-13 22:31 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\a815fffab98375c1919df68b5b292725\System.Workflow.Activities.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4a90802e36dee6e10d9bf54832cbf549\System.Web.Mobile.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c45efc7ec92c1da8e67eb597559ec39c\System.Web.Extensions.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\83053c3eeb3255672d84c1ddc0ce8ef3\System.Speech.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\991dbe40be5b114ed705bb5b48e6b330\System.Printing.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\a8495b797e6f7adddc5811a4e1f97db5\System.Management.Automation.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2ce8210219c7123610072357358df470\System.IdentityModel.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ef0d8a4790c24a3a091170958bc7b976\System.DirectoryServices.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 6610944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\e2073751227120ce228e00e26dfe5fca\System.Data.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\e9774272e9fc6ca49e6c616a31783040\System.Data.SqlXml.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\3285887b33030a7ce453573d3bed4e95\System.Data.Services.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\330d3ad45a00455b537047183e128def\System.Data.Services.Client.ni.dll + 2012-05-09 01:25 . 2012-05-09 01:25 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\fdfc5f89534872f4e53471d78cb7f151\System.Data.OracleClient.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\2fe1658f05b0a96fe25c956a31d27b06\System.Data.Linq.ni.dll + 2012-05-09 16:48 . 2012-05-09 16:48 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\51a2589d5ee1c9c40fb6c56391570f9e\System.Data.Entity.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\87f73de6e080d37be93adfc7d5c31d7a\ReachFramework.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\163517c8a195fb48f7ef6ee17c585bdb\PresentationUI.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b3f13707cbd5d48aabaa9ef5264c8a30\PresentationBuildTasks.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\17add09c98fa34255142d42697db53df\Narrator.ni.exe + 2012-06-13 23:26 . 2012-06-13 23:26 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\21abde8efab609732b2ade3f05234e79\MMCEx.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\0e7da0df83f0619e3b0e0a7d7ee05fa3\MIGUIControls.ni.dll + 2012-06-13 23:26 . 2012-06-13 23:26 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\cd9e47effec6549cdec61eb3aef99f7c\Microsoft.Transactions.Bridge.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7a1acd4156c9dbdd408dc126e19e2af0\Microsoft.PowerShell.Commands.Utility.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\77b5496d214dd5034294b058c0bb0e8d\Microsoft.PowerShell.GPowerShell.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\72765e5fab12761eb6d3f58180fa34d7\Microsoft.PowerShell.Editor.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\8ce1d10f94b40f054017865757552f2d\Microsoft.MediaCenter.UI.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7fab1ec8f5ed6a55a8a73b2c590bd7cd\Microsoft.MediaCenter.ni.dll + 2012-05-09 16:47 . 2012-05-09 16:47 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\e3d2577e00aef6bc9b3e235eb83634f3\Microsoft.JScript.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\4d381048e3b9c0914c0f72c6aa0a599d\Microsoft.Ink.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3893fa9a19b52dee8b2cc424840d5d08\Microsoft.Build.Tasks.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\1d2250044b1ecff755e26ed12f6d27cb\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6b66f52dbd8f87e53c3c9a1de7ca5bba\Microsoft.Build.Engine.ni.dll + 2012-06-13 23:25 . 2012-06-13 23:25 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\3a4e56a8d1075cf0af0619c383b3e592\mcstore.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\69b8de21b08c3412422c5918399ed702\mcepg.ni.dll + 2012-05-08 21:14 . 2012-02-10 23:31 1253376 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll - 2011-06-06 23:36 . 2010-11-05 01:53 1253376 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll - 2012-02-16 19:43 . 2011-10-31 23:16 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2012-05-08 21:14 . 2012-01-04 02:51 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - 2011-06-28 17:34 . 2011-03-29 22:33 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-06-13 06:06 . 2012-03-21 22:32 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2011-06-06 23:34 . 2010-11-05 01:58 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-06-13 06:06 . 2012-03-21 22:32 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-05-08 21:14 . 2012-02-10 23:31 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll + 2012-05-08 21:14 . 2012-02-10 23:29 2256152 c:\windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll + 2012-05-08 21:14 . 2012-02-10 23:29 3998208 c:\windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - 2011-10-14 03:05 . 2011-07-08 22:31 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-05-08 21:14 . 2012-01-04 03:34 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-05-08 21:14 . 2012-02-10 23:31 1737496 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll + 2012-05-08 21:14 . 2012-02-10 23:31 4218880 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - 2011-06-06 23:36 . 2010-11-05 01:53 4218880 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - 2011-10-14 03:05 . 2011-07-08 22:33 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-05-08 21:14 . 2012-01-04 02:50 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-03-07 02:03 . 2012-03-07 02:03 1279864 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll + 2012-06-13 14:57 . 2012-05-17 23:11 12314624 c:\windows\SysWOW64\mshtml.dll + 2009-07-14 02:34 . 2012-06-21 15:13 10747904 c:\windows\system64\SMI\Store\Machine\SCHEMA.DAT - 2009-07-14 02:34 . 2012-02-17 01:01 10747904 c:\windows\system64\SMI\Store\Machine\SCHEMA.DAT + 2012-06-13 14:57 . 2012-05-18 02:47 17807360 c:\windows\system64\mshtml.dll + 2011-05-23 07:31 . 2012-06-13 15:02 58957832 c:\windows\system64\MRT.exe + 2012-06-13 14:57 . 2012-05-18 02:16 10924032 c:\windows\system64\ieframe.dll - 2009-07-14 02:34 . 2012-02-17 01:01 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2009-07-14 02:34 . 2012-06-21 15:13 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2012-06-13 14:57 . 2012-05-18 02:47 17807360 c:\windows\system32\mshtml.dll + 2011-05-23 07:31 . 2012-06-13 15:02 58957832 c:\windows\system32\MRT.exe + 2012-06-13 14:57 . 2012-05-18 02:16 10924032 c:\windows\system32\ieframe.dll + 2011-05-20 22:06 . 2012-07-02 18:08 62327396 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2155248324-3539292037-1374523505-1000-8192.dat + 2011-05-21 22:29 . 2012-05-04 15:12 66692572 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2155248324-3539292037-1374523505-1000-4096.dat - 2011-05-21 22:29 . 2012-03-02 16:13 66692572 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2155248324-3539292037-1374523505-1000-4096.dat + 2011-11-21 23:42 . 2011-11-21 23:42 33189888 c:\windows\Installer\c4197.msp + 2011-09-15 17:38 . 2011-09-15 17:38 10838528 c:\windows\Installer\98fbd1.msp + 2011-09-15 17:37 . 2011-09-15 17:37 14140416 c:\windows\Installer\98fbc5.msp + 2011-09-15 17:42 . 2011-09-15 17:42 38326272 c:\windows\Installer\98f9ca.msp + 2011-09-15 17:42 . 2011-09-15 17:42 14895104 c:\windows\Installer\98f9a3.msp + 2012-01-19 12:20 . 2012-01-19 12:20 11997696 c:\windows\Installer\81c6099.msp + 2011-12-15 12:54 . 2011-12-15 12:54 39732736 c:\windows\Installer\81c6073.msp + 2012-05-09 01:01 . 2012-05-09 01:01 20343808 c:\windows\Installer\81c5ff0.msp + 2011-09-15 19:42 . 2011-09-15 19:42 18115432 c:\windows\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6612\WWLIB.DLL + 2012-05-09 01:08 . 2012-05-09 01:08 11880448 c:\windows\assembly\NativeImages_v4.0.30319_64\System\935aea6e7eae16674abdd96a68ec97af\System.ni.dll + 2012-06-13 23:24 . 2012-06-13 23:24 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e883d90a0210bf99ca88f3b4ade53a24\System.Windows.Forms.ni.dll + 2012-06-13 15:05 . 2012-06-13 15:05 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\d9f25602d3fabd454ee8f8c0b7cd987f\System.Windows.Forms.ni.dll + 2012-05-09 17:01 . 2012-05-09 17:01 24551936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\c4cc7eb7733c4221c32caccfd66ae320\System.ServiceModel.ni.dll + 2012-05-09 17:00 . 2012-05-09 17:00 18479616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\9df4e7ae75baa7bbb1af30c8061a6e9b\System.Data.Entity.ni.dll + 2012-05-09 16:56 . 2012-05-09 16:56 10440192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\b64f213e823a591607c45fac4997801e\System.Core.ni.dll + 2012-06-13 23:24 . 2012-06-13 23:24 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\a3c3789d54894008501ce5891f1eeb40\PresentationFramework.ni.dll + 2012-05-09 16:58 . 2012-05-09 16:58 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\34c2013b5f730680bd610d6a98d2977f\PresentationFramework.ni.dll + 2012-06-13 23:23 . 2012-06-13 23:23 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\9d69a7a407bbc43a1bcb2da603af5840\PresentationCore.ni.dll + 2012-05-09 16:57 . 2012-05-09 16:57 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\4464e9df7184e3393b4cbb0f6dc286ba\PresentationCore.ni.dll + 2012-05-09 01:08 . 2012-05-09 01:08 19353600 c:\windows\assembly\NativeImages_v4.0.30319_64\mscorlib\6087fce8f76d9af69af496cb10b7d1ee\mscorlib.ni.dll + 2012-06-13 15:06 . 2012-06-13 15:06 13198336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll + 2012-05-09 16:50 . 2012-05-09 16:50 13345792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\7aa839fb16503243d6ae454ab334bcf4\System.Data.Entity.ni.dll + 2012-06-13 15:06 . 2012-06-13 15:06 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll + 2012-06-13 15:06 . 2012-06-13 15:06 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll + 2012-05-09 01:08 . 2012-05-09 01:08 14412800 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll + 2012-05-09 01:19 . 2012-05-09 01:19 10624512 c:\windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll + 2012-06-13 22:28 . 2012-06-13 22:28 17383424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll + 2012-06-13 22:29 . 2012-06-13 22:29 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll + 2012-05-09 16:51 . 2012-05-09 16:51 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\f74b2d1b8cf279ff6bfe479f79e70fe9\System.ServiceModel.ni.dll + 2012-05-09 16:53 . 2012-05-09 16:53 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\00c4a761d0a5cafc00f34d763fe76ac4\System.Management.Automation.ni.dll + 2012-06-13 22:29 . 2012-06-13 22:29 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\582144c0ee317038621aebc626187b56\System.Design.ni.dll + 2012-05-09 16:55 . 2012-05-09 16:55 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\daaff9fe9c85fc171d426a3cb6766dbb\System.Data.Entity.ni.dll + 2012-06-13 22:28 . 2012-06-13 22:28 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll + 2012-06-13 22:27 . 2012-06-13 22:27 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll + 2012-05-09 01:19 . 2012-05-09 01:19 15570944 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll + 2012-06-13 23:21 . 2012-06-13 23:21 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\0c1f96a4136efe532bbb8eb91d3de300\ehshell.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 12436480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll + 2012-05-09 16:46 . 2012-05-09 16:46 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\107779ca2708d2b31b2e1560e47f6d15\System.ServiceModel.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c144f89b1f8f292d6940a1b2f8ffbec\System.Design.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 14340608 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll + 2012-06-13 22:30 . 2012-06-13 22:30 12237824 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll + 2012-05-09 01:24 . 2012-05-09 01:24 11492864 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll + 2011-09-15 17:34 . 2011-09-15 17:34 428804608 c:\windows\Installer\98fbaa.msp . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-04 12:34 2074208 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-06-04 2074208] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-08 98304] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-05-01 3151512] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-06 658424] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-11-01 593920] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-06-04 1107552] . c:\users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 136176] R2 HitmanPro36CrusaderBoot;HitmanPro 3.6 Crusader (Boot);c:\program files\HitmanPro\HitmanPro.exe [x] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 136176] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-01 113120] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-21 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-08 203264] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-04-30 5106744] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-06-04 935008] S2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-05-08 185856] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-08 7767552] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-08 279040] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-08-16 116240] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . Inhoud van de 'Gedeelde Taken' map . 2012-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 11:38] . 2012-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 11:38] . 2012-06-16 c:\windows\Tasks\HPCeeScheduleForYVONNE-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . 2012-06-30 c:\windows\Tasks\HPCeeScheduleForYvonne.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}] 2012-05-08 13:15 201728 ----a-w- c:\program files\Web Assistant\Extension64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to MP3 Converter - c:\users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.1.254 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll FF - ProfilePath - c:\users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - prefs.js: network.proxy.type - 0 . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HitmanPro36CrusaderBoot] "ImagePath"="\"c:\program files\HitmanPro\HitmanPro.exe\" /crusader:boot" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8, 89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8, 7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de "{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4, 91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27 "{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}"=hex:51,66,7a,6c,4c,1d,38,12,81,2d,20, 35,ad,85,e1,00,d0,fd,90,4e,9f,38,f2,ae "{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1, 38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4 "{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39, 64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c "{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40, 69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18 "{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac, 6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96, 76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd, d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47, 2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85 "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16, fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17 "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9, b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b "{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,6b,7c, 1a,82,e9,65,3d,9d,e9,17,af,a2,b0,e5,ab . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:c0,1e,2d,53,55,1d,cd,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\SysWOW64\ezSharedSvcHost.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe . ************************************************************************** . Voltooingstijd: 2012-07-02 20:13:26 - machine werd herstart ComboFix-quarantined-files.txt 2012-07-02 18:13 ComboFix2.txt 2012-03-02 16:18 . Pre-Run: 913.428.520.960 bytes beschikbaar Post-Run: 913.300.541.440 bytes beschikbaar . - - End Of File - - 793E14F4B75AAB142E442B7CF82F1802
  13. Yvontje82
    Hij had toch nog een infectie gevonden :-(, maar die is succesvol verwijderd [TABLE=width: 128] [TR] [TD=colspan: 2]Scan "De hele computer scannen" is voltooid.[/TD] [/TR] [TR] [TD=colspan: 2]Infecties;"1";"1";"0"[/TD] [/TR] [TR] [TD=colspan: 2]Voor scan geselecteerde mappen:;"De hele computer scannen"[/TD] [/TR] [TR] [TD=colspan: 2]Scan is gestart:;"vrijdag 29 juni 2012, 16:55:04"[/TD] [/TR] [TR] [TD=colspan: 2]Scan voltooid:;"vrijdag 29 juni 2012, 17:03:24 (8 min. 20 seconde (n))"[/TD] [/TR] [TR] [TD=colspan: 2]Totaal gescande objecten:;"1551502"[/TD] [/TR] [TR] [TD=colspan: 2]Gebruiker:;"Yvonne"[/TD] [/TR] [TR] [TD][/TD] [TD][/TD] [/TR] [TR] [TD]Infecties[/TD] [TD][/TD] [/TR] [TR] [TD=colspan: 2];"Bestand";"Infectie";"Resultaat"[/TD] [/TR] [TR] [TD=colspan: 2];"C:\ProgramData\ijmmwxfo.exe";"Trojaans paard Downloader.Agent2.BCVI";"Verplaatst naar de quarantaine"[/TD] [/TR] [/TABLE]
  14. Yvontje82
    Hoi Kape, Ja ik bedacht me naderhand inderdaad dat het handiger was geweest om ná het verwijderen van Norton en McAfee een hijackthis-log te maken. Maarja, toen was ik alweer op pad. Bij deze voor de tweede maal: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:27:45, on 28-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\HJT\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro 3.6 Crusader (Boot) (HitmanPro36CrusaderBoot) - Unknown owner - C:\Program Files\HitmanPro\HitmanPro.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11683 bytes
  15. Yvontje82
    Hoi Kape, Ik moet nog even die tools laten draaien voor het verwijderen van de virusscanners, maar heb niet echt veel tijd nu. De virus moest ik er wel even snel afhalen. Hierbij alvast de logjes van Hijackthis en MBAM. Of zou ik weer aparte logjes moeten doen, maar het verwijderen van de overbodige virusscanners? Groetjes Yvonne Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:55:14, on 28-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\HJT\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (file missing) O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro 3.6 Crusader (Boot) (HitmanPro36CrusaderBoot) - Unknown owner - C:\Program Files\HitmanPro\HitmanPro.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12074 bytes Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.orgDatabaseversie: v2012.06.21.10 Windows 7 Service Pack 1 x64 NTFS (Veilige modus) Internet Explorer 9.0.8112.16421 Yvonne :: YVONNE-HP [administrator] 28-6-2012 16:44:03 mbam-log-2012-06-28 (16-44-03).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 233451 Verstreken tijd: 6 minuut/minuten, 1 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Users\Yvonne\0.23471927456506214.exe (Trojan.Agent.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  16. Yvontje82
    Beste Kape, Ik had eerder nog geen tijd om te reageren, maar helaas ben ik in de tussentijd ook getroffen door het UKASH-virus-ding. Graag wil ik ook nog wel even terugkomen op je opmerking dat ik 3 virusscanners heb. Dat klopt inderdaad. Ik dacht dat omdat de abonnementen van die anderen niet verlengd had dat ze dan ook geen functie meer hadden. Maar nu we het er toch over hebben. Kun je me zeggen welke van de 3 het beste is of aangeven waar ik objectieve goed onderbouwde info kan vinden. (AVG is op het moment inderdaad de active scanner) Groetjes Yvonne Hierbij alvast een log van Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:00:14, on 27-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Safe mode Running processes: C:\HJT\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKCU\..\Run: [ijmmwxfotlkqfxp] C:\ProgramData\ijmmwxfo.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro 3.6 Crusader (Boot) (HitmanPro36CrusaderBoot) - Unknown owner - C:\Program Files\HitmanPro\HitmanPro.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12010 bytes ---------- Post toegevoegd om 19:11 ---------- Vorige post was om 19:08 ---------- Nou heb er ook voor de volledigheid ook maar vast een MBAM-log gemaakt: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.orgDatabaseversie: v2012.06.21.10 Windows 7 Service Pack 1 x64 FAT (Veilige modus) Internet Explorer 9.0.8112.16421 Yvonne :: YVONNE-HP [administrator] 27-6-2012 21:02:59 mbam-log-2012-06-27 (21-09-53).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 233458 Verstreken tijd: 6 minuut/minuten, 1 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Users\Yvonne\0.23471927456506214.exe (Trojan.Agent.Gen) -> Geen actie ondernomen. (einde)
  17. Yvontje82
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:17:30, on 22-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAT4ML6W\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro 3.6 Crusader (Boot) (HitmanPro36CrusaderBoot) - Unknown owner - C:\Program Files\HitmanPro\HitmanPro.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12477 bytes
  18. Yvontje82
    Beste, Ik heb vandaag MBAM een volledige scan laten draaien. Hij gaf aan dat er geen detecties waren. (Heb vandaag ook het programma geupdate vóór de scan). Aan het einde krijg ik toch een waarschuwing AVG. Zie de bijgevoegde foto. inmiddels heb ik het bestand in quarantaine geplaatst. Zou je mij kunnen adviseren over te nemen vervolgstappen of ben ik nu toch "gedekt"? Met vriendelijke groet, Yvonne Hierbij de LOG: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.06.21.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Yvonne :: YVONNE-HP [administrator] 21-6-2012 23:23:45 mbam-log-2012-06-21 (23-23-45).txt Scantype: Volledige scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 413755 Verstreken tijd: 58 minuut/minuten, Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  19. Yvontje82
    Hallo, Ik ben blijkbaar iets vergeten te doen (de pc opnieuw opstarten ))) eh sorry) Hier dan het logje: ComboFix 12-03-01.02 - Yvonne 02-03-2012 17:08:16.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2771 [GMT 1:00] Gestart vanuit: c:\users\Yvonne\Desktop\ComboFix.exe AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\~rJqTsIIgix2BHg c:\programdata\~rJqTsIIgix2BHgr c:\programdata\boost_interprocess\20120302164729.125600 c:\programdata\boost_interprocess\20120302164729.125600\Nobu64AgentService c:\programdata\boost_interprocess\20120302164729.125600\Nobu64TrayIcon c:\programdata\rJqTsIIgix2BHg C:\Thumbs.db c:\users\Werner\1-g.jpg c:\users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check c:\users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\System Check.lnk c:\users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\Uninstall System Check.lnk c:\users\Yvonne\Desktop\System Check.lnk c:\users\Yvonne\unhide.exe c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-02 to 2012-03-02 )))))))))))))))))))))))))))))) . . 2012-03-02 16:13 . 2012-03-02 16:13 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-16 19:44 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-16 19:44 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-16 19:44 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-16 19:44 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-16 19:43 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-16 19:43 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-16 19:43 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-16 19:43 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-02-05 12:45 . 2012-02-05 12:45 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-27 22:46 . 2012-01-05 17:48 12872 ----a-w- c:\windows\system32\bootdelete.exe 2012-01-27 22:16 . 2012-01-05 17:38 25160 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys 2012-01-06 05:15 . 2012-01-27 13:02 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1666A426-072C-4E85-8B19-A7C57A7FC154}\mpengine.dll 2011-12-10 14:24 . 2012-01-05 20:50 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-07 09:39 . 2011-07-20 18:14 279096 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-08 98304] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2011-10-12 3151000] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-08-30 61112] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-06 658424] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-11-01 593920] . c:\users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 136176] R2 HitmanPro36CrusaderBoot;HitmanPro 3.6 Crusader (Boot);c:\program files\HitmanPro\HitmanPro.exe [x] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 136176] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207000.00D\SYMDS64.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207000.00D\SYMEFA64.SYS [x] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110701.001\BHDrvx64.sys [2011-05-19 1143416] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110716.031\IDSvia64.sys [2011-07-07 488056] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207000.00D\Ironx64.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207000.00D\SYMNETS.SYS [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe [2011-04-17 130008] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-20 136824] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 11:38] . 2012-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 11:38] . 2012-02-17 c:\windows\Tasks\HPCeeScheduleForYVONNE-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . 2012-02-19 c:\windows\Tasks\HPCeeScheduleForYvonne.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to MP3 Converter - c:\users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HitmanPro36CrusaderBoot] "ImagePath"="\"c:\program files\HitmanPro\HitmanPro.exe\" /crusader:boot" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.0.13\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\SysWOW64\ezSharedSvcHost.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe . ************************************************************************** . Voltooingstijd: 2012-03-02 17:18:02 - machine werd herstart ComboFix-quarantined-files.txt 2012-03-02 16:18 . Pre-Run: 927.900.758.016 bytes beschikbaar Post-Run: 927.808.307.200 bytes beschikbaar . - - End Of File - - 9C0A1F9AB195CA7555B8A371109ED33E
  20. Yvontje82
    Eventueel, als we er zo niet uit komen, kan ik morgen via de pc van iemand anders de log plaatsen. Ik kan de log wel vie 'deze computer' op een Yang plaatsen.
  21. Yvontje82
    Beste, Ik heb niet zo goed nieuws. Combofix is inmiddels klaar en heeft een log gemaakt, maar ik kan nu geen programma's meer openen. Geen internet, geen paint, geen word, geen youtubeconverter, geen calculator. Ik kan de log dan ook niet posten. Gelukkig heb ik wel internet op mijn mobiel . Ik zag aan het begin van combofix dat er een systeemherstelpunt werd aangemaakt. Configuratiescherm kan ik wel nog openen. Ik neem aan dat ik alles weer moet terug zetten. Zie foto voor de meldingen die ik kreeg. Hopelijk is het voldoende leesbaar. In afwachting van een antwoord doe ik nu verder even niets. Met vriendelijke groet, Yvonne
  22. Yvontje82
    Emsisoft Emergency Kit - Versie 1.0 Laatste Update: 3/1/2012 9:25:35 PM Scaninstellingen: Scantype: Diepe Scan Objecten: Geheugen, Sporen, Cookies, C:\, D:\, Q:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan gestart: 3/1/2012 10:00:50 PM C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:2356 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:2467 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:2468 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:2786 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:5997 Ontdekt: Trace.TrackingCookie.ads.pubmatic.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:5999 Ontdekt: Trace.TrackingCookie.ads.pubmatic.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15780 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15788 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15789 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15790 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15791 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15792 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15793 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16620 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16621 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16622 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16623 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16624 Ontdekt: Trace.TrackingCookie.zedo.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16711 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16712 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16713 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\hp\hpqware\Skype\x86\WizInstaller.exe Ontdekt: Virus.Win32.Ramnit!IK C:\hp\hpqware\WT_OemOrigin\x86\WizInstaller.exe Ontdekt: Virus.Win32.Zbot!IK C:\Program Files (x86)\HP Games\Pizza Chef 2\PizzaChef2.exe Ontdekt: Virus.Win32.Zbot!IK C:\Program Files (x86)\HP Games\Pizza Chef 2\wtap.dll Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\APP\Applications\HP\LightScribeLSS\1.18.20.1\HPDC732.exe Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\APP\Applications\HP\PictureMover\3.5\x86\WizInstaller.exe Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSDVD\4.2.1.4725\src\HPDUtil.dll Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSDVD\4.2.1.4725\WizInstaller\x86\WizInstaller.exe Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSDVDMenuPack\4.2.1.4412\WizInstaller\x86\WizInstaller.exe Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSMovieThemes\4.2.1.4412\WizInstaller\x86\WizInstaller.exe Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSMusic\4.2.1.4517\WizInstaller\x86\WizInstaller.exe Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSPhoto\4.2.1.4513\WizInstaller\x86\WizInstaller.exe Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSVideo\4.2.1.4522\WizInstaller\x86\WizInstaller.exe Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\HP\HPSmartMenu\3.1.2.4\HPSmartMenu\WizInstaller\x86\WizInstaller.exe Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\Others\MusicStation\1.0.1.5\Omnifone\WizInstaller\x86\WizInstaller.exe Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\DRV\Graphics\ATI\unified\8.773\src\mfc80u.dll Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\DRV\Graphics\ATI\unified\8.773\src\msvcp80.dll Ontdekt: Virus.Win32.Zbot!IK C:\swsetup\DRV\Graphics\ATI\unified\8.773\src\msvcr80.dll Ontdekt: Virus.Win32.Zbot!IK C:\SYSTEM.SAV\util\HPQSI.exe Ontdekt: Virus.Win32.Zbot!IK C:\Users\Yvonne\AppData\Local\Microsoft\Toolbar\Applications\bingrewardsclient.dll Ontdekt: Virus.Win32.Zbot!IK C:\Users\Yvonne\AppData\Local\Microsoft\Toolbar\BackUp\bingrewardsclient.dll Ontdekt: Virus.Win32.Zbot!IK C:\Users\Yvonne\AppData\Local\Temp\AF42.tmp Ontdekt: Trojan.Win32.Tibs!IK C:\Users\Yvonne\AppData\Local\Temp\mozupd.exe Ontdekt: Trojan.Win32.Tibs!IK C:\Users\Yvonne\AppData\Local\Temp\scrwaxnemo.exe Ontdekt: Trojan.Crypt!IK C:\Users\Yvonne\AppData\Local\Temp\snreoxwcma.exe Ontdekt: Trojan.Crypt!IK C:\Users\Yvonne\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe Ontdekt: Virus.Win32.Ramnit!IK Gescand Bestanden: 432171 Sporen: 405133 Cookies: 475 Processen: 60 Gevonden Bestanden: 26 Sporen: 0 Cookies: 21 Processen: 0 Registersleutels: 0 Scan Geëindigd: 1-3-2012 23:53:23 Scantijd: 1:52:33 C:\Users\Yvonne\AppData\Local\Temp\scrwaxnemo.exe Verwijderd Trojan.Crypt!IK C:\Users\Yvonne\AppData\Local\Temp\snreoxwcma.exe Verwijderd Trojan.Crypt!IK C:\Users\Yvonne\AppData\Local\Temp\AF42.tmp Verwijderd Trojan.Win32.Tibs!IK C:\Users\Yvonne\AppData\Local\Temp\mozupd.exe Verwijderd Trojan.Win32.Tibs!IK C:\hp\hpqware\WT_OemOrigin\x86\WizInstaller.exe Verwijderd Virus.Win32.Zbot!IK C:\Program Files (x86)\HP Games\Pizza Chef 2\PizzaChef2.exe Verwijderd Virus.Win32.Zbot!IK C:\Program Files (x86)\HP Games\Pizza Chef 2\wtap.dll Verwijderd Virus.Win32.Zbot!IK C:\swsetup\APP\Applications\HP\LightScribeLSS\1.18.20.1\HPDC732.exe Verwijderd Virus.Win32.Zbot!IK C:\swsetup\APP\Applications\HP\PictureMover\3.5\x86\WizInstaller.exe Verwijderd Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSDVD\4.2.1.4725\src\HPDUtil.dll Verwijderd Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSDVD\4.2.1.4725\WizInstaller\x86\WizInstaller.exe Verwijderd Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSDVDMenuPack\4.2.1.4412\WizInstaller\x86\WizInstaller.exe Verwijderd Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSMovieThemes\4.2.1.4412\WizInstaller\x86\WizInstaller.exe Verwijderd Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSMusic\4.2.1.4517\WizInstaller\x86\WizInstaller.exe Verwijderd Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSPhoto\4.2.1.4513\WizInstaller\x86\WizInstaller.exe Verwijderd Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\CyberLink\HPMSVideo\4.2.1.4522\WizInstaller\x86\WizInstaller.exe Verwijderd Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\HP\HPSmartMenu\3.1.2.4\HPSmartMenu\WizInstaller\x86\WizInstaller.exe Verwijderd Virus.Win32.Zbot!IK C:\swsetup\APP\Multimedia\Others\MusicStation\1.0.1.5\Omnifone\WizInstaller\x86\WizInstaller.exe Verwijderd Virus.Win32.Zbot!IK C:\swsetup\DRV\Graphics\ATI\unified\8.773\src\mfc80u.dll Verwijderd Virus.Win32.Zbot!IK C:\swsetup\DRV\Graphics\ATI\unified\8.773\src\msvcp80.dll Verwijderd Virus.Win32.Zbot!IK C:\swsetup\DRV\Graphics\ATI\unified\8.773\src\msvcr80.dll Verwijderd Virus.Win32.Zbot!IK C:\SYSTEM.SAV\util\HPQSI.exe Verwijderd Virus.Win32.Zbot!IK C:\Users\Yvonne\AppData\Local\Microsoft\Toolbar\Applications\bingrewardsclient.dll Verwijderd Virus.Win32.Zbot!IK C:\Users\Yvonne\AppData\Local\Microsoft\Toolbar\BackUp\bingrewardsclient.dll Verwijderd Virus.Win32.Zbot!IK C:\hp\hpqware\Skype\x86\WizInstaller.exe Verwijderd Virus.Win32.Ramnit!IK C:\Users\Yvonne\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe Verwijderd Virus.Win32.Ramnit!IK C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16620 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16621 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16622 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16623 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16624 Verwijderd Trace.TrackingCookie.zedo.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15788 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15789 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15790 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15791 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15792 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15793 Verwijderd Trace.TrackingCookie.casalemedia.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:5997 Verwijderd Trace.TrackingCookie.ads.pubmatic.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:5999 Verwijderd Trace.TrackingCookie.ads.pubmatic.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:2786 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:15780 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:2467 Verwijderd Trace.TrackingCookie.doubleclick.net!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:2356 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:2468 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16711 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16712 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\7083eusd.default\cookies.sqlite:16713 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2 Verwijderd Bestanden: 26 Sporen: 0 Cookies: 21
  23. Yvontje82
    Ik niet de melding gekregen zoals hierboven. Maar zie het bijgevoegde plaatje.
  24. Yvontje82
    Ik niet de melding gekregen zoals hierboven. Maar zie het bijgevoegde plaatje.
  25. Yvontje82
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:58:16, on 29-2-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T3VVOS56\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\IPS\IPSBHO.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coIEPlg.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Yvonne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro 3.6 Crusader (Boot) (HitmanPro36CrusaderBoot) - Unknown owner - C:\Program Files\HitmanPro\HitmanPro.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11254 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.