Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Laptop wil FAH niet meer draaien

None
20 antwoorden
  • Nieuw probleem. Kortgeleden nieuwe install van Win7 op laptop.
    Eergisteren FAH opnieuw geïnstalleerd, draaide..Vanmorgen vastloper, ik denk temperatuurgerelateerd. Na reboot FAH met geen mogelijkheid meer te starten. FAH verwijderd, Ccleaner gedraaid, FAH opnieuw gedownload en geïnstalleerd.Hij " toetutniet"In systray staat loading , niet te vinden in taakbeheer.MBAM en HJT gedraaid, hierbij logs
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:14:38, on 20-8-2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Program Files\TeamViewer\Version6\TeamViewer.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\ProgramData\Badoo\Badoo Desktop\1.6.38.1042\Badoo.Desktop.exe
    C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Internetbeveiliging\Common\FSM32.EXE
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Mobile\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Internetbeveiliging\NRS\iescript\baselitmus.dll
    O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Internetbeveiliging\NRS\iescript\baselitmus.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Internetbeveiliging\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Internetbeveiliging\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.38.1042\Badoo.Desktop.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Internetbeveiliging\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\ORSP Client\fsorsp.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe


    End of file - 6347 bytes


    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Databaseversie: 7515

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421

    20-8-2011 10:07:25
    mbam-log-2011-08-20 (10-07-25).txt

    Scantype: Snelle scan
    Objecten gescand: 151900
    Verstreken tijd: 3 minuut/minuten, 26 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
  • Wat is de precieze lokatie waar jij FAH hebt geïnstalleerd!
  • Waar ie zelf wilde , dus op C:Program files
  • Installeer FAH daar weer en verplaats daarna de map naar :

    [b:e0329ffdce]C:\Users\Anjo\AppData\Local[/b:e0329ffdce]

    Daarna heeft FAH-core alle rechten om te werken!
  • Done en t werkt weer. Bedankt voor de hulp in beide draadjes
  • Ik zelf draai al weer een poos geen foldings meer.

    Het schiet niet op om elke voltooide fold te bewaren omdat de server de gemaakte folds niet wil herkennen!
  • Vreemd, ik ben de laatste maanden toch echt van plek 15 naar plek 8 gestegen en vm had ik 1 unit meer, dus bij mij werkt t wel. FAH zegt alleen dat ik 7 processors heb, en dat klopt niet
  • Probleem weer de kop opgestoken. Nieuw FAH in de door jou opgegeven map laten instaleren> noppes. Vraag in FAH draadje gesteld, mss horen we meer
  • Hoi Anjo, vreemde zaak.

    Wil jij het volgende doen:

    [b:f78c6f6484]Welk programma[/b:f78c6f6484]: RSIT
    [b:f78c6f6484]Waarvoor/waarom[/b:f78c6f6484]: geeft een zeer uitgebreid overzicht van Windows
    [b:f78c6f6484]Moeilijkheidsgraad[/b:f78c6f6484]: geen
    [b:f78c6f6484]Downloadlokatie[/b:f78c6f6484]: Dit programma absoluut naar het bureaublad downloaden!
    [b:f78c6f6484]Download RSIT[/b:f78c6f6484] [b:f78c6f6484]hier[/b:f78c6f6484]


    [b:f78c6f6484]Het gebruik van RSIT,[/b:f78c6f6484]
    [list:f78c6f6484][*:f78c6f6484]Windows 2000 en Windows XP: start RSIT middels dubbelklik op RSIT.exe.
    [*:f78c6f6484]Windows Vista en Windows 7: start RSIT middels rechtsklik op RSIT.exe en kies dan voor "Uitvoeren als administrator".[/list:u:f78c6f6484]

    [b:f78c6f6484]Nadat de scan beëindigd is, zullen twee logs openen.[/b:f78c6f6484]
    [list:f78c6f6484][*:f78c6f6484] Post vervolgens de inhoud van 'log.txt' ('log.txt' zal gemaximaliseerd zijn)
    [*:f78c6f6484] Post ook 'info.txt' ('info.txt' zal eerst geminimaliseerd zijn in de Taakbalk)
    [*:f78c6f6484] Indien je [b:f78c6f6484]info.txt[/b:f78c6f6484] niet vindt, kijk dan in C:\rsit er naar.[/list:u:f78c6f6484]
  • Logfile of random's system information tool 1.09 (written by random
    andom)
    Run by Mobile at 2011-08-24 09:05:52
    Microsoft Windows 7 Ultimate Service Pack 1
    System drive C: has 70 GB (70%) free of 101 GB
    Total RAM: 3062 MB (60% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:05:55, on 24-8-2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Program Files\TeamViewer\Version6\TeamViewer.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Internetbeveiliging\Common\FSM32.EXE
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\ProgramData\Badoo\Badoo Desktop\1.6.38.1042\Badoo.Desktop.exe
    C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Users\Mobile\Downloads\RSIT.exe
    C:\Program Files\trend micro\Mobile.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Internetbeveiliging\NRS\iescript\baselitmus.dll
    O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Internetbeveiliging\NRS\iescript\baselitmus.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Internetbeveiliging\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Internetbeveiliging\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.38.1042\Badoo.Desktop.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Internetbeveiliging\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\ORSP Client\fsorsp.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe


    End of file - 6306 bytes

    =========Mozilla firefox=========

    ProfilePath - C:\Users\Mobile\AppData\Roaming\Mozilla\Firefox\Profiles\rggnvhm4.default

    prefs.js - "browser.startup.homepage" - "http://www.google.nl/"

    "litmus-ff@f-secure.com"=C:\Program Files\Internetbeveiliging\NRS\litmus-ff@f-secure.com


    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
    "Description"=Adobe® Flash® Player 10.1 Plugin
    "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
    "Description"=
    "Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins
    pFoxitReaderPlugin.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
    "Description"=
    "Path"=disabled

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
    "Description"=Ag Player Plugin
    "Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0
    pctrl.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
    "Description"=Office Authorization plug-in for NPAPI browsers
    "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
    "Description"=Microsoft SharePoint Plug-in for Firefox
    "Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.11]
    "Description"=VLC Multimedia Plugin
    "Path"=C:\Program Files\VideoLAN\VLC
    pvlc.dll

    C:\Program Files\Mozilla Firefox\extensions\
    {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    {972ce4c6-7e08-4474-a285-3208198ce6fd}

    C:\Program Files\Mozilla Firefox\components\
    binary.manifest
    browsercomps.dll

    C:\Program Files\Mozilla Firefox\searchplugins\
    bing.xml
    bolcom-nl.xml
    google.xml
    marktplaats-nl.xml
    vandale-nl.xml
    wikipedia-nl.xml

    C:\Users\Mobile\AppData\Roaming\Mozilla\Firefox\Profiles\rggnvhm4.default\searchplugins\
    badoo.xml

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
    Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}]
    Browsing Protection Class - C:\Program Files\Internetbeveiliging\NRS\iescript\baselitmus.dll [2011-08-23 545448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files\Internetbeveiliging\NRS\iescript\baselitmus.dll [2011-08-23 545448]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
    "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
    "Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
    "F-Secure Manager"=C:\Program Files\Internetbeveiliging\Common\FSM32.EXE [2009-08-05 199264]
    "F-Secure TNB"=C:\Program Files\Internetbeveiliging\FSGUI\TNBUtil.exe [2009-08-05 2349664]
    "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-06-09 10082920]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2011-05-13 4283256]
    "Badoo Desktop"=C:\ProgramData\Badoo\Badoo Desktop\1.6.38.1042\Badoo.Desktop.exe [2011-08-04 1042944]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
    C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
    C:\Program Files\Innovative Solutions\DriverMax\devices.exe [2011-07-22 9245096]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
    C:\Program Files\Innovative Solutions\DriverMax\devices.exe [2011-07-22 9245096]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Google Calendar Sync.lnk - C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=credssp.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\AFD]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=5
    "ConsentPromptBehaviorUser"=3
    "EnableUIADesktopToggle"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
    "vidc.mrle"=msrle32.dll
    "vidc.msvc"=msvidc32.dll
    "msacm.imaadpcm"=imaadp32.acm
    "msacm.msg711"=msg711.acm
    "msacm.msgsm610"=msgsm32.acm
    "msacm.msadpcm"=msadp32.acm
    "midimapper"=midimap.dll
    "wavemapper"=msacm32.drv
    "vidc.uyvy"=msyuv.dll
    "vidc.yuy2"=msyuv.dll
    "vidc.yvyu"=msyuv.dll
    "vidc.iyuv"=iyuv_32.dll
    "vidc.i420"=iyuv_32.dll
    "vidc.yvu9"=tsbyuv.dll
    "msacm.l3acm"=C:\Windows\System32\l3codeca.acm
    "vidc.cvid"=iccvid.dll
    "msacm.siren"=sirenacm.dll
    "wave"=wdmaud.drv
    "midi"=wdmaud.drv
    "mixer"=wdmaud.drv
    "aux"=wdmaud.drv

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 3 months======

    2011-08-24 09:02:38 —-D—- C:\rsit
    2011-08-24 09:02:38 —-D—- C:\Program Files\trend micro
    2011-08-22 09:26:09 —-D—- C:\Program Files\GRIB.US
    2011-08-20 17:51:30 —-A—- C:\Windows\system32\unitinfo.txt
    2011-08-20 17:51:11 —-A—- C:\Windows\system32\FahCore_a4.exe
    2011-08-20 17:50:50 —-D—- C:\Windows\system32\work
    2011-08-20 17:50:50 —-A—- C:\Windows\system32\queue.dat
    2011-08-20 17:48:43 —-A—- C:\Windows\system32\FAHlog.txt
    2011-08-20 17:43:13 —-D—- C:\Program Files\Folding@home
    2011-08-20 09:55:07 —-D—- C:\Windows\system32\appmgmt
    2011-08-19 19:31:55 —-D—- C:\Users\Mobile\AppData\Roaming\Folding@home-x86
    2011-08-16 07:24:03 —-D—- C:\Users\Mobile\AppData\Roaming\dvdcss
    2011-08-15 10:03:54 —-D—- C:\Program Files\Realtek
    2011-08-15 10:03:53 —-D—- C:\Windows\system32\RTCOM
    2011-08-15 09:53:41 —-D—- C:\Program Files\CONEXANT
    2011-08-15 09:51:36 —-A—- C:\Windows\system32\drivers\LNonPnP.sys
    2011-08-15 09:48:32 —-A—- C:\Windows\system32\LkmdfCoInst.dll
    2011-08-15 09:48:32 —-A—- C:\Windows\system32\drivers\LUsbFilt.sys
    2011-08-15 09:48:22 —-A—- C:\Windows\system32\WavesLib.dll
    2011-08-15 09:48:21 —-A—- C:\Windows\system32\WavesGUILib.dll
    2011-08-15 09:48:21 —-A—- C:\Windows\system32\SRSWOW.dll
    2011-08-15 09:48:20 —-A—- C:\Windows\system32\SRSTSXT.dll
    2011-08-15 09:48:20 —-A—- C:\Windows\system32\SRSTSHD.dll
    2011-08-15 09:48:20 —-A—- C:\Windows\system32\SRSHP360.dll
    2011-08-15 09:48:20 —-A—- C:\Windows\system32\SFNHK.dll
    2011-08-15 09:48:20 —-A—- C:\Windows\system32\SFCOM.dll
    2011-08-15 09:48:19 —-A—- C:\Windows\system32\SFAPO.dll
    2011-08-15 09:48:18 —-A—- C:\Windows\system32\RtkPgExt.dll
    2011-08-15 09:48:18 —-A—- C:\Windows\system32\drivers\RTKVHDA.sys
    2011-08-15 09:48:17 —-A—- C:\Windows\system32\RtkCoInst.dll
    2011-08-15 09:48:16 —-A—- C:\Windows\system32\RtkApoApi.dll
    2011-08-15 09:48:16 —-A—- C:\Windows\system32\RtkAPO.dll
    2011-08-15 09:48:13 —-A—- C:\Windows\system32\RTEEP32A.dll
    2011-08-15 09:48:13 —-A—- C:\Windows\system32\RTEEL32A.dll
    2011-08-15 09:48:13 —-A—- C:\Windows\system32\RTEEG32A.dll
    2011-08-15 09:48:13 —-A—- C:\Windows\system32\RTEED32A.dll
    2011-08-15 09:48:12 —-A—- C:\Windows\system32\RP3DHT32.dll
    2011-08-15 09:48:12 —-A—- C:\Windows\system32\RP3DAA32.dll
    2011-08-15 09:48:12 —-A—- C:\Windows\system32\RCoRes.dat
    2011-08-15 09:48:12 —-A—- C:\Windows\system32\R4EEP32A.dll
    2011-08-15 09:48:12 —-A—- C:\Windows\system32\R4EEL32A.dll
    2011-08-15 09:48:12 —-A—- C:\Windows\system32\R4EEG32A.dll
    2011-08-15 09:48:11 —-A—- C:\Windows\system32\R4EED32A.dll
    2011-08-15 09:48:11 —-A—- C:\Windows\system32\R4EEA32A.dll
    2011-08-15 09:48:11 —-A—- C:\Windows\system32\MaxxVolumeSDAPO.dll
    2011-08-15 09:48:11 —-A—- C:\Windows\system32\MaxxAudioRealtek.dll
    2011-08-15 09:48:11 —-A—- C:\Windows\system32\MaxxAudioEQ.dll
    2011-08-15 09:48:10 —-A—- C:\Windows\system32\MaxxAudioAPO30.dll
    2011-08-15 09:48:10 —-A—- C:\Windows\system32\MaxxAudioAPO20.dll
    2011-08-15 09:48:10 —-A—- C:\Windows\system32\MaxxAudioAPO.dll
    2011-08-15 09:48:09 —-A—- C:\Windows\system32\KAAPORT.dll
    2011-08-15 09:48:09 —-A—- C:\Windows\system32\FMAPO.dll
    2011-08-15 09:48:08 —-A—- C:\Windows\system32\DTSVoiceClarityDLL.dll
    2011-08-15 09:48:08 —-A—- C:\Windows\system32\DTSSymmetryDLL.dll
    2011-08-15 09:48:08 —-A—- C:\Windows\system32\DTSS2SpeakerDLL.dll
    2011-08-15 09:48:08 —-A—- C:\Windows\system32\DTSS2HeadphoneDLL.dll
    2011-08-15 09:48:07 —-A—- C:\Windows\system32\DTSNeoPCDLL.dll
    2011-08-15 09:48:07 —-A—- C:\Windows\system32\DTSLimiterDLL.dll
    2011-08-15 09:48:07 —-A—- C:\Windows\system32\DTSLFXAPO.dll
    2011-08-15 09:48:07 —-A—- C:\Windows\system32\DTSGFXAPONS.dll
    2011-08-15 09:48:07 —-A—- C:\Windows\system32\DTSGFXAPO.dll
    2011-08-15 09:48:07 —-A—- C:\Windows\system32\DTSGainCompensatorDLL.dll
    2011-08-15 09:48:06 —-A—- C:\Windows\system32\DTSBoostDLL.dll
    2011-08-15 09:48:06 —-A—- C:\Windows\system32\DTSBassEnhancementDLL.dll
    2011-08-15 09:48:05 —-A—- C:\Windows\system32\AERTARen.dll
    2011-08-15 09:48:05 —-A—- C:\Windows\system32\AERTACap.dll
    2011-08-15 09:48:04 —-A—- C:\Windows\system32\XAudio32.dll
    2011-08-15 09:48:04 —-A—- C:\Windows\system32\LMouFiltCoInst.dll
    2011-08-15 09:48:04 —-A—- C:\Windows\system32\drivers\XAudio32.sys
    2011-08-15 09:48:04 —-A—- C:\Windows\system32\drivers\LMouFilt.Sys
    2011-08-15 09:48:04 —-A—- C:\Windows\system32\drivers\LHidFilt.Sys
    2011-08-15 09:48:03 —-A—- C:\Windows\system32\UCI32M41.dll
    2011-08-15 09:48:03 —-A—- C:\Windows\system32\mdmxsdk.dll
    2011-08-15 09:48:03 —-A—- C:\Windows\system32\drivers\mdmxsdk.sys
    2011-08-15 09:48:03 —-A—- C:\Windows\system32\drivers\HSX_DPV.sys
    2011-08-15 09:48:02 —-A—- C:\Windows\system32\drivers\HSXHWAZL.sys
    2011-08-15 09:48:02 —-A—- C:\Windows\system32\drivers\HSX_CNXT.sys
    2011-08-15 09:48:02 —-A—- C:\Windows\system32\drivers\athr.sys
    2011-08-15 09:48:01 —-A—- C:\Windows\system32\drivers\b57nd60x.sys
    2011-08-15 09:00:28 —-D—- C:\ProgramData\Innovative Solutions
    2011-08-15 09:00:14 —-D—- C:\Program Files\Innovative Solutions
    2011-08-14 10:13:05 —-D—- C:\ProgramData\Stentec
    2011-08-14 10:13:05 —-D—- C:\Program Files\Stentec
    2011-08-13 10:50:40 —-D—- C:\Windows\pss
    2011-08-13 10:39:58 —-D—- C:\Program Files\NT Registry Optimizer
    2011-08-13 10:33:22 —-D—- C:\Users\Mobile\AppData\Roaming\Auslogics
    2011-08-13 10:33:17 —-D—- C:\Program Files\Auslogics
    2011-08-13 10:20:39 —-D—- C:\Users\Mobile\AppData\Roaming\Malwarebytes
    2011-08-13 10:20:35 —-A—- C:\Windows\system32\drivers\mbamswissarmy.sys
    2011-08-13 10:20:34 —-D—- C:\ProgramData\Malwarebytes
    2011-08-13 10:20:30 —-D—- C:\Program Files\Malwarebytes' Anti-Malware
    2011-08-13 10:20:30 —-A—- C:\Windows\system32\drivers\mbam.sys
    2011-08-13 10:19:10 —-D—- C:\Program Files\Foxit Software
    2011-08-13 10:18:04 —-D—- C:\Users\Mobile\AppData\Roaming\WinRAR
    2011-08-13 10:17:57 —-D—- C:\Program Files\WinRAR
    2011-08-13 08:21:09 —-D—- C:\Users\Mobile\AppData\Roaming\Sync App Settings
    2011-08-13 08:20:50 —-D—- C:\ProgramData\Sync App Settings
    2011-08-11 07:22:57 —-D—- C:\ProgramData\Badoo
    2011-08-10 22:33:00 —-A—- C:\Windows\system32\mshtmled.dll
    2011-08-10 22:32:59 —-A—- C:\Windows\system32\ieui.dll
    2011-08-10 22:32:59 —-A—- C:\Windows\system32\iertutil.dll
    2011-08-10 22:32:58 —-A—- C:\Windows\system32\jsproxy.dll
    2011-08-10 22:32:58 —-A—- C:\Windows\system32\jscript9.dll
    2011-08-10 22:32:58 —-A—- C:\Windows\system32\jscript.dll
    2011-08-10 22:32:57 —-A—- C:\Windows\system32\wininet.dll
    2011-08-10 22:32:57 —-A—- C:\Windows\system32\urlmon.dll
    2011-08-10 22:32:57 —-A—- C:\Windows\system32\url.dll
    2011-08-10 22:32:56 —-A—- C:\Windows\system32\ieframe.dll
    2011-08-10 22:32:55 —-A—- C:\Windows\system32\mshtml.dll
    2011-08-10 12:06:49 —-A—- C:\Windows\system32\xmllite.dll
    2011-08-10 12:06:46 —-A—- C:\Windows\system32
    toskrnl.exe
    2011-08-10 12:06:45 —-A—- C:\Windows\system32
    tkrnlpa.exe
    2011-08-10 12:06:42 —-A—- C:\Windows\system32\drivers\mrxsmb10.sys
    2011-08-10 12:06:41 —-A—- C:\Windows\system32\drivers\tcpip.sys
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2011-08-10 12:06:37 —-AH—- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2011-08-10 12:06:37 —-A—- C:\Windows\system32\winsrv.dll
    2011-08-10 12:06:37 —-A—- C:\Windows\system32\KernelBase.dll
    2011-08-10 12:06:37 —-A—- C:\Windows\system32\kernel32.dll
    2011-08-10 12:06:37 —-A—- C:\Windows\system32\conhost.exe
    2011-08-10 12:06:36 —-AH—- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2011-08-10 12:06:36 —-AH—- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2011-08-10 12:06:36 —-AH—- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2011-08-10 12:06:36 —-AH—- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2011-08-10 12:06:36 —-AH—- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2011-08-10 12:06:36 —-AH—- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2011-08-10 12:06:36 —-AH—- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2011-08-10 12:06:35 —-A—- C:\Windows\system32\odbctrac.dll
    2011-08-10 12:06:35 —-A—- C:\Windows\system32\odbcjt32.dll
    2011-08-10 12:06:35 —-A—- C:\Windows\system32\odbccu32.dll
    2011-08-10 12:06:35 —-A—- C:\Windows\system32\odbccr32.dll
    2011-08-10 12:06:35 —-A—- C:\Windows\system32\odbccp32.dll
    2011-08-08 23:14:11 —-D—- C:\Users\Mobile\AppData\Roaming\vlc
    2011-08-08 19:25:28 —-D—- C:\Windows\system32\SPReview
    2011-08-08 19:24:50 —-D—- C:\Windows\system32\EventProviders
    2011-08-08 19:21:25 —-D—- C:\Program Files\CCleaner
    2011-08-08 19:19:59 —-A—- C:\Windows\system32\dfshim.dll
    2011-08-08 19:19:52 —-A—- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2011-08-08 19:19:52 —-A—- C:\Windows\system32\mstscax.dll
    2011-08-08 19:19:52 —-A—- C:\Windows\system32\LSCSHostPolicy.dll
    2011-08-08 19:19:52 —-A—- C:\Windows\system32\drivers\TsUsbFlt.sys
    2011-08-08 19:19:46 —-A—- C:\Windows\system32\d3d10warp.dll
    2011-08-08 19:19:45 —-A—- C:\Windows\system32\mfc40u.dll
    2011-08-08 19:19:45 —-A—- C:\Windows\system32\mfc40.dll
    2011-08-08 19:19:44 —-A—- C:\Windows\system32\tssrvlic.dll
    2011-08-08 19:19:44 —-A—- C:\Windows\system32\RDVGHelper.exe
    2011-08-08 19:19:44 —-A—- C:\Windows\system32\rdpcorets.dll
    2011-08-08 19:19:43 —-A—- C:\Windows\system32\sysmain.dll
    2011-08-08 19:19:42 —-A—- C:\Windows\system32\secproc_isv.dll
    2011-08-08 19:19:41 —-A—- C:\Windows\system32\shell32.dll
    2011-08-08 19:19:39 —-A—- C:\Windows\system32\RMActivate_isv.exe
    2011-08-08 19:19:38 —-A—- C:\Windows\system32\secproc.dll
    2011-08-08 19:19:32 —-A—- C:\Windows\system32\RMActivate.exe
    2011-08-08 19:19:30 —-A—- C:\Windows\system32\spwizui.dll
    2011-08-08 19:19:30 —-A—- C:\Windows\system32\mscoree.dll
    2011-08-08 19:19:29 —-A—- C:\Windows\system32\mf.dll
    2011-08-08 19:19:28 —-A—- C:\Windows\system32\mcupdate_GenuineIntel.dll
    2011-08-08 19:19:27 —-A—- C:\Windows\system32\CertEnroll.dll
    2011-08-08 19:19:26 —-A—- C:\Windows\system32\wmp.dll
    2011-08-08 19:19:25 —-A—- C:\Windows\system32\PresentationHostProxy.dll
    2011-08-08 19:19:25 —-A—- C:\Windows\system32\PresentationHost.exe
    2011-08-08 19:19:25 —-A—- C:\Windows\system32\drivers\msiscsi.sys
    2011-08-08 19:19:24 —-A—- C:\Windows\system32\drivers\hwpolicy.sys
    2011-08-08 19:19:23 —-A—- C:\Windows\system32\schedsvc.dll
    2011-08-08 19:19:22 —-A—- C:\Windows\system32\RacEngn.dll
    2011-08-08 19:19:21 —-A—- C:\Windows\system32
    tdll.dll
    2011-08-08 19:19:21 —-A—- C:\Windows\system32\AuthFWSnapin.dll
    2011-08-08 19:19:20 —-A—- C:\Windows\system32\rdpudd.dll
    2011-08-08 19:19:20 —-A—- C:\Windows\system32\rdpdd.dll
    2011-08-08 19:19:19 —-A—- C:\Windows\system32\qmgr.dll
    2011-08-08 19:19:17 —-A—- C:\Windows\system32\ExplorerFrame.dll
    2011-08-08 19:19:16 —-A—- C:\Windows\system32\wevtsvc.dll
    2011-08-08 19:19:16 —-A—- C:\Windows\system32\ole32.dll
    2011-08-08 19:19:15 —-A—- C:\Windows\system32\vssapi.dll
    2011-08-08 19:19:15 —-A—- C:\Windows\system32\SearchFolder.dll
    2011-08-08 19:19:14 —-A—- C:\Windows\system32\taskschd.dll
    2011-08-08 19:19:14 —-A—- C:\Windows\system32\IKEEXT.DLL
    2011-08-08 19:19:14 —-A—- C:\Windows\system32\d3d9.dll
    2011-08-08 19:19:13 —-A—- C:\Windows\system32\PushPrinterConnections.exe
    2011-08-08 19:19:13 —-A—- C:\Windows\system32\mstsc.exe
    2011-08-08 19:19:13 —-A—- C:\Windows\system32\crypt32.dll
    2011-08-08 19:19:12 —-A—- C:\Windows\system32\spreview.exe
    2011-08-08 19:19:12 —-A—- C:\Windows\system32\spinstall.exe
    2011-08-08 19:19:11 —-A—- C:\Windows\system32\termsrv.dll
    2011-08-08 19:19:09 —-A—- C:\Windows\system32\wer.dll
    2011-08-08 19:19:09 —-A—- C:\Windows\system32\certcli.dll
    2011-08-08 19:19:07 —-A—- C:\Windows\system32\rpcrt4.dll
    2011-08-08 19:19:04 —-A—- C:\Windows\system32\lsasrv.dll
    2011-08-08 19:19:02 —-A—- C:\Windows\system32\msxml6.dll
    2011-08-08 19:19:02 —-A—- C:\Windows\system32\gpsvc.dll
    2011-08-08 19:19:01 —-A—- C:\Windows\system32\odbc32.dll
    2011-08-08 19:19:01 —-A—- C:\Windows\system32\dwmcore.dll
    2011-08-08 19:19:00 —-A—- C:\Windows\system32\wbengine.exe
    2011-08-08 19:19:00 —-A—- C:\Windows\system32\MPSSVC.dll
    2011-08-08 19:19:00 —-A—- C:\Windows\system32\diagperf.dll
    2011-08-08 19:18:59 —-A—- C:\Windows\system32\WinSAT.exe
    2011-08-08 19:18:59 —-A—- C:\Windows\system32\scavengeui.dll
    2011-08-08 19:18:58 —-A—- C:\Windows\system32\umrdp.dll
    2011-08-08 19:18:58 —-A—- C:\Windows\system32\TSWorkspace.dll
    2011-08-08 19:18:58 —-A—- C:\Windows\system32\quartz.dll
    2011-08-08 19:18:57 —-A—- C:\Windows\system32\tsmf.dll
    2011-08-08 19:18:57 —-A—- C:\Windows\system32\localspl.dll
    2011-08-08 19:18:57 —-A—- C:\Windows\system32\dot3api.dll
    2011-08-08 19:18:54 —-A—- C:\Windows\system32\winhttp.dll
    2011-08-08 19:18:53 —-A—- C:\Windows\system32\setupapi.dll
    2011-08-08 19:18:52 —-A—- C:\Windows\system32\MSVidCtl.dll
    2011-08-08 19:18:52 —-A—- C:\Windows\system32\apphelp.dll
    2011-08-08 19:18:51 —-A—- C:\Windows\system32\VSSVC.exe
    2011-08-08 19:18:51 —-A—- C:\Windows\system32
    etlogon.dll
    2011-08-08 19:18:51 —-A—- C:\Windows\system32\dbgeng.dll
    2011-08-08 19:18:51 —-A—- C:\Windows\system32\d3d11.dll
    2011-08-08 19:18:50 —-A—- C:\Windows\system32\WindowsCodecs.dll
    2011-08-08 19:18:50 —-A—- C:\Windows\system32\rdpshell.exe
    2011-08-08 19:18:50 —-A—- C:\Windows\system32
    etcfgx.dll
    2011-08-08 19:18:49 —-A—- C:\Windows\system32\WMVDECOD.DLL
    2011-08-08 19:18:49 —-A—- C:\Windows\system32\winlogon.exe
    2011-08-08 19:18:49 —-A—- C:\Windows\system32\user32.dll
    2011-08-08 19:18:48 —-A—- C:\Windows\system32\webio.dll
    2011-08-08 19:18:48 —-A—- C:\Windows\system32\Query.dll
    2011-08-08 19:18:48 —-A—- C:\Windows\system32\gpprefcl.dll
    2011-08-08 19:18:48 —-A—- C:\Windows\system32\drivers\rdpwd.sys
    2011-08-08 19:18:47 —-A—- C:\Windows\system32\WsmSvc.dll
    2011-08-08 19:18:47 —-A—- C:\Windows\system32\advapi32.dll
    2011-08-08 19:18:45 —-A—- C:\Windows\system32\upnp.dll
    2011-08-08 19:18:45 —-A—- C:\Windows\system32\schannel.dll
    2011-08-08 19:18:45 —-A—- C:\Windows\system32\DShowRdpFilter.dll
    2011-08-08 19:18:44 —-A—- C:\Windows\system32\mmcndmgr.dll
    2011-08-08 19:18:43 —-A—- C:\Windows\system32
    etfxperf.dll
    2011-08-08 19:18:43 —-A—- C:\Windows\system32\msv1_0.dll
    2011-08-08 19:18:43 —-A—- C:\Windows\system32\lsm.exe
    2011-08-08 19:18:43 —-A—- C:\Windows\system32\drivers\csc.sys
    2011-08-08 19:18:42 —-D—- C:\Program Files\VideoLAN
    2011-08-08 19:18:42 —-A—- C:\Windows\system32\msdrm.dll
    2011-08-08 19:18:42 —-A—- C:\Windows\system32\imapi2fs.dll
    2011-08-08 19:18:41 —-A—- C:\Windows\system32\sppobjs.dll
    2011-08-08 19:18:41 —-A—- C:\Windows\system32\shlwapi.dll
    2011-08-08 19:18:41 —-A—- C:\Windows\system32\SessEnv.dll
    2011-08-08 19:18:41 —-A—- C:\Windows\system32\PortableDeviceApi.dll
    2011-08-08 19:18:41 —-A—- C:\Windows\system32\authui.dll
    2011-08-08 19:18:40 —-A—- C:\Windows\system32\usp10.dll
    2011-08-08 19:18:40 —-A—- C:\Windows\system32\userenv.dll
    2011-08-08 19:18:40 —-A—- C:\Windows\system32\mcbuilder.exe
    2011-08-08 19:18:40 —-A—- C:\Windows\system32\certmgr.dll
    2011-08-08 19:18:39 —-A—- C:\Windows\system32\xpsservices.dll
    2011-08-08 19:18:39 —-A—- C:\Windows\system32\winload.exe
    2011-08-08 19:18:39 —-A—- C:\Windows\system32\WebClnt.dll
    2011-08-08 19:18:39 —-A—- C:\Windows\system32\drvstore.dll
    2011-08-08 19:18:39 —-A—- C:\Windows\system32\comdlg32.dll
    2011-08-08 19:18:39 —-A—- C:\Windows\system32\audiosrv.dll
    2011-08-08 19:18:38 —-A—- C:\Windows\system32\sppwinob.dll
    2011-08-08 19:18:38 —-A—- C:\Windows\system32\rpcss.dll
    2011-08-08 19:18:38 —-A—- C:\Windows\system32\iphlpsvc.dll
    2011-08-08 19:18:38 —-A—- C:\Windows\system32\cmd.exe
    2011-08-08 19:18:37 —-A—- C:\Windows\system32\wuaueng.dll
    2011-08-08 19:18:37 —-A—- C:\Windows\system32\Wldap32.dll
    2011-08-08 19:18:37 —-A—- C:\Windows\system32\win32spl.dll
    2011-08-08 19:18:37 —-A—- C:\Windows\system32\rdpendp.dll
    2011-08-08 19:18:37 —-A—- C:\Windows\system32\propsys.dll
    2011-08-08 19:18:37 —-A—- C:\Windows\system32
    lasvc.dll
    2011-08-08 19:18:37 —-A—- C:\Windows\system32\mfds.dll
    2011-08-08 19:18:37 —-A—- C:\Windows\system32\framedynos.dll
    2011-08-08 19:18:37 —-A—- C:\Windows\system32\drivers\volsnap.sys
    2011-08-08 19:18:37 —-A—- C:\Windows\system32\BFE.DLL
    2011-08-08 19:18:36 —-A—- C:\Windows\system32\wucltux.dll
    2011-08-08 19:18:36 —-A—- C:\Windows\system32\wmicmiplugin.dll
    2011-08-08 19:18:36 —-A—- C:\Windows\system32\winresume.exe
    2011-08-08 19:18:36 —-A—- C:\Windows\system32\samsrv.dll
    2011-08-08 19:18:36 —-A—- C:\Windows\system32\profsvc.dll
    2011-08-08 19:18:36 —-A—- C:\Windows\system32\drivers
    etio.sys
    2011-08-08 19:18:36 —-A—- C:\Windows\system32\drivers
    dis.sys
    2011-08-08 19:18:36 —-A—- C:\Windows\system32\cscsvc.dll
    2011-08-08 19:18:35 —-A—- C:\Windows\system32\werconcpl.dll
    2011-08-08 19:18:35 —-A—- C:\Windows\system32\rdpclip.exe
    2011-08-08 19:18:35 —-A—- C:\Windows\system32
    csi.dll
    2011-08-08 19:18:35 —-A—- C:\Windows\system32\azroles.dll
    2011-08-08 19:18:35 —-A—- C:\Windows\system32\appmgr.dll
    2011-08-08 19:18:34 —-A—- C:\Windows\system32\themeui.dll
    2011-08-08 19:18:34 —-A—- C:\Windows\system32\taskeng.exe
    2011-08-08 19:18:34 —-A—- C:\Windows\system32\spp.dll
    2011-08-08 19:18:34 —-A—- C:\Windows\system32\mswsock.dll
    2011-08-08 19:18:34 —-A—- C:\Windows\system32\drivers\http.sys
    2011-08-08 19:18:34 —-A—- C:\Windows\system32\dhcpcore.dll
    2011-08-08 19:18:34 —-A—- C:\Windows\system32\credui.dll
    2011-08-08 19:18:33 —-A—- C:\Windows\system32\wintrust.dll
    2011-08-08 19:18:33 —-A—- C:\Windows\system32\taskcomp.dll
    2011-08-08 19:18:33 —-A—- C:\Windows\system32\rdpinit.exe
    2011-08-08 19:18:33 —-A—- C:\Windows\system32\NaturalLanguage6.dll
    2011-08-08 19:18:33 —-A—- C:\Windows\system32\msxml3.dll
    2011-08-08 19:18:33 —-A—- C:\Windows\system32\mfreadwrite.dll
    2011-08-08 19:18:33 —-A—- C:\Windows\system32\evr.dll
    2011-08-08 19:18:33 —-A—- C:\Windows\system32\dxgi.dll
    2011-08-08 19:18:33 —-A—- C:\Windows\system32\drivers\mrxdav.sys
    2011-08-08 19:18:33 —-A—- C:\Windows\system32\dbghelp.dll
    2011-08-08 19:18:33 —-A—- C:\Windows\system32\basecsp.dll
    2011-08-08 19:18:32 —-A—- C:\Windows\system32\WinSATAPI.dll
    2011-08-08 19:18:32 —-A—- C:\Windows\system32\spoolsv.exe
    2011-08-08 19:18:32 —-A—- C:\Windows\system32\QAGENTRT.DLL
    2011-08-08 19:18:32 —-A—- C:\Windows\system32\gdi32.dll
    2011-08-08 19:18:32 —-A—- C:\Windows\system32\drivers\1394ohci.sys
    2011-08-08 19:18:32 —-A—- C:\Windows\system32\calc.exe
    2011-08-08 19:18:31 —-A—- C:\Windows\system32\vpnike.dll
    2011-08-08 19:18:31 —-A—- C:\Windows\system32\srvsvc.dll
    2011-08-08 19:18:31 —-A—- C:\Windows\system32\sqlsrv32.dll
    2011-08-08 19:18:30 —-A—- C:\Windows\system32\UIRibbon.dll
    2011-08-08 19:18:30 —-A—- C:\Windows\system32\lpksetup.exe
    2011-08-08 19:18:30 —-A—- C:\Windows\system32\fveapi.dll
    2011-08-08 19:18:30 —-A—- C:\Windows\system32\cryptsvc.dll
    2011-08-08 19:18:29 —-A—- C:\Windows\system32\ws2_32.dll
    2011-08-08 19:18:29 —-A—- C:\Windows\system32\tspubwmi.dll
    2011-08-08 19:18:29 —-A—- C:\Windows\system32\sxs.dll
    2011-08-08 19:18:29 —-A—- C:\Windows\system32\stobject.dll
    2011-08-08 19:18:29 —-A—- C:\Windows\system32
    etshell.dll
    2011-08-08 19:18:29 —-A—- C:\Windows\system32\hgprint.dll
    2011-08-08 19:18:29 —-A—- C:\Windows\system32\drivers\msdsm.sys
    2011-08-08 19:18:29 —-A—- C:\Windows\system32\drivers\fvevol.sys
    2011-08-08 19:18:28 —-A—- C:\Windows\system32\prncache.dll
    2011-08-08 19:18:28 —-A—- C:\Windows\system32\printui.dll
    2011-08-08 19:18:28 —-A—- C:\Windows\system32\msi.dll
    2011-08-08 19:18:28 —-A—- C:\Windows\system32\inetpp.dll
    2011-08-08 19:18:28 —-A—- C:\Windows\system32\drivers\rdbss.sys
    2011-08-08 19:18:28 —-A—- C:\Windows\system32\dps.dll
    2011-08-08 19:18:28 —-A—- C:\Windows\system32\comctl32.dll
    2011-08-08 19:18:27 —-A—- C:\Windows\system32\WSDApi.dll
    2011-08-08 19:18:27 —-A—- C:\Windows\system32\wmpeffects.dll
    2011-08-08 19:18:27 —-A—- C:\Windows\system32\rpchttp.dll
    2011-08-08 19:18:27 —-A—- C:\Windows\system32
    et1.exe
    2011-08-08 19:18:27 —-A—- C:\Windows\system32\ci.dll
    2011-08-08 19:18:26 —-A—- C:\Windows\system32\scansetting.dll
    2011-08-08 19:18:26 —-A—- C:\Windows\system32\FXSSVC.exe
    2011-08-08 19:18:26 —-A—- C:\Windows\system32\drivers\vmbus.sys
    2011-08-08 19:18:26 —-A—- C:\Windows\system32\drivers\pci.sys
    2011-08-08 19:18:26 —-A—- C:\Windows\system32\aitagent.exe
    2011-08-08 19:18:26 —-A—- C:\Windows\system32\aepdu.dll
    2011-08-08 19:18:25 —-A—- C:\Windows\system32\vds.exe
    2011-08-08 19:18:25 —-A—- C:\Windows\system32\MMDevAPI.dll
    2011-08-08 19:18:24 —-A—- C:\Windows\system32\davclnt.dll
    2011-08-08 19:18:23 —-A—- C:\Windows\system32\WMVCORE.DLL
    2011-08-08 19:18:23 —-A—- C:\Windows\system32\wlangpui.dll
    2011-08-08 19:18:22 —-A—- C:\Windows\system32\QSHVHOST.DLL
    2011-08-08 19:18:22 —-A—- C:\Windows\system32\aaclient.dll
    2011-08-08 19:18:21 —-A—- C:\Windows\system32\wpdshext.dll
    2011-08-08 19:18:21 —-A—- C:\Windows\system32\webservices.dll
    2011-08-08 19:18:21 —-A—- C:\Windows\system32\t2embed.dll
    2011-08-08 19:18:21 —-A—- C:\Windows\system32\scrptadm.dll
    2011-08-08 19:18:21 —-A—- C:\Windows\system32\pnidui.dll
    2011-08-08 19:18:21 —-A—- C:\Windows\system32\IPSECSVC.DLL
    2011-08-08 19:18:21 —-A—- C:\Windows\system32\drivers\termdd.sys
    2011-08-08 19:18:21 —-A—- C:\Windows\system32\consent.exe
    2011-08-08 19:18:20 —-A—- C:\Windows\system32\TsUsbGDCoInstaller.dll
    2011-08-08 19:18:20 —-A—- C:\Windows\system32\tscfgwmi.dll
    2011-08-08 19:18:20 —-A—- C:\Windows\system32\SyncCenter.dll
    2011-08-08 19:18:20 —-A—- C:\Windows\system32
    etdiagfx.dll
    2011-08-08 19:18:20 —-A—- C:\Windows\system32\fde.dll
    2011-08-08 19:18:20 —-A—- C:\Windows\system32\drivers\sbp2port.sys
    2011-08-08 19:18:20 —-A—- C:\Windows\system32\drivers\rdpdr.sys
    2011-08-08 19:18:18 —-A—- C:\Windows\system32\vmicsvc.exe
    2011-08-08 19:18:18 —-A—- C:\Windows\system32\sdengin2.dll
    2011-08-08 19:18:17 —-A—- C:\Windows\system32\wuapi.dll
    2011-08-08 19:18:17 —-A—- C:\Windows\system32\wscapi.dll
    2011-08-08 19:18:06 —-A—- C:\Windows\system32\WinSCard.dll
    2011-08-08 19:18:06 —-A—- C:\Windows\system32\cscobj.dll
    2011-08-08 19:18:05 —-A—- C:\Windows\system32\wisptis.exe
    2011-08-08 19:18:05 —-A—- C:\Windows\system32\pla.dll
    2011-08-08 19:18:05 —-A—- C:\Windows\system32\msasn1.dll
    2011-08-08 19:18:04 —-A—- C:\Windows\system32\mcmde.dll
    2011-08-08 19:18:04 —-A—- C:\Windows\system32\drivers\rdpvideominiport.sys
    2011-08-08 19:18:03 —-A—- C:\Windows\system32\MSMPEG2ENC.DLL
    2011-08-08 19:18:03 —-A—- C:\Windows\system32\drivers\vhdmp.sys
    2011-08-08 19:18:02 —-A—- C:\Windows\system32\winsta.dll
    2011-08-08 19:18:02 —-A—- C:\Windows\system32\rdpcore.dll
    2011-08-08 19:18:02 —-A—- C:\Windows\system32\drivers\msahci.sys
    2011-08-08 19:17:59 —-A—- C:\Windows\system32\WUDFSvc.dll
    2011-08-08 19:17:59 —-A—- C:\Windows\system32\wiaservc.dll
    2011-08-08 19:17:59 —-A—- C:\Windows\system32\setupcl.exe
    2011-08-08 19:17:59 —-A—- C:\Windows\system32
    tshrui.dll
    2011-08-08 19:17:59 —-A—- C:\Windows\system32\imapi2.dll
    2011-08-08 19:17:59 —-A—- C:\Windows\system32\DXPTaskRingtone.dll
    2011-08-08 19:17:59 —-A—- C:\Windows\system32\aeinv.dll
    2011-08-08 19:17:58 —-A—- C:\Windows\system32\gameux.dll
    2011-08-08 19:17:55 —-A—- C:\Windows\system32\onex.dll
    2011-08-08 19:17:55 —-A—- C:\Windows\system32\dwmredir.dll
    2011-08-08 19:17:54 —-A—- C:\Windows\system32\WMPEncEn.dll
    2011-08-08 19:17:53 —-A—- C:\Windows\system32\drivers\acpi.sys
    2011-08-08 19:17:52 —-A—- C:\Windows\system32\shsvcs.dll
    2011-08-08 19:17:51 —-A—- C:\Windows\system32\rasmans.dll
    2011-08-08 19:17:50 —-A—- C:\Windows\system32\winmm.dll
    2011-08-08 19:17:50 —-A—- C:\Windows\system32\vaultsvc.dll
    2011-08-08 19:17:50 —-A—- C:\Windows\system32\TabSvc.dll
    2011-08-08 19:17:50 —-A—- C:\Windows\system32\hbaapi.dll
    2011-08-08 19:17:50 —-A—- C:\Windows\system32\drivers\udfs.sys
    2011-08-08 19:17:50 —-A—- C:\Windows\system32\autofmt.exe
    2011-08-08 19:17:49 —-A—- C:\Windows\system32\samcli.dll
    2011-08-08 19:17:49 —-A—- C:\Windows\system32\proquota.exe
    2011-08-08 19:17:49 —-A—- C:\Windows\system32
    etiohlp.dll
    2011-08-08 19:17:49 —-A—- C:\Windows\system32\Narrator.exe
    2011-08-08 19:17:49 —-A—- C:\Windows\system32\IPHLPAPI.DLL
    2011-08-08 19:17:49 —-A—- C:\Windows\system32\bootres.dll
    2011-08-08 19:17:49 —-A—- C:\Windows\system32\autochk.exe
    2011-08-08 19:17:49 —-A—- C:\Windows\system32\audiodg.exe
    2011-08-08 19:17:48 —-A—- C:\Windows\system32\thumbcache.dll
    2011-08-08 19:17:48 —-A—- C:\Windows\system32\regapi.dll
    2011-08-08 19:17:48 —-A—- C:\Windows\system32\msutb.dll
    2011-08-08 19:17:48 —-A—- C:\Windows\system32\msinfo32.exe
    2011-08-08 19:17:48 —-A—- C:\Windows\system32\mimefilt.dll
    2011-08-08 19:17:48 —-A—- C:\Windows\system32\ipsmsnap.dll
    2011-08-08 19:17:48 —-A—- C:\Windows\system32\halmacpi.dll
    2011-08-08 19:17:48 —-A—- C:\Windows\system32\hal.dll
    2011-08-08 19:17:48 —-A—- C:\Windows\system32\autoconv.exe
    2011-08-08 19:17:48 —-A—- C:\Windows\system32\AudioSes.dll
    2011-08-08 19:17:47 —-A—- C:\Windows\system32\wcncsvc.dll
    2011-08-08 19:17:47 —-A—- C:\Windows\system32\tcpipcfg.dll
    2011-08-08 19:17:47 —-A—- C:\Windows\system32\sspicli.dll
    2011-08-08 19:17:47 —-A—- C:\Windows\system32\srchadmin.dll
    2011-08-08 19:17:47 —-A—- C:\Windows\system32\schtasks.exe
    2011-08-08 19:17:47 —-A—- C:\Windows\system32\powercpl.dll
    2011-08-08 19:17:47 —-A—- C:\Windows\system32\msihnd.dll
    2011-08-08 19:17:47 —-A—- C:\Windows\system32\mscorier.dll
    2011-08-08 19:17:47 —-A—- C:\Windows\system32\framedyn.dll
    2011-08-08 19:17:47 —-A—- C:\Windows\system32\eapphost.dll
    2011-08-08 19:17:47 —-A—- C:\Windows\system32\drivers\volmgr.sys
    2011-08-08 19:17:46 —-A—- C:\Windows\system32\umpo.dll
    2011-08-08 19:17:46 —-A—- C:\Windows\system32\QAGENT.DLL
    2011-08-08 19:17:46 —-A—- C:\Windows\system32
    etid.dll
    2011-08-08 19:17:46 —-A—- C:\Windows\system32\DXP.dll
    2011-08-08 19:17:46 —-A—- C:\Windows\system32\drivers\partmgr.sys
    2011-08-08 19:17:46 —-A—- C:\Windows\system32\drivers
    etbt.sys
    2011-08-08 19:17:46 —-A—- C:\Windows\system32\AuxiliaryDisplayCpl.dll
    2011-08-08 19:17:46 —-A—- C:\Windows\system32\actxprxy.dll
    2011-08-08 19:17:45 —-A—- C:\Windows\system32\wdc.dll
    2011-08-08 19:17:45 —-A—- C:\Windows\system32\untfs.dll
    2011-08-08 19:17:45 —-A—- C:\Windows\system32\StructuredQuery.dll
    2011-08-08 19:17:45 —-A—- C:\Windows\system32\scesrv.dll
    2011-08-08 19:17:45 —-A—- C:\Windows\system32\rastls.dll
    2011-08-08 19:17:44 —-A—- C:\Windows\system32\Vault.dll
    2011-08-08 19:17:44 —-A—- C:\Windows\system32
    ci.dll
    2011-08-08 19:17:44 —-A—- C:\Windows\system32\drivers\ataport.sys
    2011-08-08 19:17:43 —-A—- C:\Windows\system32\sdclt.exe
    2011-08-08 19:17:42 —-A—- C:\Windows\system32\WMNetMgr.dll
    2011-08-08 19:17:42 —-A—- C:\Windows\system32\wlanpref.dll
    2011-08-08 19:17:42 —-A—- C:\Windows\system32\sppsvc.exe
    2011-08-08 19:17:42 —-A—- C:\Windows\system32\RpcRtRemote.dll
    2011-08-08 19:17:42 —-A—- C:\Windows\system32\Robocopy.exe
    2011-08-08 19:17:42 —-A—- C:\Windows\system32\ListSvc.dll
    2011-08-08 19:17:41 —-A—- C:\Windows\system32\taskmgr.exe
    2011-08-08 19:17:41 —-A—- C:\Windows\system32\DxpTaskSync.dll
    2011-08-08 19:17:41 —-A—- C:\Windows\system32\Display.dll
    2011-08-08 19:17:40 —-A—- C:\Windows\system32\XpsRasterService.dll
    2011-08-08 19:17:40 —-A—- C:\Windows\system32\userinit.exe
    2011-08-08 19:17:40 —-A—- C:\Windows\system32\sharemediacpl.dll
    2011-08-08 19:17:40 —-A—- C:\Windows\system32\puiobj.dll
    2011-08-08 19:17:40 —-A—- C:\Windows\system32\mtxclu.dll
    2011-08-08 19:17:40 —-A—- C:\Windows\system32\msdri.dll
    2011-08-08 19:17:40 —-A—- C:\Windows\system32\drivers\mpio.sys
    2011-08-08 19:17:40 —-A—- C:\Windows\system32\drivers\mountmgr.sys
    2011-08-08 19:17:40 —-A—- C:\Windows\system32\cscui.dll
    2011-08-08 19:17:39 —-A—- C:\Windows\system32\termmgr.dll
    2011-08-08 19:17:39 —-A—- C:\Windows\system32\DiagCpl.dll
    2011-08-08 19:17:38 —-A—- C:\Windows\system32\drivers\scsiport.sys
    2011-08-08 19:17:37 —-A—- C:\Windows\system32\eudcedit.exe
    2011-08-08 19:17:37 —-A—- C:\Windows\system32\drivers\winhv.sys
    2011-08-08 19:17:33 —-A—- C:\Windows\system32\drivers\vmstorfl.sys
    2011-08-08 19:17:31 —-A—- C:\Windows\system32\msdtctm.dll
    2011-08-08 19:17:31 —-A—- C:\Windows\system32\logoncli.dll
    2011-08-08 19:17:30 —-A—- C:\Windows\system32\shsetup.dll
    2011-08-08 19:17:27 —-A—- C:\Windows\system32\biocpl.dll
    2011-08-08 19:17:26 —-A—- C:\Windows\system32\wiadefui.dll
    2011-08-08 19:17:26 —-A—- C:\Windows\system32\rasppp.dll
    2011-08-08 19:17:25 —-A—- C:\Windows\system32\sppcomapi.dll
    2011-08-08 19:17:25 —-A—- C:\Windows\system32\msconfig.exe
    2011-08-08 19:17:25 —-A—- C:\Windows\system32\FirewallControlPanel.dll
    2011-08-08 19:17:25 —-A—- C:\Windows\system32\cabview.dll
    2011-08-08 19:17:24 —-A—- C:\Windows\system32\drivers\storvsc.sys
    2011-08-08 19:17:22 —-A—- C:\Windows\system32\SensorsCpl.dll
    2011-08-08 19:17:20 —-A—- C:\Windows\system32\themecpl.dll
    2011-08-08 19:17:19 —-A—- C:\Windows\system32\wpccpl.dll
    2011-08-08 19:17:19 —-A—- C:\Windows\system32\FWPUCLNT.DLL
    2011-08-08 19:17:18 —-A—- C:\Windows\system32\dnscmmc.dll
    2011-08-08 19:17:17 —-A—- C:\Windows\system32\drivers\rdyboost.sys
    2011-08-08 19:17:16 —-A—- C:\Windows\system32\PhotoScreensaver.scr
    2011-08-08 19:17:15 —-A—- C:\Windows\system32\hgcpl.dll
    2011-08-08 19:17:14 —-A—- C:\Windows\system32\scecli.dll
    2011-08-08 19:17:13 —-A—- C:\Windows\system32\tapisrv.dll
    2011-08-08 19:17:13 —-A—- C:\Windows\system32\mscories.dll
    2011-08-08 19:17:13 —-A—- C:\Windows\system32\mscms.dll
    2011-08-08 19:17:13 —-A—- C:\Windows\system32\fontext.dll
    2011-08-08 19:17:13 —-A—- C:\Windows\system32\drivers\ksecdd.sys
    2011-08-08 19:17:12 —-A—- C:\Windows\system32\mprddm.dll
    2011-08-08 19:17:12 —-A—- C:\Windows\system32\localsec.dll
    2011-08-08 19:17:11 —-A—- C:\Windows\system32\SndVolSSO.dll
    2011-08-08 19:17:11 —-A—- C:\Windows\system32\iasacct.dll
    2011-08-08 19:17:10 —-A—- C:\Windows\system32\wkssvc.dll
    2011-08-08 19:17:10 —-A—- C:\Windows\system32\usercpl.dll
    2011-08-08 19:17:10 —-A—- C:\Windows\system32\srcore.dll
    2011-08-08 19:17:10 —-A—- C:\Windows\system32\PerfCenterCPL.dll
    2011-08-08 19:17:10 —-A—- C:\Windows\system32\KMSVC.DLL
    2011-08-08 19:17:10 —-A—- C:\Windows\system32\bcdsrv.dll
    2011-08-08 19:17:09 —-A—- C:\Windows\system32\wlanui.dll
    2011-08-08 19:17:09 —-A—- C:\Windows\system32\VAN.dll
    2011-08-08 19:17:09 —-A—- C:\Windows\system32\qedit.dll
    2011-08-08 19:17:09 —-A—- C:\Windows\system32\prntvpt.dll
    2011-08-08 19:17:09 —-A—- C:\Windows\system32\batmeter.dll
    2011-08-08 19:17:08 —-A—- C:\Windows\system32\w32tm.exe
    2011-08-08 19:17:08 —-A—- C:\Windows\system32\SndVol.exe
    2011-08-08 19:17:08 —-A—- C:\Windows\system32\qdvd.dll
    2011-08-08 19:17:08 —-A—- C:\Windows\system32
    etcenter.dll
    2011-08-08 19:17:08 —-A—- C:\Windows\system32\mblctr.exe
    2011-08-08 19:17:07 —-A—- C:\Windows\system32\wpdbusenum.dll
    2011-08-08 19:17:07 —-A—- C:\Windows\system32\wksprt.exe
    2011-08-08 19:17:07 —-A—- C:\Windows\system32\spwizeng.dll
    2011-08-08 19:17:06 —-A—- C:\Windows\system32\drivers\ks.sys
    2011-08-08 19:17:06 —-A—- C:\Windows\system32\azroleui.dll
    2011-08-08 19:17:06 —-A—- C:\Windows\system32\accessibilitycpl.dll
    2011-08-08 19:17:05 —-A—- C:\Windows\system32\zipfldr.dll
    2011-08-08 19:17:05 —-A—- C:\Windows\system32\MSAC3ENC.DLL
    2011-08-08 19:17:05 —-A—- C:\Windows\system32\fdeploy.dll
    2011-08-08 19:17:05 —-A—- C:\Windows\system32\cryptui.dll
    2011-08-08 19:17:04 —-A—- C:\Windows\system32\wusa.exe
    2011-08-08 19:17:04 —-A—- C:\Windows\system32
    etworkmap.dll
    2011-08-08 19:17:04 —-A—- C:\Windows\system32
    etjoin.dll
    2011-08-08 19:17:04 —-A—- C:\Windows\system32\mspbda.dll
    2011-08-08 19:17:04 —-A—- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
    2011-08-08 19:17:04 —-A—- C:\Windows\system32\Faultrep.dll
    2011-08-08 19:17:04 —-A—- C:\Windows\system32\adsldp.dll
    2011-08-08 19:17:03 —-A—- C:\Windows\system32\taskhost.exe
    2011-08-08 19:17:03 —-A—- C:\Windows\system32\taskbarcpl.dll
    2011-08-08 19:17:03 —-A—- C:\Windows\system32\sud.dll
    2011-08-08 19:17:03 —-A—- C:\Windows\system32\slui.exe
    2011-08-08 19:17:03 —-A—- C:\Windows\system32\prnfldr.dll
    2011-08-08 19:17:03 —-A—- C:\Windows\system32\photowiz.dll
    2011-08-08 19:17:03 —-A—- C:\Windows\system32\OnLineIDCpl.dll
    2011-08-08 19:17:03 —-A—- C:\Windows\system32\msieftp.dll
    2011-08-08 19:17:03 —-A—- C:\Windows\system32\MediaMetadataHandler.dll
    2011-08-08 19:17:03 —-A—- C:\Windows\system32\credssp.dll
    2011-08-08 19:17:03 —-A—- C:\Windows\system32\ActionCenter.dll
    2011-08-08 19:17:02 —-A—- C:\Windows\system32\iprtrmgr.dll
    2011-08-08 19:17:02 —-A—- C:\Windows\system32\iasrad.dll
    2011-08-08 19:17:01 —-A—- C:\Windows\system32\rdpcorekmts.dll
    2011-08-08 19:17:01 —-A—- C:\Windows\system32\halacpi.dll
    2011-08-08 19:17:01 —-A—- C:\Windows\system32\ftp.exe
    2011-08-08 19:17:01 —-A—- C:\Windows\system32\drivers\hidclass.sys
    2011-08-08 19:17:01 —-A—- C:\Windows\system32\dot3cfg.dll
    2011-08-08 19:17:01 —-A—- C:\Windows\system32\defaultlocationcpl.dll
    2011-08-08 19:17:00 —-A—- C:\Windows\system32\wpd_ci.dll
    2011-08-08 19:17:00 —-A—- C:\Windows\system32\sisbkup.dll
    2011-08-08 19:17:00 —-A—- C:\Windows\system32\shwebsvc.dll
    2011-08-08 19:17:00 —-A—- C:\Windows\system32\ifsutil.dll
    2011-08-08 19:17:00 —-A—- C:\Windows\system32\efscore.dll
    2011-08-08 19:16:59 —-A—- C:\Windows\system32\syncui.dll
    2011-08-08 19:16:59 —-A—- C:\Windows\system32\sdcpl.dll
    2011-08-08 19:16:59 —-A—- C:\Windows\system32\recovery.dll
    2011-08-08 19:16:59 —-A—- C:\Windows\system32\rdpwsx.dll
    2011-08-08 19:16:59 —-A—- C:\Windows\system32\autoplay.dll
    2011-08-08 19:16:59 —-A—- C:\Windows\system32\ActionCenterCPL.dll
    2011-08-08 19:16:58 —-A—- C:\Windows\system32\sppnp.dll
    2011-08-08 19:16:58 —-A—- C:\Windows\system32
    tlanman.dll
    2011-08-08 19:16:58 —-A—- C:\Windows\system32\DeviceCenter.dll
    2011-08-08 19:16:58 —-A—- C:\Windows\system32\bcdedit.exe
    2011-08-08 19:16:57 —-A—- C:\Windows\system32\wmpmde.dll
    2011-08-08 19:16:57 —-A—- C:\Windows\system32\rtutils.dll
    2011-08-08 19:16:57 —-A—- C:\Windows\system32\OobeFldr.dll
    2011-08-08 19:16:57 —-A—- C:\Windows\system32\dskquoui.dll
    2011-08-08 19:16:56 —-A—- C:\Windows\system32\vdsutil.dll
    2011-08-08 19:16:56 —-A—- C:\Windows\system32\systemcpl.dll
    2011-08-08 19:16:56 —-A—- C:\Windows\system32\SmartcardCredentialProvider.dll
    2011-08-08 19:16:56 —-A—- C:\Windows\system32\sethc.exe
    2011-08-08 19:16:56 —-A—- C:\Windows\system32\rstrui.exe
    2011-08-08 19:16:56 —-A—- C:\Windows\system32\riched20.dll
    2011-08-08 19:16:56 —-A—- C:\Windows\system32\recdisc.exe
    2011-08-08 19:16:56 —-A—- C:\Windows\system32\rdpsign.exe
    2011-08-08 19:16:56 —-A—- C:\Windows\system32
    tprint.dll
    2011-08-08 19:16:56 —-A—- C:\Windows\system32
    shwfp.dll
    2011-08-08 19:16:56 —-A—- C:\Windows\system32\fvecpl.dll
    2011-08-08 19:16:56 —-A—- C:\Windows\system32\drivers\tdx.sys
    2011-08-08 19:16:56 —-A—- C:\Windows\system32\bcdboot.exe
    2011-08-08 19:16:55 —-A—- C:\Windows\system32\wmpsrcwp.dll
    2011-08-08 19:16:55 —-A—- C:\Windows\system32
    etplwiz.dll
    2011-08-08 19:16:55 —-A—- C:\Windows\system32\NAPHLPR.DLL
    2011-08-08 19:16:55 —-A—- C:\Windows\system32\migisol.dll
    2011-08-08 19:16:55 —-A—- C:\Windows\system32\fms.dll
    2011-08-08 19:16:55 —-A—- C:\Windows\system32\dpx.dll
    2011-08-08 19:16:55 —-A—- C:\Windows\system32\blackbox.dll
    2011-08-08 19:16:55 —-A—- C:\Windows\system32\AxInstSv.dll
    2011-08-08 19:16:55 —-A—- C:\Windows\system32\activeds.dll
    2011-08-08 19:16:54 —-A—- C:\Windows\system32\AuxiliaryDisplayServices.dll
    2011-08-08 19:16:53 —-A—- C:\Windows\system32\httpapi.dll
    2011-08-08 19:16:53 —-A—- C:\Windows\system32\drivers\tssecsrv.sys
    2011-08-08 19:16:53 —-A—- C:\Windows\system32\cdosys.dll
    2011-08-08 19:16:52 —-A—- C:\Windows\system32\dot3svc.dll
    2011-08-08 19:16:52 —-A—- C:\Windows\system32\asycfilt.dll
    2011-08-08 19:16:51 —-A—- C:\Windows\system32\wsqmcons.exe
    2011-08-08 19:16:51 —-A—- C:\Windows\system32
    shipsec.dll
    2011-08-08 19:16:51 —-A—- C:\Windows\system32
    laapi.dll
    2011-08-08 19:16:51 —-A—- C:\Windows\system32\msftedit.dll
    2011-08-08 19:16:51 —-A—- C:\Windows\system32\isoburn.exe
    2011-08-08 19:16:50 —-A—- C:\Windows\system32\wuwebv.dll
    2011-08-08 19:16:50 —-A—- C:\Windows\system32\wlanmsm.dll
    2011-08-08 19:16:50 —-A—- C:\Windows\system32\wavemsp.dll
    2011-08-08 19:16:50 —-A—- C:\Windows\system32\tzutil.exe
    2011-08-08 19:16:50 —-A—- C:\Windows\system32\sysclass.dll
    2011-08-08 19:16:50 —-A—- C:\Windows\system32\ReAgent.dll
    2011-08-08 19:16:50 —-A—- C:\Windows\system32\provsvc.dll
    2011-08-08 19:16:50 —-A—- C:\Windows\system32\dsuiext.dll
    2011-08-08 19:16:50 —-A—- C:\Windows\system32\dot3ui.dll
    2011-08-08 19:16:50 —-A—- C:\Windows\system32\dfrgui.exe
    2011-08-08 19:16:50 —-A—- C:\Windows\system32\appinfo.dll
    2011-08-08 19:16:49 —-A—- C:\Windows\system32\wvc.dll
    2011-08-08 19:16:49 —-A—- C:\Windows\system32\wtsapi32.dll
    2011-08-08 19:16:49 —-A—- C:\Windows\system32\wimgapi.dll
    2011-08-08 19:16:49 —-A—- C:\Windows\system32\PkgMgr.exe
    2011-08-08 19:16:49 —-A—- C:\Windows\system32\ocsetup.exe
    2011-08-08 19:16:49 —-A—- C:\Windows\system32\mstask.dll
    2011-08-08 19:16:49 —-A—- C:\Windows\system32\drivers
    dproxy.sys
    2011-08-08 19:16:49 —-A—- C:\Windows\system32\certprop.dll
    2011-08-08 19:16:49 —-A—- C:\Windows\system32\AdmTmpl.dll
    2011-08-08 19:16:48 —-A—- C:\Windows\twain_32.dll
    2011-08-08 19:16:48 —-A—- C:\Windows\system32\twext.dll
    2011-08-08 19:16:48 —-A—- C:\Windows\system32\shdocvw.dll
    2011-08-08 19:16:48 —-A—- C:\Windows\system32\setupugc.exe
    2011-08-08 19:16:48 —-A—- C:\Windows\system32\qcap.dll
    2011-08-08 19:16:47 —-A—- C:\Windows\system32\uxlib.dll
    2011-08-08 19:16:47 —-A—- C:\Windows\system32\ssText3d.scr
    2011-08-08 19:16:47 —-A—- C:\Windows\system32\srrstr.dll
    2011-08-08 19:16:47 —-A—- C:\Windows\system32\SmiEngine.dll
    2011-08-08 19:16:47 —-A—- C:\Windows\system32\slwga.dll
    2011-08-08 19:16:47 —-A—- C:\Windows\system32\qasf.dll
    2011-08-08 19:16:47 —-A—- C:\Windows\system32\PresentationSettings.exe
    2011-08-08 19:16:47 —-A—- C:\Windows\system32\imm32.dll
    2011-08-08 19:16:46 —-A—- C:\Windows\system32\wwanconn.dll
    2011-08-08 19:16:46 —-A—- C:\Windows\system32\WPDShServiceObj.dll
    2011-08-08 19:16:46 —-A—- C:\Windows\system32\wmdrmsdk.dll
    2011-08-08 19:16:46 —-A—- C:\Windows\system32
    slookup.exe
    2011-08-08 19:16:46 —-A—- C:\Windows\system32\msvfw32.dll
    2011-08-08 19:16:46 —-A—- C:\Windows\system32\mciavi32.dll
    2011-08-08 19:16:46 —-A—- C:\Windows\system32\DevicePairingFolder.dll
    2011-08-08 19:16:46 —-A—- C:\Windows\system32\clusapi.dll
    2011-08-08 19:16:46 —-A—- C:\Windows\system32\audiodev.dll
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\wimserv.exe
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\TSpkg.dll
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\remotepg.dll
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\rdpencom.dll
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\raschap.dll
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\QUTIL.DLL
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\perfmon.exe
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\msscp.dll
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\input.dll
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\drmmgrtn.dll
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\diskraid.exe
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\browser.dll
    2011-08-08 19:16:45 —-A—- C:\Windows\system32\acppage.dll
    2011-08-08 19:16:44 —-A—- C:\Windows\system32\wmpdxm.dll
    2011-08-08 19:16:44 —-A—- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
    2011-08-08 19:16:44 —-A—- C:\Windows\system32\vpnikeapi.dll
    2011-08-08 19:16:44 —-A—- C:\Windows\system32\UserAccountControlSettings.dll
    2011-08-08 19:16:44 —-A—- C:\Windows\system32\sdrsvc.dll
    2011-08-08 19:16:44 —-A—- C:\Windows\system32\onexui.dll
    2011-08-08 19:16:44 —-A—- C:\Windows\system32\olepro32.dll
    2011-08-08 19:16:44 —-A—- C:\Windows\system32\ocsetapi.dll
    2011-08-08 19:16:44 —-A—- C:\Windows\system32
    ltest.exe
    2011-08-08 19:16:44 —-A—- C:\Windows\system32
    etworkexplorer.dll
    2011-08-08 19:16:44 —-A—- C:\Windows\system32\NAPCRYPT.DLL
    2011-08-08 19:16:43 —-A—- C:\Windows\system32\wpdwcn.dll
    2011-08-08 19:16:43 —-A—- C:\Windows\system32\vdsbas.dll
    2011-08-08 19:16:43 —-A—- C:\Windows\system32\runonce.exe
    2011-08-08 19:16:43 —-A—- C:\Windows\system32\Mcx2Svc.dll
    2011-08-08 19:16:43 —-A—- C:\Windows\system32\logagent.exe
    2011-08-08 19:16:43 —-A—- C:\Windows\system32\iTVData.dll
    2011-08-08 19:16:43 —-A—- C:\Windows\system32\dxdiagn.dll
    2011-08-08 19:16:43 —-A—- C:\Windows\bfsvc.exe
    2011-08-08 19:16:42 —-A—- C:\Windows\system32\sspisrv.dll
    2011-08-08 19:16:42 —-A—- C:\Windows\system32\msvidc32.dll
    2011-08-08 19:16:42 —-A—- C:\Windows\system32\MFPlay.dll
    2011-08-08 19:16:42 —-A—- C:\Windows\system32\eapp3hst.dll
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\wudriver.dll
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\wmpshell.dll
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\wmdrmdev.dll
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\unimdmat.dll
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\shacct.dll
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\PnPUnattend.exe
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\msiexec.exe
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\lsmproxy.dll
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\iscsium.dll
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\drivers\rmcast.sys
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\d3d10level9.dll
    2011-08-08 19:16:41 —-A—- C:\Windows\system32\bitsadmin.exe
    2011-08-08 19:16:40 —-A—- C:\Windows\system32\tabcal.exe
    2011-08-08 19:16:40 —-A—- C:\Windows\system32\sqlcese30.dll
    2011-08-08 19:16:40 —-A—- C:\Windows\system32\rdpd3d.dll
    2011-08-08 19:16:40 —-A—- C:\Windows\system32\PortableDeviceSyncProvider.dll
    2011-08-08 19:16:40 —-A—- C:\Windows\system32\pdh.dll
    2011-08-08 19:16:40 —-A—- C:\Windows\system32\OpcServices.dll
    2011-08-08 19:16:40 —-A—- C:\Windows\system32\mprapi.dll
    2011-08-08 19:16:40 —-A—- C:\Windows\system32\cscapi.dll
    2011-08-08 19:16:40 —-A—- C:\Windows\system32\Bubbles.scr
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\wwanprotdim.dll
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\WUDFPlatform.dll
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\WPDSp.dll
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\tsgqec.dll
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\srvcli.dll
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\Ribbons.scr
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\QSVRMGMT.DLL
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\PortableDeviceStatus.dll
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\olethk32.dll
    2011-08-08 19:16:39 —-A—- C:\Windows\system32
    cryptui.dll
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\Mystify.scr
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\MdSched.exe
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\lpremove.exe
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\logman.exe
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\djoin.exe
    2011-08-08 19:16:39 —-A—- C:\Windows\system32\CscMig.dll
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\WMPhoto.dll
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\WMADMOD.DLL
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\wiavideo.dll
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\utildll.dll
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\takeown.exe
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\mapistub.dll
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\mapi32.dll
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\iyuv_32.dll
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\fphc.dll
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\dot3msm.dll
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\avifil32.dll
    2011-08-08 19:16:38 —-A—- C:\Windows\system32\ActionQueue.dll
    2011-08-08 19:16:37 —-A—- C:\Windows\system32\WMVSDECD.DLL
    2011-08-08 19:16:37 —-A—- C:\Windows\system32\wmdrmnet.dll
    2011-08-08 19:16:37 —-A—- C:\Windows\system32\sqmapi.dll
    2011-08-08 19:16:37 —-A—- C:\Windows\system32\sppinst.dll
    2011-08-08 19:16:37 —-A—- C:\Windows\system32\qdv.dll
    2011-08-08 19:16:37 —-A—- C:\Windows\system32\QCLIPROV.DLL
    2011-08-08 19:16:37 —-A—- C:\Windows\system32\msyuv.dll
    2011-08-08 19:16:37 —-A—- C:\Windows\system32\msnetobj.dll
    2011-08-08 19:16:37 —-A—- C:\Windows\system32\imagehlp.dll
    2011-08-08 19:16:37 —-A—- C:\Windows\system32\EhStorAPI.dll
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\WUDFx.dll
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\WUDFHost.exe
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\wsnmp32.dll
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\vfwwdm32.dll
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\unattend.dll
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\RelPost.exe
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\qprocess.exe
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\pdhui.dll
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\MuiUnattend.exe
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\msrle32.dll
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\cmstp.exe
    2011-08-08 19:16:36 —-A—- C:\Windows\system32\cca.dll
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\wuauclt.exe
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\WMSPDMOD.DLL
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\umb.dll
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\tsbyuv.dll
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\setupcln.dll
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\qwinsta.exe
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\PrintIsolationProxy.dll
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\msorcl32.dll
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\msg.exe
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\iasrecst.dll
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\drivers\tcpipreg.sys
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\drivers
    disuio.sys
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\chglogon.exe
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\basesrv.dll
    2011-08-08 19:16:35 —-A—- C:\Windows\system32\AzSqlExt.dll
    2011-08-08 19:16:34 —-A—- C:\Windows\system32\wkscli.dll
    2011-08-08 19:16:34 —-A—- C:\Windows\system32\WavDest.dll
    2011-08-08 19:16:34 —-A—- C:\Windows\system32\sppuinotify.dll
    2011-08-08 19:16:34 —-A—- C:\Windows\system32\spbcd.dll
    2011-08-08 19:16:34 —-A—- C:\Windows\system32\relog.exe
    2011-08-08 19:16:34 —-A—- C:\Windows\system32\quser.exe
    2011-08-08 19:16:34 —-A—- C:\Windows\system32
    etiougc.exe
    2011-08-08 19:16:34 —-A—- C:\Windows\system32\mydocs.dll
    2011-08-08 19:16:34 —-A—- C:\Windows\system32\iscsicli.exe
    2011-08-08 19:16:34 —-A—- C:\Windows\system32\BdeHdCfg.exe
    2011-08-08 19:16:34 —-A—- C:\Windows\system3
  • Hoi Anjo, ik heb even gewacht met antwoord.

    Het RSIT-log is oké.
    Hoe staat het nu met de problemen.

    Want ik heb nagedacht over jouw FAH-probleem.
    Het kan zijn dat je voor FAH een uitzondering moet maken in F-Secure!

    Of heb je DEP voor alles ingeschakeld, maak dan bij die instelling een uitzondering voor FAH.
  • DEP??
    Op Aspire werkt t weer. Had ook gepost op FAH forum, maar kwam niet echt verder.
    Uiteindelijk op Aspire Fsecure uitgezet en na de 4e nieuwe install draait FAH weer.
    Nu nog op de HP met XP sp3. Daar is t ook bal, staat helemaal geen AV oid op, heeft 1 maal gedraaid en nu doet t daar ook weer niet :cry:
    Die HP draait alleen wat navigatieprogs maar wil verder FAH niet meer draaien, ook niet als ik m verplaats zoals jouw verhaal aangaf eerder. staat ook niet in processen of services in taakbeheer`.
    Jouw FAH al weer vouwend??
  • Nope, FAH staat bij mij nog stil, alhoewel ik de noodzaak wel inzie om weer te gaan draaien!
    Zelf denk ik dat ik dan FAH na installatie vanuit de standaard installatie lokatie eerst verplaats naar de D-partitie, waar ook mijn documenten staan!

    DEP: http://windows.microsoft.com/nl-NL/windows-vista/Data-Execution-Prevention-frequently-asked-questions

    DEP is in mijn Windows 7 voor alles ingeschakeld!

    EMET: http://support.microsoft.com/kb/2458544 - daarvan zijn alle onderdelen ook geaktiveerd!
  • DEP staat alleen op Windows onderdelen ingesteld
    EMET draai ik niet.

    Ik zie voor beiden niet echt meerwaarde want ik heb jullie ;-))
    Hele thuisnetwerk heeft lokaal ook geen firewalls aanstaan. Er zit een hardwarematige firewall in mn router en F secure draait op 3 vd 4 machines. Op de XP-HP laptop is F secure ws te zwaar , maar daarmee zit ik alleen op Inet voor webmail en Ugribfiles en Windguru, download met wifi elders en met 3G niets op die machine

    Heeft XP ook die DEP, want dan ga ik eens kijken of ik m kan killen, overweeg nog een FAH in Safe Mode te instaleren, mss dat ie dan wel na reboot gewoon wil werken. Alle 4 machines moeten gewoon 24/7 vouwen van me
  • Schiet mij maar lek, maar t werkt weer.
    Op XPbak prog verwijdert en de MSI in user>>>local gezet. laten instaleren en nu draait t weer :)
  • Jazeker beschikt XP over DEP.
    Vindt je in XP op exact dezelfde plek als in VISTA/Windows 7!

    EMET is een tool om de veiligheid in Windows te verhogen!

    Je gebruik een router met hardware firewall dus in de XP PC volstaat Avast 6 Free.
  • Had DEP op XP gevonden , zelfde instelling, alleen MS processen

    Is die EMET écht nodig?? Ik ben redelijk secuur met downloaden, mail wordt eerst altijd op webmails gecheckt en Ziggo staat net als Windows op automatische updates.
    Ik moet mn firewalls wel uitschakelen omdat ik anders niet op mn andere machines kom, dan zelfs nauwelijks met Teamviewer, dus ik vind t eigenlijk wel goed zo. Als de jongens van Bill nou ook nog eens de netwerktoegang tussen W7 en XP klaren, ben ik gelukkig, LOL
    Bovebdien staat mn netwerk ( draadloze deel ) op Mac filtering, daar komen ze niet zo gauw in
  • Wat betreft Macfiltering voor WLAN - dat begrijp ik, zo heb ik dat ook voor diverse netwerken ingesteld, nadat er te los was omgegaan met het inlogwachtwoord!

    EMET is aan te raden om daarmee Windows nog veiliger te maken.

    Vergeet ook niet dan Windows XP min of meer 16x onveiliger is dan Windows 7!
  • En op die XP doe ik nauwelijks iets, die gebruik ik aan boord van mn zeilboot om de electronische navigatie op te doen. Enige wat die machine van internet afhaalt zijn de updates van stentec en Oziexplorer om de tonnen op t IJsselmeer up to date te houden Die gegevens komen van Rijkswaterstaat. Die zijn virusvrij LOL.
    Zal nog eens over EMET denken. Wat ik me dan trouwens wél afvraag, waaarom zit dat prog niet standaard in Windows?? Kunnen ze toch in de updates meesturen??
  • EMET is niet zomaar een update hoor.

    Maar weet je ervan en gebruik je het, is Windows op slag een stuk veiliger.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.