Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

spraak onhoorbaar

baksteen
27 antwoorden
  • Ik heb weer eens wat.
    Het maakt niet uit wat voor een film ik opstart … alle spraak is praktisch onhoorbaar of sterk vervormd, maakt niet uit welke mediaspeler ik gebruik.
    Ik heb de diverse mediaplayers (w.o VLC) gedeïnstaleerd en opnieuw geïnstallerer, maar dat maakt geen verschil uit.
    Nou ja, ik heb weer eens hulp nodig. Alvast bedankt.
  • Begin maar het volgende uit te voeren:

    [b:cde4e64c1e]Welk programma[/b:cde4e64c1e]: [b:cde4e64c1e]sUbs dds[/b:cde4e64c1e][/color:cde4e64c1e]
    [b:cde4e64c1e]Waarvoor/waarom[/b:cde4e64c1e]: DDS is een diagnosetool en maakt gebruik van scripts.
    [b:cde4e64c1e]Moeilijkheidsgraad[/b:cde4e64c1e]: Lees eerst goed wat te doen.
    [b:cde4e64c1e]Downloadlokatie[/b:cde4e64c1e]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen!
    [b:cde4e64c1e]Download DDS[/b:cde4e64c1e] van [b:cde4e64c1e]sUBS[/b:cde4e64c1e] van één van deze locaties en plaats het op je [b:cde4e64c1e]bureaublad[/b:cde4e64c1e]:
    [b:cde4e64c1e]DDS - Bleeping Computer download.
    DDS - Bleeping Computer download.
    DDS - Infospyware.[/b:cde4e64c1e]

    [img:cde4e64c1e]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:cde4e64c1e]

    [b:cde4e64c1e]sUBs dds. gebruiken[/b:cde4e64c1e]:
    [list:cde4e64c1e][*:cde4e64c1e][b:cde4e64c1e]Sluit vervolgens eerst alle nog openstaande programmavensters![/color:cde4e64c1e][/b:cde4e64c1e]
    [*:cde4e64c1e] [b:cde4e64c1e]Deaktiveer vervolgens de actieve beveiligingssoftware[/color:cde4e64c1e][/b:cde4e64c1e]
    [list:cde4e64c1e][*:cde4e64c1e][b:cde4e64c1e]Windows 2000[/color:cde4e64c1e][/b:cde4e64c1e] en [b:cde4e64c1e]Windows XP[/b:cde4e64c1e][/color:cde4e64c1e]: start sUBs dds. middels dubbelklik op de snelkoppeling.
    [*:cde4e64c1e][b:cde4e64c1e]Windows Vista[/b:cde4e64c1e][/color:cde4e64c1e] en [b:cde4e64c1e]Windows 7[/b:cde4e64c1e][/color:cde4e64c1e]: start sUBs dds. rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:cde4e64c1e][/list:u:cde4e64c1e]
    [b:cde4e64c1e]Na de scan[/b:cde4e64c1e]
    [list:cde4e64c1e][*:cde4e64c1e] [b:cde4e64c1e]Heraktiveer nu de actieve beveiligingssoftware[/color:cde4e64c1e][/b:cde4e64c1e]
    [*:cde4e64c1e]Er worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt - let even op het volgende!
    [*:cde4e64c1e]Kopieer en plak de gehele inhoud van de [b:cde4e64c1e]DDS-logfile[/b:cde4e64c1e] in jouw volgende bericht.
    [*:cde4e64c1e]De inhoud van [b:cde4e64c1e]Attach.txt[/b:cde4e64c1e] post je wanneer ik daarom vraag.[/list:u:cde4e64c1e]
  • .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.7601.17514
    Run by Walop at 15:14:55 on 2012-06-21
    Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1033.18.3327.2326 [GMT 2:00]
    .
    AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    C:\Program Files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe
    D:\PROGRAM FILES\SECUNIA\PSI\psi_tray.exe
    C:\Users\Walop\MiniReminder\MiniReminder.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Windows\system32\conhost.exe
    D:\Program Files\Secunia\PSI\PSIA.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
    C:\Windows\system32\vmnat.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
    C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
    C:\Program Files\VMware\VMware Player\vmware-authd.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\vmnetdhcp.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\DllHost.exe
    D:\Program Files\Secunia\PSI\sua.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\ehome\mcupdate.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\msfeedssync.exe
    C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2504091
    uURLSearchHooks: H - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\search~1\datamngr\toolbar\searchqudtx.dll
    BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\search~1\datamngr\BROWSE~1.DLL
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
    BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: SweetPacks Browser Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
    BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo\YontooIEClient.dll
    TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\search~1\datamngr\toolbar\searchqudtx.dll
    TB: SweetPacks Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
    uRun: [Gadwin PrintScreen Pro] "c:\program files\gadwin systems\printscreenpro\PrintScreenPro.exe" /nosplash
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
    mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files\amd avt\bin\kdbsync.exe" aml
    mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
    StartupFolder: c:\users\walop\appdata\roaming\micros~1\windows\startm~1\programs\startup\minire~1.lnk - c:\users\walop\minireminder\MiniReminder.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - d:\program files\secunia\psi\psi_tray.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    LSP: c:\program files\avira\antivir desktop\avsda.dll
    LSP: %SystemRoot%\system32\vsocklib.dll
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
    TCP: Interfaces\{11ED62F4-284A-4249-8F6F-B24517373261} : DhcpNameServer = 213.46.228.196 62.179.104.196
    AppInit_DLLs: c:\progra~1\search~1\datamngr\datamngr.dll c:\progra~1\search~1\datamngr\IEBHO.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\walop\appdata\roaming\mozilla\firefox\profiles\fyygn3jj.default\
    FF - prefs.js: browser.search.defaulturl -
    FF - prefs.js: browser.search.selectedEngine - Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406
    FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air
    ppdf32.dll
    FF - plugin: c:\program files\java\jre6\bin
    ew_plugin
    pdeployJava1.dll
    FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins
    ppl3260.dll
    FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins
    prpjplug.dll
    FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0
    pctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins
    pdeployJava1.dll
    FF - plugin: c:\users\walop\appdata\local\google\google earth\plugin
    pgeplugin.dll
    FF - plugin: c:\users\walop\appdata\local\google\update\1.3.21.111
    pGoogleUpdate3.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
    .
    —- FIREFOX POLICIES —-
    FF - user.js: yahoo.homepage.dontask - true
    FF - user.js: extentions.y2layers.installId - 1a5bb821-802b-4018-b11f-8bd5b95919a2
    FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics
    .
    FF - user.js: extensions.autoDisableScopes - 14
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 DiskSec;Magix Volume Filter Driver;c:\windows\system32\drivers\disksec.sys [2010-10-31 14208]
    R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-3-14 36000]
    R2 AODDriver4.1;AODDriver4.1;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-2-1 46720]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-3-14 83392]
    R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2012-4-9 37944]
    R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-4-20 7772160]
    R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-4-20 243712]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-5 86032]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    .
    =============== Created Last 30 ================
    .
    2012-06-20 18:49:00 70656 —-a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPPA4.DLL
    2012-06-20 18:49:00 27136 —-a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPDA4.DLL
    2012-06-20 18:45:22 277504 —-a-w- c:\windows\system32\CNMLMA4.DLL
    2012-06-19 14:02:15 6762896 —-a-w- c:\programdata\microsoft\windows defender\definition updates\{4887fafe-4194-40c6-b0b0-e9352116260c}\mpengine.dll
    2012-06-17 19:57:51 183808 —-a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-06-17 19:50:30 2342400 —-a-w- c:\windows\system32\msi.dll
    2012-06-17 19:50:18 2343936 —-a-w- c:\windows\system32\win32k.sys
    2012-06-17 19:49:47 8192 —-a-w- c:\windows\system32\rdrmemptylst.exe
    2012-06-17 19:49:47 58880 —-a-w- c:\windows\system32\rdpwsx.dll
    2012-06-17 19:49:47 129536 —-a-w- c:\windows\system32\rdpcorekmts.dll
    2012-06-17 19:48:55 164352 —-a-w- c:\windows\system32\profsvc.dll
    2012-06-17 19:47:40 1158656 —-a-w- c:\windows\system32\crypt32.dll
    2012-06-17 19:47:38 140288 —-a-w- c:\windows\system32\cryptsvc.dll
    2012-06-17 19:47:38 103936 —-a-w- c:\windows\system32\cryptnet.dll
    2012-06-09 15:38:13 ——– d—–w- c:\users\walop\appdata\local\AMD
    2012-05-29 22:08:54 48648 —-a-w- c:\programdata\microsoft\ehome\packages\mceclientux\updateablemarkup-2\Markup.dll
    2012-05-29 22:08:45 856712 —-a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight-2\SpotlightResources.dll
    2012-05-29 17:42:07 ——– d—–w- c:\users\walop\appdata\roaming\Sweetpacks
    .
    ==================== Find3M ====================
    .
    2012-05-15 03:03:54 981504 —-a-w- c:\windows\system32\wininet.dll
    2012-05-10 20:31:02 70304 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-05-10 20:31:02 419488 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-05-10 13:29:44 472808 —-a-w- c:\windows\system32\deployJava1.dll
    2012-05-08 17:16:45 83392 —-a-w- c:\windows\system32\drivers\avgntflt.sys
    2012-04-20 03:16:44 1638912 —-a-w- c:\windows\system32\mshtml.tlb
    2012-04-16 19:22:02 36000 —-a-w- c:\windows\system32\drivers\avkmgr.sys
    2012-03-31 04:39:37 3968368 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2012-03-31 04:39:37 3913072 —-a-w- c:\windows\system32
    toskrnl.exe
    2012-03-30 10:23:11 1291632 —-a-w- c:\windows\system32\drivers\tcpip.sys
    .
    ============= FINISH: 15:22:36.00 ===============
  • We gaan nu eerst controleren op rootkits.

    [b:af71136b87]Welk programma[/b:af71136b87]: [b:af71136b87]TDSSKStarter.exe[/b:af71136b87][/color:af71136b87]
    [b:af71136b87]Waarvoor/waarom[/b:af71136b87]: Rootkitscanner
    [b:af71136b87]Moeilijkheidsgraad[/b:af71136b87]: geen
    Download [b:af71136b87]TDSSKStarter[/b:af71136b87] naar het bureaublad.

    [b:af71136b87]"TDSSSStarter.exe" gebruiken[/b:af71136b87]:
    [list:af71136b87][*:af71136b87] [b:af71136b87]Sluit nu eerst alle nog openstaande programmavensters![/color:af71136b87][/b:af71136b87]
    [list:af71136b87][*:af71136b87][b:af71136b87]Windows 2000[/color:af71136b87][/b:af71136b87] en [b:af71136b87]Windows XP[/b:af71136b87][/color:af71136b87]: start het tool middels dubbelklik op "[i:af71136b87] TDSSKStarter .exe[/i:af71136b87]".
    [*:af71136b87][b:af71136b87]Windows Vista[/b:af71136b87][/color:af71136b87] en [b:af71136b87]Windows 7[/b:af71136b87][/color:af71136b87]: start het tool middels rechtsklik op "[i:af71136b87]TDSSKStarter.exe[/i:af71136b87]" en dan kiezen voor [i:af71136b87][b:af71136b87]Als Administrator uitvoeren[/b:af71136b87][/i:af71136b87].[/list:u:af71136b87]

    [*:af71136b87]Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
    [*:af71136b87]Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.[/list:u:af71136b87]
  • Even tussendoor … ik waardeer je (nieuwe) inzet buitengewoon :)
  • Dat is bijzonder aardig van jou om mij op deze wijze de complimenten te geven.
  • 18:48:12.0393 3504 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
    18:48:12.0393 3504 ============================================================
    18:48:12.0393 3504 Current date / time: 2012/06/21 18:48:12.0393
    18:48:12.0393 3504 SystemInfo:
    18:48:12.0393 3504
    18:48:12.0393 3504 OS Version: 6.1.7601 ServicePack: 1.0
    18:48:12.0393 3504 Product type: Workstation
    18:48:12.0393 3504 ComputerName: WIN7-PC
    18:48:12.0393 3504 UserName: Walop
    18:48:12.0393 3504 Windows directory: C:\Windows
    18:48:12.0393 3504 System windows directory: C:\Windows
    18:48:12.0393 3504 Processor architecture: Intel x86
    18:48:12.0393 3504 Number of processors: 4
    18:48:12.0393 3504 Page size: 0x1000
    18:48:12.0393 3504 Boot type: Normal boot
    18:48:12.0393 3504 ============================================================
    18:48:27.0603 3504 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize:

    0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    18:48:27.0603 3504 ============================================================
    18:48:27.0603 3504 \Device\Harddisk0\DR0:
    18:48:27.0619 3504 MBR partitions:
    18:48:27.0619 3504 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum

    0x3A380D41
    18:48:27.0650 3504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3A380DBF, BlocksNum

    0x3A380D41
    18:48:27.0650 3504 ============================================================
    18:48:27.0744 3504 C: <-> \Device\Harddisk0\DR0\Partition0
    18:48:27.0790 3504 D: <-> \Device\Harddisk0\DR0\Partition1
    18:48:27.0790 3504 ============================================================
    18:48:27.0790 3504 Initialize success
    18:48:27.0790 3504 ============================================================
    18:48:27.0931 4640 ============================================================
    18:48:27.0931 4640 Scan started
    18:48:27.0931 4640 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
    18:48:27.0931 4640 ============================================================
    18:48:53.0406 4640 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers

    \1394ohci.sys
    18:48:53.0562 4640 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers

    \ACPI.sys
    18:48:53.0593 4640 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers

    \acpipmi.sys
    18:48:54.0810 4640 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows

    \system32\Macromed\Flash\FlashPlayerUpdateService.exe
    18:49:01.0799 4640 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS

    \adp94xx.sys
    18:49:01.0861 4640 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS

    \adpahci.sys
    18:49:03.0905 4640 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS

    \adpu320.sys
    18:49:03.0951 4640 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows

    \System32\aelupsvc.dll
    18:49:05.0106 4640 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers

    \afd.sys
    18:49:05.0340 4640 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers

    \agp440.sys
    18:49:05.0371 4640 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS

    \djsvs.sys
    18:49:05.0402 4640 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
    18:49:05.0496 4640 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers

    \aliide.sys
    18:49:05.0543 4640 AMD External Events Utility (ebccbcbf1df132e4775e5d6e6dea3ed0) C:\Windows

    \system32\atiesrxx.exe
    18:49:06.0260 4640 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers

    \amdagp.sys
    18:49:06.0479 4640 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers

    \amdide.sys
    18:49:06.0837 4640 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS

    \amdiox86.sys
    18:49:06.0884 4640 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS

    \amdk8.sys
    18:49:22.0937 4640 amdkmdag (f89643a2ca001b1162061e306f8bf267) C:\Windows\system32\DRIVERS

    \atikmdag.sys
    18:49:28.0740 4640 amdkmdap (fb68e1b9cec598f0f69503f3aebb45dd) C:\Windows\system32\DRIVERS

    \atikmpag.sys
    18:49:29.0114 4640 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS

    \amdppm.sys
    18:49:29.0863 4640 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers

    \amdsata.sys
    18:49:30.0939 4640 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS

    \amdsbs.sys
    18:49:31.0220 4640 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers

    \amdxata.sys
    18:49:34.0356 4640 AntiVirMailService (312eba7b8fbdb2570c8d0c911c35ef2c) C:\Program Files\Avira

    \AntiVir Desktop\avmailc.exe
    18:49:34.0855 4640 AntiVirSchedulerService (697010baa012bf4fc8ec64b35e446b1c) C:\Program Files

    \Avira\AntiVir Desktop\sched.exe
    18:49:35.0931 4640 AntiVirService (82101c790e8e488a4c0b2a6465942b6f) C:\Program Files\Avira

    \AntiVir Desktop\avguard.exe
    18:49:37.0445 4640 AntiVirWebService (211659cc0826c43cade17754d51d7c6a) C:\Program Files\Avira

    \AntiVir Desktop\AVWEBGRD.EXE
    18:49:37.0819 4640 AODDriver4.1 (df6de9e8e4b6994853ccf038bfae964b) C:\Program Files\ATI

    Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
    18:49:38.0303 4640 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers

    \appid.sys
    18:49:38.0708 4640 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows

    \System32\appidsvc.dll
    18:49:38.0771 4640 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows

    \System32\appinfo.dll
    18:49:38.0911 4640 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows

    \System32\appmgmts.dll
    18:49:39.0239 4640 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS

    \arc.sys
    18:49:39.0847 4640 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS

    \arcsas.sys
    18:49:40.0175 4640 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS

    \asyncmac.sys
    18:49:42.0031 4640 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers

    \atapi.sys
    18:49:43.0107 4640 AtiHDAudioService (4d201d8b576be4473405b2a86a2d28b3) C:\Windows

    \system32\drivers\AtihdW73.sys
    18:49:43.0903 4640 AtiHdmiService (5371ff39ab5c496ac609f9dad755d778) C:\Windows\system32\drivers

    \AtiHdmi.sys
    18:49:52.0623 4640 atikmdag (f89643a2ca001b1162061e306f8bf267) C:\Windows\system32\DRIVERS

    \atikmdag.sys
    18:49:54.0511 4640 AtiPcie (aca01c43d065e546c6dc88ea669ceca6) C:\Windows\system32\DRIVERS

    \AtiPcie.sys
    18:49:55.0260 4640 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows

    \System32\Audiosrv.dll
    18:49:55.0931 4640 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows

    \System32\Audiosrv.dll
    18:49:56.0399 4640 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS

    \avgntflt.sys
    18:49:56.0477 4640 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS

    \avipbb.sys
    18:49:56.0492 4640 avkmgr (53e56450da16a1a7f0d002f511113f67) C:\Windows\system32\DRIVERS

    \avkmgr.sys
    18:49:56.0648 4640 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows

    \System32\AxInstSV.dll
    18:49:58.0005 4640 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS

    \bxvbdx.sys
    18:49:58.0099 4640 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS

    \b57nd60x.sys
    18:49:58.0146 4640 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows

    \System32\bdesvc.dll
    18:49:58.0177 4640 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers

    \Beep.sys
    18:49:58.0255 4640 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
    18:49:59.0425 4640 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
    18:49:59.0643 4640 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS

    \blbdrive.sys
    18:50:00.0283 4640 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS

    \bowser.sys
    18:50:00.0673 4640 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS

    \BrFiltLo.sys
    18:50:00.0891 4640 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS

    \BrFiltUp.sys
    18:50:01.0625 4640 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS

    \bridge.sys
    18:50:01.0983 4640 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows

    \System32\browser.dll
    18:50:02.0015 4640 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers

    \Brserid.sys
    18:50:02.0061 4640 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers

    \BrSerWdm.sys
    18:50:02.0093 4640 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers

    \BrUsbMdm.sys
    18:50:02.0124 4640 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers

    \BrUsbSer.sys
    18:50:02.0139 4640 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS

    \bthmodem.sys
    18:50:02.0186 4640 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows

    \system32\bthserv.dll
    18:50:10.0049 4640 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS

    \cdfs.sys
    18:50:10.0361 4640 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers

    \cdrom.sys
    18:50:10.0938 4640 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows

    \System32\certprop.dll
    18:50:11.0031 4640 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS

    \circlass.sys
    18:50:11.0515 4640 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    18:50:11.0671 4640 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows

    \Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    18:50:11.0811 4640 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows

    \Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    18:50:12.0357 4640 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS

    \CmBatt.sys
    18:50:12.0389 4640 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers

    \cmdide.sys
    18:50:12.0420 4640 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers

    \cng.sys
    18:50:12.0576 4640 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS

    \compbatt.sys
    18:50:12.0638 4640 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers

    \CompositeBus.sys
    18:50:12.0779 4640 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS

    \crcdisk.sys
    18:50:12.0841 4640 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows

    \system32\cryptsvc.dll
    18:50:12.0997 4640 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers

    \csc.sys
    18:50:13.0122 4640 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows

    \System32\cscsvc.dll
    18:50:13.0184 4640 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows

    \system32\rpcss.dll
    18:50:13.0371 4640 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows

    \System32\defragsvc.dll
    18:50:15.0462 4640 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers

    \dfsc.sys
    18:50:15.0758 4640 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows

    \system32\dhcpcore.dll
    18:50:15.0789 4640 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers

    \discache.sys
    18:50:15.0852 4640 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS

    \disk.sys
    18:50:15.0914 4640 DiskSec (f6010162368d9bef934f1647f2430446) C:\Windows\system32\drivers

    \DiskSec.sys
    18:50:15.0930 4640 DiskSec ( UnsignedFile.Multi.Generic ) - [b:341d4699f0]warning[/color:341d4699f0][/b:341d4699f0]
    18:50:15.0930 4640 DiskSec - detected UnsignedFile.Multi.Generic (1)
    18:50:15.0961 4640 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows

    \System32\dnsrslvr.dll
    18:50:16.0008 4640 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows

    \System32\dot3svc.dll
    18:50:16.0211 4640 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
    18:50:16.0289 4640 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers

    \drmkaud.sys
    18:50:16.0382 4640 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers

    \dxgkrnl.sys
    18:50:16.0601 4640 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows

    \System32\eapsvc.dll
    18:50:17.0365 4640 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS

    \evbdx.sys
    18:50:18.0691 4640 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows

    \System32\lsass.exe
    18:50:18.0847 4640 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
    18:50:19.0034 4640 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
    18:50:19.0284 4640 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS

    \elxstor.sys
    18:50:19.0346 4640 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers

    \errdev.sys
    18:50:19.0409 4640 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
    18:50:19.0455 4640 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers

    \exfat.sys
    18:50:19.0643 4640 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers

    \fastfat.sys
    18:50:19.0861 4640 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows

    \system32\fxssvc.exe
    18:50:19.0986 4640 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS

    \fdc.sys
    18:50:20.0017 4640 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows

    \system32\fdPHost.dll
    18:50:20.0033 4640 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows

    \system32\fdrespub.dll
    18:50:20.0220 4640 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers

    \fileinfo.sys
    18:50:20.0282 4640 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers

    \filetrace.sys
    18:50:20.0313 4640 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS

    \flpydisk.sys
    18:50:20.0360 4640 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers

    \fltmgr.sys
    18:50:20.0532 4640 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows

    \system32\FntCache.dll
    18:50:20.0625 4640 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net

    \Framework\v3.0\WPF\PresentationFontCache.exe
    18:50:20.0657 4640 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers

    \FsDepends.sys
    18:50:21.0031 4640 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers

    \Fs_Rec.sys
    18:50:21.0078 4640 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS

    \fvevol.sys
    18:50:21.0171 4640 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS

    \gagp30kx.sys
    18:50:21.0234 4640 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows

    \System32\gpsvc.dll
    18:50:21.0390 4640 hcmon (88a6f2571405b3a4abc4ed2f52136317) C:\Windows\system32\drivers

    \hcmon.sys
    18:50:21.0437 4640 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers

    \hcw85cir.sys
    18:50:21.0530 4640 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers

    \HdAudio.sys
    18:50:21.0593 4640 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers

    \HDAudBus.sys
    18:50:21.0624 4640 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS

    \HidBatt.sys
    18:50:21.0764 4640 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS

    \hidbth.sys
    18:50:21.0811 4640 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS

    \hidir.sys
    18:50:21.0842 4640 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows

    \System32\hidserv.dll
    18:50:21.0998 4640 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers

    \hidusb.sys
    18:50:22.0029 4640 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows

    \system32\kmsvc.dll
    18:50:22.0201 4640 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows

    \system32\ListSvc.dll
    18:50:22.0263 4640 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows

    \system32\provsvc.dll
    18:50:22.0451 4640 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers

    \HpSAMD.sys
    18:50:22.0591 4640 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers

    \HTTP.sys
    18:50:22.0731 4640 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers

    \hwpolicy.sys
    18:50:22.0763 4640 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers

    \i8042prt.sys
    18:50:22.0809 4640 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers

    \iaStorV.sys
    18:50:23.0059 4640 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET

    \Framework\v3.0\Windows Communication Foundation\infocard.exe
    18:50:23.0246 4640 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS

    \iirsp.sys
    18:50:23.0449 4640 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows

    \System32\ikeext.dll
    18:50:23.0636 4640 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers

    \intelide.sys
    18:50:23.0714 4640 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS

    \intelppm.sys
    18:50:23.0886 4640 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows

    \system32\ipbusenum.dll
    18:50:24.0057 4640 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS

    \ipfltdrv.sys
    18:50:24.0151 4640 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows

    \System32\iphlpsvc.dll
    18:50:24.0198 4640 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers

    \IPMIDrv.sys
    18:50:24.0245 4640 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers

    \ipnat.sys
    18:50:24.0401 4640 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers

    \irenum.sys
    18:50:24.0432 4640 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers

    \isapnp.sys
    18:50:24.0463 4640 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers

    \msiscsi.sys
    18:50:24.0557 4640 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers

    \kbdclass.sys
    18:50:24.0619 4640 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers

    \kbdhid.sys
    18:50:24.0666 4640 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows

    \system32\lsass.exe
    18:50:24.0681 4640 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers

    \ksecdd.sys
    18:50:24.0822 4640 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers

    \ksecpkg.sys
    18:50:24.0900 4640 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows

    \system32\msdtckrm.dll
    18:50:24.0978 4640 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows

    \System32\srvsvc.dll
    18:50:25.0103 4640 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows

    \System32\wkssvc.dll
    18:50:25.0274 4640 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS

    \lltdio.sys
    18:50:25.0321 4640 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows

    \System32\lltdsvc.dll
    18:50:25.0477 4640 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows

    \System32\lmhsvc.dll
    18:50:25.0539 4640 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS

    \lsi_fc.sys
    18:50:25.0571 4640 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS

    \lsi_sas.sys
    18:50:25.0602 4640 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS

    \lsi_sas2.sys
    18:50:25.0617 4640 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS

    \lsi_scsi.sys
    18:50:25.0633 4640 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers

    \luafv.sys
    18:50:25.0914 4640 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files

    \McAfee Security Scan\2.0.181\McCHSvc.exe
    18:50:26.0070 4640 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows

    \system32\Mcx2Svc.dll
    18:50:26.0101 4640 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS

    \megasas.sys
    18:50:26.0647 4640 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS

    \MegaSR.sys
    18:50:27.0037 4640 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows

    \system32\mmcss.dll
    18:50:27.0099 4640 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers

    \modem.sys
    18:50:27.0146 4640 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS

    \monitor.sys
    18:50:27.0287 4640 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers

    \mouclass.sys
    18:50:27.0567 4640 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS

    \mouhid.sys
    18:50:27.0692 4640 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers

    \mountmgr.sys
    18:50:27.0801 4640 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla

    Maintenance Service\maintenanceservice.exe
    18:50:27.0957 4640 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers

    \mpio.sys
    18:50:27.0973 4640 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers

    \mpsdrv.sys
    18:50:28.0160 4640 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows

    \system32\mpssvc.dll
    18:50:28.0269 4640 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers

    \mrxdav.sys
    18:50:28.0332 4640 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS

    \mrxsmb.sys
    18:50:28.0394 4640 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS

    \mrxsmb10.sys
    18:50:28.0535 4640 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS

    \mrxsmb20.sys
    18:50:28.0613 4640 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers

    \msahci.sys
    18:50:28.0628 4640 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers

    \msdsm.sys
    18:50:28.0753 4640 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows

    \System32\msdtc.exe
    18:50:28.0815 4640 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers

    \Msfs.sys
    18:50:28.0909 4640 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers

    \mshidkmdf.sys
    18:50:29.0034 4640 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers

    \msisadrv.sys
    18:50:29.0143 4640 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows

    \system32\iscsiexe.dll
    18:50:29.0205 4640 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers

    \MSKSSRV.sys
    18:50:29.0268 4640 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers

    \MSPCLOCK.sys
    18:50:29.0439 4640 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers

    \MSPQM.sys
    18:50:29.0486 4640 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers

    \MsRPC.sys
    18:50:29.0564 4640 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers

    \mssmbios.sys
    18:50:29.0580 4640 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers

    \MSTEE.sys
    18:50:29.0705 4640 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS

    \MTConfig.sys
    18:50:29.0751 4640 MTsensor (cbe71c122434805cb73ffb6619f60598) C:\Windows\system32\DRIVERS

    \ASACPI.sys
    18:50:29.0783 4640 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers

    \mup.sys
    18:50:29.0829 4640 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows

    \system32\qagentRT.dll
    18:50:29.0954 4640 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS


    wifi.sys
    18:50:30.0422 4640 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers


    dis.sys
    18:50:30.0625 4640 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS


    discap.sys
    18:50:30.0719 4640 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS


    distapi.sys
    18:50:30.0781 4640 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS


    disuio.sys
    18:50:31.0031 4640 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS


    diswan.sys
    18:50:31.0233 4640 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers

    \NDProxy.sys
    18:50:31.0265 4640 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS


    etbios.sys
    18:50:31.0327 4640 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS


    etbt.sys
    18:50:31.0545 4640 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows

    \system32\lsass.exe
    18:50:31.0608 4640 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows

    \System32
    etman.dll
    18:50:31.0811 4640 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows

    \System32
    etprofm.dll
    18:50:31.0889 4640 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET

    \Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    18:50:31.0935 4640 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS


    frd960.sys
    18:50:31.0998 4640 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows

    \System32
    lasvc.dll
    18:50:32.0169 4640 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers

    \Npfs.sys
    18:50:32.0341 4640 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows

    \system32
    sisvc.dll
    18:50:32.0372 4640 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers


    siproxy.sys
    18:50:32.0450 4640 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers

    \Ntfs.sys
    18:50:32.0591 4640 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers

    \Null.sys
    18:50:32.0981 4640 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers


    vraid.sys
    18:50:33.0012 4640 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers


    vstor.sys
    18:50:33.0105 4640 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers


    v_agp.sys
    18:50:33.0168 4640 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers

    \ohci1394.sys
    18:50:33.0215 4640 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows

    \system32\pnrpsvc.dll
    18:50:33.0261 4640 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows

    \system32\p2psvc.dll
    18:50:33.0293 4640 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS

    \parport.sys
    18:50:33.0324 4640 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers

    \partmgr.sys
    18:50:33.0339 4640 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS

    \parvdm.sys
    18:50:33.0386 4640 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows

    \System32\pcasvc.dll
    18:50:33.0417 4640 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers

    \pci.sys
    18:50:33.0433 4640 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers

    \pciide.sys
    18:50:33.0636 4640 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS

    \pcmcia.sys
    18:50:33.0651 4640 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers

    \pcw.sys
    18:50:33.0870 4640 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers

    \peauth.sys
    18:50:34.0182 4640 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows

    \system32\peerdistsvc.dll
    18:50:34.0587 4640 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
    18:50:34.0775 4640 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows

    \system32\umpnpmgr.dll
    18:50:34.0915 4640 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows

    \system32\pnrpauto.dll
    18:50:34.0962 4640 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows

    \system32\pnrpsvc.dll
    18:50:34.0993 4640 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows

    \System32\ipsecsvc.dll
    18:50:35.0165 4640 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
    18:50:35.0352 4640 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS

    \raspptp.sys
    18:50:35.0399 4640 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS

    \processr.sys
    18:50:35.0430 4640 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows

    \system32\profsvc.dll
    18:50:35.0508 4640 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows

    \system32\lsass.exe
    18:50:35.0555 4640 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS

    \pacer.sys
    18:50:35.0695 4640 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS

    \psi_mf.sys
    18:50:35.0742 4640 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers

    \PxHelp20.sys
    18:50:35.0898 4640 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS

    \ql2300.sys
    18:50:36.0927 4640 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS

    \ql40xx.sys
    18:50:36.0974 4640 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows

    \system32\qwave.dll
    18:50:37.0021 4640 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers

    \qwavedrv.sys
    18:50:37.0037 4640 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS

    \rasacd.sys
    18:50:37.0115 4640 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS

    \AgileVpn.sys
    18:50:37.0146 4640 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows

    \System32\rasauto.dll
    18:50:37.0193 4640 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS

    \rasl2tp.sys
    18:50:37.0271 4640 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows

    \System32\rasmans.dll
    18:50:37.0317 4640 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS

    \raspppoe.sys
    18:50:37.0458 4640 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS

    \rassstp.sys
    18:50:37.0520 4640 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS

    \rdbss.sys
    18:50:37.0692 4640 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS

    \rdpbus.sys
    18:50:37.0739 4640 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS

    \RDPCDD.sys
    18:50:37.0801 4640 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers

    \rdpdr.sys
    18:50:37.0832 4640 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers

    \rdpencdd.sys
    18:50:37.0863 4640 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers

    \rdprefmp.sys
    18:50:38.0363 4640 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers

    \RDPWD.sys
    18:50:38.0456 4640 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers

    \rdyboost.sys
    18:50:38.0487 4640 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows

    \System32\mprdim.dll
    18:50:38.0565 4640 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows

    \system32\regsvc.dll
    18:50:39.0330 4640 RoxMediaDB12 (ff578453d3b3adaab22d7151d7f9e592) C:\Program Files\Common

    Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe
    18:50:39.0611 4640 RoxWatch12 (71b38b8df1a9b55fc0fb64958cc7b9dd) C:\Program Files\Common

    Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe
    18:50:39.0923 4640 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows

    \System32\RpcEpMap.dll
    18:50:40.0094 4640 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows

    \system32\locator.exe
    18:50:40.0172 4640 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows

    \system32\rpcss.dll
    18:50:40.0219 4640 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS

    \rspndr.sys
    18:50:40.0297 4640 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS

    \Rt86win7.sys
    18:50:40.0344 4640 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers

    \vms3cap.sys
    18:50:40.0406 4640 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows

    \system32\lsass.exe
    18:50:40.0469 4640 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers

    \sbp2port.sys
    18:50:40.0484 4640 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows

    \System32\SCardSvr.dll
    18:50:40.0718 4640 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS

    \scfilter.sys
    18:50:41.0295 4640 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows

    \system32\schedsvc.dll
    18:50:41.0373 4640 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows

    \System32\certprop.dll
    18:50:41.0592 4640 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows

    \System32\SDRSVC.dll
    18:50:41.0639 4640 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers

    \secdrv.sys
    18:50:41.0826 4640 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows

    \system32\seclogon.dll
    18:50:42.0575 4640 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) D:\Program Files\Secunia

    \PSI\PSIA.exe
    18:50:42.0653 4640 Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) D:\Program Files

    \Secunia\PSI\sua.exe
    18:50:42.0684 4640 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
    18:50:42.0840 4640 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows

    \system32\sensrsvc.dll
    18:50:42.0887 4640 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS

    \serenum.sys
    18:50:42.0918 4640 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS

    \serial.sys
    18:50:42.0965 4640 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS

    \sermouse.sys
    18:50:43.0011 4640 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows

    \system32\sessenv.dll
    18:50:43.0074 4640 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers

    \sffdisk.sys
    18:50:43.0089 4640 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers

    \sffp_mmc.sys
    18:50:43.0230 4640 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers

    \sffp_sd.sys
    18:50:43.0261 4640 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS

    \sfloppy.sys
    18:50:43.0292 4640 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows

    \System32\ipnathlp.dll
    18:50:43.0495 4640 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows

    \System32\shsvcs.dll
    18:50:43.0589 4640 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers

    \sisagp.sys
    18:50:43.0620 4640 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS

    \SiSRaid2.sys
    18:50:43.0651 4640 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS

    \sisraid4.sys
    18:50:43.0698 4640 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS

    \smb.sys
    18:50:43.0885 4640 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows

    \System32\snmptrap.exe
    18:50:43.0901 4640 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers

    \spldr.sys
    18:50:43.0947 4640 Spooler (866a43013535dc8587c258e43579c764) C:\Windows

    \System32\spoolsv.exe
    18:50:44.0431 4640 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows

    \system32\sppsvc.exe
    18:50:44.0634 4640 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows

    \system32\sppuinotify.dll
    18:50:44.0727 4640 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS

    \srv.sys
    18:50:44.0915 4640 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS

    \srv2.sys
    18:50:45.0149 4640 SrvHsfPCI (682fcf7d2eb5158cd30408e976562408) C:\Windows\system32\DRIVERS

    \VSTBS23.SYS
    18:50:45.0258 4640 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS

    \VSTDPV3.SYS
    18:50:45.0773 4640 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS

    \VSTCNXT3.SYS
    18:50:46.0225 4640 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS

    \srvnet.sys
    18:50:46.0272 4640 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows

    \System32\ssdpsrv.dll
    18:50:46.0350 4640 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS

    \ssmdrv.sys
    18:50:46.0365 4640 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows

    \system32\sstpsvc.dll
    18:50:46.0412 4640 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS

    \stexstor.sys
    18:50:46.0490 4640 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows

    \System32\wiaservc.dll
    18:50:46.0553 4640 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers

    \vmstorfl.sys
    18:50:46.0584 4640 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows

    \system32\storsvc.dll
    18:50:46.0615 4640 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers

    \storvsc.sys
    18:50:46.0631 4640 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers

    \swenum.sys
    18:50:47.0036 4640 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows

    \System32\swprv.dll
    18:50:47.0504 4640 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows

    \system32\sysmain.dll
    18:50:47.0754 4640 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows

    \System32\TabSvc.dll
    18:50:47.0832 4640 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows

    \System32\tapisrv.dll
    18:50:47.0879 4640 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows

    \System32\tbssvc.dll
    18:50:48.0237 4640 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers

    \tcpip.sys
    18:50:48.0378 4640 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS

    \tcpip.sys
    18:50:48.0581 4640 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers

    \tcpipreg.sys
    18:50:48.0643 4640 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers

    \tdpipe.sys
    18:50:48.0721 4640 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers

    \tdtcp.sys
    18:50:48.0752 4640 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS

    \tdx.sys
    18:50:49.0002 4640 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers

    \termdd.sys
    18:50:49.0173 4640 TermService (382c804c92811be57829d8e550a900e2) C:\Windows

    \System32\termsrv.dll
    18:50:49.0220 4640 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows

    \system32\themeservice.dll
    18:50:49.0376 4640 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows

    \system32\mmcss.dll
    18:50:49.0392 4640 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows

    \System32\trkwks.dll
    18:50:49.0610 4640 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing

    \TrustedInstaller.exe
    18:50:49.0657 4640 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS

    \tssecsrv.sys
    18:50:49.0720 4640 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers

    \tsusbflt.sys
    18:50:49.0751 4640 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS

    \tunnel.sys
    18:50:49.0969 4640 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS

    \uagp35.sys
    18:50:50.0141 4640 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS

    \udfs.sys
    18:50:50.0312 4640 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows

    \system32\UI0Detect.exe
    18:50:50.0359 4640 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers

    \uliagpkx.sys
    18:50:50.0406 4640 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers

    \umbus.sys
    18:50:50.0531 4640 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS

    \umpass.sys
    18:50:50.0578 4640 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows

    \System32\umrdp.dll
    18:50:50.0812 4640 upnphost (833fbb672460efce8011d262175fad33) C:\Windows

    \System32\upnphost.dll
    18:50:50.0858 4640 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\drivers

    \usbccgp.sys
    18:50:50.0936 4640 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers

    \usbcir.sys
    18:50:50.0968 4640 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS

    \usbehci.sys
    18:50:50.0999 4640 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS

    \usbhub.sys
    18:50:51.0170 4640 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS

    \usbohci.sys
    18:50:51.0217 4640 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS

    \usbprint.sys
    18:50:51.0233 4640 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS

    \usbscan.sys
    18:50:51.0280 4640 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS

    \USBSTOR.SYS
    18:50:51.0311 4640 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS

    \usbuhci.sys
    18:50:51.0358 4640 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows

    \System32\uxsms.dll
    18:50:51.0420 4640 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows

    \system32\lsass.exe
    18:50:51.0560 4640 VBoxDrv (103b23ec82c08fc4bdbc369552ffab2a) C:\Windows\system32\DRIVERS

    \VBoxDrv.sys
    18:50:51.0638 4640 VBoxNetAdp (226cd9e42be28a84ec56430fbb57224f) C:\Windows\system32\DRIVERS

    \VBoxNetAdp.sys
    18:50:51.0794 4640 VBoxNetFlt (0a5d6512dcb14135a388d0e7e69e01bb) C:\Windows\system32\DRIVERS

    \VBoxNetFlt.sys
    18:50:51.0810 4640 VBoxUSBMon (96a478edfb1fbf1fc663beb09b4175a8) C:\Windows\system32\DRIVERS

    \VBoxUSBMon.sys
    18:50:51.0857 4640 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers

    \vdrvroot.sys
    18:50:51.0935 4640 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
    18:50:52.0060 4640 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS

    \vgapnp.sys
    18:50:52.0075 4640 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers

    \vga.sys
    18:50:52.0138 4640 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers

    \vhdmp.sys
    18:50:52.0262 4640 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers

    \viaagp.sys
    18:50:52.0294 4640 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS

    \viac7.sys
    18:50:52.0684 4640 VIAHdAudAddService (dc56a867a2d92e1c51cb6d3f9c540548) C:\Windows

    \system32\drivers\viahduaa.sys
    18:50:52.0824 4640 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers

    \viaide.sys
    18:50:53.0011 4640 VMAuthdService (16073f2bc424558ebd277a15188d329e) C:\Program Files\VMware

    \VMware Player\vmware-authd.exe
    18:50:53.0011 4640 VMAuthdService ( UnsignedFile.Multi.Generic ) - [b:341d4699f0]warning[/color:341d4699f0]

    [/b:341d4699f0]
    18:50:53.0011 4640 VMAuthdService - detected UnsignedFile.Multi.Generic (1)
    18:50:53.0074 4640 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers

    \vmbus.sys
    18:50:53.0120 4640 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers

    \VMBusHID.sys
    18:50:53.0167 4640 vmci (15759158f7531853616b2b43af962fcb) C:\Windows\system32\DRIVERS

    \vmci.sys
    18:50:53.0230 4640 vmkbd (050b387296f34735d21dfa87cec37352) C:\Windows\system32\drivers

    \VMkbd.sys
    18:50:53.0292 4640 vmm (e41fef9e3056fe88c71e411f705be41e) C:\Windows\system32\Drivers

    \vmm.sys
    18:50:53.0339 4640 VMnetAdapter (1afa4af55cbea579a4bbe4f90967f720) C:\Windows\system32\DRIVERS

    \vmnetadapter.sys
    18:50:53.0464 4640 VMnetBridge (392964a7bf46986fbd44b24a3bec2088) C:\Windows\system32\DRIVERS

    \vmnetbridge.sys
    18:50:53.0526 4640 VMnetDHCP (767b32d0466ef960e2657f028ed936fc) C:\Windows

    \system32\vmnetdhcp.exe
    18:50:53.0557 4640 VMnetuserif (effcb341824be12e3134d4fb970a11e4) C:\Windows\system32\drivers

    \vmnetuserif.sys
    18:50:53.0588 4640 VMparport (ed1ce6bd51e2a1204c74720060744e90) C:\Windows\system32\Drivers

    \VMparport.sys
    18:50:53.0838 4640 VMUSBArbService (af76c6d3f5053459e18e4c519fb496c8) C:\Program Files\Common

    Files\VMware\USB\vmware-usbarbitrator.exe
    18:50:53.0963 4640 VMware NAT Service (0b55659b537065303fde1b4aaf646f16) C:\Windows

    \system32\vmnat.exe
    18:50:54.0119 4640 vmx86 (20b24d3b2dac84664eefeebf55b53008) C:\Windows\system32\Drivers

    \vmx86.sys
    18:50:54.0150 4640 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers

    \volmgr.sys
    18:50:54.0212 4640 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers

    \volmgrx.sys
    18:50:54.0556 4640 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers

    \volsnap.sys
    18:50:54.0805 4640 VPCNetS2 (f96a678debdccb0b4bb7f38cb2580589) C:\Windows\system32\DRIVERS

    \VMNetSrv.sys
    18:50:54.0868 4640 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS

    \vsmraid.sys
    18:50:55.0148 4640 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows

    \system32\vssvc.exe
    18:50:55.0195 4640 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers

    \vwifibus.sys
    18:50:55.0258 4640 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows

    \system32\w32time.dll
    18:50:55.0398 4640 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS

    \wacompen.sys
    18:50:55.0492 4640 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS

    \wanarp.sys
    18:50:55.0507 4640 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS

    \wanarp.sys
    18:50:55.0804 4640 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat

    \WatAdminSvc.exe
    18:50:56.0147 4640 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows

    \system32\wbengine.exe
    18:50:56.0256 4640 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows

    \System32\wbiosrvc.dll
    18:50:56.0459 4640 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows

    \System32\wcncsvc.dll
    18:50:56.0552 4640 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows

    \System32\WcsPlugInService.dll
    18:50:56.0708 4640 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS

    \wd.sys
    18:50:56.0771 4640 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers

    \Wdf01000.sys
    18:50:56.0896 4640 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
    18:50:56.0958 4640 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
    18:50:57.0629 4640 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows

    \System32\webclnt.dll
    18:50:57.0769 4640 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows

    \system32\wecsvc.dll
    18:50:57.0972 4640 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows

    \System32\wercplsupport.dll
    18:50:58.0128 4640 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows

    \System32\WerSvc.dll
    18:50:58.0206 4640 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS

    \wfplwf.sys
    18:50:58.0300 4640 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers

    \wimmount.sys
    18:50:58.0424 4640 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows

    Defender\mpsvc.dll
    18:50:58.0674 4640 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem

    \WMIsvc.dll
    18:50:59.0532 4640 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows

    \system32\WsmSvc.dll
    18:51:00.0671 4640 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows

    \System32\wlansvc.dll
    18:51:01.0638 4640 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common

    Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    18:51:01.0810 4640 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers

    \wmiacpi.sys
    18:51:02.0590 4640 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem

    \WmiApSrv.exe
    18:51:03.0354 4640 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows

    Media Player\wmpnetwk.exe
    18:51:03.0479 4640 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows

    \System32\wpcsvc.dll
    18:51:03.0526 4640 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows

    \system32\wpdbusenum.dll
    18:51:03.0588 4640 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers

    \ws2ifsl.sys
    18:51:03.0650 4640 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows

    \system32\wscsvc.dll
    18:51:05.0710 4640 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows

    \system32\wuaueng.dll
    18:51:06.0224 4640 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers

    \WudfPf.sys
    18:51:06.0318 4640 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS

    \WUDFRd.sys
    18:51:06.0583 4640 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows

    \System32\WUDFSvc.dll
    18:51:06.0708 4640 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows

    \System32\wwansvc.dll
    18:51:06.0833 4640 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    18:51:07.0722 4640 Boot (0x1200) (151f12efde28fa2c08cd08e1ff1dbbb5) \Device

    \Harddisk0\DR0\Partition0
    18:51:07.0722 4640 Boot (0x1200) (3262cad7a20f0598ba1f6dcfea77bb26) \Device

    \Harddisk0\DR0\Partition1
    18:51:07.0722 4640 ============================================================
    18:51:07.0722 4640 Scan finished
    18:51:07.0722 4640 ============================================================
    18:51:12.0028 1056 Deinitialize success
    .
    ==============================================
    System Restore Point Check:
    .
    TDSSKiller Starter Restore Point Created Succesfully
    ==============================================
    .
    ==============================================
    C:\TDSSStarter\Report_022012_1601_.log
    ==============================================
    Registry Export
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List]
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    ==============================================
    EOF
  • daar is tie dan weer … op naar de volgende ellende lol
  • Mooi, geen MBR-rootkit.
    Volgende stap:

    [b:b7ba385124]Welk programma[/b:b7ba385124]: [b:b7ba385124]ComboFix[/b:b7ba385124][/color:b7ba385124]
    [b:b7ba385124]Waarvoor/waarom[/b:b7ba385124]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:b7ba385124]Moeilijkheidsgraad[/b:b7ba385124]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:b7ba385124]Downloadlokatie[/b:b7ba385124]: Dit programma absoluut naar het bureaublad downloaden!
    [b:b7ba385124]Download ComboFix via één van deze locaties[/b:b7ba385124]:
    [list:b7ba385124][*:b7ba385124][b:b7ba385124]Bleepingcomputer[/b:b7ba385124]
    [*:b7ba385124][b:b7ba385124]ForoSpyware[/b:b7ba385124]
    [*:b7ba385124][b:b7ba385124]Geekstogo[/b:b7ba385124][/list:u:b7ba385124]
    [b:b7ba385124]Hier[/b:b7ba385124] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:b7ba385124]Hier[/b:b7ba385124] en [b:b7ba385124]hier[/b:b7ba385124] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:b7ba385124]Voor alle duidelijkheid nogmaals[/b:b7ba385124]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:b7ba385124]Opmerkingen[/b:b7ba385124]:
    [list:b7ba385124][*:b7ba385124] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren!
    Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).[/list:u:b7ba385124]
    [b:b7ba385124]ComboFix opstarten[/b:b7ba385124]:
    [list:b7ba385124][*:b7ba385124] [b:b7ba385124]Sluit nu eerst alle nog openstaande programmavensters![/color:b7ba385124][/b:b7ba385124]
    [list:b7ba385124][*:b7ba385124][b:b7ba385124]Windows 2000[/color:b7ba385124][/b:b7ba385124] en [b:b7ba385124]Windows XP[/b:b7ba385124][/color:b7ba385124]: start ComboFix.exe middels dubbelklik op ComboFix.exe.
    [*:b7ba385124][b:b7ba385124]Windows Vista[/b:b7ba385124][/color:b7ba385124] en [b:b7ba385124]Windows 7[/b:b7ba385124][/color:b7ba385124]: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor [i:b7ba385124][b:b7ba385124]Als Administrator uitvoeren[/b:b7ba385124][/i:b7ba385124].[/list:u:b7ba385124][/list:u:b7ba385124]
    [b:b7ba385124]ComboFix is opgestart[/b:b7ba385124]:
    [list:b7ba385124][*:b7ba385124]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:b7ba385124]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen!
    [*:b7ba385124]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:b7ba385124]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:b7ba385124]Post de inhoud van dit logbestand in je volgende bericht.
    [*:b7ba385124]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:b7ba385124]
    [b:b7ba385124]Belangrijke opmerking[/b:b7ba385124]:
    [list:b7ba385124][*:b7ba385124][b:b7ba385124]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:b7ba385124][/b:b7ba385124]
    [*:b7ba385124][b:b7ba385124]Illegal operation attempted on a registery key that has been marked for deletion.[/color:b7ba385124][/b:b7ba385124]
    [*:b7ba385124][b:b7ba385124]Start dan de computer opnieuw op.[/color:b7ba385124][/b:b7ba385124][/list:u:b7ba385124]
  • ComboFix 12-06-21.02 - Walop 21/06/2012 20:31:49.6.4 - x86
    Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1033.18.3327.2403 [GMT 2:00]
    Gestart vanuit: c:\users\Walop\Desktop\ComboFix.exe
    AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-05-21 to 2012-06-21 ))))))))))))))))))))))))))))))
    .
    .
    2012-06-21 18:38 . 2012-06-21 18:38 ——– d—–w- c:\users\Public\AppData\Local\temp
    2012-06-21 18:38 . 2012-06-21 18:38 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-06-21 18:38 . 2012-06-21 18:38 ——– d—–w- c:\users\boinc_master\AppData\Local\temp
    2012-06-21 13:16 . 2012-06-02 22:19 53784 —-a-w- c:\windows\system32\wuauclt.exe
    2012-06-21 13:16 . 2012-06-02 22:19 45080 —-a-w- c:\windows\system32\wups2.dll
    2012-06-21 13:16 . 2012-06-02 22:19 1933848 —-a-w- c:\windows\system32\wuaueng.dll
    2012-06-21 13:16 . 2012-06-02 22:12 2422272 —-a-w- c:\windows\system32\wucltux.dll
    2012-06-21 13:15 . 2012-06-02 22:19 35864 —-a-w- c:\windows\system32\wups.dll
    2012-06-21 13:15 . 2012-06-02 22:19 577048 —-a-w- c:\windows\system32\wuapi.dll
    2012-06-21 13:15 . 2012-06-02 22:12 88576 —-a-w- c:\windows\system32\wudriver.dll
    2012-06-21 13:10 . 2012-06-02 13:19 171904 —-a-w- c:\windows\system32\wuwebv.dll
    2012-06-21 13:10 . 2012-06-02 13:12 33792 —-a-w- c:\windows\system32\wuapp.exe
    2012-06-20 22:37 . 2012-06-21 18:32 56200 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4887FAFE-4194-40C6-B0B0-E9352116260C}\offreg.dll
    2012-06-20 18:50 . 2012-06-20 18:50 ——– d–h–w- c:\windows\system32\CanonIJ Uninstaller Information
    2012-06-20 18:49 . 2012-06-20 18:49 ——– d–h–w- c:\programdata\CanonBJ
    2012-06-20 18:49 . 2010-05-16 03:00 70656 —-a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPA4.DLL
    2012-06-20 18:49 . 2010-05-16 03:00 27136 —-a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDA4.DLL
    2012-06-20 18:45 . 2010-05-16 03:00 277504 —-a-w- c:\windows\system32\CNMLMA4.DLL
    2012-06-19 23:16 . 2012-06-20 20:50 ——– d—–w- c:\users\Walop\AppData\Roaming\vlc
    2012-06-19 14:02 . 2012-05-31 03:41 6762896 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4887FAFE-4194-40C6-B0B0-E9352116260C}\mpengine.dll
    2012-06-17 19:57 . 2012-04-28 03:17 183808 —-a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-06-17 19:50 . 2012-04-07 11:26 2342400 —-a-w- c:\windows\system32\msi.dll
    2012-06-17 19:50 . 2012-05-15 01:05 2343936 —-a-w- c:\windows\system32\win32k.sys
    2012-06-17 19:49 . 2012-04-26 04:45 58880 —-a-w- c:\windows\system32\rdpwsx.dll
    2012-06-17 19:49 . 2012-04-26 04:45 129536 —-a-w- c:\windows\system32\rdpcorekmts.dll
    2012-06-17 19:49 . 2012-04-26 04:41 8192 —-a-w- c:\windows\system32\rdrmemptylst.exe
    2012-06-17 19:48 . 2012-05-01 04:44 164352 —-a-w- c:\windows\system32\profsvc.dll
    2012-06-17 19:47 . 2012-04-24 04:36 1158656 —-a-w- c:\windows\system32\crypt32.dll
    2012-06-17 19:47 . 2012-04-24 04:36 140288 —-a-w- c:\windows\system32\cryptsvc.dll
    2012-06-17 19:47 . 2012-04-24 04:36 103936 —-a-w- c:\windows\system32\cryptnet.dll
    2012-06-09 15:38 . 2012-06-09 15:38 ——– d—–w- c:\users\Walop\AppData\Local\AMD
    2012-06-09 15:37 . 2012-06-09 15:37 ——– d—–w- c:\programdata\ATI
    2012-05-29 22:08 . 2012-05-29 22:08 48648 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
    2012-05-29 22:08 . 2012-05-29 22:08 856712 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2012-05-29 17:42 . 2012-05-29 22:22 ——– d—–w- c:\users\Walop\AppData\Roaming\Sweetpacks
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-05-10 20:31 . 2012-04-23 09:59 419488 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-05-10 20:31 . 2011-05-14 10:48 70304 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-05-10 13:29 . 2010-06-06 14:01 472808 —-a-w- c:\windows\system32\deployJava1.dll
    2012-05-08 17:16 . 2012-03-14 13:05 83392 —-a-w- c:\windows\system32\drivers\avgntflt.sys
    2012-05-08 17:16 . 2012-03-14 13:05 137928 —-a-w- c:\windows\system32\drivers\avipbb.sys
    2012-04-16 19:22 . 2012-03-14 13:05 36000 —-a-w- c:\windows\system32\drivers\avkmgr.sys
    2012-03-31 04:39 . 2012-05-08 19:27 3968368 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2012-03-31 04:39 . 2012-05-08 19:27 3913072 —-a-w- c:\windows\system32
    toskrnl.exe
    2012-03-30 10:23 . 2012-05-08 19:27 1291632 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2012-04-21 01:18 . 2011-04-30 16:50 97208 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-02-07_00.52.18 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2012-05-16 16:56 . 2012-05-16 16:56 54272 c:\windows\winsxs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39\vcomp90.dll
    + 2012-05-16 16:56 . 2012-05-16 16:56 62976 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90RUS.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 46080 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90KOR.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 46592 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90JPN.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 64512 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ITA.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 66048 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90FRA.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 65024 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESP.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 65024 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESN.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 56832 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ENU.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 66560 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90DEU.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 39936 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHT.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 38912 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHS.DLL
    + 2012-05-16 16:55 . 2012-05-16 16:55 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90u.dll
    + 2012-05-16 16:55 . 2012-05-16 16:55 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90.dll
    + 2012-06-21 13:16 . 2012-06-02 22:19 45080 c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wups2.dll
    + 2012-06-21 13:16 . 2012-06-02 22:19 53784 c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wuauclt.exe
    + 2012-06-21 13:10 . 2012-06-02 13:12 33792 c:\windows\winsxs\x86_microsoft-windows-w..pdateclient-activex_31bf3856ad364e35_7.6.7600.256_none_09f272fb52ab0c3f\wuapp.exe
    + 2012-06-21 13:15 . 2012-06-02 22:19 35864 c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.6.7600.256_none_5fe7b2baacf3da43\wups.dll
    + 2012-06-21 13:15 . 2012-06-02 22:12 88576 c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.6.7600.256_none_5fe7b2baacf3da43\wudriver.dll
    + 2012-05-08 19:27 . 2010-04-02 03:29 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_7.1.7601.21955_none_0b88d199a6fe1819\NBMapTIP.dll
    + 2012-05-08 19:27 . 2010-04-02 03:29 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_7.1.7601.17803_none_0b3343d68db9b9ec\NBMapTIP.dll
    + 2009-07-13 23:47 . 2009-07-14 01:16 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.1.7601.21955_none_1a1855541c176f4a\NBMapTIP.dll
    + 2009-07-13 23:47 . 2009-07-14 01:16 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.1.7601.17803_none_19c2c79102d3111d\NBMapTIP.dll
    + 2009-07-13 23:47 . 2009-07-14 01:16 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.1.7600.21179_none_18202fda1efdd6b7\NBMapTIP.dll
    + 2009-07-13 23:47 . 2009-07-14 01:16 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.1.7600.16988_none_178aeab705e90645\NBMapTIP.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.21955_none_4fff0713f624080b\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.21955_none_4fff0713f624080b\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.21955_none_4fff0713f624080b\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.17803_none_4fa97950dcdfa9de\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.17803_none_4fa97950dcdfa9de\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.17803_none_4fa97950dcdfa9de\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.21179_none_4e06e199f90a6f78\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.21179_none_4e06e199f90a6f78\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.21179_none_4e06e199f90a6f78\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.16988_none_4d719c76dff59f06\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.16988_none_4d719c76dff59f06\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.16988_none_4d719c76dff59f06\jnwdui.dll
    + 2012-06-17 19:49 . 2012-04-26 04:32 58880 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7601.21980_none_9c529546e2a9554d\rdpwsx.dll
    + 2012-06-17 19:49 . 2012-04-26 04:45 58880 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7601.17828_none_9c11da53c953d895\rdpwsx.dll
    + 2012-06-17 19:49 . 2012-04-26 04:44 57856 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7600.21200_none_9ac28fc2e5423d1b\rdpwsx.dll
    + 2012-06-17 19:49 . 2012-04-26 04:48 57856 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7600.17009_none_9a41f3abcc1c8439\rdpwsx.dll
    + 2012-03-14 13:36 . 2012-01-25 13:49 58880 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7601.21907_none_a6460977573d9d2a\rdpwsx.dll
    + 2012-03-14 13:36 . 2012-01-25 05:32 58880 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7601.17767_none_a57b8b3e3e50a7df\rdpwsx.dll
    + 2012-03-14 13:36 . 2012-01-25 05:38 57856 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7600.21136_none_a43e129f5a30a1d5\rdpwsx.dll
    + 2012-03-14 13:36 . 2012-01-25 05:44 57856 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7600.16952_none_a39afcb24126a14f\rdpwsx.dll
    + 2012-03-14 13:35 . 2012-02-17 04:09 24576 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_de3273e8bc1f0f12\tdtcp.sys
    + 2011-04-15 21:44 . 2010-11-20 10:21 18432 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_de3273e8bc1f0f12\tdpipe.sys
    + 2012-03-14 13:35 . 2012-02-17 04:13 24576 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_dd77c70da3257c89\tdtcp.sys
    + 2011-04-15 21:44 . 2010-11-20 10:21 18432 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_dd77c70da3257c89\tdpipe.sys
    + 2012-03-14 13:35 . 2012-02-17 04:16 24064 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.21151_none_dc287c7cbf13e10f\tdtcp.sys
    + 2009-07-14 00:01 . 2009-07-14 00:01 17920 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.21151_none_dc287c7cbf13e10f\tdpipe.sys
    + 2012-03-14 13:35 . 2012-02-15 04:22 24064 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16963_none_db963837a5fc5ca2\tdtcp.sys
    + 2009-07-14 00:01 . 2009-07-14 00:01 17920 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16963_none_db963837a5fc5ca2\tdpipe.sys
    + 2009-07-13 23:47 . 2009-07-14 01:14 48640 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.21955_none_44cbbc6cc484b691\PDIALOG.exe
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.21955_none_44cbbc6cc484b691\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.21955_none_44cbbc6cc484b691\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.21955_none_44cbbc6cc484b691\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:14 48640 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.17803_none_44762ea9ab405864\PDIALOG.exe
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.17803_none_44762ea9ab405864\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.17803_none_44762ea9ab405864\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.17803_none_44762ea9ab405864\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:14 48640 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.21179_none_42d396f2c76b1dfe\PDIALOG.exe
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.21179_none_42d396f2c76b1dfe\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.21179_none_42d396f2c76b1dfe\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.21179_none_42d396f2c76b1dfe\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:14 48640 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.16988_none_423e51cfae564d8c\PDIALOG.exe
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.16988_none_423e51cfae564d8c\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.16988_none_423e51cfae564d8c\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.16988_none_423e51cfae564d8c\jnwdui.dll
    + 2011-04-15 21:46 . 2010-11-20 10:21 15872 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.21982_none_31d187047f696dc4\rdpvideominiport.sys
    + 2011-04-15 21:46 . 2010-11-20 10:21 15872 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.21924_none_321467207f36f8cc\rdpvideominiport.sys
    + 2011-04-15 21:46 . 2010-11-20 10:21 15872 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.17830_none_317bf94166250f97\rdpvideominiport.sys
    + 2011-04-15 21:46 . 2010-11-20 10:21 15872 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.17779_none_3159ba45663d6643\rdpvideominiport.sys
    + 2011-04-15 21:44 . 2010-11-20 12:20 28672 c:\windows\winsxs\x86_microsoft-windows-profsvc_31bf3856ad364e35_6.1.7601.21985_none_fdf7b4abaa4498e1\profprov.dll
    + 2011-04-15 21:44 . 2010-11-20 12:20 28672 c:\windows\winsxs\x86_microsoft-windows-profsvc_31bf3856ad364e35_6.1.7601.17832_none_fda1269e9101215d\profprov.dll
    + 2009-07-13 23:34 . 2009-07-14 01:16 28160 c:\windows\winsxs\x86_microsoft-windows-profsvc_31bf3856ad364e35_6.1.7600.21205_none_fc67af27acdd80af\profprov.dll
    + 2009-07-13 23:34 . 2009-07-14 01:16 28160 c:\windows\winsxs\x86_microsoft-windows-profsvc_31bf3856ad364e35_6.1.7600.17014_none_fbd2404093c8e658\profprov.dll
    + 2012-05-08 19:27 . 2012-03-17 07:05 56176 c:\windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7601.21946_none_e40eb0c431e5c75e\partmgr.sys
    + 2012-05-08 19:27 . 2012-03-17 07:27 56176 c:\windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7601.17796_none_e34f027718f0b622\partmgr.sys
    + 2012-05-08 19:27 . 2012-03-17 07:25 56176 c:\windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7600.21172_none_e203b90e34db8004\partmgr.sys
    + 2012-05-08 19:27 . 2012-03-17 07:20 56688 c:\windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7600.16979_none_e18146271bb75e59\partmgr.sys
    + 2009-07-13 23:31 . 2009-07-14 01:07 25088 c:\windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.1.7601.21960_none_05d179d02b1095a4\msimsg.dll
    + 2009-07-13 23:31 . 2009-07-14 01:07 25088 c:\windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.1.7601.17807_none_058fbe9311bbff95\msimsg.dll
    + 2009-07-13 23:31 . 2009-07-14 01:07 25088 c:\windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.1.7600.21183_none_03d8540c2df7e3ba\msimsg.dll
    + 2009-07-13 23:31 . 2009-07-14 01:07 25088 c:\windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.1.7600.16992_none_03430ee914e31348\msimsg.dll
    + 2012-06-17 19:59 . 2012-04-20 04:36 67584 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.21976_none_65355e1331f5480f\mshtmled.dll
    + 2012-04-12 13:03 . 2012-02-28 05:24 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.21931_none_655b9c5131d95998\mshtmled.dll
    + 2012-02-16 10:32 . 2011-12-16 08:58 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.21878_none_65375cc131f37d96\mshtmled.dll
    + 2012-06-17 19:59 . 2012-04-20 04:57 67584 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.17824_none_64dfd05018b0e9e2\mshtmled.dll
    + 2012-04-12 13:03 . 2012-02-28 05:35 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.17785_none_649fef2c18e0adb8\mshtmled.dll
    + 2012-02-16 10:32 . 2011-12-16 07:52 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.17744_none_64ca2e9218c1249d\mshtmled.dll
    + 2012-06-17 19:59 . 2012-04-20 04:51 67584 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.21198_none_633b380534dd7cce\mshtmled.dll
    + 2012-04-12 13:03 . 2012-02-28 05:40 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.21158_none_636677b534bd0d0a\mshtmled.dll
    + 2012-02-16 10:32 . 2011-12-16 07:49 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.21108_none_639c875134948155\mshtmled.dll
    + 2012-06-17 19:59 . 2012-04-20 05:06 67584 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.17006_none_6310e9f21b78aedd\mshtmled.dll
    + 2012-04-12 13:03 . 2012-02-28 05:38 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.16968_none_62d232dc1ba755ef\mshtmled.dll
    + 2012-02-16 10:32 . 2011-12-16 07:59 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.16930_none_62eaa0501b963764\mshtmled.dll
    + 2012-06-17 19:59 . 2012-04-20 04:49 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21198_none_17603da7cc3abb9f\msfeedssync.exe
    + 2012-06-17 19:59 . 2012-04-20 04:51 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21198_none_17603da7cc3abb9f\msfeedsbs.dll
    + 2012-04-12 13:03 . 2012-02-28 05:37 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21158_none_178b7d57cc1a4bdb\msfeedssync.exe
    + 2012-04-12 13:03 . 2012-02-28 05:40 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21158_none_178b7d57cc1a4bdb\msfeedsbs.dll
    + 2012-02-16 10:32 . 2011-12-16 07:46 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21108_none_17c18cf3cbf1c026\msfeedssync.exe
    + 2012-02-16 10:32 . 2011-12-16 07:49 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21108_none_17c18cf3cbf1c026\msfeedsbs.dll
    + 2012-06-17 19:59 . 2012-04-20 05:03 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.17006_none_1735ef94b2d5edae\msfeedssync.exe
    + 2012-06-17 19:59 . 2012-04-20 05:06 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.17006_none_1735ef94b2d5edae\msfeedsbs.dll
    + 2012-04-12 13:03 . 2012-02-28 05:35 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16968_none_16f7387eb30494c0\msfeedssync.exe
    + 2012-04-12 13:03 . 2012-02-28 05:38 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16968_none_16f7387eb30494c0\msfeedsbs.dll
    + 2012-02-16 10:32 . 2011-12-16 07:56 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16930_none_170fa5f2b2f37635\msfeedssync.exe
    + 2012-02-16 10:32 . 2011-12-16 07:59 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16930_none_170fa5f2b2f37635\msfeedsbs.dll
    + 2012-06-17 19:59 . 2012-04-20 04:51 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.21198_none_e4f3a688416b70a7\licmgr10.dll
    + 2012-04-12 13:03 . 2012-02-28 05:40 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.21158_none_e51ee638414b00e3\licmgr10.dll
    + 2012-02-16 10:32 . 2011-12-16 07:48 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.21108_none_e554f5d44122752e\licmgr10.dll
    + 2012-06-17 19:59 . 2012-04-20 05:05 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.17006_none_e4c958752806a2b6\licmgr10.dll
    + 2012-04-12 13:03 . 2012-02-28 05:38 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.16968_none_e48aa15f283549c8\licmgr10.dll
    + 2012-02-16 10:32 . 2011-12-16 07:58 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.16930_none_e4a30ed328242b3d\licmgr10.dll
    + 2012-06-17 19:59 . 2012-05-15 02:51 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21995_none_1edec8079074b38c\WininetPlugin.dll
    + 2012-06-17 19:59 . 2012-05-15 02:49 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21995_none_1edec8079074b38c\jsproxy.dll
    + 2012-04-12 13:03 . 2012-02-28 05:25 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21931_none_1f1ba6679047a68a\WininetPlugin.dll
    + 2012-04-11 11:10 . 2012-02-28 05:24 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21931_none_1f1ba6679047a68a\jsproxy.dll
    + 2012-02-16 10:32 . 2011-12-16 09:00 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21878_none_1ef766d79061ca88\WininetPlugin.dll
    + 2012-02-16 10:32 . 2011-12-16 08:57 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21878_none_1ef766d79061ca88\jsproxy.dll
    + 2012-06-17 19:59 . 2012-05-15 03:03 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17842_none_1e8839fa77313c08\WininetPlugin.dll
    + 2012-06-17 19:59 . 2012-05-15 03:00 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17842_none_1e8839fa77313c08\jsproxy.dll
    + 2012-04-12 13:03 . 2012-02-28 05:38 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17785_none_1e5ff942774efaaa\WininetPlugin.dll
    + 2012-04-12 13:03 . 2012-02-28 05:34 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17785_none_1e5ff942774efaaa\jsproxy.dll
    + 2012-02-16 10:32 . 2011-12-16 07:54 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17744_none_1e8a38a8772f718f\WininetPlugin.dll
    + 2012-02-16 10:32 . 2011-12-16 07:52 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17744_none_1e8a38a8772f718f\jsproxy.dll
    + 2012-06-17 19:59 . 2012-05-15 03:08 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21215_none_1d4ec283930d9b5a\WininetPlugin.dll
    + 2012-06-17 19:59 . 2012-05-15 03:04 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21215_none_1d4ec283930d9b5a\jsproxy.dll
    + 2012-04-12 13:03 . 2012-02-28 05:44 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21158_none_1d2681cb932b59fc\WininetPlugin.dll
    + 2012-04-12 13:03 . 2012-02-28 05:40 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21158_none_1d2681cb932b59fc\jsproxy.dll
    + 2012-02-16 10:32 . 2011-12-16 07:51 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21108_none_1d5c91679302ce47\WininetPlugin.dll
    + 2012-02-16 10:32 . 2011-12-16 07:48 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21108_none_1d5c91679302ce47\jsproxy.dll
    + 2012-06-17 19:59 . 2012-05-15 03:08 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17024_none_1cb9539c79f90103\WininetPlugin.dll
    + 2012-06-17 19:59 . 2012-05-15 03:06 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17024_none_1cb9539c79f90103\jsproxy.dll
    + 2012-04-12 13:03 . 2012-02-28 05:40 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16968_none_1c923cf27a15a2e1\WininetPlugin.dll
    + 2012-04-12 13:03 . 2012-02-28 05:38 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16968_none_1c923cf27a15a2e1\jsproxy.dll
    + 2012-02-16 10:32 . 2011-12-16 08:02 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16930_none_1caaaa667a048456\WininetPlugin.dll
    + 2012-02-16 10:32 . 2011-12-16 07:58 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16930_none_1caaaa667a048456\jsproxy.dll
    + 2012-04-12 13:09 . 2012-03-01 05:31 19824 c:\windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.21933_none_27ccb28db5c2160c\fs_rec.sys
    + 2012-04-12 13:09 . 2012-03-01 05:46 19824 c:\windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.17787_none_271105689cc96a2c\fs_rec.sys
    + 2012-04-12 13:09 . 2012-03-01 05:34 19312 c:\windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7600.21160_none_25c2bb21b8b6e809\fs_rec.sys
    + 2012-04-12 13:09 . 2012-03-01 05:53 19312 c:\windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7600.16970_none_252e76489fa130ee\fs_rec.sys
    + 2010-05-28 00:39 . 2012-06-21 16:42 52632 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 04:55 . 2012-06-21 16:42 31734 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2010-05-27 22:35 . 2012-06-21 16:42 21048 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1690226732-1544728178-401627873-1000_UserData.bin
    + 2011-06-11 00:58 . 2011-06-11 00:58 51024 c:\windows\System32\vcomp100.dll
    + 2012-06-20 18:45 . 2010-05-16 03:00 12288 c:\windows\System32\spool\drivers\w32x86\3\CNMW3A4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 59024 c:\windows\System32\spool\drivers\w32x86\3\CNMVSA4.EXE
    + 2012-06-20 18:45 . 2010-05-16 03:00 14336 c:\windows\System32\spool\drivers\w32x86\3\CNMVSA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 78336 c:\windows\System32\spool\drivers\w32x86\3\CNMSRA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 89600 c:\windows\System32\spool\drivers\w32x86\3\CNMSQA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 17552 c:\windows\System32\spool\drivers\w32x86\3\CNMSEA4.EXE
    + 2012-06-20 18:45 . 2010-05-16 03:00 93696 c:\windows\System32\spool\drivers\w32x86\3\CNMSDA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 12288 c:\windows\System32\spool\drivers\w32x86\3\CNMPIA4.DLL
    + 2012-06-20 18:45 . 2010-05-15 22:00 30320 c:\windows\System32\spool\drivers\w32x86\3\CNMP2A4.DAT
    + 2012-06-20 18:45 . 2010-05-15 22:00 27140 c:\windows\System32\spool\drivers\w32x86\3\CNMP1A4.DAT
    + 2012-06-20 18:45 . 2010-05-15 22:00 23280 c:\windows\System32\spool\drivers\w32x86\3\CNMP0A4.DAT
    + 2012-06-20 18:45 . 2010-05-16 03:00 27648 c:\windows\System32\spool\drivers\w32x86\3\CNMOPA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 62976 c:\windows\System32\spool\drivers\w32x86\3\CNMLHA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 86016 c:\windows\System32\spool\drivers\w32x86\3\CNMICA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 57856 c:\windows\System32\spool\drivers\w32x86\3\CNMEIA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 13824 c:\windows\System32\spool\drivers\w32x86\3\CNMBU3A4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 35840 c:\windows\System32\spool\drivers\w32x86\3\CNMBS3A4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 13824 c:\windows\System32\spool\drivers\w32x86\3\CNMBM3A4.DLL
    + 2012-03-08 23:26 . 2012-03-08 23:26 54784 c:\windows\System32\OVDecode.dll
    + 2012-03-08 23:26 . 2012-03-08 23:26 64512 c:\windows\System32\OpenVideo.dll
    + 2012-03-08 23:24 . 2012-03-08 23:24 48128 c:\windows\System32\OpenCL.dll
    + 2012-06-17 19:59 . 2012-04-20 04:57 67584 c:\windows\System32\mshtmled.dll
    - 2011-12-15 13:40 . 2011-11-05 04:35 68608 c:\windows\System32\migration\WininetPlugin.dll
    + 2012-06-17 19:59 . 2012-05-15 03:03 68608 c:\windows\System32\migration\WininetPlugin.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 81744 c:\windows\System32\mfcm100u.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 81744 c:\windows\System32\mfcm100.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 60752 c:\windows\System32\mfc100rus.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 43344 c:\windows\System32\mfc100kor.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 43856 c:\windows\System32\mfc100jpn.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 62288 c:\windows\System32\mfc100ita.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 64336 c:\windows\System32\mfc100fra.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 63824 c:\windows\System32\mfc100esn.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 55120 c:\windows\System32\mfc100enu.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 64336 c:\windows\System32\mfc100deu.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 36176 c:\windows\System32\mfc100cht.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 36176 c:\windows\System32\mfc100chs.dll
    - 2010-12-09 04:59 . 2011-10-15 11:53 67584 c:\windows\System32\LogFiles\Srt\bootstat.dat
    + 2010-12-09 04:59 . 2012-04-17 09:56 67584 c:\windows\System32\LogFiles\Srt\bootstat.dat
    + 2012-01-31 05:00 . 2012-01-31 05:00 16896 c:\windows\System32\kdbsdk32.dll
    + 2012-06-17 19:59 . 2012-05-15 03:00 48128 c:\windows\System32\jsproxy.dll
    - 2011-12-15 13:40 . 2011-11-05 04:30 48128 c:\windows\System32\jsproxy.dll
    - 2009-07-14 04:50 . 2012-01-10 12:50 86016 c:\windows\System32\DriverStore\infpub.dat
    + 2009-07-14 04:50 . 2012-06-20 18:50 86016 c:\windows\System32\DriverStore\infpub.dat
    + 2012-06-20 18:45 . 2010-05-16 03:00 12288 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMW3.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 59024 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMVS.EXE
    + 2012-06-20 18:45 . 2010-05-16 03:00 14336 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMVS.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 31232 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRTW.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 79360 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRTR.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 69632 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRTH.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 78336 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRSE.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 82944 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRRU.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 88064 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRPT.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 91648 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRPL.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 77312 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRNO.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 87552 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRNL.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 45056 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRKR.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 45568 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRJ.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 94208 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRIT.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 83456 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRID.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 83968 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRHU.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 95232 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRGR.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 93696 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRFR.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 74752 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRFI.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 93696 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRES.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 83456 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRDK.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 96768 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRDE.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 81408 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRCZ.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 30720 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRCN.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 76288 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRAR.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 78336 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSR.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 93696 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSMSD.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 57856 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSMOPT.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 17552 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSE.EXE
    + 2012-06-20 18:45 . 2010-05-16 03:00 89600 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMQUEUE.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 70656 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMPP.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 86016 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMPIC08.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 27136 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMPD.DLL
    + 2012-06-20 18:45 . 2010-05-15 22:00 30320 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMP2.DAT
    + 2012-06-20 18:45 . 2010-05-15 22:00 27140 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMP1.DAT
    + 2012-06-20 18:45 . 2010-05-15 22:00 23280 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMP0.DAT
    + 2012-06-20 18:45 . 2010-05-16 03:00 27648 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMOP9W.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 74752 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMLRTW.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 72704 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMLRCN.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 62976 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMLH.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 12288 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMINST.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 13824 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMBZU3.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 35840 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMBZS3.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 13824 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMBZM3.DLL
    + 2011-12-05 19:47 . 2011-12-05 19:47 86032 c:\windows\System32\DriverStore\FileRepository\atihdw73.inf_x86_neutral_b654f9a4fc08e8ff\AtihdW73.sys
    + 2012-04-09 16:31 . 2010-02-18 07:18 37944 c:\windows\System32\DriverStore\FileRepository\amdio.inf_x86_neutral_ed49fa1e44cc7356\x86\amdiox86.sys
    - 2011-04-15 21:44 . 2010-11-20 10:21 24576 c:\windows\System32\drivers\tdtcp.sys
    + 2012-03-14 13:35 . 2012-02-17 04:13 24576 c:\windows\System32\drivers\tdtcp.sys
    + 2012-03-14 13:05 . 2010-06-17 13:27 28520 c:\windows\System32\drivers\ssmdrv.sys
    + 2010-09-01 08:30 . 2010-09-01 08:30 15544 c:\windows\System32\drivers\psi_mf.sys
    + 2012-05-08 19:27 . 2012-03-17 07:27 56176 c:\windows\System32\drivers\partmgr.sys
    + 2012-04-12 13:09 . 2012-03-01 05:46 19824 c:\windows\System32\drivers\fs_rec.sys
    + 2011-12-05 19:47 . 2011-12-05 19:47 86032 c:\windows\System32\drivers\AtihdW73.sys
    + 2012-04-09 16:31 . 2010-02-18 07:18 37944 c:\windows\System32\drivers\amdiox86.sys
    + 2010-05-28 07:21 . 2012-06-21 16:40 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-05-28 07:21 . 2012-02-06 22:13 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-05-28 07:21 . 2012-02-06 22:13 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-05-28 07:21 . 2012-06-21 16:40 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:41 . 2012-02-06 22:13 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:41 . 2012-06-21 16:40 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2012-06-20 18:50 . 2009-09-10 06:59 74752 c:\windows\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series\RES\DLL\IJInstJP.dll
    + 2010-05-28 01:24 . 2012-05-10 13:24 87952 c:\windows\System32\Adobe\Shockwave 11\uninstaller.exe
    + 2012-04-26 13:05 . 2012-04-26 13:05 86016 c:\windows\System32\Adobe\Shockwave 11\SwMenu.dll
    + 2012-04-26 13:06 . 2012-04-26 13:06 12800 c:\windows\System32\Adobe\Shockwave 11\DynaPlayer.dll
    + 2012-06-02 13:19 . 2012-06-02 13:19 73088 c:\windows\SoftwareDistribution\SelfUpdate\Handler\WuSetupV.exe
    - 2010-05-28 14:02 . 2012-02-06 18:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-05-28 14:02 . 2012-06-21 16:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-05-28 14:02 . 2012-02-06 18:00 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-05-28 14:02 . 2012-06-21 16:41 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2010-05-28 14:02 . 2012-02-06 18:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2010-05-28 14:02 . 2012-06-21 16:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2010-05-28 01:05 . 2012-02-07 00:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-05-28 01:05 . 2012-06-21 18:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-05-28 01:05 . 2012-02-07 00:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2010-05-28 01:05 . 2012-06-21 18:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2011-12-15 11:08 . 2011-12-15 11:08 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319
    lssorting.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    + 2012-06-17 20:16 . 2012-06-17 20:16 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
    + 2012-06-17 20:16 . 2012-06-17 20:16 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
    + 2012-06-17 20:16 . 2012-06-17 20:16 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
    - 2012-01-12 00:41 . 2012-01-12 00:41 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    + 2012-06-17 20:16 . 2012-06-17 20:16 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    + 2012-06-17 20:16 . 2012-06-17 20:16 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    + 2012-04-09 16:35 . 2012-04-09 16:35 88102 c:\windows\Installer\{FB1AB8BD-1E5E-801C-8D7B-1AFE2FF56D98}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{F2E75C41-BC7C-CCED-F256-315606C1B78A}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{EF2BD927-882D-5E34-CCCA-7996F02D4A58}\ARPPRODUCTICON.exe
    + 2012-04-09 16:35 . 2012-04-09 16:35 88102 c:\windows\Installer\{EA1B2D63-0BFF-D835-BEC7-DDE7E6ED533E}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{E6EA0901-26B5-B5AB-1D4A-C5B813A7C28A}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{D5492756-797A-3159-2884-B0AC316BA402}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{D51FA888-D049-D0C1-0D0D-413AD807F6C2}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{D49A2C7D-7A30-3228-1681-D2ECEA7F2384}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{CE542405-C7A3-4378-7875-22FB390417EE}\ARPPRODUCTICON.exe
    + 2012-04-09 16:36 . 2012-04-09 16:36 10134 c:\windows\Installer\{A25FF1C0-80B6-4B8B-A551-DC525697A408}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{9068138F-A645-D843-2CDB-1BA5B3F88C85}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{8C8C4386-E066-5B31-45EB-B1EBB6C51335}\ARPPRODUCTICON.exe
    + 2011-04-01 15:27 . 2012-05-08 20:02 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
    - 2011-04-01 15:27 . 2011-10-15 20:20 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
    + 2012-04-09 16:32 . 2012-04-09 16:32 88102 c:\windows\Installer\{898452E4-BF03-06A8-7025-C6ED291F5436}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{80BB0FBD-E8FB-03BD-BFA2-7B07A150465A}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{757053BB-E8F0-92C8-B371-068814BF03BC}\ARPPRODUCTICON.exe
    + 2012-04-09 16:32 . 2012-04-09 16:32 88102 c:\windows\Installer\{73F83F23-9A4C-6613-F3EF-79CA422AD039}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{6B79AB77-6019-8F3A-D588-5155A5C1D1EC}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{692F120E-502C-D960-8303-4AFA54CFC2D1}\ARPPRODUCTICON.exe
    + 2012-05-10 13:25 . 2012-05-10 13:25 10134 c:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{5D312297-9A50-238C-073F-DCB8631EB932}\ARPPRODUCTICON.exe
    + 2012-04-09 16:35 . 2012-04-09 16:35 88102 c:\windows\Installer\{5749497B-4DE5-0779-39A2-5467A18345E2}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{48A4C2FB-19CC-DCFF-905E-1EA410D73254}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{45221ADE-1BD3-D646-5D1D-BC6195C57920}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{44180209-5739-1C09-2754-900359BC19BB}\ARPPRODUCTICON.exe
    + 2012-05-16 21:24 . 2012-05-16 21:24 10134 c:\windows\Installer\{4183178B-4D4E-48A7-9257-454BA90A760E}\ARPPRODUCTICON.exe
    + 2012-04-09 16:36 . 2012-04-09 16:36 88102 c:\windows\Installer\{408C283D-C8BC-E91A-7C76-5A1DA8C7E22E}\ARPPRODUCTICON.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{3FAE03EC-B15D-B030-B2C8-5F2739FE42C0}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{3FAE03EC-B15D-B030-B2C8-5F2739FE42C0}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{3FAE03EC-B15D-B030-B2C8-5F2739FE42C0}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{3FAE03EC-B15D-B030-B2C8-5F2739FE42C0}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{3FAE03EC-B15D-B030-B2C8-5F2739FE42C0}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{33350913-28DD-EC5B-F103-DD75666B9FAB}\ARPPRODUCTICON.exe
    + 2012-04-09 16:31 . 2012-04-09 16:31 10134 c:\windows\Installer\{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{26C1037A-FEFC-9EE9-B242-1C4994623F6A}\ARPPRODUCTICON.exe
    + 2012-04-09 16:32 . 2012-04-09 16:32 88102 c:\windows\Installer\{23BEF34F-8855-0079-E63E-DCC9666E3FAB}\ARPPRODUCTICON.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{0FD3B831-0377-FEA8-DA02-B0FB6D1F864F}\ARPPRODUCTICON.exe
    + 2012-04-09 16:32 . 2012-04-09 16:32 88102 c:\windows\Installer\{0A8EBFEC-E858-FB86-930A-F33B74254442}\ARPPRODUCTICON.exe
    + 2012-04-09 16:32 . 2012-04-09 16:32 88102 c:\windows\Installer\{0A691580-5138-36C7-C54C-1C954BA50E8C}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{0922A4C1-65EE-21F4-6C38-48EBB91CA265}\ARPPRODUCTICON.exe
    + 2012-01-03 08:45 . 2012-01-03 08:45 16832 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\ViewerPS.dll
    + 2012-01-03 21:51 . 2012-01-03 21:51 37296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\reader_sl.exe
    + 2012-01-03 08:44 . 2012-01-03 08:44 79280 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\PDFPrevHndlr.dll
    + 2012-01-03 21:15 . 2012-01-03 21:15 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\eula.exe
    + 2012-01-03 20:52 . 2012-01-03 20:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\acrotextextractor.exe
    + 2012-01-03 07:19 . 2012-01-03 07:19 16824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroRd32Info.exe
    + 2012-01-03 07:16 . 2012-01-03 07:16 75200 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\acroiehelpershim.dll
    + 2012-01-03 07:16 . 2012-01-03 07:16 61888 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroIEHelper.dll
    + 2012-05-08 21:41 . 2012-05-08 21:41 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4add87007e0864467659e6a248a7fe06\UIAutomationProvider.ni.dll
    + 2012-05-08 21:43 . 2012-05-08 21:43 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\28caa2ab8a4999900321b653e8b6ddc1\System.Windows.Presentation.ni.dll
    + 2012-05-08 21:43 . 2012-05-08 21:43 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\4967f3e8b106851802f212e963bb8735\System.Web.ApplicationServices.ni.dll
    + 2012-05-08 21:43 . 2012-05-08 21:43 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\7f49661d0e79763b30e9e99e714409a3\System.ServiceModel.Channels.ni.dll
    + 2012-05-08 21:41 . 2012-05-08 21:41 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\a5c37bc9caf315df294f8b680a1ccd6f\System.AddIn.Contract.ni.dll
    + 2012-05-08 21:41 . 2012-05-08 21:41 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\5ccc57bb582bf753166610089f204601\Microsoft.VisualC.ni.dll
    + 2012-05-08 21:40 . 2012-05-08 21:40 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\414da765b5d5bb7fde97c0ea22de7d74\Accessibility.ni.dll
    + 2012-05-08 20:24 . 2012-05-08 20:24 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll
    + 2012-05-08 21:40 . 2012-05-08 21:40 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\66d750f3f8dde0cc865f921497ab3545\System.Windows.Presentation.ni.dll
    + 2012-06-18 18:44 . 2012-06-18 18:44 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\2b97ccae44726f13c418f1406180c3e8\System.Web.DynamicData.Design.ni.dll
    + 2012-05-08 21:39 . 2012-05-08 21:39 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\543b0e12423bcec010bdd2ac27c5dc04\System.ComponentModel.DataAnnotations.ni.dll
    + 2012-05-08 20:25 . 2012-05-08 20:25 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f34410ab8e82063735d876533db26c49\System.AddIn.Contract.ni.dll
    + 2012-05-08 21:39 . 2012-05-08 21:39 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\d24744f15243e28ea541a459ff7ff5d5\PresentationFontCache.ni.exe
    + 2012-05-08 20:24 . 2012-05-08 20:24 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5a9d0ff936810991cedd098fe006a9be\PresentationCFFRasterizer.ni.dll
    + 2012-05-08 21:39 . 2012-05-08 21:39 79872 c:\windows\assembly\NativeImages_v2.0.50727_32
    apcrypt\87a30ba337ed55d0905f19742e2985bc
    apcrypt.ni.dll
    + 2012-05-08 21:39 . 2012-05-08 21:39 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\4dfb3296f29647ef0a4b213ff3de69b8\Microsoft.WSMan.Runtime.ni.dll
    + 2012-05-08 21:39 . 2012-05-08 21:39 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb42a0f25b7608b2675080081b03f6e5\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
    +
  • Hoi, het log is niet compleet.
    Ga naar C:\Combofix,txt en open het tekstbestand.

    Bij het plakken in je volgende bericht, verwijder je dan eerst het zogeheten "Snapshot"-gedeelte, zodat er meer ruimte is voor de rest van het log.
  • ComboFix 12-06-21.02 - Walop 21/06/2012 20:31:49.6.4 - x86
    Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1033.18.3327.2403 [GMT 2:00]
    Gestart vanuit: c:\users\Walop\Desktop\ComboFix.exe
    AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-05-21 to 2012-06-21 ))))))))))))))))))))))))))))))
    .
    .
    2012-06-21 18:38 . 2012-06-21 18:38 ——– d—–w- c:\users\Public\AppData\Local\temp
    2012-06-21 18:38 . 2012-06-21 18:38 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-06-21 18:38 . 2012-06-21 18:38 ——– d—–w- c:\users\boinc_master\AppData\Local\temp
    2012-06-21 13:16 . 2012-06-02 22:19 53784 —-a-w- c:\windows\system32\wuauclt.exe
    2012-06-21 13:16 . 2012-06-02 22:19 45080 —-a-w- c:\windows\system32\wups2.dll
    2012-06-21 13:16 . 2012-06-02 22:19 1933848 —-a-w- c:\windows\system32\wuaueng.dll
    2012-06-21 13:16 . 2012-06-02 22:12 2422272 —-a-w- c:\windows\system32\wucltux.dll
    2012-06-21 13:15 . 2012-06-02 22:19 35864 —-a-w- c:\windows\system32\wups.dll
    2012-06-21 13:15 . 2012-06-02 22:19 577048 —-a-w- c:\windows\system32\wuapi.dll
    2012-06-21 13:15 . 2012-06-02 22:12 88576 —-a-w- c:\windows\system32\wudriver.dll
    2012-06-21 13:10 . 2012-06-02 13:19 171904 —-a-w- c:\windows\system32\wuwebv.dll
    2012-06-21 13:10 . 2012-06-02 13:12 33792 —-a-w- c:\windows\system32\wuapp.exe
    2012-06-20 22:37 . 2012-06-21 18:32 56200 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4887FAFE-4194-40C6-B0B0-E9352116260C}\offreg.dll
    2012-06-20 18:50 . 2012-06-20 18:50 ——– d–h–w- c:\windows\system32\CanonIJ Uninstaller Information
    2012-06-20 18:49 . 2012-06-20 18:49 ——– d–h–w- c:\programdata\CanonBJ
    2012-06-20 18:49 . 2010-05-16 03:00 70656 —-a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPA4.DLL
    2012-06-20 18:49 . 2010-05-16 03:00 27136 —-a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDA4.DLL
    2012-06-20 18:45 . 2010-05-16 03:00 277504 —-a-w- c:\windows\system32\CNMLMA4.DLL
    2012-06-19 23:16 . 2012-06-20 20:50 ——– d—–w- c:\users\Walop\AppData\Roaming\vlc
    2012-06-19 14:02 . 2012-05-31 03:41 6762896 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4887FAFE-4194-40C6-B0B0-E9352116260C}\mpengine.dll
    2012-06-17 19:57 . 2012-04-28 03:17 183808 —-a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-06-17 19:50 . 2012-04-07 11:26 2342400 —-a-w- c:\windows\system32\msi.dll
    2012-06-17 19:50 . 2012-05-15 01:05 2343936 —-a-w- c:\windows\system32\win32k.sys
    2012-06-17 19:49 . 2012-04-26 04:45 58880 —-a-w- c:\windows\system32\rdpwsx.dll
    2012-06-17 19:49 . 2012-04-26 04:45 129536 —-a-w- c:\windows\system32\rdpcorekmts.dll
    2012-06-17 19:49 . 2012-04-26 04:41 8192 —-a-w- c:\windows\system32\rdrmemptylst.exe
    2012-06-17 19:48 . 2012-05-01 04:44 164352 —-a-w- c:\windows\system32\profsvc.dll
    2012-06-17 19:47 . 2012-04-24 04:36 1158656 —-a-w- c:\windows\system32\crypt32.dll
    2012-06-17 19:47 . 2012-04-24 04:36 140288 —-a-w- c:\windows\system32\cryptsvc.dll
    2012-06-17 19:47 . 2012-04-24 04:36 103936 —-a-w- c:\windows\system32\cryptnet.dll
    2012-06-09 15:38 . 2012-06-09 15:38 ——– d—–w- c:\users\Walop\AppData\Local\AMD
    2012-06-09 15:37 . 2012-06-09 15:37 ——– d—–w- c:\programdata\ATI
    2012-05-29 22:08 . 2012-05-29 22:08 48648 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
    2012-05-29 22:08 . 2012-05-29 22:08 856712 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2012-05-29 17:42 . 2012-05-29 22:22 ——– d—–w- c:\users\Walop\AppData\Roaming\Sweetpacks
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-05-10 20:31 . 2012-04-23 09:59 419488 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-05-10 20:31 . 2011-05-14 10:48 70304 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-05-10 13:29 . 2010-06-06 14:01 472808 —-a-w- c:\windows\system32\deployJava1.dll
    2012-05-08 17:16 . 2012-03-14 13:05 83392 —-a-w- c:\windows\system32\drivers\avgntflt.sys
    2012-05-08 17:16 . 2012-03-14 13:05 137928 —-a-w- c:\windows\system32\drivers\avipbb.sys
    2012-04-16 19:22 . 2012-03-14 13:05 36000 —-a-w- c:\windows\system32\drivers\avkmgr.sys
    2012-03-31 04:39 . 2012-05-08 19:27 3968368 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2012-03-31 04:39 . 2012-05-08 19:27 3913072 —-a-w- c:\windows\system32
    toskrnl.exe
    2012-03-30 10:23 . 2012-05-08 19:27 1291632 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2012-04-21 01:18 . 2011-04-30 16:50 97208 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-02-07_00.52.18 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2012-05-16 16:56 . 2012-05-16 16:56 54272 c:\windows\winsxs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39\vcomp90.dll
    + 2012-05-16 16:56 . 2012-05-16 16:56 62976 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90RUS.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 46080 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90KOR.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 46592 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90JPN.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 64512 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ITA.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 66048 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90FRA.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 65024 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESP.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 65024 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESN.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 56832 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ENU.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 66560 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90DEU.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 39936 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHT.DLL
    + 2012-05-16 16:56 . 2012-05-16 16:56 38912 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHS.DLL
    + 2012-05-16 16:55 . 2012-05-16 16:55 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90u.dll
    + 2012-05-16 16:55 . 2012-05-16 16:55 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90.dll
    + 2012-06-21 13:16 . 2012-06-02 22:19 45080 c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wups2.dll
    + 2012-06-21 13:16 . 2012-06-02 22:19 53784 c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wuauclt.exe
    + 2012-06-21 13:10 . 2012-06-02 13:12 33792 c:\windows\winsxs\x86_microsoft-windows-w..pdateclient-activex_31bf3856ad364e35_7.6.7600.256_none_09f272fb52ab0c3f\wuapp.exe
    + 2012-06-21 13:15 . 2012-06-02 22:19 35864 c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.6.7600.256_none_5fe7b2baacf3da43\wups.dll
    + 2012-06-21 13:15 . 2012-06-02 22:12 88576 c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.6.7600.256_none_5fe7b2baacf3da43\wudriver.dll
    + 2012-05-08 19:27 . 2010-04-02 03:29 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_7.1.7601.21955_none_0b88d199a6fe1819\NBMapTIP.dll
    + 2012-05-08 19:27 . 2010-04-02 03:29 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_7.1.7601.17803_none_0b3343d68db9b9ec\NBMapTIP.dll
    + 2009-07-13 23:47 . 2009-07-14 01:16 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.1.7601.21955_none_1a1855541c176f4a\NBMapTIP.dll
    + 2009-07-13 23:47 . 2009-07-14 01:16 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.1.7601.17803_none_19c2c79102d3111d\NBMapTIP.dll
    + 2009-07-13 23:47 . 2009-07-14 01:16 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.1.7600.21179_none_18202fda1efdd6b7\NBMapTIP.dll
    + 2009-07-13 23:47 . 2009-07-14 01:16 47104 c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.1.7600.16988_none_178aeab705e90645\NBMapTIP.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.21955_none_4fff0713f624080b\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.21955_none_4fff0713f624080b\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.21955_none_4fff0713f624080b\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.17803_none_4fa97950dcdfa9de\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.17803_none_4fa97950dcdfa9de\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7601.17803_none_4fa97950dcdfa9de\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.21179_none_4e06e199f90a6f78\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.21179_none_4e06e199f90a6f78\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.21179_none_4e06e199f90a6f78\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.16988_none_4d719c76dff59f06\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.16988_none_4d719c76dff59f06\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.1.7600.16988_none_4d719c76dff59f06\jnwdui.dll
    + 2012-06-17 19:49 . 2012-04-26 04:32 58880 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7601.21980_none_9c529546e2a9554d\rdpwsx.dll
    + 2012-06-17 19:49 . 2012-04-26 04:45 58880 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7601.17828_none_9c11da53c953d895\rdpwsx.dll
    + 2012-06-17 19:49 . 2012-04-26 04:44 57856 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7600.21200_none_9ac28fc2e5423d1b\rdpwsx.dll
    + 2012-06-17 19:49 . 2012-04-26 04:48 57856 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7600.17009_none_9a41f3abcc1c8439\rdpwsx.dll
    + 2012-03-14 13:36 . 2012-01-25 13:49 58880 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7601.21907_none_a6460977573d9d2a\rdpwsx.dll
    + 2012-03-14 13:36 . 2012-01-25 05:32 58880 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7601.17767_none_a57b8b3e3e50a7df\rdpwsx.dll
    + 2012-03-14 13:36 . 2012-01-25 05:38 57856 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7600.21136_none_a43e129f5a30a1d5\rdpwsx.dll
    + 2012-03-14 13:36 . 2012-01-25 05:44 57856 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7600.16952_none_a39afcb24126a14f\rdpwsx.dll
    + 2012-03-14 13:35 . 2012-02-17 04:09 24576 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_de3273e8bc1f0f12\tdtcp.sys
    + 2011-04-15 21:44 . 2010-11-20 10:21 18432 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_de3273e8bc1f0f12\tdpipe.sys
    + 2012-03-14 13:35 . 2012-02-17 04:13 24576 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_dd77c70da3257c89\tdtcp.sys
    + 2011-04-15 21:44 . 2010-11-20 10:21 18432 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_dd77c70da3257c89\tdpipe.sys
    + 2012-03-14 13:35 . 2012-02-17 04:16 24064 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.21151_none_dc287c7cbf13e10f\tdtcp.sys
    + 2009-07-14 00:01 . 2009-07-14 00:01 17920 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.21151_none_dc287c7cbf13e10f\tdpipe.sys
    + 2012-03-14 13:35 . 2012-02-15 04:22 24064 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16963_none_db963837a5fc5ca2\tdtcp.sys
    + 2009-07-14 00:01 . 2009-07-14 00:01 17920 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16963_none_db963837a5fc5ca2\tdpipe.sys
    + 2009-07-13 23:47 . 2009-07-14 01:14 48640 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.21955_none_44cbbc6cc484b691\PDIALOG.exe
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.21955_none_44cbbc6cc484b691\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.21955_none_44cbbc6cc484b691\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.21955_none_44cbbc6cc484b691\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:14 48640 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.17803_none_44762ea9ab405864\PDIALOG.exe
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.17803_none_44762ea9ab405864\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.17803_none_44762ea9ab405864\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7601.17803_none_44762ea9ab405864\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:14 48640 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.21179_none_42d396f2c76b1dfe\PDIALOG.exe
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.21179_none_42d396f2c76b1dfe\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.21179_none_42d396f2c76b1dfe\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.21179_none_42d396f2c76b1dfe\jnwdui.dll
    + 2009-07-13 23:47 . 2009-07-14 01:14 48640 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.16988_none_423e51cfae564d8c\PDIALOG.exe
    + 2009-07-13 23:47 . 2009-07-14 01:15 22528 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.16988_none_423e51cfae564d8c\jnwppr.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 19968 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.16988_none_423e51cfae564d8c\jnwmon.dll
    + 2009-07-13 23:47 . 2009-07-14 01:15 84480 c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.1.7600.16988_none_423e51cfae564d8c\jnwdui.dll
    + 2011-04-15 21:46 . 2010-11-20 10:21 15872 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.21982_none_31d187047f696dc4\rdpvideominiport.sys
    + 2011-04-15 21:46 . 2010-11-20 10:21 15872 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.21924_none_321467207f36f8cc\rdpvideominiport.sys
    + 2011-04-15 21:46 . 2010-11-20 10:21 15872 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.17830_none_317bf94166250f97\rdpvideominiport.sys
    + 2011-04-15 21:46 . 2010-11-20 10:21 15872 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.17779_none_3159ba45663d6643\rdpvideominiport.sys
    + 2011-04-15 21:44 . 2010-11-20 12:20 28672 c:\windows\winsxs\x86_microsoft-windows-profsvc_31bf3856ad364e35_6.1.7601.21985_none_fdf7b4abaa4498e1\profprov.dll
    + 2011-04-15 21:44 . 2010-11-20 12:20 28672 c:\windows\winsxs\x86_microsoft-windows-profsvc_31bf3856ad364e35_6.1.7601.17832_none_fda1269e9101215d\profprov.dll
    + 2009-07-13 23:34 . 2009-07-14 01:16 28160 c:\windows\winsxs\x86_microsoft-windows-profsvc_31bf3856ad364e35_6.1.7600.21205_none_fc67af27acdd80af\profprov.dll
    + 2009-07-13 23:34 . 2009-07-14 01:16 28160 c:\windows\winsxs\x86_microsoft-windows-profsvc_31bf3856ad364e35_6.1.7600.17014_none_fbd2404093c8e658\profprov.dll
    + 2012-05-08 19:27 . 2012-03-17 07:05 56176 c:\windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7601.21946_none_e40eb0c431e5c75e\partmgr.sys
    + 2012-05-08 19:27 . 2012-03-17 07:27 56176 c:\windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7601.17796_none_e34f027718f0b622\partmgr.sys
    + 2012-05-08 19:27 . 2012-03-17 07:25 56176 c:\windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7600.21172_none_e203b90e34db8004\partmgr.sys
    + 2012-05-08 19:27 . 2012-03-17 07:20 56688 c:\windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.1.7600.16979_none_e18146271bb75e59\partmgr.sys
    + 2009-07-13 23:31 . 2009-07-14 01:07 25088 c:\windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.1.7601.21960_none_05d179d02b1095a4\msimsg.dll
    + 2009-07-13 23:31 . 2009-07-14 01:07 25088 c:\windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.1.7601.17807_none_058fbe9311bbff95\msimsg.dll
    + 2009-07-13 23:31 . 2009-07-14 01:07 25088 c:\windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.1.7600.21183_none_03d8540c2df7e3ba\msimsg.dll
    + 2009-07-13 23:31 . 2009-07-14 01:07 25088 c:\windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.1.7600.16992_none_03430ee914e31348\msimsg.dll
    + 2012-06-17 19:59 . 2012-04-20 04:36 67584 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.21976_none_65355e1331f5480f\mshtmled.dll
    + 2012-04-12 13:03 . 2012-02-28 05:24 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.21931_none_655b9c5131d95998\mshtmled.dll
    + 2012-02-16 10:32 . 2011-12-16 08:58 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.21878_none_65375cc131f37d96\mshtmled.dll
    + 2012-06-17 19:59 . 2012-04-20 04:57 67584 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.17824_none_64dfd05018b0e9e2\mshtmled.dll
    + 2012-04-12 13:03 . 2012-02-28 05:35 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.17785_none_649fef2c18e0adb8\mshtmled.dll
    + 2012-02-16 10:32 . 2011-12-16 07:52 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.17744_none_64ca2e9218c1249d\mshtmled.dll
    + 2012-06-17 19:59 . 2012-04-20 04:51 67584 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.21198_none_633b380534dd7cce\mshtmled.dll
    + 2012-04-12 13:03 . 2012-02-28 05:40 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.21158_none_636677b534bd0d0a\mshtmled.dll
    + 2012-02-16 10:32 . 2011-12-16 07:49 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.21108_none_639c875134948155\mshtmled.dll
    + 2012-06-17 19:59 . 2012-04-20 05:06 67584 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.17006_none_6310e9f21b78aedd\mshtmled.dll
    + 2012-04-12 13:03 . 2012-02-28 05:38 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.16968_none_62d232dc1ba755ef\mshtmled.dll
    + 2012-02-16 10:32 . 2011-12-16 07:59 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.16930_none_62eaa0501b963764\mshtmled.dll
    + 2012-06-17 19:59 . 2012-04-20 04:49 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21198_none_17603da7cc3abb9f\msfeedssync.exe
    + 2012-06-17 19:59 . 2012-04-20 04:51 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21198_none_17603da7cc3abb9f\msfeedsbs.dll
    + 2012-04-12 13:03 . 2012-02-28 05:37 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21158_none_178b7d57cc1a4bdb\msfeedssync.exe
    + 2012-04-12 13:03 . 2012-02-28 05:40 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21158_none_178b7d57cc1a4bdb\msfeedsbs.dll
    + 2012-02-16 10:32 . 2011-12-16 07:46 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21108_none_17c18cf3cbf1c026\msfeedssync.exe
    + 2012-02-16 10:32 . 2011-12-16 07:49 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21108_none_17c18cf3cbf1c026\msfeedsbs.dll
    + 2012-06-17 19:59 . 2012-04-20 05:03 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.17006_none_1735ef94b2d5edae\msfeedssync.exe
    + 2012-06-17 19:59 . 2012-04-20 05:06 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.17006_none_1735ef94b2d5edae\msfeedsbs.dll
    + 2012-04-12 13:03 . 2012-02-28 05:35 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16968_none_16f7387eb30494c0\msfeedssync.exe
    + 2012-04-12 13:03 . 2012-02-28 05:38 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16968_none_16f7387eb30494c0\msfeedsbs.dll
    + 2012-02-16 10:32 . 2011-12-16 07:56 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16930_none_170fa5f2b2f37635\msfeedssync.exe
    + 2012-02-16 10:32 . 2011-12-16 07:59 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16930_none_170fa5f2b2f37635\msfeedsbs.dll
    + 2012-06-17 19:59 . 2012-04-20 04:51 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.21198_none_e4f3a688416b70a7\licmgr10.dll
    + 2012-04-12 13:03 . 2012-02-28 05:40 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.21158_none_e51ee638414b00e3\licmgr10.dll
    + 2012-02-16 10:32 . 2011-12-16 07:48 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.21108_none_e554f5d44122752e\licmgr10.dll
    + 2012-06-17 19:59 . 2012-04-20 05:05 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.17006_none_e4c958752806a2b6\licmgr10.dll
    + 2012-04-12 13:03 . 2012-02-28 05:38 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.16968_none_e48aa15f283549c8\licmgr10.dll
    + 2012-02-16 10:32 . 2011-12-16 07:58 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.16930_none_e4a30ed328242b3d\licmgr10.dll
    + 2012-06-17 19:59 . 2012-05-15 02:51 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21995_none_1edec8079074b38c\WininetPlugin.dll
    + 2012-06-17 19:59 . 2012-05-15 02:49 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21995_none_1edec8079074b38c\jsproxy.dll
    + 2012-04-12 13:03 . 2012-02-28 05:25 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21931_none_1f1ba6679047a68a\WininetPlugin.dll
    + 2012-04-11 11:10 . 2012-02-28 05:24 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21931_none_1f1ba6679047a68a\jsproxy.dll
    + 2012-02-16 10:32 . 2011-12-16 09:00 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21878_none_1ef766d79061ca88\WininetPlugin.dll
    + 2012-02-16 10:32 . 2011-12-16 08:57 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21878_none_1ef766d79061ca88\jsproxy.dll
    + 2012-06-17 19:59 . 2012-05-15 03:03 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17842_none_1e8839fa77313c08\WininetPlugin.dll
    + 2012-06-17 19:59 . 2012-05-15 03:00 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17842_none_1e8839fa77313c08\jsproxy.dll
    + 2012-04-12 13:03 . 2012-02-28 05:38 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17785_none_1e5ff942774efaaa\WininetPlugin.dll
    + 2012-04-12 13:03 . 2012-02-28 05:34 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17785_none_1e5ff942774efaaa\jsproxy.dll
    + 2012-02-16 10:32 . 2011-12-16 07:54 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17744_none_1e8a38a8772f718f\WininetPlugin.dll
    + 2012-02-16 10:32 . 2011-12-16 07:52 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17744_none_1e8a38a8772f718f\jsproxy.dll
    + 2012-06-17 19:59 . 2012-05-15 03:08 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21215_none_1d4ec283930d9b5a\WininetPlugin.dll
    + 2012-06-17 19:59 . 2012-05-15 03:04 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21215_none_1d4ec283930d9b5a\jsproxy.dll
    + 2012-04-12 13:03 . 2012-02-28 05:44 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21158_none_1d2681cb932b59fc\WininetPlugin.dll
    + 2012-04-12 13:03 . 2012-02-28 05:40 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21158_none_1d2681cb932b59fc\jsproxy.dll
    + 2012-02-16 10:32 . 2011-12-16 07:51 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21108_none_1d5c91679302ce47\WininetPlugin.dll
    + 2012-02-16 10:32 . 2011-12-16 07:48 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21108_none_1d5c91679302ce47\jsproxy.dll
    + 2012-06-17 19:59 . 2012-05-15 03:08 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17024_none_1cb9539c79f90103\WininetPlugin.dll
    + 2012-06-17 19:59 . 2012-05-15 03:06 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17024_none_1cb9539c79f90103\jsproxy.dll
    + 2012-04-12 13:03 . 2012-02-28 05:40 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16968_none_1c923cf27a15a2e1\WininetPlugin.dll
    + 2012-04-12 13:03 . 2012-02-28 05:38 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16968_none_1c923cf27a15a2e1\jsproxy.dll
    + 2012-02-16 10:32 . 2011-12-16 08:02 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16930_none_1caaaa667a048456\WininetPlugin.dll
    + 2012-02-16 10:32 . 2011-12-16 07:58 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16930_none_1caaaa667a048456\jsproxy.dll
    + 2012-04-12 13:09 . 2012-03-01 05:31 19824 c:\windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.21933_none_27ccb28db5c2160c\fs_rec.sys
    + 2012-04-12 13:09 . 2012-03-01 05:46 19824 c:\windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.17787_none_271105689cc96a2c\fs_rec.sys
    + 2012-04-12 13:09 . 2012-03-01 05:34 19312 c:\windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7600.21160_none_25c2bb21b8b6e809\fs_rec.sys
    + 2012-04-12 13:09 . 2012-03-01 05:53 19312 c:\windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.1.7600.16970_none_252e76489fa130ee\fs_rec.sys
    + 2010-05-28 00:39 . 2012-06-21 16:42 52632 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 04:55 . 2012-06-21 16:42 31734 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2010-05-27 22:35 . 2012-06-21 16:42 21048 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1690226732-1544728178-401627873-1000_UserData.bin
    + 2011-06-11 00:58 . 2011-06-11 00:58 51024 c:\windows\System32\vcomp100.dll
    + 2012-06-20 18:45 . 2010-05-16 03:00 12288 c:\windows\System32\spool\drivers\w32x86\3\CNMW3A4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 59024 c:\windows\System32\spool\drivers\w32x86\3\CNMVSA4.EXE
    + 2012-06-20 18:45 . 2010-05-16 03:00 14336 c:\windows\System32\spool\drivers\w32x86\3\CNMVSA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 78336 c:\windows\System32\spool\drivers\w32x86\3\CNMSRA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 89600 c:\windows\System32\spool\drivers\w32x86\3\CNMSQA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 17552 c:\windows\System32\spool\drivers\w32x86\3\CNMSEA4.EXE
    + 2012-06-20 18:45 . 2010-05-16 03:00 93696 c:\windows\System32\spool\drivers\w32x86\3\CNMSDA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 12288 c:\windows\System32\spool\drivers\w32x86\3\CNMPIA4.DLL
    + 2012-06-20 18:45 . 2010-05-15 22:00 30320 c:\windows\System32\spool\drivers\w32x86\3\CNMP2A4.DAT
    + 2012-06-20 18:45 . 2010-05-15 22:00 27140 c:\windows\System32\spool\drivers\w32x86\3\CNMP1A4.DAT
    + 2012-06-20 18:45 . 2010-05-15 22:00 23280 c:\windows\System32\spool\drivers\w32x86\3\CNMP0A4.DAT
    + 2012-06-20 18:45 . 2010-05-16 03:00 27648 c:\windows\System32\spool\drivers\w32x86\3\CNMOPA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 62976 c:\windows\System32\spool\drivers\w32x86\3\CNMLHA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 86016 c:\windows\System32\spool\drivers\w32x86\3\CNMICA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 57856 c:\windows\System32\spool\drivers\w32x86\3\CNMEIA4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 13824 c:\windows\System32\spool\drivers\w32x86\3\CNMBU3A4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 35840 c:\windows\System32\spool\drivers\w32x86\3\CNMBS3A4.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 13824 c:\windows\System32\spool\drivers\w32x86\3\CNMBM3A4.DLL
    + 2012-03-08 23:26 . 2012-03-08 23:26 54784 c:\windows\System32\OVDecode.dll
    + 2012-03-08 23:26 . 2012-03-08 23:26 64512 c:\windows\System32\OpenVideo.dll
    + 2012-03-08 23:24 . 2012-03-08 23:24 48128 c:\windows\System32\OpenCL.dll
    + 2012-06-17 19:59 . 2012-04-20 04:57 67584 c:\windows\System32\mshtmled.dll
    - 2011-12-15 13:40 . 2011-11-05 04:35 68608 c:\windows\System32\migration\WininetPlugin.dll
    + 2012-06-17 19:59 . 2012-05-15 03:03 68608 c:\windows\System32\migration\WininetPlugin.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 81744 c:\windows\System32\mfcm100u.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 81744 c:\windows\System32\mfcm100.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 60752 c:\windows\System32\mfc100rus.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 43344 c:\windows\System32\mfc100kor.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 43856 c:\windows\System32\mfc100jpn.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 62288 c:\windows\System32\mfc100ita.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 64336 c:\windows\System32\mfc100fra.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 63824 c:\windows\System32\mfc100esn.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 55120 c:\windows\System32\mfc100enu.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 64336 c:\windows\System32\mfc100deu.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 36176 c:\windows\System32\mfc100cht.dll
    + 2011-06-11 00:58 . 2011-06-11 00:58 36176 c:\windows\System32\mfc100chs.dll
    - 2010-12-09 04:59 . 2011-10-15 11:53 67584 c:\windows\System32\LogFiles\Srt\bootstat.dat
    + 2010-12-09 04:59 . 2012-04-17 09:56 67584 c:\windows\System32\LogFiles\Srt\bootstat.dat
    + 2012-01-31 05:00 . 2012-01-31 05:00 16896 c:\windows\System32\kdbsdk32.dll
    + 2012-06-17 19:59 . 2012-05-15 03:00 48128 c:\windows\System32\jsproxy.dll
    - 2011-12-15 13:40 . 2011-11-05 04:30 48128 c:\windows\System32\jsproxy.dll
    - 2009-07-14 04:50 . 2012-01-10 12:50 86016 c:\windows\System32\DriverStore\infpub.dat
    + 2009-07-14 04:50 . 2012-06-20 18:50 86016 c:\windows\System32\DriverStore\infpub.dat
    + 2012-06-20 18:45 . 2010-05-16 03:00 12288 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMW3.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 59024 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMVS.EXE
    + 2012-06-20 18:45 . 2010-05-16 03:00 14336 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMVS.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 31232 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRTW.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 79360 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRTR.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 69632 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRTH.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 78336 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRSE.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 82944 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRRU.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 88064 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRPT.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 91648 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRPL.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 77312 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRNO.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 87552 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRNL.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 45056 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRKR.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 45568 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRJ.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 94208 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRIT.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 83456 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRID.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 83968 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRHU.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 95232 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRGR.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 93696 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRFR.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 74752 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRFI.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 93696 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRES.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 83456 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRDK.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 96768 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRDE.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 81408 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRCZ.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 30720 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRCN.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 76288 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSRAR.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 78336 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSR.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 93696 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSMSD.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 57856 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSMOPT.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 17552 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMSE.EXE
    + 2012-06-20 18:45 . 2010-05-16 03:00 89600 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMQUEUE.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 70656 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMPP.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 86016 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMPIC08.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 27136 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMPD.DLL
    + 2012-06-20 18:45 . 2010-05-15 22:00 30320 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMP2.DAT
    + 2012-06-20 18:45 . 2010-05-15 22:00 27140 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMP1.DAT
    + 2012-06-20 18:45 . 2010-05-15 22:00 23280 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMP0.DAT
    + 2012-06-20 18:45 . 2010-05-16 03:00 27648 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMOP9W.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 74752 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMLRTW.DLL
    + 2012-06-20 18:45 . 2010-05-24 03:20 72704 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMLRCN.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 62976 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMLH.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 12288 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMINST.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 13824 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMBZU3.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 35840 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMBZS3.DLL
    + 2012-06-20 18:45 . 2010-05-16 03:00 13824 c:\windows\System32\DriverStore\FileRepository\ip27003.inf_x86_neutral_1429ccb1c06b33d0\CNMBZM3.DLL
    + 2011-12-05 19:47 . 2011-12-05 19:47 86032 c:\windows\System32\DriverStore\FileRepository\atihdw73.inf_x86_neutral_b654f9a4fc08e8ff\AtihdW73.sys
    + 2012-04-09 16:31 . 2010-02-18 07:18 37944 c:\windows\System32\DriverStore\FileRepository\amdio.inf_x86_neutral_ed49fa1e44cc7356\x86\amdiox86.sys
    - 2011-04-15 21:44 . 2010-11-20 10:21 24576 c:\windows\System32\drivers\tdtcp.sys
    + 2012-03-14 13:35 . 2012-02-17 04:13 24576 c:\windows\System32\drivers\tdtcp.sys
    + 2012-03-14 13:05 . 2010-06-17 13:27 28520 c:\windows\System32\drivers\ssmdrv.sys
    + 2010-09-01 08:30 . 2010-09-01 08:30 15544 c:\windows\System32\drivers\psi_mf.sys
    + 2012-05-08 19:27 . 2012-03-17 07:27 56176 c:\windows\System32\drivers\partmgr.sys
    + 2012-04-12 13:09 . 2012-03-01 05:46 19824 c:\windows\System32\drivers\fs_rec.sys
    + 2011-12-05 19:47 . 2011-12-05 19:47 86032 c:\windows\System32\drivers\AtihdW73.sys
    + 2012-04-09 16:31 . 2010-02-18 07:18 37944 c:\windows\System32\drivers\amdiox86.sys
    + 2010-05-28 07:21 . 2012-06-21 16:40 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-05-28 07:21 . 2012-02-06 22:13 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-05-28 07:21 . 2012-02-06 22:13 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-05-28 07:21 . 2012-06-21 16:40 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:41 . 2012-02-06 22:13 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:41 . 2012-06-21 16:40 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2012-06-20 18:50 . 2009-09-10 06:59 74752 c:\windows\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series\RES\DLL\IJInstJP.dll
    + 2010-05-28 01:24 . 2012-05-10 13:24 87952 c:\windows\System32\Adobe\Shockwave 11\uninstaller.exe
    + 2012-04-26 13:05 . 2012-04-26 13:05 86016 c:\windows\System32\Adobe\Shockwave 11\SwMenu.dll
    + 2012-04-26 13:06 . 2012-04-26 13:06 12800 c:\windows\System32\Adobe\Shockwave 11\DynaPlayer.dll
    + 2012-06-02 13:19 . 2012-06-02 13:19 73088 c:\windows\SoftwareDistribution\SelfUpdate\Handler\WuSetupV.exe
    - 2010-05-28 14:02 . 2012-02-06 18:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-05-28 14:02 . 2012-06-21 16:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-05-28 14:02 . 2012-02-06 18:00 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-05-28 14:02 . 2012-06-21 16:41 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2010-05-28 14:02 . 2012-02-06 18:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2010-05-28 14:02 . 2012-06-21 16:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2010-05-28 01:05 . 2012-02-07 00:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-05-28 01:05 . 2012-06-21 18:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-05-28 01:05 . 2012-02-07 00:14 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2010-05-28 01:05 . 2012-06-21 18:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2011-12-15 11:08 . 2011-12-15 11:08 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319
    lssorting.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
    - 2012-01-12 00:43 . 2012-01-12 00:43 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
    + 2012-06-17 20:18 . 2012-06-17 20:18 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    + 2012-06-17 20:16 . 2012-06-17 20:16 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
    + 2012-06-17 20:16 . 2012-06-17 20:16 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    + 2012-06-17 20:17 . 2012-06-17 20:17 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
    + 2012-06-17 20:16 . 2012-06-17 20:16 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
    - 2012-01-12 00:41 . 2012-01-12 00:41 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    + 2012-06-17 20:16 . 2012-06-17 20:16 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    + 2012-06-17 20:16 . 2012-06-17 20:16 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    - 2012-01-12 00:42 . 2012-01-12 00:42 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    + 2012-04-09 16:35 . 2012-04-09 16:35 88102 c:\windows\Installer\{FB1AB8BD-1E5E-801C-8D7B-1AFE2FF56D98}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{F2E75C41-BC7C-CCED-F256-315606C1B78A}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{EF2BD927-882D-5E34-CCCA-7996F02D4A58}\ARPPRODUCTICON.exe
    + 2012-04-09 16:35 . 2012-04-09 16:35 88102 c:\windows\Installer\{EA1B2D63-0BFF-D835-BEC7-DDE7E6ED533E}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{E6EA0901-26B5-B5AB-1D4A-C5B813A7C28A}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{D5492756-797A-3159-2884-B0AC316BA402}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{D51FA888-D049-D0C1-0D0D-413AD807F6C2}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{D49A2C7D-7A30-3228-1681-D2ECEA7F2384}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{CE542405-C7A3-4378-7875-22FB390417EE}\ARPPRODUCTICON.exe
    + 2012-04-09 16:36 . 2012-04-09 16:36 10134 c:\windows\Installer\{A25FF1C0-80B6-4B8B-A551-DC525697A408}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{9068138F-A645-D843-2CDB-1BA5B3F88C85}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{8C8C4386-E066-5B31-45EB-B1EBB6C51335}\ARPPRODUCTICON.exe
    + 2011-04-01 15:27 . 2012-05-08 20:02 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
    - 2011-04-01 15:27 . 2011-10-15 20:20 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
    + 2012-04-09 16:32 . 2012-04-09 16:32 88102 c:\windows\Installer\{898452E4-BF03-06A8-7025-C6ED291F5436}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{80BB0FBD-E8FB-03BD-BFA2-7B07A150465A}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{757053BB-E8F0-92C8-B371-068814BF03BC}\ARPPRODUCTICON.exe
    + 2012-04-09 16:32 . 2012-04-09 16:32 88102 c:\windows\Installer\{73F83F23-9A4C-6613-F3EF-79CA422AD039}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{6B79AB77-6019-8F3A-D588-5155A5C1D1EC}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{692F120E-502C-D960-8303-4AFA54CFC2D1}\ARPPRODUCTICON.exe
    + 2012-05-10 13:25 . 2012-05-10 13:25 10134 c:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{5D312297-9A50-238C-073F-DCB8631EB932}\ARPPRODUCTICON.exe
    + 2012-04-09 16:35 . 2012-04-09 16:35 88102 c:\windows\Installer\{5749497B-4DE5-0779-39A2-5467A18345E2}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{48A4C2FB-19CC-DCFF-905E-1EA410D73254}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{45221ADE-1BD3-D646-5D1D-BC6195C57920}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{44180209-5739-1C09-2754-900359BC19BB}\ARPPRODUCTICON.exe
    + 2012-05-16 21:24 . 2012-05-16 21:24 10134 c:\windows\Installer\{4183178B-4D4E-48A7-9257-454BA90A760E}\ARPPRODUCTICON.exe
    + 2012-04-09 16:36 . 2012-04-09 16:36 88102 c:\windows\Installer\{408C283D-C8BC-E91A-7C76-5A1DA8C7E22E}\ARPPRODUCTICON.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{3FAE03EC-B15D-B030-B2C8-5F2739FE42C0}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{3FAE03EC-B15D-B030-B2C8-5F2739FE42C0}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{3FAE03EC-B15D-B030-B2C8-5F2739FE42C0}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{3FAE03EC-B15D-B030-B2C8-5F2739FE42C0}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{3FAE03EC-B15D-B030-B2C8-5F2739FE42C0}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{33350913-28DD-EC5B-F103-DD75666B9FAB}\ARPPRODUCTICON.exe
    + 2012-04-09 16:31 . 2012-04-09 16:31 10134 c:\windows\Installer\{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}\ARPPRODUCTICON.exe
    + 2012-04-09 16:33 . 2012-04-09 16:33 88102 c:\windows\Installer\{26C1037A-FEFC-9EE9-B242-1C4994623F6A}\ARPPRODUCTICON.exe
    + 2012-04-09 16:32 . 2012-04-09 16:32 88102 c:\windows\Installer\{23BEF34F-8855-0079-E63E-DCC9666E3FAB}\ARPPRODUCTICON.exe
    + 2012-04-09 16:27 . 2012-04-09 16:27 88102 c:\windows\Installer\{0FD3B831-0377-FEA8-DA02-B0FB6D1F864F}\ARPPRODUCTICON.exe
    + 2012-04-09 16:32 . 2012-04-09 16:32 88102 c:\windows\Installer\{0A8EBFEC-E858-FB86-930A-F33B74254442}\ARPPRODUCTICON.exe
    + 2012-04-09 16:32 . 2012-04-09 16:32 88102 c:\windows\Installer\{0A691580-5138-36C7-C54C-1C954BA50E8C}\ARPPRODUCTICON.exe
    + 2012-04-09 16:34 . 2012-04-09 16:34 88102 c:\windows\Installer\{0922A4C1-65EE-21F4-6C38-48EBB91CA265}\ARPPRODUCTICON.exe
    + 2012-01-03 08:45 . 2012-01-03 08:45 16832 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\ViewerPS.dll
    + 2012-01-03 21:51 . 2012-01-03 21:51 37296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\reader_sl.exe
    + 2012-01-03 08:44 . 2012-01-03 08:44 79280 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\PDFPrevHndlr.dll
    + 2012-01-03 21:15 . 2012-01-03 21:15 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\eula.exe
    + 2012-01-03 20:52 . 2012-01-03 20:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\acrotextextractor.exe
    + 2012-01-03 07:19 . 2012-01-03 07:19 16824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroRd32Info.exe
    + 2012-01-03 07:16 . 2012-01-03 07:16 75200 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\acroiehelpershim.dll
    + 2012-01-03 07:16 . 2012-01-03 07:16 61888 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0500000010\9.5.0\AcroIEHelper.dll
    + 2012-05-08 21:41 . 2012-05-08 21:41 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4add87007e0864467659e6a248a7fe06\UIAutomationProvider.ni.dll
    + 2012-05-08 21:43 . 2012-05-08 21:43 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\28caa2ab8a4999900321b653e8b6ddc1\System.Windows.Presentation.ni.dll
    + 2012-05-08 21:43 . 2012-05-08 21:43 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\4967f3e8b106851802f212e963bb8735\System.Web.ApplicationServices.ni.dll
    + 2012-05-08 21:43 . 2012-05-08 21:43 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\7f49661d0e79763b30e9e99e714409a3\System.ServiceModel.Channels.ni.dll
    + 2012-05-08 21:41 . 2012-05-08 21:41 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\a5c37bc9caf315df294f8b680a1ccd6f\System.AddIn.Contract.ni.dll
    + 2012-05-08 21:41 . 2012-05-08 21:41 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\5ccc57bb582bf753166610089f204601\Microsoft.VisualC.ni.dll
    + 2012-05-08 21:40 . 2012-05-08 21:40 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\414da765b5d5bb7fde97c0ea22de7d74\Accessibility.ni.dll
    + 2012-05-08 20:24 . 2012-05-08 20:24 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll
    + 2012-05-08 21:40 . 2012-05-08 21:40 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\66d750f3f8dde0cc865f921497ab3545\System.Windows.Presentation.ni.dll
    + 2012-06-18 18:44 . 2012-06-18 18:44 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\2b97ccae44726f13c418f1406180c3e8\System.Web.DynamicData.Design.ni.dll
    + 2012-05-08 21:39 . 2012-05-08 21:39 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\543b0e12423bcec010bdd2ac27c5dc04\System.ComponentModel.DataAnnotations.ni.dll
    + 2012-05-08 20:25 . 2012-05-08 20:25 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f34410ab8e82063735d876533db26c49\System.AddIn.Contract.ni.dll
    + 2012-05-08 21:39 . 2012-05-08 21:39 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\d24744f15243e28ea541a459ff7ff5d5\PresentationFontCache.ni.exe
    + 2012-05-08 20:24 . 2012-05-08 20:24 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5a9d0ff936810991cedd098fe006a9be\PresentationCFFRasterizer.ni.dll
    + 2012-05-08 21:39 . 2012-05-08 21:39 79872 c:\windows\assembly\NativeImages_v2.0.50727_32
    apcrypt\87a30ba337ed55d0905f19742e2985bc
    apcrypt.ni.dll
    + 2012-05-08 21:39 . 2012-05-08 21:39 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\4dfb3296f29647ef0a4b213ff3de69b8\Microsoft.WSMan.Runtime.ni.dll
    + 2012-05-08 21:39 . 2012-05-08 21:39 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb42a0f25b7608b2675080081b03f6e5\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
    +
  • sorry, ik begrijp niet wat je bedoelt
  • Het is echt niet moeilijk hoor.
    Je verwijdert gewoon alles wat onder:

    ((((((((((((((((((((((((((((( SnapShot@2012-02-07_00.52.18 ))))))))))))))))))))))))))))))))))))))))) staat.

    Doorgaans zal je dan als volgende dit dan zien:

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    Vanaf dat punt laat je het log dan weer verder gaan.
  • Ik denk dat er wat anders aan de hand kan zijn.

    Het gaat zeker alleen fout bij films?

    Als je maar 2 of speakers gebruikt, en je audio ingesteld staat op surround (5.1) krijg je dit effect.

    Bij 5.1 wordt spraak voornamelijk via de de center speaker afgespeeld. En zonder die speaker wordt het geluid dan erg vaag.
  • Inderdaad, alleen bij films, en ik gebruik maar 2 speakers.
  • Inderdaad zou ik in eerste instantie de instelling van je audio eens controlleren en die op 2 speakers zetten.
  • ComboFix 12-06-21.02 - Walop 21/06/2012 20:31:49.6.4 - x86
    Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1033.18.3327.2403 [GMT 2:00]
    Gestart vanuit: c:\users\Walop\Desktop\ComboFix.exe
    AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-05-21 to 2012-06-21 ))))))))))))))))))))))))))))))
    .
    .
    2012-06-21 18:38 . 2012-06-21 18:38 ——– d—–w- c:\users\Public\AppData\Local\temp
    2012-06-21 18:38 . 2012-06-21 18:38 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-06-21 18:38 . 2012-06-21 18:38 ——– d—–w- c:\users\boinc_master\AppData\Local\temp
    2012-06-21 13:16 . 2012-06-02 22:19 53784 —-a-w- c:\windows\system32\wuauclt.exe
    2012-06-21 13:16 . 2012-06-02 22:19 45080 —-a-w- c:\windows\system32\wups2.dll
    2012-06-21 13:16 . 2012-06-02 22:19 1933848 —-a-w- c:\windows\system32\wuaueng.dll
    2012-06-21 13:16 . 2012-06-02 22:12 2422272 —-a-w- c:\windows\system32\wucltux.dll
    2012-06-21 13:15 . 2012-06-02 22:19 35864 —-a-w- c:\windows\system32\wups.dll
    2012-06-21 13:15 . 2012-06-02 22:19 577048 —-a-w- c:\windows\system32\wuapi.dll
    2012-06-21 13:15 . 2012-06-02 22:12 88576 —-a-w- c:\windows\system32\wudriver.dll
    2012-06-21 13:10 . 2012-06-02 13:19 171904 —-a-w- c:\windows\system32\wuwebv.dll
    2012-06-21 13:10 . 2012-06-02 13:12 33792 —-a-w- c:\windows\system32\wuapp.exe
    2012-06-20 22:37 . 2012-06-21 18:32 56200 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4887FAFE-4194-40C6-B0B0-E9352116260C}\offreg.dll
    2012-06-20 18:50 . 2012-06-20 18:50 ——– d–h–w- c:\windows\system32\CanonIJ Uninstaller Information
    2012-06-20 18:49 . 2012-06-20 18:49 ——– d–h–w- c:\programdata\CanonBJ
    2012-06-20 18:49 . 2010-05-16 03:00 70656 —-a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPA4.DLL
    2012-06-20 18:49 . 2010-05-16 03:00 27136 —-a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDA4.DLL
    2012-06-20 18:45 . 2010-05-16 03:00 277504 —-a-w- c:\windows\system32\CNMLMA4.DLL
    2012-06-19 23:16 . 2012-06-20 20:50 ——– d—–w- c:\users\Walop\AppData\Roaming\vlc
    2012-06-19 14:02 . 2012-05-31 03:41 6762896 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4887FAFE-4194-40C6-B0B0-E9352116260C}\mpengine.dll
    2012-06-17 19:57 . 2012-04-28 03:17 183808 —-a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-06-17 19:50 . 2012-04-07 11:26 2342400 —-a-w- c:\windows\system32\msi.dll
    2012-06-17 19:50 . 2012-05-15 01:05 2343936 —-a-w- c:\windows\system32\win32k.sys
    2012-06-17 19:49 . 2012-04-26 04:45 58880 —-a-w- c:\windows\system32\rdpwsx.dll
    2012-06-17 19:49 . 2012-04-26 04:45 129536 —-a-w- c:\windows\system32\rdpcorekmts.dll
    2012-06-17 19:49 . 2012-04-26 04:41 8192 —-a-w- c:\windows\system32\rdrmemptylst.exe
    2012-06-17 19:48 . 2012-05-01 04:44 164352 —-a-w- c:\windows\system32\profsvc.dll
    2012-06-17 19:47 . 2012-04-24 04:36 1158656 —-a-w- c:\windows\system32\crypt32.dll
    2012-06-17 19:47 . 2012-04-24 04:36 140288 —-a-w- c:\windows\system32\cryptsvc.dll
    2012-06-17 19:47 . 2012-04-24 04:36 103936 —-a-w- c:\windows\system32\cryptnet.dll
    2012-06-09 15:38 . 2012-06-09 15:38 ——– d—–w- c:\users\Walop\AppData\Local\AMD
    2012-06-09 15:37 . 2012-06-09 15:37 ——– d—–w- c:\programdata\ATI
    2012-05-29 22:08 . 2012-05-29 22:08 48648 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
    2012-05-29 22:08 . 2012-05-29 22:08 856712 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2012-05-29 17:42 . 2012-05-29 22:22 ——– d—–w- c:\users\Walop\AppData\Roaming\Sweetpacks
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-05-10 20:31 . 2012-04-23 09:59 419488 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-05-10 20:31 . 2011-05-14 10:48 70304 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-05-10 13:29 . 2010-06-06 14:01 472808 —-a-w- c:\windows\system32\deployJava1.dll
    2012-05-08 17:16 . 2012-03-14 13:05 83392 —-a-w- c:\windows\system32\drivers\avgntflt.sys
    2012-05-08 17:16 . 2012-03-14 13:05 137928 —-a-w- c:\windows\system32\drivers\avipbb.sys
    2012-04-16 19:22 . 2012-03-14 13:05 36000 —-a-w- c:\windows\system32\drivers\avkmgr.sys
    2012-03-31 04:39 . 2012-05-08 19:27 3968368 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2012-03-31 04:39 . 2012-05-08 19:27 3913072 —-a-w- c:\windows\system32
    toskrnl.exe
    2012-03-30 10:23 . 2012-05-08 19:27 1291632 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2012-04-21 01:18 . 2011-04-30 16:50 97208 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-02-07_00.52.18 )))))))))))))))))))))))))))))))))))))))))
    .

    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
    2012-04-24 12:24 1310000 —-a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-04-24 1310000]
    .
    [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
    [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
    [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
    [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Gadwin PrintScreen Pro"="c:\program files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe" [2010-10-14 507904]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-09 636032]
    "WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2012-04-15 374368]
    .
    c:\users\Walop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    MiniReminder.lnk - c:\users\Walop\MiniReminder\MiniReminder.exe [2010-11-8 143360]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Secunia PSI Tray.lnk - d:\program files\SECUNIA\PSI\psi_tray.exe [2011-10-14 291896]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\SEARCH~1\Datamngr\datamngr.dll c:\progra~1\SEARCH~1\Datamngr\IEBHO.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKLM\~\startupfolder\C:^Users^Walop^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MiniReminder.lnk]
    path=c:\users\Walop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MiniReminder.lnk
    backup=c:\windows\pss\MiniReminder.lnk.Startup
    backupExtension=.Startup
    .
    [HKLM\~\startupfolder\C:^Users^Walop^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
    path=c:\users\Walop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
    backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2012-01-02 09:07 843712 —-a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2012-03-27 12:41 37296 —-a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
    2011-09-27 06:22 59240 —-a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\boincmgr]
    2012-02-24 10:43 4519008 —-a-w- d:\program files\BOINC\gridrepublic.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPMonitor]
    2009-07-21 10:50 84464 —-a-w- c:\program files\Roxio 2010\5.0\CPMonitor.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
    2009-06-23 00:18 494064 —-a-w- c:\program files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen Pro]
    2010-10-14 08:03 507904 —-a-w- c:\program files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    2011-06-21 12:51 136176 —-atw- c:\users\Walop\AppData\Local\Google\Update\GoogleUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
    2009-07-24 07:33 240112 —-a-w- c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
    2012-03-09 00:30 636032 —-a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    .
    R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [2009-07-24 219632]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 257696]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
    R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-29 129976]
    R3 RoxMediaDB12;RoxMediaDB12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [2009-07-24 1116656]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-28 1343400]
    S0 DiskSec;Magix Volume Filter Driver; [x]
    S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2011-08-08 98928]
    S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-04-16 36000]
    S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 158512]
    S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 91440]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-04-20 176128]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-03-08 291840]
    S2 AntiVirMailService;Avira Mail Protection;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2012-05-01 375760]
    S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
    S2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-01 465360]
    S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-02-01 46720]
    S2 Secunia PSI Agent;Secunia PSI Agent;d:\program files\Secunia\PSI\PSIA.exe [2011-10-14 994360]
    S2 Secunia Update Agent;Secunia Update Agent;d:\program files\Secunia\PSI\sua.exe [2011-10-14 399416]
    S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-08-29 665200]
    S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-04-19 243712]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-05 86032]
    S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
    S3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\DRIVERS\VSTBS23.SYS [2009-07-13 266752]
    S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
    S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
    S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752]
    S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 116016]
    S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-10-21 1102848]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - 40878445
    *Deregistered* - 40878445
    *Deregistered* - cpuz132
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-06-21 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 20:31]
    .
    2012-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1690226732-1544728178-401627873-1000Core.job
    - c:\users\Walop\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-21 12:51]
    .
    2012-06-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1690226732-1544728178-401627873-1000UA.job
    - c:\users\Walop\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-21 12:51]
    .
    2012-06-21 c:\windows\Tasks\PCCT - MAGIX AG.job
    - c:\program files\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe [2010-10-31 12:35]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2504091
    LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
    LSP: %SystemRoot%\system32\vsocklib.dll
    TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
    FF - ProfilePath - c:\users\Walop\AppData\Roaming\Mozilla\Firefox\Profiles\fyygn3jj.default\
    FF - prefs.js: browser.search.defaulturl -
    FF - prefs.js: browser.search.selectedEngine - Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406
    FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=
    FF - user.js: yahoo.homepage.dontask - true
    FF - user.js: extentions.y2layers.installId - 1a5bb821-802b-4018-b11f-8bd5b95919a2
    FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics
    FF - user.js: extensions.autoDisableScopes - 14
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
    Toolbar-10 - (no file)
    MSConfigStartUp-boinctray - d:\program files\BOINC\boinctray.exe
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2012-06-21 20:40:41
    ComboFix-quarantined-files.txt 2012-06-21 18:40
    ComboFix2.txt 2012-02-15 23:42
    ComboFix3.txt 2012-02-15 23:01
    ComboFix4.txt 2012-02-15 22:03
    ComboFix5.txt 2012-06-21 18:28
    .
    Pre-Run: 331,478,196,224 bytes free
    Post-Run: 332,168,552,448 bytes free
    .
    - - End Of File - - 57D9DDB7F25CBC6B0741232BD196C6F1
  • Ik heb de speaker instellingen teruggezet naar "default", en daardoor de "enhancements" uitgezet. De spraak in films is nu weer normaal. Prima advies :):)
    Heel erg bedankt, iedereen.
    (Ik heb die ComboFix log toch maar gestuurd want ik had hem nu eenmaal.)
  • Ook jij hebt die vieze Datamanager in jouw Windows!

    [b:9a4375f018]Welk programma[/b:9a4375f018]: Zoek.exe
    [b:9a4375f018]Waarvoor/waarom[/b:9a4375f018]: multifunktioneel tool
    [b:9a4375f018]Moeilijkheidsgraad[/b:9a4375f018]: geen.
    [b:9a4375f018]Download[/b:9a4375f018]: [b:9a4375f018]zoek.exe[/b:9a4375f018]

    [b:9a4375f018]"Zoek.exe" gebruiken[/b:9a4375f018]:
    [list:9a4375f018][*:9a4375f018] [b:9a4375f018]Sluit nu eerst alle nog openstaande programmavensters![/color:9a4375f018][/b:9a4375f018]
    [*:9a4375f018]Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    [b:9a4375f018]hier[/color:9a4375f018][/b:9a4375f018] of [b:9a4375f018]hier[/b:9a4375f018][/color:9a4375f018] kan je lezen hoe je dat doet.
    [list:9a4375f018][*:9a4375f018][b:9a4375f018]Windows 2000[/color:9a4375f018][/b:9a4375f018] en [b:9a4375f018]Windows XP[/b:9a4375f018][/color:9a4375f018]: start het tool middels dubbelklik op "[i:9a4375f018]Zoek.exe[/i:9a4375f018]".
    [*:9a4375f018][b:9a4375f018]Windows Vista[/b:9a4375f018][/color:9a4375f018] en [b:9a4375f018]Windows 7[/b:9a4375f018][/color:9a4375f018]: start het tool middels rechtsklik op "[i:9a4375f018]Zoek.exe[/i:9a4375f018]" en dan kiezen voor [i:9a4375f018][b:9a4375f018]Als Administrator uitvoeren[/b:9a4375f018][/i:9a4375f018].[/list:u:9a4375f018]

    [*:9a4375f018]Vervolgens zal er een nieuw venster openen.
    [*:9a4375f018]Met je muis selecteer je nu de volgende keuze "[b:9a4375f018]Custom search[/color:9a4375f018][/b:9a4375f018]"(2e keuzerondje onder het invulvenster)
    [*:9a4375f018]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege invulvenster

    [b:9a4375f018]
    Datamngr;
    datamngr.dll;
    IEBHO.dll ;
    [/color:9a4375f018][/b:9a4375f018]

    [*:9a4375f018]Klik nu op de knop "[b:9a4375f018]Run script[/color:9a4375f018][/b:9a4375f018]".
    [*:9a4375f018]Wacht vervolgens geduldig af tot er een logje opent.
    [*:9a4375f018]Post dan de inhoud van het geopende logje in het volgende bericht.[/list:u:9a4375f018]

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.