Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Youprofitclub ad: wie helpt met mn log?

None
28 antwoorden
  • Hallo,

    Ik had eerst mn log in iemand anders zn topic gezet, zonder te weten dat dit 'not done' is. Daarom maak ik hierbij een nieuw topic aan: ik heb allerleid anti-adware programmas en een antivirus laten scannen maar ik kom er maar niet vanaf. Denk dat ik mijn laptop nooit meer uitleen…

    Het probleem is dat ik in Firefox en in IE om de zoveel tijd random doorverwezen wordt naar een ad-pagina, heel vervelend. Ook looptie vaak vast. Nu gebruik ik Opera en die doet het prima. "Ad served by Youprofitclub". Verder kan je het bij programma's desinstalleren, maar dan moet je een ww invoeren die op je scherm staat en weet niet of dit zon verstandig idee is. Hopelijk kan iemand me hepen!!

    Alvast bedankt…

    Komtie:


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 20:41:29, on 3/11/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16722)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
    C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
    C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
    C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files (x86)\Opera\opera.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe"
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
    O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe"

    O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O4 - Startup: Update.lnk = C:\Windows\System32\rundll32.exe
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\windows\SysWOW64
    vinit.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
    O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
    O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32
    vvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 12769 bytes
  • Een van de mods hier heeft jou oorspronkelijk post al zelfstandig gemaakt, inclusief mijn antwoord op jouw log.

    Dus ga vanaf nu verder met http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1448946#1448946
  • Hallo,

    Dat andere topic is gesloten, en mijn probleem is helaas nogsteeds niet opgelost. Ik weet niet of ik nu hier verder moet gaan of…?

    Ik heb in ieder geval de antivirus gerund (avast), en het probleem is er nog steeds. Ik post wel een nieuwe log, hopelijk kan iemand me helpen!

    Voor de duidelijkheid: ik kan proberen die YouProfitClub te uninstallen via configuratiescherm, maar dan moet ik een verificatiecode opgeven die op het scherm staat…het probleem duurt nu zo lang dat ik overweeg dat te doen of is dat heel dom?

    Hierbij mn nieuwe log, na antivirus scan (3 infecties gevonden overigens):

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 13:40:29, on 3/12/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16722)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
    C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
    C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files (x86)\Opera\opera.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe"
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
    O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe"

    O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O4 - Startup: Update.lnk = C:\Windows\System32\rundll32.exe
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\windows\SysWOW64
    vinit.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
    O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
    O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32
    vvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision
    vSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 12931 bytes
  • Dat je voor Avast gekozen hebt is prima!

    Dan gaan we nu verder:

    [b:984c3c8e5e]Welk programma[/b:984c3c8e5e]: Malwarebytes MBAM
    [b:984c3c8e5e]Waarvoor/waarom[/b:984c3c8e5e]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:984c3c8e5e]Moeilijkheidsgraad[/b:984c3c8e5e]: geen.

    [b:984c3c8e5e]Download Malwarebytes MBAM via één van deze locaties[/b:984c3c8e5e]:
    [list:984c3c8e5e] [*:984c3c8e5e][b:984c3c8e5e]Download.com[/b:984c3c8e5e]
    [*:984c3c8e5e][b:984c3c8e5e]Softpedia.com[/b:984c3c8e5e][*:984c3c8e5e][b:984c3c8e5e]Majorgeeks.com[/b:984c3c8e5e][/list:u:984c3c8e5e]
    [b:984c3c8e5e]Allereerst[/b:984c3c8e5e]:[list:984c3c8e5e][*:984c3c8e5e] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
    [*:984c3c8e5e] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'![/list:u:984c3c8e5e]
    [b:984c3c8e5e]Malwarebytes MBAM opstarten[/b:984c3c8e5e]:
    Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
    Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.

    [b:984c3c8e5e]Scannen[/b:984c3c8e5e]:
    [list:984c3c8e5e][*:984c3c8e5e] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
    [*:984c3c8e5e]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:984c3c8e5e]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:984c3c8e5e]
    [b:984c3c8e5e]Infecties gevonden[/b:984c3c8e5e]:
    [list:984c3c8e5e][*:984c3c8e5e]Klik nu eerst op OK om de melding weg te klikken
    [*:984c3c8e5e]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
    [*:984c3c8e5e]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
    [*:984c3c8e5e]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [*:984c3c8e5e]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:984c3c8e5e]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:984c3c8e5e]
    [b:984c3c8e5e]MBAM-Log[/b:984c3c8e5e]:
    [list:984c3c8e5e][*:984c3c8e5e] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:984c3c8e5e]
    [b:984c3c8e5e]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:984c3c8e5e]
  • Dankjewel voor het antwoord!

    Hij heeft niks gevonden, en youprofitclb ads zijn er nogsteeds.. grrr

    Hierbij mn log:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 6012

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    3/12/2011 14:35:25
    mbam-log-2011-03-12 (14-35-25).txt

    Scan type: Quick scan
    Objects scanned: 171154
    Time elapsed: 48 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)
  • Hoi Max, je mag het volgende gaan doen:


    [b:f4a6483ad9]Welk programma[/b:f4a6483ad9]: ComboFix
    [b:f4a6483ad9]Waarvoor/waarom[/b:f4a6483ad9]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen.
    [b:f4a6483ad9]Moeilijkheidsgraad[/b:f4a6483ad9]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:f4a6483ad9]Downloadlokatie[/b:f4a6483ad9]: Dit programma absoluut naar het bureaublad downloaden!
    [b:f4a6483ad9]Download ComboFix via één van deze locaties[/b:f4a6483ad9]:
    [list:f4a6483ad9][*:f4a6483ad9][b:f4a6483ad9]Bleepingcomputer[/b:f4a6483ad9]
    [*:f4a6483ad9][b:f4a6483ad9]ForoSpyware[/b:f4a6483ad9]
    [*:f4a6483ad9][b:f4a6483ad9]Geekstogo[/b:f4a6483ad9][/list:u:f4a6483ad9]
    [b:f4a6483ad9]Hier[/b:f4a6483ad9] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:f4a6483ad9]Hier[/b:f4a6483ad9] en [url=http://www.techsupportforum.com/forums/f50/how-to-

    disable-your-security-applications-490111.html][b:f4a6483ad9]hier[/b:f4a6483ad9] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:f4a6483ad9]Voor alle duidelijkheid nogmaals[/b:f4a6483ad9]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:f4a6483ad9]Opmerkingen[/b:f4a6483ad9]:
    [list:f4a6483ad9][*:f4a6483ad9] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een

    actieve internet verbinding vereist).
    [*:f4a6483ad9]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:f4a6483ad9]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:f4a6483ad9]
    [b:f4a6483ad9]ComboFix is opgestart[/b:f4a6483ad9]:
    [list:f4a6483ad9][*:f4a6483ad9]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:f4a6483ad9]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:f4a6483ad9]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:f4a6483ad9]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:f4a6483ad9]Post de inhoud van dit logbestand in je volgende bericht.
    [*:f4a6483ad9]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:f4a6483ad9]
    [b:f4a6483ad9]Belangrijke opmerking[/b:f4a6483ad9]:
    [list:f4a6483ad9][*:f4a6483ad9][b:f4a6483ad9]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:f4a6483ad9][/b:f4a6483ad9]
    [*:f4a6483ad9][b:f4a6483ad9]Illegal operation attempted on a registery key that has been marked for deletion.[/color:f4a6483ad9][/b:f4a6483ad9]
    [*:f4a6483ad9][b:f4a6483ad9]Start dan de computer opnieuw op.[/color:f4a6483ad9][/b:f4a6483ad9][/list:u:f4a6483ad9]
  • Hee bedankt iig!

    Heb alles uitgezet, firewall, antivirus en adware programmas, maar zag in het log nog wel windows defender staan? Is dit erg? Anders doe ik hem wel opnieuw. Dit is het in ieder geval:

    ComboFix 11-03-11.02 - Max 03/12/2011 17:11:04.2.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3886.1976 [GMT 1:00]
    Running from: c:\users\Max\Desktop\ComboFix.exe
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-02-12 to 2011-03-12 )))))))))))))))))))))))))))))))
    .
    .
    2011-03-12 16:14 . 2011-03-12 16:14 ——– d—–w- c:\users\UpdatusUser\AppData\Local\temp
    2011-03-12 16:14 . 2011-03-12 16:14 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-03-12 15:25 . 2011-03-12 15:26 ——– d—–w- c:\program files (x86)\Common Files\Blizzard Entertainment
    2011-03-12 14:08 . 2011-03-12 14:08 ——– d—–w- c:\programdata\KONAMI
    2011-03-11 22:23 . 2011-03-11 22:23 ——– d—–w- c:\programdata\Electronic Arts
    2011-03-11 22:23 . 2011-03-11 22:23 ——– d—–w- c:\programdata\EA Core
    2011-03-11 20:58 . 2009-09-04 16:44 73544 —-a-w- c:\windows\system32\XAPOFX1_3.dll
    2011-03-11 20:54 . 2011-03-11 20:54 ——– d—–w- c:\programdata\Solidshield
    2011-03-11 20:08 . 2011-03-11 20:08 ——– d—–w- C:\NVIDIA
    2011-03-11 17:52 . 2011-02-23 14:57 280408 —-a-w- c:\windows\system32\drivers\aswSP.sys
    2011-03-11 17:52 . 2011-02-23 14:54 22360 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-03-11 17:52 . 2011-02-23 14:55 53592 —-a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-03-11 17:52 . 2011-02-23 14:55 31064 —-a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-03-11 17:52 . 2011-02-23 14:57 505176 —-a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-03-11 17:52 . 2011-02-23 15:04 238968 —-a-w- c:\windows\system32\aswBoot.exe
    2011-03-11 17:52 . 2011-02-23 14:55 64344 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-03-11 17:51 . 2011-02-23 15:04 40648 —-a-w- c:\windows\avastSS.scr
    2011-03-11 17:51 . 2011-02-23 15:04 190016 —-a-w- c:\windows\SysWow64\aswBoot.exe
    2011-03-11 17:51 . 2011-03-11 17:51 ——– d—–w- c:\programdata\AVAST Software
    2011-03-11 17:51 . 2011-03-11 17:51 ——– d—–w- c:\program files\AVAST Software
    2011-03-11 15:38 . 2007-10-22 02:37 17928 —-a-w- c:\windows\SysWow64\X3DAudio1_2.dll
    2011-03-10 19:00 . 2011-03-10 19:00 ——– d—–w- c:\program files (x86)\Trend Micro
    2011-03-10 18:29 . 2011-03-10 18:29 ——– d—–w- c:\programdata\Malwarebytes
    2011-03-10 18:29 . 2010-12-20 17:09 38224 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-03-10 18:29 . 2011-03-10 18:29 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-03-10 18:29 . 2010-12-20 17:08 24152 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-03-10 18:12 . 2011-03-10 18:29 ——– d—–w- c:\programdata\Spybot - Search & Destroy
    2011-03-10 18:12 . 2011-03-10 18:12 ——– d—–w- c:\program files (x86)\Spybot - Search & Destroy
    2011-03-10 17:37 . 2011-03-10 17:37 ——– d—–w- c:\programdata\SUPERAntiSpyware.com
    2011-03-10 17:37 . 2011-03-10 17:37 ——– d—–w- c:\programdata\!SASCORE
    2011-03-10 17:37 . 2011-03-10 17:37 ——– d—–w- c:\program files\SUPERAntiSpyware
    2011-03-10 17:33 . 2011-03-10 17:33 ——– d—–w- c:\program files\CCleaner
    2011-03-10 12:48 . 2011-03-10 12:48 ——– d—–w- c:\windows\en
    2011-03-10 12:47 . 2011-03-10 12:47 ——– d—–w- c:\program files\Windows Live
    2011-03-10 12:47 . 2011-03-10 12:47 ——– d—–w- c:\program files (x86)\MSN Toolbar
    2011-03-10 12:46 . 2011-03-10 12:47 ——– d—–w- c:\program files (x86)\Bing Bar Installer
    2011-03-10 12:46 . 2009-09-04 16:44 69464 —-a-w- c:\windows\SysWow64\XAPOFX1_3.dll
    2011-03-10 12:46 . 2009-09-04 16:44 515416 —-a-w- c:\windows\SysWow64\XAudio2_5.dll
    2011-03-10 12:46 . 2009-09-04 16:29 453456 —-a-w- c:\windows\SysWow64\d3dx10_42.dll
    2011-03-10 12:46 . 2009-09-04 16:29 523088 —-a-w- c:\windows\system32\d3dx10_42.dll
    2011-03-10 11:31 . 2011-03-09 07:47 16432 —-a-w- c:\windows\system32\lsdelete.exe
    2011-03-10 00:07 . 2011-03-09 07:47 69376 —-a-w- c:\windows\system32\drivers\Lbd.sys
    2011-03-10 00:07 . 2011-03-10 00:07 49752 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    2011-03-10 00:06 . 2011-03-10 00:06 ——– dc-h–w- c:\programdata\{78A29A4D-35CE-4C46-9AC9-2692EE35F0BE}
    2011-03-10 00:05 . 2011-03-10 00:06 ——– d—–w- c:\programdata\Lavasoft
    2011-03-10 00:05 . 2011-03-10 00:05 ——– d—–w- c:\program files (x86)\Lavasoft
    2011-03-10 00:03 . 2011-03-10 00:05 ——– d—–w- c:\program files\iTunes
    2011-03-10 00:03 . 2011-03-10 00:05 ——– d—–w- c:\program files (x86)\iTunes
    2011-03-10 00:03 . 2011-03-10 00:03 ——– d—–w- c:\program files\iPod
    2011-03-08 05:57 . 2011-03-08 05:58 125927 —-a-w- c:\windows\SysWow64\f8d264bc.exe
    2011-03-08 05:57 . 2011-03-08 05:58 50168 —-a-w- c:\windows\SysWow64\wchizyxfpceengfe.exe
    2011-03-04 15:05 . 2011-02-11 07:30 7947600 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8078CBCE-9FB4-4472-A231-BD9D478A0146}\mpengine.dll
    2011-03-01 12:18 . 2011-03-07 19:28 ——– d—–w- c:\programdata\VirtualizedApplications
    2011-02-28 16:22 . 2011-02-28 16:22 ——– d—–w- c:\program files (x86)\Opera
    2011-02-27 17:05 . 2011-03-11 18:34 4277016 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
    2011-02-27 17:05 . 2011-03-11 18:33 42776 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
    2011-02-27 16:01 . 2011-02-27 16:01 737072 —-a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
    2011-02-27 16:01 . 2011-03-12 12:37 4277016 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2011-02-27 16:01 . 2011-03-12 12:37 42776 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2011-02-27 16:01 . 2011-02-27 16:01 539968 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-02-27 13:06 . 2011-02-27 13:06 ——– d—–w- c:\program files (x86)\SopCast
    2011-02-26 21:51 . 2011-02-26 21:51 ——– d—–w- c:\programdata\Hewlett-Packard
    2011-02-26 21:51 . 2009-07-14 01:41 230400 —-a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
    2011-02-26 15:38 . 2011-02-26 15:38 ——– d—–w- c:\program files (x86)\Common Files\Java
    2011-02-26 15:37 . 2011-02-26 15:37 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2011-02-26 15:37 . 2011-02-26 15:37 ——– d—–w- c:\program files (x86)\Java
    2011-02-26 15:37 . 2011-02-26 15:37 ——– d—–w- c:\programdata\McAfee
    2011-02-26 15:24 . 2011-02-26 15:24 ——– d—–w- c:\program files (x86)\Microsoft SQL Server Compact Edition
    2011-02-26 13:21 . 2011-02-26 13:21 ——– d—–w- c:\program files (x86)\PowerISO
    2011-02-26 13:21 . 2010-04-12 08:55 91568 —-a-w- c:\windows\system32\drivers\scdemu.sys
    2011-02-24 06:14 . 2010-09-14 06:45 367104 —-a-w- c:\windows\system32\wcncsvc.dll
    2011-02-24 06:14 . 2010-09-14 06:07 276992 —-a-w- c:\windows\SysWow64\wcncsvc.dll
    2011-02-23 18:42 . 2011-01-07 07:31 442880 —-a-w- c:\windows\SysWow64\XpsPrint.dll
    2011-02-23 18:42 . 2011-01-07 08:07 662528 —-a-w- c:\windows\system32\XpsPrint.dll
    2011-02-23 18:42 . 2011-01-07 08:07 475648 —-a-w- c:\windows\system32\XpsGdiConverter.dll
    2011-02-23 18:42 . 2011-01-07 07:31 288256 —-a-w- c:\windows\SysWow64\XpsGdiConverter.dll
    2011-02-22 21:31 . 2011-02-22 21:31 ——– d—–w- c:\program files (x86)\VideoLAN
    2011-02-22 18:33 . 2009-05-18 12:17 34152 —-a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2011-02-22 18:33 . 2008-04-17 11:12 126312 —-a-w- c:\windows\system32\GEARAspi64.dll
    2011-02-22 18:33 . 2008-04-17 11:12 107368 —-a-w- c:\windows\SysWow64\GEARAspi.dll
    2011-02-22 18:33 . 2011-03-10 00:07 ——– dc—-w- c:\windows\system32\DRVSTORE
    2011-02-22 18:33 . 2011-02-22 18:33 ——– d—–w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
    2011-02-22 18:33 . 2011-02-22 18:33 ——– d—–w- c:\program files (x86)\Guitar Pro 5
    2011-02-22 18:32 . 2011-02-22 18:32 ——– d—–w- c:\program files (x86)\Apple Software Update
    2011-02-22 18:32 . 2011-02-22 18:32 ——– d—–w- c:\program files\Common Files\Apple
    2011-02-22 18:32 . 2011-02-22 18:32 ——– d—–w- c:\program files\Bonjour
    2011-02-22 18:32 . 2011-02-22 18:32 ——– d—–w- c:\program files (x86)\Bonjour
    2011-02-22 18:28 . 2011-02-22 18:28 ——– d—–w- c:\program files (x86)\uTorrent
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin7.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin6.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin5.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin4.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin3.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin2.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin.dll
    2011-02-22 16:14 . 2011-03-10 00:03 ——– d—–w- c:\programdata\Apple Computer
    2011-02-22 16:14 . 2011-02-22 16:14 ——– d—–w- c:\program files (x86)\QuickTime
    2011-02-22 16:13 . 2011-03-10 00:03 ——– d—–w- c:\program files (x86)\Common Files\Apple
    2011-02-22 16:13 . 2011-02-22 16:13 ——– d—–w- c:\programdata\Apple
    2011-02-21 20:42 . 2011-02-21 20:42 ——– d—–w- c:\program files (x86)\Common Files\Skype
    2011-02-21 20:42 . 2011-02-21 20:42 ——– d—–r- c:\program files (x86)\Skype
    2011-02-21 20:41 . 2011-02-21 20:42 ——– d—–w- c:\programdata\Skype
    2011-02-16 19:29 . 2011-02-16 19:29 ——– d—–w- c:\windows\SysWow64\Wat
    2011-02-16 19:29 . 2011-02-16 19:29 ——– d—–w- c:\windows\system32\Wat
    2011-02-16 12:23 . 2009-11-25 11:47 99176 —-a-w- c:\windows\SysWow64\PresentationHostProxy.dll
    2011-02-16 12:23 . 2009-11-25 11:47 49472 —-a-w- c:\windows\SysWow64
    etfxperf.dll
    2011-02-16 12:23 . 2009-11-25 11:47 48960 —-a-w- c:\windows\system32
    etfxperf.dll
    2011-02-16 12:23 . 2009-11-25 11:47 297808 —-a-w- c:\windows\SysWow64\mscoree.dll
    2011-02-16 12:23 . 2009-11-25 11:47 295264 —-a-w- c:\windows\SysWow64\PresentationHost.exe
    2011-02-16 12:23 . 2009-11-25 11:47 1130824 —-a-w- c:\windows\SysWow64\dfshim.dll
    2011-02-16 12:23 . 2009-11-25 11:47 109912 —-a-w- c:\windows\system32\PresentationHostProxy.dll
    2011-02-16 12:23 . 2009-11-25 11:47 444752 —-a-w- c:\windows\system32\mscoree.dll
    2011-02-16 12:23 . 2009-11-25 11:47 320352 —-a-w- c:\windows\system32\PresentationHost.exe
    2011-02-16 12:23 . 2009-11-25 11:47 1942856 —-a-w- c:\windows\system32\dfshim.dll
    2011-02-16 12:23 . 2010-02-23 08:16 294912 —-a-w- c:\windows\system32\browserchoice.exe
    2011-02-16 12:21 . 2010-03-04 04:40 184832 —-a-w- c:\windows\system32\drivers\usbvideo.sys
    2011-02-16 12:21 . 2010-03-04 04:32 243712 —-a-w- c:\windows\system32\drivers\ks.sys
    2011-02-16 09:34 . 2010-10-19 08:47 7680 —-a-w- c:\program files\Internet Explorer\iecompat.dll
    2011-02-15 17:38 . 2011-02-02 16:11 270720 ——w- c:\windows\system32\MpSigStub.exe
    2011-02-15 17:08 . 2011-02-15 17:08 ——– d—–w- c:\program files (x86)\Common Files\Adobe AIR
    2011-02-15 17:08 . 2011-02-15 17:08 ——– d—–w- c:\program files (x86)\Common Files\Adobe
    2011-02-15 17:07 . 2011-03-10 00:08 ——– d—–w- c:\program files (x86)\Microsoft Silverlight
    2011-02-15 17:06 . 2006-11-29 12:06 4398360 —-a-w- c:\windows\system32\d3dx9_32.dll
    2011-02-15 17:06 . 2006-11-29 12:06 3426072 —-a-w- c:\windows\SysWow64\d3dx9_32.dll
    2011-02-15 17:05 . 2011-02-15 17:05 ——– d—–w- c:\program files (x86)\Microsoft
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-03-10 16:59 . 2010-06-24 10:33 18328 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-01-08 03:27 . 2010-09-23 19:27 643688 —-a-w- c:\windows\SysWow64
    vumdshim.dll
    2011-01-08 03:27 . 2010-09-23 19:27 226920 —-a-w- c:\windows\system32
    vinitx.dll
    2011-01-08 03:27 . 2010-09-23 19:27 192616 —-a-w- c:\windows\SysWow64
    vinit.dll
    2011-01-08 03:27 . 2010-09-23 19:27 2200680 —-a-w- c:\windows\system32
    vapi64.dll
    2011-01-08 03:27 . 2010-09-23 19:27 1965672 —-a-w- c:\windows\SysWow64
    vapi.dll
    2011-01-07 19:50 . 2011-01-07 19:50 795752 —-a-w- c:\windows\system32\easyUpdatusAPIU64.dll
    2011-01-07 19:50 . 2011-01-07 19:50 6143080 —-a-w- c:\windows\system32
    vcpl.dll
    2011-01-07 19:49 . 2011-01-07 19:49 3156072 —-a-w- c:\windows\system32
    vsvc64.dll
    2011-01-07 19:49 . 2011-01-07 19:49 474772 —-a-w- c:\windows\system32
    vcoproc.bin
    2011-01-07 19:49 . 2011-01-07 19:49 117864 —-a-w- c:\windows\system32
    vmctray.dll
    2011-01-07 19:49 . 2011-01-07 19:49 792680 —-a-w- c:\windows\system32
    v3dappshext.dll
    2011-01-07 19:49 . 2011-01-07 19:49 53864 —-a-w- c:\windows\system32
    v3dappshextr.dll
    2011-01-07 19:49 . 2011-01-07 19:49 313448 —-a-w- c:\windows\system32
    vhotkey.dll
    2011-01-07 19:49 . 2011-01-07 19:49 2558568 —-a-w- c:\windows\system32
    vsvcr.dll
    2011-01-07 19:49 . 2011-01-07 19:49 1005160 —-a-w- c:\windows\system32
    vvsvc.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-02-22 396152]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe" [2010-04-27 113288]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
    "MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-06-18 2486272]
    "THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-06-12 1349632]
    "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
    "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
    .
    c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Update.lnk - c:\windows\System32\rundll32.exe [2009-7-14 45568]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\SysWOW64
    vinit.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys [x]
    R3 BTMHID;BTMHID;c:\windows\system32\DRIVERS\btmhid.sys [x]
    R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
    R3 diskperf64;Realtek Turbo Disk Filter Driver;c:\windows\system32\DRIVERS\diskperf64.sys [x]
    R3 MGHwCtrl;MGHwCtrl;c:\program files\msi\msi Software Install\MGHwCtrl.sys [x]
    R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS
    vpciflt.sys [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
    S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-04-22 677128]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-03-09 1405384]
    S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision
    vSCPAPISvr.exe [2011-01-07 378984]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-04-14 2533400]
    S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-04-15 4170504]
    S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-04-15 1096456]
    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
    S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-23 1028096]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-03-09 17152]
    S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]
    S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS
    usb3hub.sys [x]
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS
    usb3xhc.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    .
    .
    — Other Services/Drivers In Memory —
    .
    *NewlyCreated* - LAVASOFT_KERNEXPLORER
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-03-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-03-09 07:47]
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-02-23 15:04 134384 —-a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 11464296]
    "BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-04-22 19645704]
    "THXCfg64"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
    "ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe" [BU]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=c:\windows\System32
    vinitx.dll
    .
    ——- Supplementary Scan ——-
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = nu.nl
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    FF - ProfilePath - c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\bn4xikrh.default\
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    FF - Ext: z: {391519d9-1310-2b1a-f98e-346a8f240119} - c:\program files (x86)\Mozilla Firefox\extensions\{391519d9-1310-2b1a-f98e-346a8f240119}
    FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    .
    .
    .
    ——————— LOCKED REGISTRY KEYS ———————
    .
    [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    .
    [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\SecuROM\License information*]
    "datasecu"=hex:ec,f5,d8,d3,9e,c5,f8,86,38,7f,86,a0,66,dd,af,50,e0,67,f4,19,4b,
    0e,17,48,b9,60,66,ab,93,d8,f5,ab,a7,12,cd,ae,d7,9a,31,89,0e,89,35,89,d7,9d,\
    "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2011-03-12 17:15:44
    ComboFix-quarantined-files.txt 2011-03-12 16:15
    ComboFix2.txt 2011-03-12 16:05
    .
    Pre-Run: 322,928,390,144 bytes free
    Post-Run: 322,871,664,640 bytes free
    .
    - - End Of File - - 1CB74B214D63C6CE0E25F904F0A7B011
  • Hoi Max, de volgende opdracht:

    open een nieuw kladblok bestand, via Start>Alle programma’s>Bureau-accessoires>Kladblok.


    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:41d903d415]File::
    c:\windows\syswow64\wchizyxfpceengfe.exe

    Folder::
    c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}
    c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}
    [/b:41d903d415]


    Sla dit kladblokbestand op je bureaublad op als [b:41d903d415]CFScript.txt[/b:41d903d415].

    [b:41d903d415]Nu eerst de antivirus deaktiveren![/b:41d903d415]


    Sleep CFScript.txt in ComboFix.exe


    [img:41d903d415]http://home.kpn.nl/~stefsmeenk/CFScript.gif[/img:41d903d415]

    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.


    Post het Combofix log dat na het opnieuw starten wordt getoond!
  • Gedaan.

    Ook heb ik ondervonden dat hij nu mijn videokaart niet meer herkent, kan dit er ook mee te maken hebben of is dit een ander probleem? Heb een laptop met optimus-technologie, waarbij hij switched van de onboard intel accelerator naar de nvidia gt 425m, maar dit doet het niet meer…nja mss een ander probleem, eerst maar is van die vervelende ads af!

    Dit is de log:

    ComboFix 11-03-11.02 - Max 03/12/2011 19:55:34.3.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3886.2180 [GMT 1:00]
    Running from: c:\users\Max\Desktop\ComboFix.exe
    Command switches used :: c:\users\Max\Desktop\CFScript.txt
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\windows\syswow64\wchizyxfpceengfe.exe"
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}
    c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.dat
    c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.exe
    c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.lan
    c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.msi
    c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.par
    c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\Ad-Aware90Install.res
    c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\instance.dat
    c:\programdata\{78a29a4d-35ce-4c46-9ac9-2692ee35f0be}\mia.lib
    c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}
    c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\DIFxAPI.dll
    c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\DifXInstall64.exe
    c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\DIFxInstallLog.txt
    c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\GEARAspiWDM.inf
    c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\gearaspiwdmx64.cat
    c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\x64\GEARAspi.dll
    c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\x64\GEARAspi64.dll
    c:\programdata\{93e26451-cd9a-43a5-a2fa-c42392ea4001}\x64\x64\GEARAspiWDM.sys
    c:\windows\syswow64\wchizyxfpceengfe.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-02-12 to 2011-03-12 )))))))))))))))))))))))))))))))
    .
    .
    2011-03-12 18:59 . 2011-03-12 18:59 ——– d—–w- c:\users\UpdatusUser\AppData\Local\temp
    2011-03-12 18:59 . 2011-03-12 18:59 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-03-12 17:34 . 2011-03-12 17:34 ——– d—–w- c:\program files (x86)\SystemRequirementsLab
    2011-03-12 15:25 . 2011-03-12 17:04 ——– d—–w- c:\program files (x86)\Common Files\Blizzard Entertainment
    2011-03-12 14:08 . 2011-03-12 14:08 ——– d—–w- c:\programdata\KONAMI
    2011-03-11 22:23 . 2011-03-11 22:23 ——– d—–w- c:\programdata\Electronic Arts
    2011-03-11 22:23 . 2011-03-11 22:23 ——– d—–w- c:\programdata\EA Core
    2011-03-11 20:58 . 2009-09-04 16:44 73544 —-a-w- c:\windows\system32\XAPOFX1_3.dll
    2011-03-11 20:54 . 2011-03-11 20:54 ——– d—–w- c:\programdata\Solidshield
    2011-03-11 20:08 . 2011-03-11 20:08 ——– d—–w- C:\NVIDIA
    2011-03-11 17:52 . 2011-02-23 14:57 280408 —-a-w- c:\windows\system32\drivers\aswSP.sys
    2011-03-11 17:52 . 2011-02-23 14:54 22360 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-03-11 17:52 . 2011-02-23 14:55 53592 —-a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-03-11 17:52 . 2011-02-23 14:55 31064 —-a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-03-11 17:52 . 2011-02-23 14:57 505176 —-a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-03-11 17:52 . 2011-02-23 15:04 238968 —-a-w- c:\windows\system32\aswBoot.exe
    2011-03-11 17:52 . 2011-02-23 14:55 64344 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-03-11 17:51 . 2011-02-23 15:04 40648 —-a-w- c:\windows\avastSS.scr
    2011-03-11 17:51 . 2011-02-23 15:04 190016 —-a-w- c:\windows\SysWow64\aswBoot.exe
    2011-03-11 17:51 . 2011-03-11 17:51 ——– d—–w- c:\programdata\AVAST Software
    2011-03-11 17:51 . 2011-03-11 17:51 ——– d—–w- c:\program files\AVAST Software
    2011-03-11 15:38 . 2007-10-22 02:37 17928 —-a-w- c:\windows\SysWow64\X3DAudio1_2.dll
    2011-03-10 19:00 . 2011-03-10 19:00 ——– d—–w- c:\program files (x86)\Trend Micro
    2011-03-10 18:29 . 2011-03-10 18:29 ——– d—–w- c:\programdata\Malwarebytes
    2011-03-10 18:29 . 2010-12-20 17:09 38224 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-03-10 18:29 . 2011-03-10 18:29 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-03-10 18:29 . 2010-12-20 17:08 24152 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-03-10 18:12 . 2011-03-10 18:29 ——– d—–w- c:\programdata\Spybot - Search & Destroy
    2011-03-10 18:12 . 2011-03-10 18:12 ——– d—–w- c:\program files (x86)\Spybot - Search & Destroy
    2011-03-10 17:37 . 2011-03-10 17:37 ——– d—–w- c:\programdata\SUPERAntiSpyware.com
    2011-03-10 17:37 . 2011-03-10 17:37 ——– d—–w- c:\programdata\!SASCORE
    2011-03-10 17:37 . 2011-03-10 17:37 ——– d—–w- c:\program files\SUPERAntiSpyware
    2011-03-10 17:33 . 2011-03-10 17:33 ——– d—–w- c:\program files\CCleaner
    2011-03-10 12:48 . 2011-03-10 12:48 ——– d—–w- c:\windows\en
    2011-03-10 12:47 . 2011-03-10 12:47 ——– d—–w- c:\program files\Windows Live
    2011-03-10 12:47 . 2011-03-10 12:47 ——– d—–w- c:\program files (x86)\MSN Toolbar
    2011-03-10 12:46 . 2011-03-10 12:47 ——– d—–w- c:\program files (x86)\Bing Bar Installer
    2011-03-10 12:46 . 2009-09-04 16:44 69464 —-a-w- c:\windows\SysWow64\XAPOFX1_3.dll
    2011-03-10 12:46 . 2009-09-04 16:44 515416 —-a-w- c:\windows\SysWow64\XAudio2_5.dll
    2011-03-10 12:46 . 2009-09-04 16:29 453456 —-a-w- c:\windows\SysWow64\d3dx10_42.dll
    2011-03-10 12:46 . 2009-09-04 16:29 523088 —-a-w- c:\windows\system32\d3dx10_42.dll
    2011-03-10 11:31 . 2011-03-09 07:47 16432 —-a-w- c:\windows\system32\lsdelete.exe
    2011-03-10 00:07 . 2011-03-09 07:47 69376 —-a-w- c:\windows\system32\drivers\Lbd.sys
    2011-03-10 00:07 . 2011-03-10 00:07 49752 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    2011-03-10 00:05 . 2011-03-10 00:06 ——– d—–w- c:\programdata\Lavasoft
    2011-03-10 00:05 . 2011-03-10 00:05 ——– d—–w- c:\program files (x86)\Lavasoft
    2011-03-10 00:03 . 2011-03-10 00:05 ——– d—–w- c:\program files\iTunes
    2011-03-10 00:03 . 2011-03-10 00:05 ——– d—–w- c:\program files (x86)\iTunes
    2011-03-10 00:03 . 2011-03-10 00:03 ——– d—–w- c:\program files\iPod
    2011-03-08 05:57 . 2011-03-08 05:58 125927 —-a-w- c:\windows\SysWow64\f8d264bc.exe
    2011-03-04 15:05 . 2011-02-11 07:30 7947600 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8078CBCE-9FB4-4472-A231-BD9D478A0146}\mpengine.dll
    2011-03-01 12:18 . 2011-03-07 19:28 ——– d—–w- c:\programdata\VirtualizedApplications
    2011-02-28 16:22 . 2011-02-28 16:22 ——– d—–w- c:\program files (x86)\Opera
    2011-02-27 17:05 . 2011-03-12 18:34 4277016 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
    2011-02-27 17:05 . 2011-03-12 18:34 42776 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
    2011-02-27 16:01 . 2011-02-27 16:01 737072 —-a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
    2011-02-27 16:01 . 2011-03-12 12:37 4277016 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2011-02-27 16:01 . 2011-03-12 12:37 42776 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2011-02-27 16:01 . 2011-02-27 16:01 539968 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-02-27 13:06 . 2011-02-27 13:06 ——– d—–w- c:\program files (x86)\SopCast
    2011-02-26 21:51 . 2011-02-26 21:51 ——– d—–w- c:\programdata\Hewlett-Packard
    2011-02-26 21:51 . 2009-07-14 01:41 230400 —-a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
    2011-02-26 15:38 . 2011-02-26 15:38 ——– d—–w- c:\program files (x86)\Common Files\Java
    2011-02-26 15:37 . 2011-02-26 15:37 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2011-02-26 15:37 . 2011-02-26 15:37 ——– d—–w- c:\program files (x86)\Java
    2011-02-26 15:37 . 2011-02-26 15:37 ——– d—–w- c:\programdata\McAfee
    2011-02-26 15:24 . 2011-02-26 15:24 ——– d—–w- c:\program files (x86)\Microsoft SQL Server Compact Edition
    2011-02-26 13:21 . 2011-02-26 13:21 ——– d—–w- c:\program files (x86)\PowerISO
    2011-02-26 13:21 . 2010-04-12 08:55 91568 —-a-w- c:\windows\system32\drivers\scdemu.sys
    2011-02-24 06:14 . 2010-09-14 06:45 367104 —-a-w- c:\windows\system32\wcncsvc.dll
    2011-02-24 06:14 . 2010-09-14 06:07 276992 —-a-w- c:\windows\SysWow64\wcncsvc.dll
    2011-02-23 18:42 . 2011-01-07 07:31 442880 —-a-w- c:\windows\SysWow64\XpsPrint.dll
    2011-02-23 18:42 . 2011-01-07 08:07 662528 —-a-w- c:\windows\system32\XpsPrint.dll
    2011-02-23 18:42 . 2011-01-07 08:07 475648 —-a-w- c:\windows\system32\XpsGdiConverter.dll
    2011-02-23 18:42 . 2011-01-07 07:31 288256 —-a-w- c:\windows\SysWow64\XpsGdiConverter.dll
    2011-02-22 21:31 . 2011-02-22 21:31 ——– d—–w- c:\program files (x86)\VideoLAN
    2011-02-22 18:33 . 2009-05-18 12:17 34152 —-a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2011-02-22 18:33 . 2008-04-17 11:12 126312 —-a-w- c:\windows\system32\GEARAspi64.dll
    2011-02-22 18:33 . 2008-04-17 11:12 107368 —-a-w- c:\windows\SysWow64\GEARAspi.dll
    2011-02-22 18:33 . 2011-03-10 00:07 ——– dc—-w- c:\windows\system32\DRVSTORE
    2011-02-22 18:33 . 2011-02-22 18:33 ——– d—–w- c:\program files (x86)\Guitar Pro 5
    2011-02-22 18:32 . 2011-02-22 18:32 ——– d—–w- c:\program files (x86)\Apple Software Update
    2011-02-22 18:32 . 2011-02-22 18:32 ——– d—–w- c:\program files\Common Files\Apple
    2011-02-22 18:32 . 2011-02-22 18:32 ——– d—–w- c:\program files\Bonjour
    2011-02-22 18:32 . 2011-02-22 18:32 ——– d—–w- c:\program files (x86)\Bonjour
    2011-02-22 18:28 . 2011-02-22 18:28 ——– d—–w- c:\program files (x86)\uTorrent
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin7.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin6.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin5.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin4.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin3.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin2.dll
    2011-02-22 16:14 . 2011-02-22 16:14 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin.dll
    2011-02-22 16:14 . 2011-03-10 00:03 ——– d—–w- c:\programdata\Apple Computer
    2011-02-22 16:14 . 2011-02-22 16:14 ——– d—–w- c:\program files (x86)\QuickTime
    2011-02-22 16:13 . 2011-03-10 00:03 ——– d—–w- c:\program files (x86)\Common Files\Apple
    2011-02-22 16:13 . 2011-02-22 16:13 ——– d—–w- c:\programdata\Apple
    2011-02-21 20:42 . 2011-02-21 20:42 ——– d—–w- c:\program files (x86)\Common Files\Skype
    2011-02-21 20:42 . 2011-02-21 20:42 ——– d—–r- c:\program files (x86)\Skype
    2011-02-21 20:41 . 2011-02-21 20:42 ——– d—–w- c:\programdata\Skype
    2011-02-16 19:29 . 2011-02-16 19:29 ——– d—–w- c:\windows\SysWow64\Wat
    2011-02-16 19:29 . 2011-02-16 19:29 ——– d—–w- c:\windows\system32\Wat
    2011-02-16 12:23 . 2009-11-25 11:47 99176 —-a-w- c:\windows\SysWow64\PresentationHostProxy.dll
    2011-02-16 12:23 . 2009-11-25 11:47 49472 —-a-w- c:\windows\SysWow64
    etfxperf.dll
    2011-02-16 12:23 . 2009-11-25 11:47 48960 —-a-w- c:\windows\system32
    etfxperf.dll
    2011-02-16 12:23 . 2009-11-25 11:47 297808 —-a-w- c:\windows\SysWow64\mscoree.dll
    2011-02-16 12:23 . 2009-11-25 11:47 295264 —-a-w- c:\windows\SysWow64\PresentationHost.exe
    2011-02-16 12:23 . 2009-11-25 11:47 1130824 —-a-w- c:\windows\SysWow64\dfshim.dll
    2011-02-16 12:23 . 2009-11-25 11:47 109912 —-a-w- c:\windows\system32\PresentationHostProxy.dll
    2011-02-16 12:23 . 2009-11-25 11:47 444752 —-a-w- c:\windows\system32\mscoree.dll
    2011-02-16 12:23 . 2009-11-25 11:47 320352 —-a-w- c:\windows\system32\PresentationHost.exe
    2011-02-16 12:23 . 2009-11-25 11:47 1942856 —-a-w- c:\windows\system32\dfshim.dll
    2011-02-16 12:23 . 2010-02-23 08:16 294912 —-a-w- c:\windows\system32\browserchoice.exe
    2011-02-16 12:21 . 2010-03-04 04:40 184832 —-a-w- c:\windows\system32\drivers\usbvideo.sys
    2011-02-16 12:21 . 2010-03-04 04:32 243712 —-a-w- c:\windows\system32\drivers\ks.sys
    2011-02-16 09:34 . 2010-10-19 08:47 7680 —-a-w- c:\program files\Internet Explorer\iecompat.dll
    2011-02-15 17:38 . 2011-02-02 16:11 270720 ——w- c:\windows\system32\MpSigStub.exe
    2011-02-15 17:08 . 2011-02-15 17:08 ——– d—–w- c:\program files (x86)\Common Files\Adobe AIR
    2011-02-15 17:08 . 2011-02-15 17:08 ——– d—–w- c:\program files (x86)\Common Files\Adobe
    2011-02-15 17:07 . 2011-03-10 00:08 ——– d—–w- c:\program files (x86)\Microsoft Silverlight
    2011-02-15 17:06 . 2006-11-29 12:06 4398360 —-a-w- c:\windows\system32\d3dx9_32.dll
    2011-02-15 17:06 . 2006-11-29 12:06 3426072 —-a-w- c:\windows\SysWow64\d3dx9_32.dll
    2011-02-15 17:05 . 2011-02-15 17:05 ——– d—–w- c:\program files (x86)\Microsoft
    2011-02-15 17:04 . 2011-03-10 12:48 ——– d—–w- c:\program files (x86)\Windows Live
    2011-02-15 17:03 . 2011-02-15 17:03 ——– d—–w- c:\program files (x86)\Common Files\Windows Live
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-03-10 16:59 . 2010-06-24 10:33 18328 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-01-08 03:27 . 2010-09-23 19:27 643688 —-a-w- c:\windows\SysWow64
    vumdshim.dll
    2011-01-08 03:27 . 2010-09-23 19:27 226920 —-a-w- c:\windows\system32
    vinitx.dll
    2011-01-08 03:27 . 2010-09-23 19:27 192616 —-a-w- c:\windows\SysWow64
    vinit.dll
    2011-01-08 03:27 . 2010-09-23 19:27 2200680 —-a-w- c:\windows\system32
    vapi64.dll
    2011-01-08 03:27 . 2010-09-23 19:27 1965672 —-a-w- c:\windows\SysWow64
    vapi.dll
    2011-01-07 19:50 . 2011-01-07 19:50 795752 —-a-w- c:\windows\system32\easyUpdatusAPIU64.dll
    2011-01-07 19:50 . 2011-01-07 19:50 6143080 —-a-w- c:\windows\system32
    vcpl.dll
    2011-01-07 19:49 . 2011-01-07 19:49 3156072 —-a-w- c:\windows\system32
    vsvc64.dll
    2011-01-07 19:49 . 2011-01-07 19:49 474772 —-a-w- c:\windows\system32
    vcoproc.bin
    2011-01-07 19:49 . 2011-01-07 19:49 117864 —-a-w- c:\windows\system32
    vmctray.dll
    2011-01-07 19:49 . 2011-01-07 19:49 792680 —-a-w- c:\windows\system32
    v3dappshext.dll
    2011-01-07 19:49 . 2011-01-07 19:49 53864 —-a-w- c:\windows\system32
    v3dappshextr.dll
    2011-01-07 19:49 . 2011-01-07 19:49 313448 —-a-w- c:\windows\system32
    vhotkey.dll
    2011-01-07 19:49 . 2011-01-07 19:49 2558568 —-a-w- c:\windows\system32
    vsvcr.dll
    2011-01-07 19:49 . 2011-01-07 19:49 1005160 —-a-w- c:\windows\system32
    vvsvc.exe
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-03-12_16.03.50 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2009-07-14 04:54 . 2011-03-12 15:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-07-14 04:54 . 2011-03-12 18:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-07-14 04:54 . 2011-03-12 15:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-07-14 04:54 . 2011-03-12 18:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2011-03-12 15:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2011-03-12 18:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2010-08-18 19:28 . 2011-03-12 18:28 37178 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:10 . 2011-03-12 18:28 38282 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:30 . 2011-03-12 18:22 86016 c:\windows\system32\DriverStore\infpub.dat
    - 2009-07-14 05:30 . 2011-03-11 20:10 86016 c:\windows\system32\DriverStore\infpub.dat
    + 2011-03-12 18:21 . 2011-01-08 03:27 67176 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\OpenCL64.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 67176 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\OpenCL64.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 57960 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\OpenCL.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 57960 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\OpenCL.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 25576 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vpciflt.sys
    + 2011-03-12 18:21 . 2011-01-08 03:27 25576 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vpciflt.sys
    - 2011-02-15 17:14 . 2011-03-12 15:47 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2011-02-15 17:14 . 2011-03-12 18:28 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2011-02-27 16:00 . 2011-03-12 18:33 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
    - 2011-02-27 16:00 . 2011-03-12 12:37 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
    + 2011-02-27 16:00 . 2011-03-12 18:33 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
    - 2011-02-27 16:00 . 2011-03-12 12:37 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
    - 2011-02-27 16:00 . 2011-03-12 12:37 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
    + 2011-02-27 16:00 . 2011-03-12 18:33 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
    + 2011-02-15 17:14 . 2011-03-12 18:33 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2011-02-15 17:14 . 2011-03-12 15:47 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2011-02-15 17:14 . 2011-03-12 18:28 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2011-02-15 17:14 . 2011-03-12 15:47 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2011-02-15 17:14 . 2011-03-12 18:28 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2011-02-15 17:14 . 2011-03-12 16:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2011-02-15 17:14 . 2011-03-12 18:28 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2011-02-15 17:14 . 2011-03-12 16:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2011-03-12 18:22 . 2011-03-12 18:22 10134 c:\windows\Installer\{DA97BDF9-BC72-46FD-8E76-427F2BB951EE}\ARPPRODUCTICON.exe
    - 2011-03-11 20:10 . 2011-03-11 20:10 10134 c:\windows\Installer\{DA97BDF9-BC72-46FD-8E76-427F2BB951EE}\ARPPRODUCTICON.exe
    + 2011-02-15 16:57 . 2011-03-12 18:28 6986 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2002805053-4252134244-3045484419-1001_UserData.bin
    - 2011-03-11 20:09 . 2011-01-08 03:27 4096 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdetx.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 4096 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdetx.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 4096 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdet.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 4096 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdet.dll
    + 2011-03-12 18:24 . 2011-03-12 18:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2011-03-12 15:44 . 2011-03-12 15:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-03-12 18:24 . 2011-03-12 18:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2011-03-12 15:44 . 2011-03-12 15:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2011-02-16 19:31 . 2011-03-12 15:44 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2011-02-16 19:31 . 2011-03-12 18:24 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2009-07-14 05:30 . 2011-03-12 18:22 143360 c:\windows\system32\DriverStore\infstrng.dat
    - 2009-07-14 05:30 . 2011-03-11 20:10 143360 c:\windows\system32\DriverStore\infstrng.dat
    + 2009-07-14 05:30 . 2011-03-12 18:21 143360 c:\windows\system32\DriverStore\infstor.dat
    - 2009-07-14 05:30 . 2011-03-11 20:09 143360 c:\windows\system32\DriverStore\infstor.dat
    - 2011-03-11 20:09 . 2011-01-08 03:27 762984 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vumdshimx.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 762984 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vumdshimx.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 643688 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vumdshim.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 643688 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vumdshim.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 380520 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    voptimusmft32.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 380520 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    voptimusmft32.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 446056 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    voptimusmft.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 446056 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    voptimusmft.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 226920 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vinitx.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 226920 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vinitx.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 192616 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vinit.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 192616 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vinit.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 197224 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vidia-smi.exe
    + 2011-03-12 18:21 . 2011-01-08 03:27 197224 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vidia-smi.exe
    + 2011-03-12 18:21 . 2011-01-08 03:27 249856 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdxgiwrapx.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 249856 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdxgiwrapx.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 225896 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdxgiwrap.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 225896 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdxgiwrap.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 281380 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdrsdb.bin
    + 2011-03-12 18:21 . 2011-01-08 03:27 281380 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdrsdb.bin
    + 2011-03-12 18:21 . 2011-01-08 03:27 320104 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdecodemft32.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 320104 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdecodemft32.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 392296 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdecodemft.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 392296 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdecodemft.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 253952 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\Nvd3d9wrapx.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 253952 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\Nvd3d9wrapx.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 229992 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\Nvd3d9wrap.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 229992 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\Nvd3d9wrap.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 191080 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\dbInstaller.exe
    - 2011-03-11 20:09 . 2011-01-08 03:27 191080 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\dbInstaller.exe
    + 2009-07-14 05:01 . 2011-03-12 18:24 226476 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    - 2009-07-14 05:01 . 2011-03-12 15:43 226476 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    - 2011-03-11 00:11 . 2011-03-12 15:43 338632 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2002805053-4252134244-3045484419-1001-8192.dat
    + 2011-03-11 00:11 . 2011-03-12 18:24 338632 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2002805053-4252134244-3045484419-1001-8192.dat
    + 2009-04-03 09:26 . 2009-04-03 09:26 354608 c:\windows\Downloaded Program Files\sysreqlab_nvd.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 7729256 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vwgf2umx.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 7729256 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vwgf2umx.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 5653096 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vwgf2um.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 5653096 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vwgf2um.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 1359976 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vgenco64.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 1359976 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vgenco64.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 1614440 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdispco64.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 1614440 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vdispco64.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 2895976 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuvid32.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 2895976 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuvid32.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 3112040 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuvid.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 3112040 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuvid.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 2479720 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuvenc64.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 2479720 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuvenc64.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 2251368 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuvenc.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 2251368 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuvenc.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 4941928 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuda32.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 4941928 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuda32.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 6604904 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuda.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 6604904 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcuda.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 2200680 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vapi64.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 2200680 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vapi64.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 1965672 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vapi.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 1965672 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vapi.dll
    + 2010-09-23 20:10 . 2011-03-12 18:24 1185968 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
    + 2009-07-14 02:34 . 2011-03-12 17:20 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
    - 2009-07-14 02:34 . 2011-03-12 15:58 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
    + 2011-03-12 18:21 . 2011-01-08 03:27 20471912 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    voglv64.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 20471912 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    voglv64.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 15047272 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    voglv32.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 15047272 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    voglv32.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 12961640 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vlddmkm.sys
    - 2011-03-11 20:09 . 2011-01-08 03:27 12961640 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vlddmkm.sys
    - 2011-03-11 20:09 . 2011-01-08 03:27 12859496 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vd3dumx.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 12859496 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vd3dumx.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 10078312 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vd3dum.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 10078312 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vd3dum.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 56396024 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\NvCplSetupInt.exe
    + 2011-03-12 18:21 . 2011-01-08 03:27 56396024 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57\NvCplSetupInt.exe
    + 2011-03-12 18:21 . 2011-01-08 03:27 13011560 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcompiler32.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 13011560 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcompiler32.dll
    + 2011-03-12 18:21 . 2011-01-08 03:27 18580072 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcompiler.dll
    - 2011-03-11 20:09 . 2011-01-08 03:27 18580072 c:\windows\system32\DriverStore\FileRepository
    vmi.inf_amd64_neutral_774273dadcf33a57
    vcompiler.dll
    .
    – Snapshot reset to current date –
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-02-22 396152]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe" [2010-04-27 113288]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
    "MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-06-18 2486272]
    "THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-06-12 1349632]
    "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
    "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
    .
    c:\users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Update.lnk - c:\windows\System32\rundll32.exe [2009-7-14 45568]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\SysWOW64
    vinit.dll c:\windows\SysWOW64
    vinit.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys [x]
    R3 BTMHID;BTMHID;c:\windows\system32\DRIVERS\btmhid.sys [x]
    R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
    R3 diskperf64;Realtek Turbo Disk Filter Driver;c:\windows\system32\DRIVERS\diskperf64.sys [x]
    R3 MGHwCtrl;MGHwCtrl;c:\program files\msi\msi Software Install\MGHwCtrl.sys [x]
    R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS
    vpciflt.sys [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
    S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-04-22 677128]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-03-09 1405384]
    S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision
    vSCPAPISvr.exe [2011-01-07 378984]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-04-14 2533400]
    S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-04-15 4170504]
    S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-04-15 1096456]
    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
    S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-23 1028096]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-03-09 17152]
    S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]
    S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS
    usb3hub.sys [x]
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS
    usb3xhc.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-03-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-03-09 07:47]
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-02-23 15:04 134384 —-a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 11464296]
    "BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-04-22 19645704]
    "THXCfg64"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
    "ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe" [BU]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x1
    "AppInit_DLLs"=c:\windows\System32
    vinitx.dll c:\windows\System32
    vinitx.dll
    .
    ——- Supplementary Scan ——-
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = nu.nl
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    FF - ProfilePath - c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\bn4xikrh.default\
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    FF - Ext: z: {391519d9-1310-2b1a-f98e-346a8f240119} - c:\program files (x86)\Mozilla Firefox\extensions\{391519d9-1310-2b1a-f98e-346a8f240119}
    FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    AddRemove-Ad-Aware - c:\programdata\{78A29A4D-35CE-4C46-9AC9-2692EE35F0BE}\Ad-Aware90Install.exe
    AddRemove-{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} - c:\programdata\{78A29A4D-35CE-4C46-9AC9-2692EE35F0BE}\Ad-Aware90Install.exe
    .
    .
    .
    ——————— LOCKED REGISTRY KEYS ———————
    .
    [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    .
    [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_USERS\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\SecuROM\License information*]
    "datasecu"=hex:ec,f5,d8,d3,9e,c5,f8,86,38,7f,86,a0,66,dd,af,50,e0,67,f4,19,4b,
    0e,17,48,b9,60,66,ab,93,d8,f5,ab,a7,12,cd,ae,d7,9a,31,89,0e,89,35,89,d7,9d,\
    "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2011-03-12 20:00:54
    ComboFix-quarantined-files.txt 2011-03-12 19:00
    ComboFix2.txt 2011-03-12 16:15
    ComboFix3.txt 2011-03-12 16:05
    .
    Pre-Run: 322,437,750,784 bytes free
    Post-Run: 322,151,391,232 bytes free
    .
    - - End Of File - - 54777E75C831B20F2731C47F5BF119A9
  • Hoi Max, in C vindt je een map NVidia.

    Open die map en kijk of je de setup.exe vindt.
    Zoja, hier op dubbelklikken!

    Dan wordt de vidodriver opnieuw geïnstalleerd!

    Vreemd overigens - dat deze nu is uitgeschakeld!
  • Gedaan, ook opnieuw gedownload en nogsteeds niks. Raar. En de youprofitclub teistert mijn IE en firefox nogsteeds.

    Misschien moet ik mijn hele systeem maar formatteren, of denk je dat er toch een oplossing voor is?
  • Het vervelende is, dat ik niks kan vinden waardoor je die meldingen krijgt!


    Maar je mag daarom het volgende doen, kijken of dat meer oplevert!


    [b:bbff7071ca]Welk programma[/b:bbff7071ca]: RSIT
    [b:bbff7071ca]Waarvoor/waarom[/b:bbff7071ca]: geeft een zeer uitgebreid overzicht van Windows
    [b:bbff7071ca]Moeilijkheidsgraad[/b:bbff7071ca]: geen
    [b:bbff7071ca]Downloadlokatie[/b:bbff7071ca]: Dit programma absoluut naar het bureaublad downloaden!
    [b:bbff7071ca]Download RSIT[/b:bbff7071ca] [b:bbff7071ca]hier[/b:bbff7071ca]
    [b:bbff7071ca]Het gebruik van RSIT,[/b:bbff7071ca]
    [list:bbff7071ca][*:bbff7071ca]Windows 2000 en Windows XP: start RSIT middels dubbelklik op de snelkoppeling.
    [*:bbff7071ca]Windows Vista en Windows 7: start RSIT middels rechtsklik op de snelkoppeling en kies dan voor "Uitvoeren als administrator".[/list:u:bbff7071ca]
    [b:bbff7071ca]Nadat de scan beëindigd is, zullen twee logs openen.[/b:bbff7071ca]
    [list:bbff7071ca][*:bbff7071ca] Post vervolgens de inhoud van 'log.txt' ('log.txt' zal gemaximaliseerd zijn)
    [*:bbff7071ca] Post ook 'info.txt' ('info.txt', dit log zal eerst geminimaliseerd zijn in de Taakbalk)
    [*:bbff7071ca] Indien je [b:bbff7071ca]info.txt[/b:bbff7071ca] niet vindt, kijk dan in C:\ er naar.[/list:u:bbff7071ca]
    [b:bbff7071ca]Voor gebruikers van Windows Vista 64-bit- of Windows 7 64-bit geldt nog het volgende:[/b:bbff7071ca]
    [list:bbff7071ca][*:bbff7071ca]RSIT dient dan namelijk in 'compatibiliteitsmodus' uitgevoerd te worden.
    [*:bbff7071ca] Middels rechtsklik op 'RSIT.exe' kies je voor 'Eigenschappen',
    [*:bbff7071ca] klik nu op de tab 'Compatibiliteit'.
    [*:bbff7071ca] Vink 'Dit programma uitvoeren in compatibiliteitsmodus' aan en kies vervolgens voor 'Windows XP Service Pack 3'[/list:u:bbff7071ca]
    RSIT produceert een behoorlijk groot log, dus kan het gebeuren, dat je het log moet splitsen en in twee of meerdere keren moet posten.
  • Oke bedankt, komtie!

    Logfile of random's system information tool 1.08 (written by random
    andom)
    Run by Max at 2011-03-12 21:42:15
    Microsoft Windows 7 Home Premium Service Pack 3
    System drive C: has 307 GB (86%) free of 356 GB
    Total RAM: 3886 MB (54% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 21:42:29, on 3/12/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16722)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
    C:\windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
    C:\Program Files (x86)\Opera\opera.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Users\Max\Desktop\RSIT.exe
    C:\Program Files (x86)\trend micro\Max.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe"
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
    O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe"

    O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-2002805053-4252134244-3045484419-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O4 - Startup: Update.lnk = C:\Windows\System32\rundll32.exe
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\Windows\SysWOW64
    vinit.dll C:\Windows\SysWOW64
    vinit.dll,C:\windows\SysWOW64
    vinit.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
    O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
    O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32
    vvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision
    vSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 12035 bytes

    ======Scheduled tasks folder======

    C:\windows\tasks\Ad-Aware Update (Weekly).job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
    avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-02-11 1246600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
    Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll [2010-09-22 612616]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-26 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0
    pwinext.dll [2010-09-22 612616]
    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application
    usb3mon.exe [2010-04-27 113288]
    "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
    "MGSysCtrl"=C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2010-06-18 2486272]
    "THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2010-06-12 1349632]
    "UpdReg"=C:\windows\UpdReg.EXE [2000-05-11 90112]
    "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
    "PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
    "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-03-07 421160]
    "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2011-02-22 396152]
    "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-09-23 4240760]

    C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    Update.lnk - C:\Windows\System32\rundll32.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"="C:\Windows\SysWOW64
    vinit.dll C:\Windows\SysWOW64
    vinit.dll,C:\windows\SysWOW64
    vinit.dll"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=credssp.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\!SASCORE]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\AppInfo]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\BFE]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\bowser]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\dfsc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\Dot3Svc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\Eaphost]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\EFS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\IKEEXT]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\KeyIso]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\MPSDrv]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\MPSSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\mrxsmb]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\mrxsmb10]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\mrxsmb20]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\NativeWifiP]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork
    discap]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork
    etprofm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\NlaSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\Nsi]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork
    siproxy.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\NTDS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\PolicyAgent]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\Power]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\ProfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\rdbss]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\rdpencdd.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\RpcEptMapper]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\SCardSvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\SWPRV]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\TabletInputService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\TBS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\TrustedInstaller]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\VaultSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\VDS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\vmms]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\volmgr.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\volmgrx.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\Wlansvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=5
    "ConsentPromptBehaviorUser"=3
    "EnableUIADesktopToggle"=0
    "PromptOnSecureDesktop"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1

    ======List of files/folders created in the last 1 months======

    2011-03-12 21:42:15 —-D—- C:\rsit
    2011-03-12 20:56:57 —-SHD—- C:\Config.Msi
    2011-03-12 20:24:19 —-SHD—- C:\$RECYCLE.BIN
    2011-03-12 20:00:56 —-D—- C:\windows\temp
    2011-03-12 20:00:55 —-A—- C:\ComboFix.txt
    2011-03-12 19:53:18 —-A—- C:\windows\SWXCACLS.exe
    2011-03-12 18:34:47 —-D—- C:\Program Files (x86)\SystemRequirementsLab
    2011-03-12 17:32:41 —-A—- C:\BnetLog.txt
    2011-03-12 16:58:45 —-A—- C:\windows\zip.exe
    2011-03-12 16:58:45 —-A—- C:\windows\SWSC.exe
    2011-03-12 16:58:45 —-A—- C:\windows\SWREG.exe
    2011-03-12 16:58:45 —-A—- C:\windows\sed.exe
    2011-03-12 16:58:45 —-A—- C:\windows\PEV.exe
    2011-03-12 16:58:45 —-A—- C:\windows\NIRCMD.exe
    2011-03-12 16:58:45 —-A—- C:\windows\MBR.exe
    2011-03-12 16:58:45 —-A—- C:\windows\grep.exe
    2011-03-12 16:58:40 —-D—- C:\windows\ERDNT
    2011-03-12 16:58:05 —-D—- C:\Qoobox
    2011-03-12 16:25:48 —-D—- C:\Program Files (x86)\Common Files\Blizzard Entertainment
    2011-03-12 15:08:58 —-D—- C:\ProgramData\KONAMI
    2011-03-11 23:23:40 —-D—- C:\ProgramData\Electronic Arts
    2011-03-11 23:23:40 —-D—- C:\ProgramData\EA Core
    2011-03-11 21:59:41 —-A—- C:\windows\SysWOW64\XAudio2_6.dll
    2011-03-11 21:59:41 —-A—- C:\windows\SysWOW64\XAPOFX1_4.dll
    2011-03-11 21:59:38 —-A—- C:\windows\SysWOW64\xactengine3_6.dll
    2011-03-11 21:59:37 —-A—- C:\windows\SysWOW64\X3DAudio1_7.dll
    2011-03-11 21:59:28 —-A—- C:\windows\SysWOW64\xactengine3_5.dll
    2011-03-11 21:59:26 —-A—- C:\windows\SysWOW64\D3DCompiler_42.dll
    2011-03-11 21:59:19 —-A—- C:\windows\SysWOW64\d3dcsx_42.dll
    2011-03-11 21:59:17 —-A—- C:\windows\SysWOW64\d3dx11_42.dll
    2011-03-11 21:59:10 —-A—- C:\windows\SysWOW64\D3DX9_42.dll
    2011-03-11 21:58:33 —-A—- C:\windows\SysWOW64\XAudio2_3.dll
    2011-03-11 21:58:33 —-A—- C:\windows\SysWOW64\XAPOFX1_2.dll
    2011-03-11 21:58:31 —-A—- C:\windows\SysWOW64\xactengine3_3.dll
    2011-03-11 21:58:28 —-A—- C:\windows\SysWOW64\X3DAudio1_5.dll
    2011-03-11 21:58:24 —-A—- C:\windows\SysWOW64\XAudio2_2.dll
    2011-03-11 21:58:24 —-A—- C:\windows\SysWOW64\XAPOFX1_1.dll
    2011-03-11 21:58:22 —-A—- C:\windows\SysWOW64\xactengine3_2.dll
    2011-03-11 21:54:26 —-D—- C:\ProgramData\Solidshield
    2011-03-11 21:09:43 —-A—- C:\windows\SysWOW64\OpenCL.dll
    2011-03-11 21:09:43 —-A—- C:\windows\SysWOW64
    vwgf2um.dll
    2011-03-11 21:09:43 —-A—- C:\windows\SysWOW64
    voptimusmft.dll
    2011-03-11 21:09:43 —-A—- C:\windows\SysWOW64
    voglv32.dll
    2011-03-11 21:09:43 —-A—- C:\windows\SysWOW64
    vdecodemft.dll
    2011-03-11 21:09:43 —-A—- C:\windows\SysWOW64
    vd3dum.dll
    2011-03-11 21:09:43 —-A—- C:\windows\SysWOW64
    vcuvid.dll
    2011-03-11 21:09:43 —-A—- C:\windows\SysWOW64
    vcuvenc.dll
    2011-03-11 21:09:43 —-A—- C:\windows\SysWOW64
    vcuda.dll
    2011-03-11 21:09:43 —-A—- C:\windows\SysWOW64
    vcompiler.dll
    2011-03-11 21:08:34 —-D—- C:\NVIDIA
    2011-03-11 18:51:57 —-A—- C:\windows\SysWOW64\aswBoot.exe
    2011-03-11 18:51:54 —-D—- C:\ProgramData\AVAST Software
    2011-03-11 16:46:10 —-D—- C:\Users\Max\AppData\Roaming\Leadertech
    2011-03-11 16:39:11 —-A—- C:\windows\SysWOW64\D3DX9_41.dll
    2011-03-11 16:39:10 —-A—- C:\windows\SysWOW64\XAudio2_4.dll
    2011-03-11 16:39:10 —-A—- C:\windows\SysWOW64\xactengine3_4.dll
    2011-03-11 16:39:10 —-A—- C:\windows\SysWOW64\X3DAudio1_6.dll
    2011-03-11 16:39:10 —-A—- C:\windows\SysWOW64\D3DX9_40.dll
    2011-03-11 16:39:10 —-A—- C:\windows\SysWOW64\d3dx10_40.dll
    2011-03-11 16:39:10 —-A—- C:\windows\SysWOW64\D3DCompiler_40.dll
    2011-03-11 16:39:08 —-A—- C:\windows\SysWOW64\d3dx10_39.dll
    2011-03-11 16:39:08 —-A—- C:\windows\SysWOW64\D3DCompiler_39.dll
    2011-03-11 16:39:07 —-A—- C:\windows\SysWOW64\XAudio2_1.dll
    2011-03-11 16:39:07 —-A—- C:\windows\SysWOW64\XAPOFX1_0.dll
    2011-03-11 16:39:07 —-A—- C:\windows\SysWOW64\xactengine3_1.dll
    2011-03-11 16:39:07 —-A—- C:\windows\SysWOW64\X3DAudio1_4.dll
    2011-03-11 16:39:07 —-A—- C:\windows\SysWOW64\D3DX9_39.dll
    2011-03-11 16:39:06 —-A—- C:\windows\SysWOW64\D3DX9_38.dll
    2011-03-11 16:39:06 —-A—- C:\windows\SysWOW64\d3dx10_38.dll
    2011-03-11 16:39:06 —-A—- C:\windows\SysWOW64\D3DCompiler_38.dll
    2011-03-11 16:39:05 —-A—- C:\windows\SysWOW64\XAudio2_0.dll
    2011-03-11 16:39:05 —-A—- C:\windows\SysWOW64\xactengine3_0.dll
    2011-03-11 16:39:05 —-A—- C:\windows\SysWOW64\X3DAudio1_3.dll
    2011-03-11 16:39:05 —-A—- C:\windows\SysWOW64\D3DX9_37.dll
    2011-03-11 16:39:05 —-A—- C:\windows\SysWOW64\d3dx10_37.dll
    2011-03-11 16:39:05 —-A—- C:\windows\SysWOW64\D3DCompiler_37.dll
    2011-03-11 16:39:04 —-A—- C:\windows\SysWOW64\xactengine2_10.dll
    2011-03-11 16:39:03 —-A—- C:\windows\SysWOW64\d3dx9_36.dll
    2011-03-11 16:39:03 —-A—- C:\windows\SysWOW64\d3dx10_36.dll
    2011-03-11 16:39:03 —-A—- C:\windows\SysWOW64\D3DCompiler_36.dll
    2011-03-11 16:39:02 —-A—- C:\windows\SysWOW64\xactengine2_9.dll
    2011-03-11 16:39:01 —-A—- C:\windows\SysWOW64\d3dx9_35.dll
    2011-03-11 16:39:01 —-A—- C:\windows\SysWOW64\d3dx10_35.dll
    2011-03-11 16:39:01 —-A—- C:\windows\SysWOW64\D3DCompiler_35.dll
    2011-03-11 16:38:59 —-A—- C:\windows\SysWOW64\xinput1_3.dll
    2011-03-11 16:38:59 —-A—- C:\windows\SysWOW64\xactengine2_8.dll
    2011-03-11 16:38:59 —-A—- C:\windows\SysWOW64\X3DAudio1_2.dll
    2011-03-11 16:38:59 —-A—- C:\windows\SysWOW64\d3dx9_34.dll
    2011-03-11 16:38:59 —-A—- C:\windows\SysWOW64\d3dx10_34.dll
    2011-03-11 16:38:59 —-A—- C:\windows\SysWOW64\D3DCompiler_34.dll
    2011-03-11 16:38:58 —-A—- C:\windows\SysWOW64\xactengine2_7.dll
    2011-03-11 16:38:58 —-A—- C:\windows\SysWOW64\d3dx9_33.dll
    2011-03-11 16:38:58 —-A—- C:\windows\SysWOW64\d3dx10_33.dll
    2011-03-11 16:38:58 —-A—- C:\windows\SysWOW64\D3DCompiler_33.dll
    2011-03-11 16:38:57 —-A—- C:\windows\SysWOW64\xactengine2_6.dll
    2011-03-11 16:38:57 —-A—- C:\windows\SysWOW64\xactengine2_5.dll
    2011-03-11 16:38:57 —-A—- C:\windows\SysWOW64\d3dx10.dll
    2011-03-11 16:38:55 —-A—- C:\windows\SysWOW64\xactengine2_4.dll
    2011-03-11 16:38:55 —-A—- C:\windows\SysWOW64\x3daudio1_1.dll
    2011-03-11 16:38:55 —-A—- C:\windows\SysWOW64\d3dx9_31.dll
    2011-03-11 16:38:54 —-A—- C:\windows\SysWOW64\xinput1_2.dll
    2011-03-11 16:38:54 —-A—- C:\windows\SysWOW64\xinput1_1.dll
    2011-03-11 16:38:54 —-A—- C:\windows\SysWOW64\xactengine2_3.dll
    2011-03-11 16:38:54 —-A—- C:\windows\SysWOW64\xactengine2_2.dll
    2011-03-11 16:38:53 —-A—- C:\windows\SysWOW64\xactengine2_1.dll
    2011-03-11 16:38:50 —-A—- C:\windows\SysWOW64\xactengine2_0.dll
    2011-03-11 16:38:50 —-A—- C:\windows\SysWOW64\x3daudio1_0.dll
    2011-03-11 16:38:50 —-A—- C:\windows\SysWOW64\d3dx9_30.dll
    2011-03-11 16:38:50 —-A—- C:\windows\SysWOW64\d3dx9_29.dll
    2011-03-11 16:38:49 —-A—- C:\windows\SysWOW64\d3dx9_28.dll
    2011-03-11 16:38:49 —-A—- C:\windows\SysWOW64\d3dx9_27.dll
    2011-03-11 16:38:49 —-A—- C:\windows\SysWOW64\d3dx9_26.dll
    2011-03-11 16:38:48 —-A—- C:\windows\SysWOW64\d3dx9_25.dll
    2011-03-11 16:38:48 —-A—- C:\windows\SysWOW64\d3dx9_24.dll
    2011-03-10 20:00:47 —-D—- C:\Program Files (x86)\Trend Micro
    2011-03-10 19:31:57 —-D—- C:\Users\Max\AppData\Roaming\Malwarebytes
    2011-03-10 19:29:37 —-D—- C:\ProgramData\Malwarebytes
    2011-03-10 19:29:37 —-A—- C:\windows\SysWOW64\drivers\mbamswissarmy.sys
    2011-03-10 19:29:34 —-D—- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-03-10 19:12:33 —-D—- C:\ProgramData\Spybot - Search & Destroy
    2011-03-10 19:12:33 —-D—- C:\Program Files (x86)\Spybot - Search & Destroy
    2011-03-10 18:37:47 —-D—- C:\Users\Max\AppData\Roaming\SUPERAntiSpyware.com
    2011-03-10 18:37:47 —-D—- C:\ProgramData\SUPERAntiSpyware.com
    2011-03-10 18:37:44 —-D—- C:\ProgramData\!SASCORE
    2011-03-10 13:48:29 —-D—- C:\windows\en
    2011-03-10 13:47:04 —-D—- C:\Program Files (x86)\MSN Toolbar
    2011-03-10 13:46:59 —-D—- C:\Program Files (x86)\Bing Bar Installer
    2011-03-10 13:46:58 —-A—- C:\windows\SysWOW64\XAudio2_5.dll
    2011-03-10 13:46:58 —-A—- C:\windows\SysWOW64\XAPOFX1_3.dll
    2011-03-10 13:46:58 —-A—- C:\windows\SysWOW64\d3dx10_42.dll
    2011-03-10 01:14:10 —-A—- C:\windows\SysWOW64\DWrite.dll
    2011-03-10 01:14:10 —-A—- C:\windows\SysWOW64\d2d1.dll
    2011-03-10 01:14:09 —-A—- C:\windows\SysWOW64\sbe.dll
    2011-03-10 01:14:09 —-A—- C:\windows\SysWOW64\EncDec.dll
    2011-03-10 01:14:09 —-A—- C:\windows\SysWOW64\CPFilters.dll
    2011-03-10 01:14:07 —-A—- C:\windows\SysWOW64\mstscax.dll
    2011-03-10 01:14:07 —-A—- C:\windows\SysWOW64\mstsc.exe
    2011-03-10 01:05:51 —-D—- C:\ProgramData\Lavasoft
    2011-03-10 01:05:51 —-D—- C:\Program Files (x86)\Lavasoft
    2011-03-10 01:03:58 —-D—- C:\Program Files (x86)\iTunes
    2011-03-08 06:57:33 —-A—- C:\windows\SysWOW64\f8d264bc.exe
    2011-03-02 00:39:59 —-D—- C:\Users\Max\AppData\Roaming\dvdcss
    2011-03-01 13:18:07 —-D—- C:\ProgramData\VirtualizedApplications
    2011-02-28 21:50:32 —-D—- C:\Users\Max\AppData\Roaming\SoftGrid Client
    2011-02-28 21:50:08 —-A—- C:\windows\SysWOW64\PerfStringBackup.INI
    2011-02-28 21:49:53 —-D—- C:\Users\Max\AppData\Roaming\TP
    2011-02-28 17:22:17 —-D—- C:\Users\Max\AppData\Roaming\Opera
    2011-02-28 17:22:15 —-D—- C:\Program Files (x86)\Opera
    2011-02-28 15:40:14 —-D—- C:\Program Files (x86)\Microsoft.NET
    2011-02-27 14:06:43 —-D—- C:\Program Files (x86)\SopCast
    2011-02-26 22:51:32 —-D—- C:\ProgramData\Hewlett-Packard
    2011-02-26 16:38:06 —-D—- C:\ProgramData\Sun
    2011-02-26 16:38:06 —-D—- C:\Program Files (x86)\Common Files\Java
    2011-02-26 16:37:53 —-A—- C:\windows\SysWOW64\javaws.exe
    2011-02-26 16:37:53 —-A—- C:\windows\SysWOW64\javaw.exe
    2011-02-26 16:37:53 —-A—- C:\windows\SysWOW64\java.exe
    2011-02-26 16:37:53 —-A—- C:\windows\SysWOW64\deployJava1.dll
    2011-02-26 16:37:43 —-D—- C:\Program Files (x86)\Java
    2011-02-26 16:37:32 —-D—- C:\ProgramData\McAfee
    2011-02-26 16:24:19 —-D—- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2011-02-26 16:15:55 —-RHD—- C:\Users\Max\AppData\Roaming\SecuROM
    2011-02-26 14:21:58 —-D—- C:\Program Files (x86)\PowerISO
    2011-02-24 07:14:33 —-A—- C:\windows\SysWOW64\wcncsvc.dll
    2011-02-23 19:42:15 —-A—- C:\windows\SysWOW64\XpsPrint.dll
    2011-02-23 19:42:14 —-A—- C:\windows\SysWOW64\XpsGdiConverter.dll
    2011-02-22 22:35:35 —-D—- C:\Users\Max\AppData\Roaming\vlc
    2011-02-22 22:31:15 —-D—- C:\Program Files (x86)\VideoLAN
    2011-02-22 19:34:10 —-D—- C:\Users\Max\AppData\Roaming\Apple Computer
    2011-02-22 19:33:48 —-A—- C:\windows\SysWOW64\GEARAspi.dll
    2011-02-22 19:33:09 —-D—- C:\Program Files (x86)\Guitar Pro 5
    2011-02-22 19:32:42 —-D—- C:\Program Files (x86)\Apple Software Update
    2011-02-22 19:32:24 —-D—- C:\Program Files (x86)\Bonjour
    2011-02-22 19:28:49 —-D—- C:\Program Files (x86)\uTorrent
    2011-02-22 19:28:15 —-D—- C:\Users\Max\AppData\Roaming\uTorrent
    2011-02-22 17:14:38 —-D—- C:\ProgramData\Apple Computer
    2011-02-22 17:14:38 —-D—- C:\Program Files (x86)\QuickTime
    2011-02-22 17:13:36 —-D—- C:\Program Files (x86)\Common Files\Apple
    2011-02-22 17:13:29 —-D—- C:\ProgramData\Apple
    2011-02-21 21:45:11 —-D—- C:\Users\Max\AppData\Roaming\skypePM
    2011-02-21 21:42:02 —-D—- C:\Program Files (x86)\Common Files\Skype
    2011-02-21 21:42:00 —-RD—- C:\Program Files (x86)\Skype
    2011-02-21 21:42:00 —-D—- C:\Users\Max\AppData\Roaming\Skype
    2011-02-21 21:41:58 —-D—- C:\ProgramData\Skype
    2011-02-16 20:29:13 —-D—- C:\windows\SysWOW64\Wat
    2011-02-16 13:23:14 —-A—- C:\windows\SysWOW64\PresentationHostProxy.dll
    2011-02-16 13:23:14 —-A—- C:\windows\SysWOW64\PresentationHost.exe
    2011-02-16 13:23:14 —-A—- C:\windows\SysWOW64
    etfxperf.dll
    2011-02-16 13:23:14 —-A—- C:\windows\SysWOW64\mscoree.dll
    2011-02-16 13:23:14 —-A—- C:\windows\SysWOW64\dfshim.dll
    2011-02-16 10:35:15 —-A—- C:\windows\SysWOW64\shell32.dll
    2011-02-16 10:35:10 —-A—- C:\windows\SysWOW64\mshtml.dll
    2011-02-16 10:35:08 —-A—- C:\windows\SysWOW64\iertutil.dll
    2011-02-16 10:35:07 —-A—- C:\windows\SysWOW64\mstime.dll
    2011-02-16 10:35:07 —-A—- C:\windows\SysWOW64\msfeedsbs.dll
    2011-02-16 10:35:07 —-A—- C:\windows\SysWOW64\msfeeds.dll
    2011-02-16 10:35:07 —-A—- C:\windows\SysWOW64\licmgr10.dll
    2011-02-16 10:35:07 —-A—- C:\windows\SysWOW64\iepeers.dll
    2011-02-16 10:35:07 —-A—- C:\windows\SysWOW64\iedkcs32.dll
    2011-02-16 10:35:06 —-A—- C:\windows\SysWOW64\mshtmled.dll
    2011-02-16 10:35:06 —-A—- C:\windows\SysWOW64\msfeedssync.exe
    2011-02-16 10:35:03 —-A—- C:\windows\SysWOW64\kerberos.dll
    2011-02-16 10:35:01 —-A—- C:\windows\SysWOW64\tzres.dll
    2011-02-16 10:34:59 —-A—- C:\windows\SysWOW64\t2embed.dll
    2011-02-16 10:34:58 —-A—- C:\windows\SysWOW64\ole32.dll
    2011-02-16 10:34:57 —-A—- C:\windows\SysWOW64\taskschd.dll
    2011-02-16 10:34:57 —-A—- C:\windows\SysWOW64\taskeng.exe
    2011-02-16 10:34:57 —-A—- C:\windows\SysWOW64\taskcomp.dll
    2011-02-16 10:34:57 —-A—- C:\windows\SysWOW64\StructuredQuery.dll
    2011-02-16 10:34:57 —-A—- C:\windows\SysWOW64\schtasks.exe
    2011-02-16 10:34:52 —-A—- C:\windows\SysWOW64\inetcomm.dll
    2011-02-16 10:34:44 —-A—- C:\windows\SysWOW64\schannel.dll
    2011-02-16 10:34:42 —-A—- C:\windows\SysWOW64\comctl32.dll
    2011-02-16 10:34:41 —-A—- C:\windows\SysWOW64\ieframe.dll
    2011-02-16 10:34:40 —-A—- C:\windows\SysWOW64\wininet.dll
    2011-02-16 10:34:40 —-A—- C:\windows\SysWOW64\urlmon.dll
    2011-02-16 10:34:40 —-A—- C:\windows\SysWOW64\upnp.dll
    2011-02-16 10:34:40 —-A—- C:\windows\SysWOW64\msxml6.dll
    2011-02-16 10:34:39 —-A—- C:\windows\SysWOW64\wscapi.dll
    2011-02-16 10:34:39 —-A—- C:\windows\SysWOW64\winhttp.dll
    2011-02-16 10:34:39 —-A—- C:\windows\SysWOW64\WebClnt.dll
    2011-02-16 10:34:39 —-A—- C:\windows\SysWOW64\slwga.dll
    2011-02-16 10:34:39 —-A—- C:\windows\SysWOW64\msxml3.dll
    2011-02-16 10:34:39 —-A—- C:\windows\SysWOW64\jsproxy.dll
    2011-02-16 10:34:39 —-A—- C:\windows\SysWOW64\ieui.dll
    2011-02-16 10:34:39 —-A—- C:\windows\SysWOW64\davclnt.dll
    2011-02-16 10:34:38 —-A—- C:\windows\SysWOW64\rtutils.dll
    2011-02-16 10:34:38 —-A—- C:\windows\SysWOW64\oleaut32.dll
    2011-02-16 10:34:36 —-A—- C:\windows\SysWOW64\d3d10warp.dll
    2011-02-16 10:34:35 —-A—- C:\windows\SysWOW64\mf.dll
    2011-02-16 10:34:34 —-A—- C:\windows\SysWOW64\XpsRasterService.dll
    2011-02-16 10:34:34 —-A—- C:\windows\SysWOW64\WMVDECOD.DLL
    2011-02-16 10:34:34 —-A—- C:\windows\SysWOW64\mfreadwrite.dll
    2011-02-16 10:34:34 —-A—- C:\windows\SysWOW64\ExplorerFrame.dll
    2011-02-16 10:34:34 —-A—- C:\windows\SysWOW64\d3d10_1core.dll
    2011-02-16 10:34:34 —-A—- C:\windows\SysWOW64\d3d10_1.dll
    2011-02-16 10:34:31 —-A—- C:\windows\SysWOW64\webio.dll
    2011-02-16 10:34:31 —-A—- C:\windows\SysWOW64\vbscript.dll
    2011-02-16 10:34:31 —-A—- C:\windows\SysWOW64\jscript.dll
    2011-02-16 10:34:31 —-A—- C:\windows\SysWOW64\iccvid.dll
    2011-02-16 10:34:29 —-A—- C:\windows\SysWOW64\wmpmde.dll
    2011-02-16 10:34:27 —-A—- C:\windows\SysWOW64
    toskrnl.exe
    2011-02-16 10:34:27 —-A—- C:\windows\SysWOW64
    tkrnlpa.exe
    2011-02-16 10:34:27 —-A—- C:\windows\SysWOW64
    tdll.dll
    2011-02-16 10:34:22 —-A—- C:\windows\SysWOW64\atmlib.dll
    2011-02-16 10:34:22 —-A—- C:\windows\SysWOW64\atmfd.dll
    2011-02-16 10:34:21 —-A—- C:\windows\SysWOW64\mfc40u.dll
    2011-02-16 10:34:21 —-A—- C:\windows\SysWOW64\mfc40.dll
    2011-02-16 10:34:18 —-A—- C:\windows\SysWOW64\wmp.dll
    2011-02-16 10:34:17 —-A—- C:\windows\SysWOW64\wmploc.DLL
    2011-02-16 10:34:16 —-A—- C:\windows\SysWOW64\odbc32.dll
    2011-02-16 10:34:14 —-A—- C:\windows\SysWOW64\sscore.dll
    2011-02-15 20:54:40 —-D—- C:\Users\Max\AppData\Roaming\Mozilla
    2011-02-15 20:54:38 —-D—- C:\Program Files (x86)\Mozilla Firefox
    2011-02-15 18:10:09 —-D—- C:\Users\Max\AppData\Roaming\Intel Corporation
    2011-02-15 18:09:34 —-D—- C:\Users\Max\AppData\Roaming\Identities
    2011-02-15 18:08:29 —-D—- C:\Users\Max\AppData\Roaming\Macromedia
    2011-02-15 18:08:29 —-D—- C:\Program Files (x86)\Common Files\Adobe AIR
    2011-02-15 18:08:28 —-D—- C:\Users\Max\AppData\Roaming\Adobe
    2011-02-15 18:08:16 —-D—- C:\ProgramData\Adobe
    2011-02-15 18:08:15 —-D—- C:\Program Files (x86)\Common Files\Adobe
    2011-02-15 18:08:15 —-D—- C:\Program Files (x86)\Adobe
    2011-02-15 18:07:31 —-D—- C:\Program Files (x86)\Microsoft Silverlight
    2011-02-15 18:06:26 —-A—- C:\windows\SysWOW64\d3dx9_32.dll
    2011-02-15 18:05:20 —-D—- C:\Program Files (x86)\Microsoft
    2011-02-15 18:04:54 —-D—- C:\Program Files (x86)\Windows Live
    2011-02-15 18:03:45 —-D—- C:\Program Files (x86)\Common Files\Windows Live
    2011-02-15 17:58:39 —-A—- C:\windows\silentOnce.tmp
    2011-02-15 17:56:18 —-SD—- C:\Users\Max\AppData\Roaming\Microsoft
    2011-02-15 17:56:18 —-D—- C:\Users\Max\AppData\Roaming\Media Center Programs
    2011-02-15 17:56:00 —-D—- C:\Recovery
    2011-02-15 17:55:55 —-D—- C:\windows\SoftwareDistribution

    ======List of files/folders modified in the last 1 months======

    2011-03-12 21:11:56 —-D—- C:\windows\Tasks
    2011-03-12 21:02:05 —-A—- C:\windows\SysWOW64\log.txt
    2011-03-12 21:00:18 —-D—- C:\Windows
    2011-03-12 20:59:42 —-D—- C:\windows\Prefetch
    2011-03-12 20:59:00 —-D—- C:\ProgramData\NVIDIA
    2011-03-12 20:58:44 —-D—- C:\windows\SysWOW64\NV
    2011-03-12 20:57:19 —-D—- C:\windows\inf
    2011-03-12 20:57:15 —-SHD—- C:\windows\Installer
    2011-03-12 20:57:00 —-D—- C:\windows\System32
    2011-03-12 19:59:28 —-A—- C:\windows\system.ini
    2011-03-12 19:59:04 —-D—- C:\windows\SysWOW64
    2011-03-12 19:59:04 —-D—- C:\ProgramData
    2011-03-12 19:57:34 —-D—- C:\windows\SysWOW64\drivers
    2011-03-12 19:57:33 —-D—- C:\windows\AppPatch
    2011-03-12 19:57:32 —-D—- C:\Program Files (x86)\Common Files
    2011-03-12 18:34:47 —-RD—- C:\Program Files (x86)
    2011-03-12 18:34:37 —-D—- C:\windows\Downloaded Program Files
    2011-03-12 18:19:11 —-SHD—- C:\System Volume Information
    2011-03-11 21:56:02 —-RSD—- C:\windows\assembly
    2011-03-11 21:11:45 —-D—- C:\Program Files (x86)\NVIDIA Corporation
    2011-03-11 18:52:09 —-D—- C:\Program Files (x86)\Common Files\microsoft shared
    2011-03-11 18:51:54 —-RD—- C:\Program Files
    2011-03-11 16:38:51 —-D—- C:\windows\Microsoft.NET
    2011-03-11 16:36:07 —-D—- C:\windows\winsxs
    2011-03-10 18:34:19 —-D—- C:\windows\debug
    2011-03-10 13:47:39 —-SD—- C:\ProgramData\Microsoft
    2011-03-10 13:46:56 —-D—- C:\windows\Logs
    2011-03-08 06:59:28 —-D—- C:\Program Files (x86)\Microsoft Office
    2011-02-28 15:40:14 —-D—- C:\windows\SysWOW64\en-US
    2011-02-23 22:15:17 —-D—- C:\windows\rescache
    2011-02-23 22:12:34 —-D—- C:\Program Files (x86)\Windows Sidebar
    2011-02-23 22:12:34 —-D—- C:\Program Files (x86)\Windows Photo Viewer
    2011-02-23 22:12:34 —-D—- C:\Program Files (x86)\Windows Media Player
    2011-02-23 22:12:34 —-D—- C:\Program Files (x86)\Windows Mail
    2011-02-23 22:12:34 —-D—- C:\Program Files (x86)\Windows Defender
    2011-02-23 22:12:34 —-D—- C:\Program Files (x86)\Internet Explorer
    2011-02-23 22:12:34 —-D—- C:\Program Files (x86)\Common Files\System
    2011-02-23 22:12:33 —-D—- C:\windows\SysWOW64\winrm
    2011-02-23 22:12:33 —-D—- C:\windows\SysWOW64\WCN
    2011-02-23 22:12:33 —-D—- C:\windows\SysWOW64\wbem
    2011-02-23 22:12:33 —-D—- C:\windows\SysWOW64\slmgr
    2011-02-23 22:12:33 —-D—- C:\windows\SysWOW64\Printing_Admin_Scripts
    2011-02-23 22:12:33 —-D—- C:\windows\SysWOW64\MUI
    2011-02-23 22:12:33 —-D—- C:\windows\SysWOW64\migwiz
    2011-02-23 22:12:33 —-D—- C:\windows\SysWOW64\migration
    2011-02-23 22:12:33 —-D—- C:\windows\SysWOW64\DriverStore
    2011-02-23 22:12:33 —-D—- C:\windows\SysWOW64\Dism
    2011-02-23 22:12:33 —-D—- C:\windows\servicing
    2011-02-23 22:12:33 —-D—- C:\windows\ehome
    2011-02-23 22:12:32 —-D—- C:\windows\SysWOW64\sv-SE
    2011-02-23 22:12:30 —-D—- C:\windows\SysWOW64\com
    2011-02-23 22:12:30 —-D—- C:\windows\PolicyDefinitions
    2011-02-23 22:12:30 —-D—- C:\windows\IME
    2011-02-23 22:09:16 —-D—- C:\windows\SysWOW64
    b-NO
    2011-02-23 22:06:24 —-D—- C:\windows\it-IT
    2011-02-23 22:06:23 —-D—- C:\windows\SysWOW64\oobe
    2011-02-23 22:06:23 —-D—- C:\windows\SysWOW64\it-IT
    2011-02-23 22:06:17 —-D—- C:\windows\SysWOW64\sysprep
    2011-02-23 22:06:17 —-D—- C:\windows\SysWOW64\Setup
    2011-02-23 22:06:17 —-D—- C:\windows\SysWOW64\drivers\UMDF
    2011-02-23 22:03:06 —-D—- C:\windows\SysWOW64\el-GR
    2011-02-23 21:59:58 —-D—- C:\windows\SysWOW64\de-DE
    2011-02-23 21:59:58 —-D—- C:\windows\de-DE
    2011-02-23 21:56:52 —-D—- C:\windows\fr-FR
    2011-02-23 21:56:51 —-D—- C:\windows\SysWOW64\fr-FR
    2011-02-23 21:53:23 —-D—- C:\windows\SysWOW64\fi-FI
    2011-02-23 21:49:56 —-D—- C:\windows\SysWOW64
    l-NL
    2011-02-23 21:49:56 —-D—- C:\windows
    l-NL
    2011-02-23 21:45:30 —-D—- C:\windows\SysWOW64\da-DK
    2011-02-22 19:33:10 —-RSD—- C:\windows\Fonts
    2011-02-15 22:15:30 —-D—- C:\Program Files (x86)\MSI
    2011-02-15 20:38:38 —-D—- C:\ProgramData\Norton
    2011-02-15 20:36:40 —-HD—- C:\Program Files (x86)\InstallShield Installation Information
    2011-02-15 17:58:55 —-D—- C:\Utility
    2011-02-15 17:56:17 —-RD—- C:\Users
    2011-02-15 17:56:13 —-D—- C:\windows\Panther

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 amdxata;amdxata; C:\windows\system32\DRIVERS\amdxata.sys []
    R0 CLFS;@%SystemRoot%\system32\clfs.sys,-100; C:\windows\System32\CLFS.sys []
    R0 CNG;CNG; C:\windows\System32\Drivers\cng.sys []
    R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\windows\system32\drivers\fileinfo.sys []
    R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\windows\System32\DRIVERS\fvevol.sys []
    R0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\windows\System32\drivers\hwpolicy.sys []
    R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys []
    R0 KSecPkg;KSecPkg; C:\windows\System32\Drivers\ksecpkg.sys []
    R0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys []
    R0 msisadrv;msisadrv; C:\windows\system32\DRIVERS\msisadrv.sys []
    R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS
    vpciflt.sys []
    R0 pcw;Performance Counters for Windows Driver; C:\windows\System32\drivers\pcw.sys []
    R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys []
    R0 spldr;Security Processor Loader Driver; C:\windows\SysWOW64\drivers\spldr.sys []
    R0 vdrvroot;Microsoft Virtual Drive Enumerator Driver; C:\windows\system32\DRIVERS\vdrvroot.sys []
    R0 volmgr;Volume Manager Driver; C:\windows\system32\DRIVERS\volmgr.sys []
    R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\windows\System32\drivers\volmgrx.sys []
    R0 Wdf01000;Kernel Mode Driver Frameworks service; C:\windows\system32\drivers\Wdf01000.sys []
    R1 aswRdr;aswRdr; C:\windows\SysWOW64\drivers\aswRdr.sys []
    R1 aswSnx;aswSnx; C:\windows\SysWOW64\drivers\aswSnx.sys []
    R1 aswSP;aswSP; C:\windows\SysWOW64\drivers\aswSP.sys []
    R1 aswTdi;avast! Network Shield Support; C:\windows\SysWOW64\drivers\aswTdi.sys []
    R1 blbdrive;blbdrive; C:\windows\system32\DRIVERS\blbdrive.sys []
    R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\windows\System32\Drivers\dfsc.sys []
    R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\windows\System32\drivers\discache.sys []
    R1 nsiproxy;@%SystemRoot%\system32\drivers
    siproxy.sys,-2; C:\windows\system32\drivers
    siproxy.sys []
    R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\windows\system32\drivers\rdpencdd.sys []
    R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\windows\system32\drivers\rdprefmp.sys []
    R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
    R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
    R1 SCDEmu;SCDEmu; C:\windows\SysWOW64\drivers\SCDEmu.sys []
    R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\windows\system32\DRIVERS\tdx.sys []
    R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys []
    R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\windows\system32\DRIVERS\wanarp.sys []
    R1 WfpLwf;WFP Lightweight Filter; C:\windows\system32\DRIVERS\wfplwf.sys []
    R2 aswFsBlk;aswFsBlk; C:\windows\SysWOW64\drivers\aswFsBlk.sys []
    R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys []
    R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\windows\system32\DRIVERS\lltdio.sys []
    R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\windows\system32\drivers\luafv.sys []
    R2 PEAUTH;PEAUTH; C:\windows\system32\drivers\peauth.sys []
    R2 rspndr;Link-Layer Topology Discovery Responder; C:\windows\system32\DRIVERS\rspndr.sys []
    R2 tcpipreg;TCP/IP Registry Compatibility; C:\windows\System32\drivers\tcpipreg.sys []
    R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\windows\system32\DRIVERS\bowser.sys []
    R3 CompositeBus;Composite Bus Enumerator Driver; C:\windows\system32\DRIVERS\CompositeBus.sys []
    R3 DXGKrnl;LDDM Graphics Subsystem; C:\windows\System32\drivers\dxgkrnl.sys []
    R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys []
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys []
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys []
    R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys []
    R3 HidUsb;Microsoft HID Class Driver; C:\windows\system32\DRIVERS\hidusb.sys []
    R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys []
    R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys []
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys []
    R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys []
    R3 intelppm;Intel Processor Driver; C:\windows\system32\DRIVERS\intelppm.sys []
    R3 ksthunk;Kernel Streaming Thunks; C:\windows\system32\drivers\ksthunk.sys []
    R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-03-09 17152]
    R3 MBfilt;MBfilt; C:\windows\system32\drivers\MBfilt64.sys []
    R3 monitor;Microsoft Monitor Class Function Driver Service; C:\windows\system32\DRIVERS\monitor.sys []
    R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\windows\System32\drivers\mpsdrv.sys []
    R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\windows\system32\DRIVERS\mrxsmb10.sys []
    R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\windows\system32\DRIVERS\mrxsmb20.sys []
    R3 NativeWifiP;NativeWiFi Filter; C:\windows\system32\DRIVERS
    wifi.sys []
    R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETw5s64.sys []
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS
    usb3hub.sys []
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS
    usb3xhc.sys []
    R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS
    vlddmkm.sys []
    R3 RasAgileVpn;WAN Miniport (IKEv2); C:\windows\system32\DRIVERS\AgileVpn.sys []
    R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\windows\system32\DRIVERS\rassstp.sys []
    R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys []
    R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\windows\System32\DRIVERS\srv2.sys []
    R3 srvnet;srvnet; C:\windows\System32\DRIVERS\srvnet.sys []
    R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; C:\windows\system32\DRIVERS\tunnel.sys []
    R3 umbus;UMBus Enumerator Driver; C:\windows\system32\DRIVERS\umbus.sys []
    R3 vwifibus;Virtual WiFi Bus Driver; C:\windows\system32\DRIVERS\vwifibus.sys []
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys []
    R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\windows\system32\drivers\WudfPf.sys []
    R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\windows\system32\DRIVERS\xusb21.sys []
    S3 1394ohci;1394 OHCI Compliant Host Controller; C:\windows\system32\DRIVERS\1394ohci.sys []
    S3 AcpiPmi;ACPI Power Meter Driver; C:\windows\system32\DRIVERS\acpipmi.sys []
    S3 adp94xx;adp94xx; C:\windows\system32\DRIVERS\adp94xx.sys []
    S3 adpahci;adpahci; C:\windows\system32\DRIVERS\adpahci.sys []
    S3 adpu320;adpu320; C:\windows\system32\DRIVERS\adpu320.sys []
    S3 agp440;Intel AGP Bus Filter; C:\windows\system32\DRIVERS\agp440.sys []
    S3 amdide;amdide; C:\windows\system32\DRIVERS\amdide.sys []
    S3 AmdK8;AMD K8 Processor Driver; C:\windows\system32\DRIVERS\amdk8.sys []
    S3 AmdPPM;AMD Processor Driver; C:\windows\system32\DRIVERS\amdppm.sys []
    S3 amdsata;amdsata; C:\windows\system32\DRIVERS\amdsata.sys []
    S3 amdsbs;amdsbs; C:\windows\system32\DRIVERS\amdsbs.sys []
    S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\windows\system32\drivers\appid.sys []
    S3 arc;arc; C:\windows\system32\DRIVERS\arc.sys []
    S3 arcsas;arcsas; C:\windows\system32\DRIVERS\arcsas.sys []
    S3 b06bdrv;Broadcom NetXtreme II VBD; C:\windows\system32\DRIVERS\bxvbda.sys []
    S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60a.sys []
    S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\windows\system32\DRIVERS\BrFiltLo.sys []
    S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\windows\system32\DRIVERS\BrFiltUp.sys []
    S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\windows\System32\Drivers\Brserid.sys []
    S3 BrSerWdm;Brother WDM Serial driver; C:\windows\System32\Drivers\BrSerWdm.sys []
    S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\windows\System32\Drivers\BrUsbMdm.sys []
    S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\windows\System32\Drivers\BrUsbSer.sys []
    S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys []
    S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\windows\system32\DRIVERS\bthmodem.sys []
    S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys []
    S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys []
    S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys []
    S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys []
    S3 BTMHID;BTMHID; C:\windows\system32\DRIVERS\btmhid.sys []
    S3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys []
    S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
    S3 circlass;Consumer IR Devices; C:\windows\system32\DRIVERS\circlass.sys []
    S3 diskperf64;Realtek Turbo Disk Filter Driver; C:\windows\system32\DRIVERS\diskperf64.sys []
    S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\windows\system32\DRIVERS\evbda.sys []
    S3 elxstor;elxstor; C:\windows\system32\DRIVERS\elxstor.sys []
    S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\DRIVERS\errdev.sys []
    S3 exfat;exFAT File System Driver; C:\windows\SysWOW64\drivers\exfat.sys []
    S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\windows\system32\drivers\filetrace.sys []
    S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\windows\System32\drivers\FsDepends.sys []
    S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\windows\system32\DRIVERS\gagp30kx.sys []
    S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\windows\system32\drivers\hcw85cir.sys []
    S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys []
    S3 HidBatt;HID UPS Battery Driver; C:\windows\system32\DRIVERS\HidBatt.sys []
    S3 HidBth;Microsoft Bluetooth HID Miniport; C:\windows\system32\DRIVERS\hidbth.sys []
    S3 HidIr;Microsoft Infrared HID Driver; C:\windows\system32\DRIVERS\hidir.sys []
    S3 HpSAMD;HpSAMD; C:\windows\system32\DRIVERS\HpSAMD.sys []
    S3 iaStorV;iaStorV; C:\windows\system32\DRIVERS\iaStorV.sys []
    S3 iirsp;iirsp; C:\windows\system32\DRIVERS\iirsp.sys []
    S3 IPMIDRV;IPMIDRV; C:\windows\system32\DRIVERS\IPMIDrv.sys []
    S3 iScsiPrt;iScsiPort Driver; C:\windows\system32\DRIVERS\msiscsi.sys []
    S3 kbdhid;Keyboard HID Driver; C:\windows\system32\DRIVERS\kbdhid.sys []
    S3 LSI_FC;LSI_FC; C:\windows\system32\DRIVERS\lsi_fc.sys []
    S3 LSI_SAS;LSI_SAS; C:\windows\system32\DRIVERS\lsi_sas.sys []
    S3 LSI_SAS2;LSI_SAS2; C:\windows\system32\DRIVERS\lsi_sas2.sys []
    S3 LSI_SCSI;LSI_SCSI; C:\windows\system32\DRIVERS\lsi_scsi.sys []
    S3 megasas;megasas; C:\windows\system32\DRIVERS\megasas.sys []
    S3 MegaSR;MegaSR; C:\windows\system32\DRIVERS\MegaSR.sys []
    S3 MGHwCtrl;MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys []
    S3 mouhid;Mouse HID Driver; C:\windows\system32\DRIVERS\mouhid.sys []
    S3 mpio;mpio; C:\windows\system32\DRIVERS\mpio.sys []
    S3 msahci;msahci; C:\windows\system32\DRIVERS\msahci.sys []
    S3 msdsm;msdsm; C:\windows\system32\DRIVERS\msdsm.sys []
    S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\windows\System32\drivers\mshidkmdf.sys []
    S3 MsRPC;MsRPC; C:\windows\SysWOW64\drivers\MsRPC.sys []
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys []
    S3 MTConfig;Microsoft Input Configuration Driver; C:\windows\system32\DRIVERS\MTConfig.sys []
    S3 NdisCap;NDIS Capture LightWeight Filter; C:\windows\system32\DRIVERS
    discap.sys []
    S3 nfrd960;nfrd960; C:\windows\system32\DRIVERS
    frd960.sys []
    S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\windows\system32\DRIVERS
    v_agp.sys []
    S3 nvraid;nvraid; C:\windows\system32\DRIVERS
    vraid.sys []
    S3 nvstor;nvstor; C:\windows\system32\DRIVERS
    vstor.sys []
    S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\windows\system32\DRIVERS\ohci1394.sys []
    S3 ql2300;ql2300; C:\windows\system32\DRIVERS\ql2300.sys []
    S3 ql40xx;ql40xx; C:\windows\system32\DRIVERS\ql40xx.sys []
    S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\windows\system32\drivers\qwavedrv.sys []
    S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\windows\system32\DRIVERS\rdpbus.sys []
    S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys []
    S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys []
    S3 sbp2port;sbp2port; C:\windows\system32\DRIVERS\sbp2port.sys []
    S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\windows\System32\DRIVERS\scfilter.sys []
    S3 sermouse;Serial Mouse Driver; C:\windows\system32\DRIVERS\sermouse.sys []
    S3 sffdisk;SFF Storage Class Driver; C:\windows\system32\DRIVERS\sffdisk.sys []
    S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\windows\system32\DRIVERS\sffp_mmc.sys []
    S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\windows\system32\DRIVERS\sffp_sd.sys []
    S3 SiSRaid2;SiSRaid2; C:\windows\system32\DRIVERS\SiSRaid2.sys []
    S3 SiSRaid4;SiSRaid4; C:\windows\system32\DRIVERS\sisraid4.sys []
    S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\windows\system32\DRIVERS\smb.sys []
    S3 stexstor;stexstor; C:\windows\system32\DRIVERS\stexstor.sys []
    S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\windows\system32\DRIVERS\tcpip.sys []
    S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\windows\System32\DRIVERS\tssecsrv.sys []
    S3 uagp35;Microsoft AGPv3.5 Filter; C:\windows\system32\DRIVERS\uagp35.sys []
    S3 uliagpkx;Uli AGP Bus Filter; C:\windows\system32\DRIVERS\uliagpkx.sys []
    S3 UmPass;Microsoft UMPass Driver; C:\windows\system32\DRIVERS\umpass.sys []
    S3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\system32\DRIVERS\usbccgp.sys []
    S3 usbcir;eHome Infrared Receiver (USBCIR); C:\windows\system32\DRIVERS\usbcir.sys []
    S3 usbprint;Microsoft USB PRINTER Class; C:\windows\system32\DRIVERS\usbprint.sys []
    S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys []
    S3 USBSTOR;USB Mass Storage Driver; C:\windows\system32\DRIVERS\USBSTOR.SYS []
    S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\system32\DRIVERS\usbuhci.sys []
    S3 usbvideo;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys []
    S3 vga;vga; C:\windows\system32\DRIVERS\vgapnp.sys []
    S3 vhdmp;vhdmp; C:\windows\system32\DRIVERS\vhdmp.sys []
    S3 vsmraid;vsmraid; C:\windows\system32\DRIVERS\vsmraid.sys []
    S3 WacomPen;Wacom Serial Pen HID Driver; C:\windows\system32\DRIVERS\wacompen.sys []
    S3 Wd;Wd; C:\windows\system32\DRIVERS\wd.sys []
    S3 WIMMount;WIMMount; C:\windows\system32\drivers\wimmount.sys [2009-07-14 19008]
    S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys []
    S4 crcdisk;Crcdisk Filter Driver; C:\windows\system32\DRIVERS\crcdisk.sys []
    S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\windows\system32\drivers\ws2ifsl.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
    R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\windows\System32\svchost.exe [2009-07-14 20992]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
    R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-04-22 677128]
    R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
    R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\windows\System32\svchost.exe [2009-07-14 20992]
    R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 gpsvc;@gpapi.dll,-112; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
    R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\windows\System32\svchost.exe [2009-07-14 20992]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-03-09 1405384]
    R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-04-14 325656]
    R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
    R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 NlaSvc;@%SystemRoot%\System32
    lasvc.dll,-1; C:\windows\System32\svchost.exe [2009-07-14 20992]
    R2 nsi;@%SystemRoot%\system32
    sisvc.dll,-200; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32
    vvsvc.exe []
    R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416]
    R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision
    vSCPAPISvr.exe [2011-01-07 378984]
    R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-04-14 2533400]
    R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\windows\System32\svchost.exe [2009-07-14 20992]
    R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\windows\system32\svchost.exe [2009-07-14 20992]
    R2 wlidsvc;Windows Live ID Sign
  • En hier de info-file:

    info.txt logfile of random's system information tool 1.08 2011-03-12 21:42:34

    ======Uninstall list======

    –>MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
    –>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A4824921-63A6-4616-9335-557B860307F7}\setup.exe" -l0x9
    –>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A4824921-63A6-4616-9335-557B860307F7}\setup.exe" -l0x9
    emove
    –>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DDCCBB78-8FFB-4FDE-912F-930E4D9FBC67}\setup.exe" -l0x9
    –>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DDCCBB78-8FFB-4FDE-912F-930E4D9FBC67}\setup.exe" -l0x9
    emove
    –>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F50302D2-9E07-4A43-B9EA-7AC712F34711}\setup.exe" -l0x9
    –>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F50302D2-9E07-4A43-B9EA-7AC712F34711}\setup.exe" -l0x9
    emove
    µTorrent–>"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
    Acrobat.com–>MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
    Ad-Aware–>"C:\ProgramData\{78A29A4D-35CE-4C46-9AC9-2692EE35F0BE}\Ad-Aware90Install.exe" REMOVE=TRUE MODIFY=FALSE
    Ad-Aware–>C:\ProgramData\{78A29A4D-35CE-4C46-9AC9-2692EE35F0BE}\Ad-Aware90Install.exe
    Adobe AIR–>c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR–>MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Flash Player 10 ActiveX–>C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
    Adobe Flash Player 10 Plugin–>C:\windows\SysWOW64\Macromed\Flash\FlashUtil10m_Plugin.exe -maintain plugin
    Adobe Reader 9.1–>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
    Apple Application Support–>MsiExec.exe /I{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
    Apple Software Update–>MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
    avast! Free Antivirus–>C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
    Bing Bar Platform–>MsiExec.exe /I{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}
    Bing Bar–>C:\Program Files (x86)\Bing Bar Installer\InstallManager.exe /UNINSTALL
    Contextual Tool Yourprofitclub–>C:\windows\system32\f8d264bc.exe
    D3DX10–>MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
    Diablo II–>C:\Program Files (x86)\Common Files\Blizzard Entertainment\Diablo II (3)\Uninstall.exe
    FIFA 11–>MsiExec.exe /X{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}
    Guitar Pro 5.2–>"C:\Program Files (x86)\Guitar Pro 5\unins000.exe"
    HiJackThis–>MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
    i-Charger–>"C:\Program Files (x86)\MSI\i-Charger\unins000.exe"
    Intel(R) Graphics Media Accelerator Driver–>C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
    Intel(R) Management Engine Components–>C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
    Intel(R) Rapid Storage Technology–>C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
    Java(TM) 6 Update 24–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF}
    Junk Mail filter update–>MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
    Malwarebytes' Anti-Malware–>"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft Office 2010–>MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
    Microsoft Search Enhancement Pack–>MsiExec.exe /X{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
    Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148–>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Mozilla Firefox (3.6.13)–>C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
    MSVCRT_amd64–>MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
    MSVCRT–>MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    Need for Speed(TM) Hot Pursuit–>MsiExec.exe /X{83A606F5-BF6F-42ED-9F33-B9F74297CDED}
    NVIDIA PhysX–>MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
    NVIDIA Stereoscopic 3D Driver–>"C:\Program Files (x86)\NVIDIA Corporation\3D Vision
    vStInst.exe" /uninstall /ask
    NVIDIA Updatus–>"C:\Program Files (x86)\InstallShield Installation Information\{7357286A-CBE7-4F4A-BABC-EC4B3DD63862}\setup.exe" -runfromtemp -l0x0009
    Opera 11.01–>"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
    PowerISO–>"C:\Program Files (x86)\PowerISO\uninstall.exe"
    Pro Evolution Soccer 2011–>MsiExec.exe /X{1148E85C-E1AF-48E0-A29C-68DACE07E054}
    QuickTime–>MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
    Realtek High Definition Audio Driver–>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
    Realtek USB 2.0 Reader Driver–>"C:\Program Files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe" -runfromtemp -removeonly
    Renesas Electronics USB 3.0 Host Controller Driver–>"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x0409 -removeonly
    Renesas Electronics USB 3.0 Host Controller Driver–>MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996}
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)–>C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
    Skype Toolbars–>MsiExec.exe /I{A29549FD-65F3-440C-A552-6B8114CF319D}
    Skype™ 5.1–>MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
    SopCast 3.3.2–>C:\Program Files (x86)\SopCast\uninst.exe
    Spybot - Search & Destroy–>"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
    System Control Manager–>C:\Program Files (x86)\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe -runfromtemp -l0x0009 -removeonly
    System Requirements Lab–>C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
    THX TruStudio Pro–>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}\setup.exe" -l0x9
    emove
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)–>C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
    Visual C++ 2008 x86 Runtime - (v9.0.30729)–>MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
    Visual C++ 2008 x86 Runtime - v9.0.30729.01–>C:\windows\SysWOW64\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
    VLC media player 1.1.7–>C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
    Windows Live Communications Platform–>MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
    Windows Live Essentials–>C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
    Windows Live Essentials–>MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
    Windows Live Installer–>MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
    Windows Live Mail–>MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
    Windows Live Mail–>MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
    Windows Live Messenger–>MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
    Windows Live Messenger–>MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
    Windows Live Movie Maker–>MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
    Windows Live Movie Maker–>MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
    Windows Live Photo Common–>MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
    Windows Live Photo Common–>MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
    Windows Live Photo Gallery–>MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
    Windows Live Photo Gallery–>MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
    Windows Live PIMT Platform–>MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
    Windows Live SOXE Definitions–>MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
    Windows Live SOXE–>MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
    Windows Live Sync–>MsiExec.exe /X{B10914FD-8812-47A4-85A1-50FCDE7F1F33}
    Windows Live UX Platform Language Pack–>MsiExec.exe /I{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}
    Windows Live UX Platform–>MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
    Windows Live Writer Resources–>MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
    Windows Live Writer–>MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
    Windows Live Writer–>MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
    Windows Live Writer–>MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
    WinRAR archiver–>C:\Program Files (x86)\WinRAR 3.61 Multi\Uninstall.exe

    ======Security center information======

    AS: Spybot - Search and Destroy (disabled)
    AS: SUPERAntiSpyware (disabled)

    ======System event log======

    Computer Name: WIN-V7GMEPJM6O8
    Event Code: 1014
    Message: Name resolution for the name csc3-2009-2-crl.verisign.com timed out after none of the configured DNS servers responded.
    Record Number: 2568
    Source Name: Microsoft-Windows-DNS-Client
    Time Written: 20101022021948.675070-000
    Event Type: Warning
    User: NT AUTHORITY\NETWORK SERVICE

    Computer Name: WIN-V7GMEPJM6O8
    Event Code: 11
    Message: Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
    Record Number: 2482
    Source Name: Microsoft-Windows-Wininit
    Time Written: 20101022021815.324506-000
    Event Type: Warning
    User: NT AUTHORITY\SYSTEM

    Computer Name: WIN-V7GMEPJM6O8
    Event Code: 4001
    Message: WLAN AutoConfig service has successfully stopped.

    Record Number: 2423
    Source Name: Microsoft-Windows-WLAN-AutoConfig
    Time Written: 20100923203138.105631-000
    Event Type: Warning
    User: NT AUTHORITY\SYSTEM

    Computer Name: WIN-V7GMEPJM6O8
    Event Code: 10010
    Message: The server {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} did not register with DCOM within the required timeout.
    Record Number: 2394
    Source Name: Microsoft-Windows-DistributedCOM
    Time Written: 20100923203108.000000-000
    Event Type: Error
    User:

    Computer Name: WIN-V7GMEPJM6O8
    Event Code: 7023
    Message: The Windows Update service terminated with the following error:
    %%-2145124287
    Record Number: 2392
    Source Name: Service Control Manager
    Time Written: 20100923202949.513840-000
    Event Type: Error
    User:

    =====Application event log=====

    Computer Name: Max-MSI
    Event Code: 6004
    Message: The winlogon notification subscriber <TrustedInstaller> failed a critical notification event.
    Record Number: 947
    Source Name: Microsoft-Windows-Winlogon
    Time Written: 20110216193007.000000-000
    Event Type: Warning
    User:

    Computer Name: Max-MSI
    Event Code: 1530
    Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

    DETAIL -
    5 user registry handles leaked from \Registry\User\S-1-5-21-2002805053-4252134244-3045484419-1001:
    Process 2756 (\Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
    Process 2756 (\Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software
    Process 2756 (\Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Policies
    Process 2756 (\Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    Process 2756 (\Device\HarddiskVolume3\Windows\System32\wbem\WmiPrvSE.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings

    Record Number: 886
    Source Name: Microsoft-Windows-User Profiles Service
    Time Written: 20110215210118.935682-000
    Event Type: Warning
    User: NT AUTHORITY\SYSTEM

    Computer Name: Max-MSI
    Event Code: 1530
    Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

    DETAIL -
    2 user registry handles leaked from \Registry\User\S-1-5-21-2002805053-4252134244-3045484419-1001:
    Process 596 (\Device\HarddiskVolume3\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001
    Process 2944 (\Device\HarddiskVolume3\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-2002805053-4252134244-3045484419-1001\Software\Microsoft\Windows\CurrentVersion\Explorer

    Record Number: 788
    Source Name: Microsoft-Windows-User Profiles Service
    Time Written: 20110215171642.860076-000
    Event Type: Warning
    User: NT AUTHORITY\SYSTEM

    Computer Name: Max-MSI
    Event Code: 11
    Message: Possible Memory Leak. Application (C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 436) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.
    Record Number: 782
    Source Name: Microsoft-Windows-RPC-Events
    Time Written: 20110215171450.778077-000
    Event Type: Warning
    User: NT AUTHORITY\LOCAL SERVICE

    Computer Name: Max-MSI
    Event Code: 1008
    Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.

    Record Number: 618
    Source Name: Microsoft-Windows-Search
    Time Written: 20110215165601.000000-000
    Event Type: Warning
    User:

    =====Security event log=====

    Computer Name: WIN-V7GMEPJM6O8
    Event Code: 4624
    Message: An account was successfully logged on.

    Subject:
    Security ID: S-1-5-18
    Account Name: WIN-V7GMEPJM6O8$
    Account Domain: WORKGROUP
    Logon ID: 0x3e7

    Logon Type: 5

    New Logon:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7
    Logon GUID: {00000000-0000-0000-0000-000000000000}

    Process Information:
    Process ID: 0x2a4
    Process Name: C:\Windows\System32\services.exe

    Network Information:
    Workstation Name:
    Source Network Address: -
    Source Port: -

    Detailed Authentication Information:
    Logon Process: Advapi
    Authentication Package: Negotiate
    Transited Services: -
    Package Name (NTLM only): -
    Key Length: 0

    This event is generated when a logon session is created. It is generated on the computer that was accessed.

    The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

    The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

    The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

    The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

    The authentication information fields provide detailed information about this specific logon request.
    - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    Record Number: 554
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100923202910.154971-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-V7GMEPJM6O8
    Event Code: 4672
    Message: Special privileges assigned to new logon.

    Subject:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7

    Privileges: SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 553
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100923202907.830567-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-V7GMEPJM6O8
    Event Code: 4624
    Message: An account was successfully logged on.

    Subject:
    Security ID: S-1-5-18
    Account Name: WIN-V7GMEPJM6O8$
    Account Domain: WORKGROUP
    Logon ID: 0x3e7

    Logon Type: 5

    New Logon:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7
    Logon GUID: {00000000-0000-0000-0000-000000000000}

    Process Information:
    Process ID: 0x2a4
    Process Name: C:\Windows\System32\services.exe

    Network Information:
    Workstation Name:
    Source Network Address: -
    Source Port: -

    Detailed Authentication Information:
    Logon Process: Advapi
    Authentication Package: Negotiate
    Transited Services: -
    Package Name (NTLM only): -
    Key Length: 0

    This event is generated when a logon session is created. It is generated on the computer that was accessed.

    The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

    The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

    The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

    The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

    The authentication information fields provide detailed information about this specific logon request.
    - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    Record Number: 552
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100923202907.830567-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-V7GMEPJM6O8
    Event Code: 4738
    Message: A user account was changed.

    Subject:
    Security ID: S-1-5-21-3481707210-3752273569-2991567464-500
    Account Name: Administrator
    Account Domain: WIN-V7GMEPJM6O8
    Logon ID: 0x4821e

    Target Account:
    Security ID: S-1-5-21-3481707210-3752273569-2991567464-500
    Account Name: Administrator
    Account Domain: WIN-V7GMEPJM6O8

    Changed Attributes:
    SAM Account Name: -
    Display Name: -
    User Principal Name: -
    Home Directory: -
    Home Drive: -
    Script Path: -
    Profile Path: -
    User Workstations: -
    Password Last Set: -
    Account Expires: -
    Primary Group ID: -
    AllowedToDelegateTo: -
    Old UAC Value: 0x211
    New UAC Value: 0x211
    User Account Control: -
    User Parameters: -
    SID History: -
    Logon Hours: -

    Additional Information:
    Privileges: -
    Record Number: 551
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100923202906.130164-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-V7GMEPJM6O8
    Event Code: 1102
    Message: The audit log was cleared.
    Subject:
    Security ID: S-1-5-21-3481707210-3752273569-2991567464-500
    Account Name: Administrator
    Domain Name: WIN-V7GMEPJM6O8
    Logon ID: 0x4821e
    Record Number: 550
    Source Name: Microsoft-Windows-Eventlog
    Time Written: 20100923202858.376950-000
    Event Type: Audit Success
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Windows Live\Shared
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=AMD64
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
    "NUMBER_OF_PROCESSORS"=4
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
    "PROCESSOR_REVISION"=2505
    "configsetroot"=%SystemRoot%\ConfigSetRoot
    "CLASSPATH"=.;C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
    "asl.log"=Destination=file

    —————–EOF—————–
  • Hoi Max, zit jouw notebook in een thuisnetwerk?

    1) [b:4f68a09529]Download LopSD of LOPSD naar je Bureaublad.[/b:4f68a09529]
    [list:4f68a09529][*:4f68a09529] [b:4f68a09529]De-activeer bij dit tooltje je antispyware en virusscanner.[/b:4f68a09529]
    [*:4f68a09529][b:4f68a09529]Vista- en Windows 7 gebruikers: rechtsklik op LopSD en kies voor "Als Administrator uitvoeren"!
    [*:4f68a09529] Kies Optie N en Enter
    [*:4f68a09529] Klik OK bij het informatie venter
    [*:4f68a09529] Kies Optie 2 en Enter
    [*:4f68a09529] Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord[/b:4f68a09529][/list:u:4f68a09529]

    2) [b:4f68a09529]Welk programma[/b:4f68a09529]: Kaspersky [b:4f68a09529]TDSSKiller[/b:4f68a09529]
    [b:4f68a09529]Waarvoor/waarom[/b:4f68a09529]: Rootkitscanner
    [b:4f68a09529]Moeilijkheidsgraad[/b:4f68a09529]: geen
    [b:4f68a09529]Downloadlokatie[/b:4f68a09529]: Dit programma absoluut naar het bureaublad downloaden!
    [b:4f68a09529]Download[/b:4f68a09529] [b:4f68a09529]TDSSKiller[/b:4f68a09529] [b:4f68a09529]hier[/b:4f68a09529].

    [b:4f68a09529]Installatie[/b:4f68a09529]:
    [list:4f68a09529][*:4f68a09529] pak het bestand uit op je bureaublad.[/list:u:4f68a09529]

    [b:4f68a09529]TDSSKiller gebruiken[/b:4f68a09529]:
    [list:4f68a09529][*:4f68a09529]Windows 2000 en Windows XP: start TDSSKiller middels dubbelklik op TDSSKiller.exe.
    [*:4f68a09529]Windows Vista en Windows 7: start TDSSKiller middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:4f68a09529]Als Administrator uitvoeren[/b:4f68a09529].
    [*:4f68a09529] Nadat de scan klaar is, vindt je het log in de C:\ partitie
    [*:4f68a09529] Post de inhoud van dat log[/list:u:4f68a09529]
  • Hallo,

    Alleereest wou ik nogmaals bedanken dat je voor mijn zielige probleem zoveel moeilte doet, echt ongelofelijk…

    Bij de eerste scan gaf windows een waarschuwing dat 'het programma verkeerd geinstalleerd was' dus heb hem maar opnieuw gerund, dit keer geen fout, copy het log van C:\:

    Ik zit idd in een thuisnetwerk.

    Log1:


    ——————–\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows 7 Home Premium ( v6.1.7600 )
    x64-based PC ( Multiprocessor Free : Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz )
    BIOS : BIOS Date: 09/23/09 11:58:43 Ver: 08.00.10
    USER : Max ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:348 Go (Free:299 Go)
    D:\ (Local Disk) - NTFS - Total:232 Go (Free:79 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( Sun 03/13/2011|12:34 )

    [ UAC => 1 ]


    Log 2:

    2011/03/13 12:35:42.0806 4140 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
    2011/03/13 12:35:43.0141 4140 ================================================================================
    2011/03/13 12:35:43.0144 4140 SystemInfo:
    2011/03/13 12:35:43.0144 4140
    2011/03/13 12:35:43.0144 4140 OS Version: 6.1.7600 ServicePack: 0.0
    2011/03/13 12:35:43.0144 4140 Product type: Workstation
    2011/03/13 12:35:43.0144 4140 ComputerName: MAX-MSI
    2011/03/13 12:35:43.0144 4140 UserName: Max
    2011/03/13 12:35:43.0144 4140 Windows directory: C:\windows
    2011/03/13 12:35:43.0144 4140 System windows directory: C:\windows
    2011/03/13 12:35:43.0144 4140 Running under WOW64
    2011/03/13 12:35:43.0144 4140 Processor architecture: Intel x64
    2011/03/13 12:35:43.0144 4140 Number of processors: 4
    2011/03/13 12:35:43.0144 4140 Page size: 0x1000
    2011/03/13 12:35:43.0144 4140 Boot type: Normal boot
    2011/03/13 12:35:43.0144 4140 ================================================================================
    2011/03/13 12:35:43.0454 4140 Initialize success
    2011/03/13 12:35:55.0891 4220 ================================================================================
    2011/03/13 12:35:55.0894 4220 Scan started
    2011/03/13 12:35:55.0894 4220 Mode: Manual;
    2011/03/13 12:35:55.0894 4220 ================================================================================
    2011/03/13 12:35:56.0274 4220 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys
    2011/03/13 12:35:56.0379 4220 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
    2011/03/13 12:35:56.0491 4220 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
    2011/03/13 12:35:56.0611 4220 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
    2011/03/13 12:35:56.0734 4220 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
    2011/03/13 12:35:56.0856 4220 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
    2011/03/13 12:35:56.0991 4220 AFD (b9384e03479d2506bc924c16a3db87bc) C:\windows\system32\drivers\afd.sys
    2011/03/13 12:35:57.0104 4220 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
    2011/03/13 12:35:57.0219 4220 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
    2011/03/13 12:35:57.0311 4220 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
    2011/03/13 12:35:57.0406 4220 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
    2011/03/13 12:35:57.0509 4220 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
    2011/03/13 12:35:57.0614 4220 amdsata (7a4b413614c055935567cf88a9734d38) C:\windows\system32\DRIVERS\amdsata.sys
    2011/03/13 12:35:57.0726 4220 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
    2011/03/13 12:35:57.0826 4220 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\windows\system32\DRIVERS\amdxata.sys
    2011/03/13 12:35:57.0916 4220 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
    2011/03/13 12:35:58.0069 4220 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
    2011/03/13 12:35:58.0166 4220 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
    2011/03/13 12:35:58.0269 4220 aswFsBlk (f810e3ea3d1f3c3ba26f2f4719bdca4f) C:\windows\system32\drivers\aswFsBlk.sys
    2011/03/13 12:35:58.0376 4220 aswMonFlt (3687fd9cedf56d3b9f18923f4e14f3f9) C:\windows\system32\drivers\aswMonFlt.sys
    2011/03/13 12:35:58.0479 4220 aswRdr (e99e48596b35e5d5240104bcd61b3471) C:\windows\system32\drivers\aswRdr.sys
    2011/03/13 12:35:58.0586 4220 aswSnx (84ad8fb3fd2efa52d8599a0028bbb6fe) C:\windows\system32\drivers\aswSnx.sys
    2011/03/13 12:35:58.0684 4220 aswSP (8cba6cc5dca9e3829f1792bf98f06901) C:\windows\system32\drivers\aswSP.sys
    2011/03/13 12:35:58.0791 4220 aswTdi (184248f2ded7b1641c7f3b30381baa2a) C:\windows\system32\drivers\aswTdi.sys
    2011/03/13 12:35:58.0894 4220 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
    2011/03/13 12:35:59.0004 4220 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
    2011/03/13 12:35:59.0146 4220 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
    2011/03/13 12:35:59.0266 4220 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
    2011/03/13 12:35:59.0394 4220 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
    2011/03/13 12:35:59.0534 4220 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
    2011/03/13 12:35:59.0654 4220 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\windows\system32\DRIVERS\bowser.sys
    2011/03/13 12:35:59.0759 4220 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
    2011/03/13 12:35:59.0859 4220 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
    2011/03/13 12:35:59.0969 4220 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
    2011/03/13 12:36:00.0089 4220 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
    2011/03/13 12:36:00.0189 4220 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
    2011/03/13 12:36:00.0291 4220 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
    2011/03/13 12:36:00.0401 4220 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\DRIVERS\BthEnum.sys
    2011/03/13 12:36:00.0506 4220 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
    2011/03/13 12:36:00.0609 4220 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
    2011/03/13 12:36:00.0724 4220 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\windows\system32\Drivers\BTHport.sys
    2011/03/13 12:36:00.0866 4220 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\windows\system32\Drivers\BTHUSB.sys
    2011/03/13 12:36:00.0986 4220 BTMCOM (e588420b950dac5ac397f76660bce520) C:\windows\System32\Drivers\btmcom.sys
    2011/03/13 12:36:01.0099 4220 BTMHID (111160e8f47fafc0bd026293ebb95b70) C:\windows\system32\DRIVERS\btmhid.sys
    2011/03/13 12:36:01.0251 4220 BTMUSB (22a24c45a21ab98afcd09229f6ee5fcf) C:\windows\system32\Drivers\btmusb.sys
    2011/03/13 12:36:01.0456 4220 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
    2011/03/13 12:36:01.0524 4220 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
    2011/03/13 12:36:01.0639 4220 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
    2011/03/13 12:36:01.0706 4220 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
    2011/03/13 12:36:01.0834 4220 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
    2011/03/13 12:36:01.0932 4220 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
    2011/03/13 12:36:02.0052 4220 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys
    2011/03/13 12:36:02.0157 4220 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
    2011/03/13 12:36:02.0269 4220 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
    2011/03/13 12:36:02.0377 4220 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
    2011/03/13 12:36:02.0519 4220 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\windows\system32\Drivers\dfsc.sys
    2011/03/13 12:36:02.0624 4220 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
    2011/03/13 12:36:02.0737 4220 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
    2011/03/13 12:36:02.0862 4220 diskperf64 (06a5553e5f3d8717e56feb8e559f92b5) C:\windows\system32\DRIVERS\diskperf64.sys
    2011/03/13 12:36:02.0984 4220 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
    2011/03/13 12:36:03.0082 4220 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys
    2011/03/13 12:36:03.0242 4220 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
    2011/03/13 12:36:03.0474 4220 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
    2011/03/13 12:36:03.0509 4220 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
    2011/03/13 12:36:03.0627 4220 ETD (06c94be9d9e1e6411429433a64a76936) C:\windows\system32\DRIVERS\ETD.sys
    2011/03/13 12:36:03.0677 4220 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
    2011/03/13 12:36:03.0694 4220 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
    2011/03/13 12:36:03.0747 4220 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
    2011/03/13 12:36:03.0814 4220 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
    2011/03/13 12:36:03.0857 4220 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
    2011/03/13 12:36:03.0984 4220 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
    2011/03/13 12:36:04.0024 4220 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
    2011/03/13 12:36:04.0104 4220 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
    2011/03/13 12:36:04.0132 4220 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
    2011/03/13 12:36:04.0204 4220 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
    2011/03/13 12:36:04.0269 4220 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
    2011/03/13 12:36:04.0329 4220 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
    2011/03/13 12:36:04.0424 4220 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
    2011/03/13 12:36:04.0447 4220 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
    2011/03/13 12:36:04.0514 4220 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
    2011/03/13 12:36:04.0604 4220 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
    2011/03/13 12:36:04.0637 4220 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
    2011/03/13 12:36:04.0682 4220 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
    2011/03/13 12:36:04.0714 4220 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
    2011/03/13 12:36:04.0799 4220 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
    2011/03/13 12:36:04.0922 4220 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
    2011/03/13 12:36:04.0984 4220 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
    2011/03/13 12:36:05.0032 4220 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
    2011/03/13 12:36:05.0064 4220 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
    2011/03/13 12:36:05.0097 4220 iaStor (abbf174cb394f5c437410a788b7e404a) C:\windows\system32\DRIVERS\iaStor.sys
    2011/03/13 12:36:05.0167 4220 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\windows\system32\DRIVERS\iaStorV.sys
    2011/03/13 12:36:05.0419 4220 igfx (677aa5991026a65ada128c4b59cf2bad) C:\windows\system32\DRIVERS\igdkmd64.sys
    2011/03/13 12:36:05.0714 4220 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
    2011/03/13 12:36:05.0787 4220 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
    2011/03/13 12:36:05.0934 4220 IntcAzAudAddService (491dadcc74327fabc85e0ab80af8f204) C:\windows\system32\drivers\RTKVHD64.sys
    2011/03/13 12:36:06.0049 4220 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\windows\system32\DRIVERS\IntcDAud.sys
    2011/03/13 12:36:06.0077 4220 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
    2011/03/13 12:36:06.0124 4220 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
    2011/03/13 12:36:06.0197 4220 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
    2011/03/13 12:36:06.0227 4220 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
    2011/03/13 12:36:06.0244 4220 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
    2011/03/13 12:36:06.0314 4220 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
    2011/03/13 12:36:06.0357 4220 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
    2011/03/13 12:36:06.0379 4220 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
    2011/03/13 12:36:06.0449 4220 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
    2011/03/13 12:36:06.0492 4220 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
    2011/03/13 12:36:06.0532 4220 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys
    2011/03/13 12:36:06.0554 4220 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys
    2011/03/13 12:36:06.0637 4220 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
    2011/03/13 12:36:06.0749 4220 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
    2011/03/13 12:36:06.0844 4220 Lbd (c8b3131857931ae76798a741cc52b021) C:\windows\system32\DRIVERS\Lbd.sys
    2011/03/13 12:36:06.0962 4220 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
    2011/03/13 12:36:07.0087 4220 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
    2011/03/13 12:36:07.0199 4220 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
    2011/03/13 12:36:07.0319 4220 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
    2011/03/13 12:36:07.0434 4220 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
    2011/03/13 12:36:07.0469 4220 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
    2011/03/13 12:36:07.0509 4220 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\windows\system32\drivers\MBfilt64.sys
    2011/03/13 12:36:07.0542 4220 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
    2011/03/13 12:36:07.0637 4220 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
    2011/03/13 12:36:07.0827 4220 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
    2011/03/13 12:36:07.0869 4220 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
    2011/03/13 12:36:07.0954 4220 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
    2011/03/13 12:36:08.0062 4220 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
    2011/03/13 12:36:08.0099 4220 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
    2011/03/13 12:36:08.0147 4220 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
    2011/03/13 12:36:08.0177 4220 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
    2011/03/13 12:36:08.0239 4220 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
    2011/03/13 12:36:08.0282 4220 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\windows\system32\DRIVERS\mrxsmb.sys
    2011/03/13 12:36:08.0339 4220 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\windows\system32\DRIVERS\mrxsmb10.sys
    2011/03/13 12:36:08.0382 4220 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\windows\system32\DRIVERS\mrxsmb20.sys
    2011/03/13 12:36:08.0419 4220 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys
    2011/03/13 12:36:08.0447 4220 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
    2011/03/13 12:36:08.0487 4220 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
    2011/03/13 12:36:08.0529 4220 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
    2011/03/13 12:36:08.0549 4220 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
    2011/03/13 12:36:08.0652 4220 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
    2011/03/13 12:36:08.0694 4220 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
    2011/03/13 12:36:08.0757 4220 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
    2011/03/13 12:36:08.0787 4220 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
    2011/03/13 12:36:08.0819 4220 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
    2011/03/13 12:36:08.0864 4220 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
    2011/03/13 12:36:08.0889 4220 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
    2011/03/13 12:36:08.0919 4220 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
    2011/03/13 12:36:09.0009 4220 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS
    wifi.sys
    2011/03/13 12:36:09.0079 4220 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers
    dis.sys
    2011/03/13 12:36:09.0202 4220 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS
    discap.sys
    2011/03/13 12:36:09.0237 4220 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS
    distapi.sys
    2011/03/13 12:36:09.0282 4220 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS
    disuio.sys
    2011/03/13 12:36:09.0309 4220 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS
    diswan.sys
    2011/03/13 12:36:09.0367 4220 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
    2011/03/13 12:36:09.0414 4220 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS
    etbios.sys
    2011/03/13 12:36:09.0442 4220 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS
    etbt.sys
    2011/03/13 12:36:09.0697 4220 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\windows\system32\DRIVERS\NETw5s64.sys
    2011/03/13 12:36:09.0927 4220 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS
    frd960.sys
    2011/03/13 12:36:09.0974 4220 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
    2011/03/13 12:36:09.0994 4220 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers
    siproxy.sys
    2011/03/13 12:36:10.0057 4220 Ntfs (356698a13c4630d5b31c37378d469196) C:\windows\system32\drivers\Ntfs.sys
    2011/03/13 12:36:10.0149 4220 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
    2011/03/13 12:36:10.0194 4220 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\windows\system32\DRIVERS
    usb3hub.sys
    2011/03/13 12:36:10.0227 4220 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\windows\system32\DRIVERS
    usb3xhc.sys
    2011/03/13 12:36:10.0687 4220 nvlddmkm (f12c5f17d48d9f5c70e4408b3ccb5443) C:\windows\system32\DRIVERS
    vlddmkm.sys
    2011/03/13 12:36:10.0832 4220 nvpciflt (91aa115e6bd2104d79cadd8b1cbaeb4a) C:\windows\system32\DRIVERS
    vpciflt.sys
    2011/03/13 12:36:10.0939 4220 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\windows\system32\DRIVERS
    vraid.sys
    2011/03/13 12:36:11.0049 4220 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\windows\system32\DRIVERS
    vstor.sys
    2011/03/13 12:36:11.0182 4220 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS
    v_agp.sys
    2011/03/13 12:36:11.0214 4220 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
    2011/03/13 12:36:11.0247 4220 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
    2011/03/13 12:36:11.0272 4220 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
    2011/03/13 12:36:11.0312 4220 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
    2011/03/13 12:36:11.0394 4220 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
    2011/03/13 12:36:11.0427 4220 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
    2011/03/13 12:36:11.0449 4220 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
    2011/03/13 12:36:11.0477 4220 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
    2011/03/13 12:36:11.0634 4220 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
    2011/03/13 12:36:11.0684 4220 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
    2011/03/13 12:36:11.0764 4220 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
    2011/03/13 12:36:11.0899 4220 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
    2011/03/13 12:36:12.0037 4220 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
    2011/03/13 12:36:12.0079 4220 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
    2011/03/13 12:36:12.0122 4220 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
    2011/03/13 12:36:12.0212 4220 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
    2011/03/13 12:36:12.0247 4220 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
    2011/03/13 12:36:12.0359 4220 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
    2011/03/13 12:36:12.0454 4220 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
    2011/03/13 12:36:12.0489 4220 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
    2011/03/13 12:36:12.0517 4220 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
    2011/03/13 12:36:12.0564 4220 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
    2011/03/13 12:36:12.0582 4220 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
    2011/03/13 12:36:12.0614 4220 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
    2011/03/13 12:36:12.0642 4220 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys
    2011/03/13 12:36:12.0689 4220 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
    2011/03/13 12:36:12.0814 4220 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
    2011/03/13 12:36:12.0874 4220 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
    2011/03/13 12:36:12.0984 4220 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\windows\System32\Drivers\RtsUVStor.sys
    2011/03/13 12:36:13.0084 4220 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\windows\system32\DRIVERS\Rt64win7.sys
    2011/03/13 12:36:13.0159 4220 SASDIFSV (99df79c258b3342b6c8a5f802998de56) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    2011/03/13 12:36:13.0179 4220 SASKUTIL (2859c35c0651e8eb0d86d48e740388f2) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    2011/03/13 12:36:13.0297 4220 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
    2011/03/13 12:36:13.0407 4220 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\windows\system32\drivers\SCDEmu.sys
    2011/03/13 12:36:13.0452 4220 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
    2011/03/13 12:36:13.0597 4220 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
    2011/03/13 12:36:13.0724 4220 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
    2011/03/13 12:36:13.0837 4220 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
    2011/03/13 12:36:13.0949 4220 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
    2011/03/13 12:36:13.0992 4220 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
    2011/03/13 12:36:14.0012 4220 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
    2011/03/13 12:36:14.0029 4220 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
    2011/03/13 12:36:14.0044 4220 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
    2011/03/13 12:36:14.0144 4220 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
    2011/03/13 12:36:14.0174 4220 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
    2011/03/13 12:36:14.0212 4220 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
    2011/03/13 12:36:14.0304 4220 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
    2011/03/13 12:36:14.0387 4220 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\windows\system32\DRIVERS\srv.sys
    2011/03/13 12:36:14.0427 4220 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\windows\system32\DRIVERS\srv2.sys
    2011/03/13 12:36:14.0477 4220 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\windows\system32\DRIVERS\srvnet.sys
    2011/03/13 12:36:14.0609 4220 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
    2011/03/13 12:36:14.0654 4220 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
    2011/03/13 12:36:14.0842 4220 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\drivers\tcpip.sys
    2011/03/13 12:36:15.0019 4220 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\DRIVERS\tcpip.sys
    2011/03/13 12:36:15.0067 4220 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
    2011/03/13 12:36:15.0094 4220 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
    2011/03/13 12:36:15.0124 4220 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
    2011/03/13 12:36:15.0157 4220 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
    2011/03/13 12:36:15.0247 4220 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
    2011/03/13 12:36:15.0379 4220 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
    2011/03/13 12:36:15.0439 4220 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
    2011/03/13 12:36:15.0479 4220 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
    2011/03/13 12:36:15.0502 4220 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
    2011/03/13 12:36:15.0544 4220 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
    2011/03/13 12:36:15.0637 4220 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
    2011/03/13 12:36:15.0667 4220 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
    2011/03/13 12:36:15.0719 4220 usbccgp (b26afb54a534d634523c4fb66765b026) C:\windows\system32\DRIVERS\usbccgp.sys
    2011/03/13 12:36:15.0772 4220 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
    2011/03/13 12:36:15.0799 4220 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\windows\system32\DRIVERS\usbehci.sys
    2011/03/13 12:36:15.0854 4220 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\windows\system32\DRIVERS\usbhub.sys
    2011/03/13 12:36:15.0892 4220 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys
    2011/03/13 12:36:15.0924 4220 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
    2011/03/13 12:36:15.0967 4220 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
    2011/03/13 12:36:16.0007 4220 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\windows\system32\DRIVERS\USBSTOR.SYS
    2011/03/13 12:36:16.0059 4220 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys
    2011/03/13 12:36:16.0137 4220 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys
    2011/03/13 12:36:16.0202 4220 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
    2011/03/13 12:36:16.0299 4220 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
    2011/03/13 12:36:16.0334 4220 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
    2011/03/13 12:36:16.0354 4220 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
    2011/03/13 12:36:16.0387 4220 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
    2011/03/13 12:36:16.0412 4220 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
    2011/03/13 12:36:16.0437 4220 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
    2011/03/13 12:36:16.0494 4220 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
    2011/03/13 12:36:16.0547 4220 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
    2011/03/13 12:36:16.0592 4220 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
    2011/03/13 12:36:16.0629 4220 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
    2011/03/13 12:36:16.0674 4220 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
    2011/03/13 12:36:16.0712 4220 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
    2011/03/13 12:36:16.0734 4220 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
    2011/03/13 12:36:16.0864 4220 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
    2011/03/13 12:36:16.0904 4220 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
    2011/03/13 12:36:17.0047 4220 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
    2011/03/13 12:36:17.0074 4220 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
    2011/03/13 12:36:17.0229 4220 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
    2011/03/13 12:36:17.0367 4220 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
    2011/03/13 12:36:17.0422 4220 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
    2011/03/13 12:36:17.0502 4220 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
    2011/03/13 12:36:17.0577 4220 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\windows\system32\DRIVERS\xusb21.sys
    2011/03/13 12:36:17.0652 4220 ================================================================================
    2011/03/13 12:36:17.0652 4220 Scan finished
    2011/03/13 12:36:17.0652 4220 ================================================================================
    2011/03/13 12:36:35.0827 2888 Deinitialize success
  • Hoi Max, het LopSD-log is wel erg klein uigevallen!

    Wil jeij het tool nogmaals met administartorrechten opstarten voor een scan en dan het log (hopelijk compleet) posten?
  • Hoiii,

    Ik heb hem opnieuw gerund en net zoals vorige keer met administratorrechten, vanaf mijn bureaublad, maar weer geeft hij hetzelfde log en ook zegtie dat ik geen admin ben. Opnieuw opgestart en weer hetzelfde, vlak voor hij de scan sluit geeftie iets van " unexpected…" maar het venster sluit te snel voordat ik het kan lezen. Hij sluit spontaan, en het log dat ik postte kwam uit mn C: drive…

    Geen idee waardoor dit nou weer komt…
  • Heeft het account waar jij in werkt soms beperkte rechten of heb je de UAC (Gebruikersaccountbeheer) uitgeschakeld.
  • Nee, ik ben gewoon administrator..heb net gechecked bij user account…

    En nogsteeds in dat log staat dat ik geen admin ben, wat vreemd

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.