Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Interface niet ondersteund - Kan module niet vinden

None
32 antwoorden
  • Sinds kort heb ik het probleem dat ik niet meer in het configuratiescherm kan, ik kan verkenner niet meer gebruiken en ik kan op mijn bureaublad "Aan persoonlijke voorkeur aanpassen" niet meer gebruiken.
    Ik krijg de volgende errors bij configuratiescherm:

    ::{26EE0668-A00A-44D7-9371-BEB064C98683}
    Interface wordt niet ondersteund

    explorer.exe
    Interface wordt niet ondersteund

    Screenshots:
    http://img832.imageshack.us/img832/7106/config1.png
    http://img830.imageshack.us/img830/4337/config2i.png

    Bij verkenner krijg ik ook:

    explorer.exe
    Interface wordt niet ondersteund

    Bij "Aan persoonlijke voorkeur aanpassen" op het bureaublad krijg ik:

    explorer.exe
    Kan opgegeven module niet vinden.

    Screenshot:
    http://img221.imageshack.us/img221/2086/bureaubladeb.png

    Ik heb al geprobeerd deze errors op te lossen door alle .dll bestanden opnieuw te registreren, maar dit heeft niet geholpen.
    Ik gebruik Windows 7 64 bit
  • herstelpunt terugzetten en meteen grondig scannen met antivirus en malwarebytes!
  • Kan te maken hebben met een virus. Post eens een Hijack This Log in een topic van Beveiliging & privacy
    http://forum.computertotaal.nl/phpBB2/viewforum.php?f=15
  • [quote:217d18a3ec="derkdejong"]herstelpunt terugzetten en meteen grondig scannen met antivirus en malwarebytes![/quote:217d18a3ec]

    Ik heb al geprobeert een herstelpunt terug te zetten maar dit heeft niet geholpen. Ook de scan naar virussen heeft niets opgeleverd. Ik zal proberen te scannen met Hijack This en malwarebytes.
  • Ik heb met beide programma's gescant en hier zijn de logs:

    Malwarebytes:
    [code:1:82b0afca6a]Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Databaseversie: 8279

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 8.0.7601.17514

    1-12-2011 19:13:04
    mbam-log-2011-12-01 (19-13-04).txt

    Scantype: Volledige scan (C:\|D:\|E:\|K:\|)
    Objecten gescand: 1345958
    Verstreken tijd: 2 uur/uren, 43 minuut/minuten, 23 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 10
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 3
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 13

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\IEBarProperties (Adware.Mirar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C8755E87-B8E7-4818-87FB-45EFC5539F09} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{C8755E87-B8E7-4818-87FB-45EFC5539F09} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C8755E87-B8E7-4818-87FB-45EFC5539F09} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C8755E87-B8E7-4818-87FB-45EFC5539F09} (Trojan.BHO) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (http://www.mirarsearch.com/?useie5=1&q=) Good: (http://www.google.com) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (http://www.mirarsearch.com/?useie5=1&q=) Good: (http://www.google.com) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    c:\Users\Milan\AppData\Local\Temp\ey75+wmt.exe.part (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\Users\Milan\AppData\Local\Temp\okmCBA5.tmp (Adware.Dropper) -> Quarantined and deleted successfully.
    c:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qvqeg9e1.default\extensions\{e45a0de0-b4de-11de-8a39-0800200c9a66}-trash\components\wsff.dll (Adware.WhereSphere) -> Quarantined and deleted successfully.
    k:\program files\Cain\Cain.exe (PUP.Passwordtool.Cain) -> Not selected for removal.
    k:\program files\Cain\Abel.exe (HackTool.Cain) -> Quarantined and deleted successfully.
    k:\program files\Cain\Abel64.exe (HackTool.Cain) -> Quarantined and deleted successfully.
    k:\my downloads\smileycentralpfsetup2.3.69.8.sa.hp.znfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    k:\r4ds\Spellen\DSHobro\Server.exe (Trojan.Banker) -> Quarantined and deleted successfully.
    k:\mijn programma's\Control.txt\Project1.exe (HackTool.Agent.Gen) -> Quarantined and deleted successfully.
    k:\program files (x86)\Cain\Cain.exe (PUP.Passwordtool.Cain) -> Not selected for removal.
    k:\program files (x86)\Cain\Abel.exe (HackTool.Cain) -> Quarantined and deleted successfully.
    k:\program files (x86)\Cain\Abel64.exe (HackTool.Cain) -> Quarantined and deleted successfully.
    c:\Users\Public\winbrd.jpg (Malware.Trace) -> Quarantined and deleted successfully.

    [/code:1:82b0afca6a]
    HijackThis:
    [code:1:82b0afca6a]Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 17:08:51, on 2-12-2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)
    Boot mode: Normal

    Running processes:
    K:\Program Files (x86)\BitLord\BitLord.exe
    D:\Program Files (x86)\PacSteamT\Steam.exe
    C:\Program Files (x86)\Sitecom\Common\RaUI.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    D:\Program Files (x86)\ToolBox v2.97j\toolbox.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
    D:\Program Files (x86)\Xfire\Xfire.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\Ask.com\Updater\Updater.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    D:\Program Files (x86)\iTunes\iTunesHelper.exe
    D:\Program Files (x86)\iTunes\iTunes.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    D:\My Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\ProgramData\Adobe\CS5\jre\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Mirar - {C8755E86-B8E7-4818-87FB-45EFC5539F09} - C:\Windows\SysWow64\5878.dll (file missing)
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" –auto-start
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "K:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [BitComet] "K:\Program Files (x86)\BitLord\BitLord.exe"
    O4 - HKCU\..\Run: [Steam] "D:\Program Files (x86)\PacSteamT\steam.exe" -silent
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-18\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'Default user')
    O4 - Startup: OpenOffice.org 3.1 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Startup: ToolBox.lnk = D:\Program Files (x86)\ToolBox v2.97j\toolbox.exe
    O4 - Startup: Xfire.lnk = D:\Program Files (x86)\Xfire\Xfire.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files (x86)\Sitecom\Common\RaUI.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{AB8621B3-0285-48BA-8FC8-F1846E2DBB3F}: NameServer = 192.168.0.1
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
    O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
    O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
    O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
    O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe
    O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
    O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe
    O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: STSService - Unknown owner - C:\Program Files (x86)\SoundTaxi Media Suite\STSService.exe
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - D:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 14280 bytes

    [/code:1:82b0afca6a]
  • Jammer dat niemand weet hoe ik dit op kan lossen :/
  • David, ik heb even een persoonlijk bericht gestuurd aan Abraham54. Hij is de virusspecialist van dit forum.
    Ik neem aan dat hij wel zal reageren in dit topic.
  • Hallo David, een eerste vraag aan jou is de logs in het vervolg gewoon in je bericht erbij te plakken en geen code of quote te gebruiken.
    De forumsoftware op deze site is in principe verouderd en door code te gebruiken wordt e.e.a. onduidelijker.

    [b:6f48989ad3]Verder wil ik bij deze opmerken dat ik voor de zoveelste keer constateer dat het inmiddels veelgeprezen AVG Free 2012
    grotendeels is uitgeschakeld door malware.
    Iets wat een zeldzaamheid is bij Avast 6 Free en Avira 2012![/b:6f48989ad3]

    David, lees alles eerst goed door!

    [b:6f48989ad3]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:6f48989ad3]
    [list:6f48989ad3][*:6f48989ad3]Lees alle instrukties goed door.
    [*:6f48989ad3]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken.
    [*:6f48989ad3]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken.
    [*:6f48989ad3]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken.
    [*:6f48989ad3]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht.
    [*:6f48989ad3]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:6f48989ad3][/color:6f48989ad3]

    [b:6f48989ad3]Stap •1•[/b:6f48989ad3][/color:6f48989ad3]
    [b:6f48989ad3]Welk programma[/b:6f48989ad3]: Kaspersky [b:6f48989ad3]TDSSKiller[/b:6f48989ad3]
    [b:6f48989ad3]Waarvoor/waarom[/b:6f48989ad3]: Rootkitscanner
    [b:6f48989ad3]Moeilijkheidsgraad[/b:6f48989ad3]: geen
    [b:6f48989ad3]Downloadlokatie[/b:6f48989ad3]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
    [b:6f48989ad3]Download[/b:6f48989ad3] [b:6f48989ad3]TDSSKiller[/b:6f48989ad3] [b:6f48989ad3]hier[/b:6f48989ad3].

    [b:6f48989ad3]Installatie[/b:6f48989ad3]:
    [list:6f48989ad3][*:6f48989ad3] pak het bestand uit op je bureaublad.[/list:u:6f48989ad3]

    [b:6f48989ad3]TDSSKiller gebruiken[/b:6f48989ad3]:
    [list:6f48989ad3][*:6f48989ad3]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe.
    [*:6f48989ad3]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:6f48989ad3]Als Administrator uitvoeren[/b:6f48989ad3].[/list:u:6f48989ad3]
    [list:6f48989ad3][*:6f48989ad3]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit,
    [*:6f48989ad3]klik daarvoor op de knop "Load update"[/list:u:6f48989ad3]
    [img:6f48989ad3]http://www.malwareinfo.nl/files/screens/TDSSkiller(update).jpg[/img:6f48989ad3]

    [list:6f48989ad3][*:6f48989ad3]Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.
    [*:6f48989ad3]Start nu TDSSkiller opnieuw.
    [*:6f48989ad3] Klik op "[b:6f48989ad3]Change parameters[/b:6f48989ad3]" en zorg dat de onderstaande opties allemaal aangevinkt zijn.[/list:u:6f48989ad3]

    [img:6f48989ad3]http://www.malwareinfo.nl/files/screens/TDSSkiller(opties).jpg[/img:6f48989ad3]

    [list:6f48989ad3][*:6f48989ad3]Klik vervolgens op de knop [b:6f48989ad3]"Start Scan"[/b:6f48989ad3] en volg de instructies.
    [*:6f48989ad3] Nadat de scan klaar is klik je op de knop [b:6f48989ad3]"Report"[/b:6f48989ad3].
    [*:6f48989ad3]Er opent een kladblokbestand. Post de inhoud van dit bestand.[/list:u:6f48989ad3]
    [list:6f48989ad3][*:6f48989ad3][b:6f48989ad3]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:6f48989ad3]
    [*:6f48989ad3]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:6f48989ad3]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:6f48989ad3][/list:u:6f48989ad3]

    [b:6f48989ad3]Belangrijk:[/b:6f48989ad3][/color:6f48989ad3]
    [list:6f48989ad3][*:6f48989ad3]Indien je een waarschuwing krijgt over [b:6f48989ad3]sptd.sys[/b:6f48989ad3] dan mag je deze 'skippen' deze hoort bij Emulatiesoftware zoals bijv. DaemonTools.
    [*:6f48989ad3]De [b:6f48989ad3]unsigned files[/b:6f48989ad3] skip je,
    [*:6f48989ad3][b:6f48989ad3]TDSS File System[/b:6f48989ad3] laat je verwijderen of in quarantaine zetten, [b:6f48989ad3]delete[/b:6f48989ad3] of [b:6f48989ad3]copy to quarantine[/b:6f48989ad3].
    [*:6f48989ad3][b:6f48989ad3]Rootkit.Boot.SST.b[/b:6f48989ad3] en anderen zoals Sinowal, ZeroAccess of Whistler laat je herstellen [b:6f48989ad3]Cure[/b:6f48989ad3].[/list:u:6f48989ad3]
    [b:6f48989ad3]Stap •2•[/b:6f48989ad3][/color:6f48989ad3]
    [b:6f48989ad3]Welk programma[/b:6f48989ad3]: ComboFix
    [b:6f48989ad3]Waarvoor/waarom[/b:6f48989ad3]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:6f48989ad3]Moeilijkheidsgraad[/b:6f48989ad3]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:6f48989ad3]Downloadlokatie[/b:6f48989ad3]: Dit programma absoluut naar het bureaublad downloaden!
    [b:6f48989ad3]Download ComboFix via één van deze locaties[/b:6f48989ad3]:
    [list:6f48989ad3][*:6f48989ad3][b:6f48989ad3]Bleepingcomputer[/b:6f48989ad3]
    [*:6f48989ad3][b:6f48989ad3]ForoSpyware[/b:6f48989ad3]
    [*:6f48989ad3][b:6f48989ad3]Geekstogo[/b:6f48989ad3][/list:u:6f48989ad3]
    [b:6f48989ad3]Hier[/b:6f48989ad3] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:6f48989ad3]Hier[/b:6f48989ad3] en [b:6f48989ad3]hier[/b:6f48989ad3] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:6f48989ad3]Voor alle duidelijkheid nogmaals[/b:6f48989ad3]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:6f48989ad3]Opmerkingen[/b:6f48989ad3]:
    [list:6f48989ad3][*:6f48989ad3] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:6f48989ad3]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:6f48989ad3]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:6f48989ad3]
    [b:6f48989ad3]ComboFix is opgestart[/b:6f48989ad3]:
    [list:6f48989ad3][*:6f48989ad3]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:6f48989ad3]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen!
    [*:6f48989ad3]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:6f48989ad3]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:6f48989ad3]Post de inhoud van dit logbestand in je volgende bericht.
    [*:6f48989ad3]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:6f48989ad3]
    [b:6f48989ad3]Belangrijke opmerking[/b:6f48989ad3]:
    [list:6f48989ad3][*:6f48989ad3][b:6f48989ad3]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:6f48989ad3][/b:6f48989ad3]
    [*:6f48989ad3][b:6f48989ad3]Illegal operation attempted on a registery key that has been marked for deletion.[/color:6f48989ad3][/b:6f48989ad3]
    [*:6f48989ad3][b:6f48989ad3]Start dan de computer opnieuw op.[/color:6f48989ad3][/b:6f48989ad3][/list:u:6f48989ad3]

    [b:6f48989ad3]Stap •3•[/b:6f48989ad3][/color:6f48989ad3]
    [b:6f48989ad3]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:6f48989ad3]
    [list:6f48989ad3][*:6f48989ad3] TDSSKiller-log
    [*:6f48989ad3] ComboFix.txt-log
    [/list:u:6f48989ad3]
  • [b:c879a59c6d]TDSSKiller log:[/b:c879a59c6d]

    13:17:00.0074 7712 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
    13:17:00.0249 7712 ============================================================
    13:17:00.0249 7712 Current date / time: 2012/01/07 13:17:00.0249
    13:17:00.0249 7712 SystemInfo:
    13:17:00.0249 7712
    13:17:00.0250 7712 OS Version: 6.1.7601 ServicePack: 1.0
    13:17:00.0250 7712 Product type: Workstation
    13:17:00.0250 7712 ComputerName: MILAN-PC
    13:17:00.0250 7712 UserName: Milan
    13:17:00.0250 7712 Windows directory: C:\Windows
    13:17:00.0250 7712 System windows directory: C:\Windows
    13:17:00.0250 7712 Running under WOW64
    13:17:00.0250 7712 Processor architecture: Intel x64
    13:17:00.0250 7712 Number of processors: 4
    13:17:00.0250 7712 Page size: 0x1000
    13:17:00.0250 7712 Boot type: Normal boot
    13:17:00.0250 7712 ============================================================
    13:17:01.0605 7712 Initialize success
    13:20:09.0554 3916 ============================================================
    13:20:09.0554 3916 Scan started
    13:20:09.0554 3916 Mode: Manual; SigCheck; TDLFS;
    13:20:09.0554 3916 ============================================================
    13:20:10.0140 3916 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    13:20:10.0380 3916 1394ohci - ok
    13:20:10.0427 3916 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
    13:20:10.0440 3916 ACPI - ok
    13:20:10.0487 3916 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    13:20:10.0552 3916 AcpiPmi - ok
    13:20:10.0607 3916 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    13:20:10.0622 3916 adp94xx - ok
    13:20:10.0643 3916 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    13:20:10.0656 3916 adpahci - ok
    13:20:10.0675 3916 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    13:20:10.0685 3916 adpu320 - ok
    13:20:10.0741 3916 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    13:20:10.0787 3916 AFD - ok
    13:20:10.0820 3916 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    13:20:10.0828 3916 agp440 - ok
    13:20:10.0863 3916 aksdf (89cd44c10d9b4d87725ff07f18a5702f) C:\Windows\system32\drivers\aksdf.sys
    13:20:10.0916 3916 aksdf - ok
    13:20:10.0938 3916 aksfridge (ba0b6fd78ae88d39b9d3d984f295a137) C:\Windows\system32\drivers\aksfridge.sys
    13:20:10.0990 3916 aksfridge - ok
    13:20:11.0014 3916 akshasp (0b51c78fa897482730f226e833873f7a) C:\Windows\system32\DRIVERS\akshasp.sys
    13:20:11.0087 3916 akshasp - ok
    13:20:11.0120 3916 aksusb (884503ead99e5c16bf99c91ea7f2071d) C:\Windows\system32\DRIVERS\aksusb.sys
    13:20:11.0178 3916 aksusb - ok
    13:20:11.0243 3916 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    13:20:11.0250 3916 aliide - ok
    13:20:11.0412 3916 ALSysIO - ok
    13:20:11.0471 3916 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    13:20:11.0479 3916 amdide - ok
    13:20:11.0529 3916 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
    13:20:11.0606 3916 amdiox64 - ok
    13:20:11.0656 3916 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    13:20:11.0724 3916 AmdK8 - ok
    13:20:11.0932 3916 amdkmdag (85193e1bcefe65d0a1befd4fda9180f9) C:\Windows\system32\DRIVERS\atikmdag.sys
    13:20:12.0142 3916 amdkmdag - ok
    13:20:12.0252 3916 amdkmdap (60ab0b979198da597b7251b3c7444f7e) C:\Windows\system32\DRIVERS\atikmpag.sys
    13:20:12.0305 3916 amdkmdap - ok
    13:20:12.0337 3916 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    13:20:12.0383 3916 AmdPPM - ok
    13:20:12.0443 3916 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    13:20:12.0452 3916 amdsata - ok
    13:20:12.0494 3916 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    13:20:12.0503 3916 amdsbs - ok
    13:20:12.0515 3916 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    13:20:12.0523 3916 amdxata - ok
    13:20:12.0582 3916 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
    13:20:12.0588 3916 AODDriver4.01 - ok
    13:20:12.0634 3916 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    13:20:12.0731 3916 AppID - ok
    13:20:12.0793 3916 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    13:20:12.0802 3916 arc - ok
    13:20:12.0840 3916 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    13:20:12.0848 3916 arcsas - ok
    13:20:12.0916 3916 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    13:20:13.0027 3916 AsyncMac - ok
    13:20:13.0047 3916 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    13:20:13.0055 3916 atapi - ok
    13:20:13.0138 3916 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
    13:20:13.0148 3916 AtiHDAudioService - ok
    13:20:13.0185 3916 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
    13:20:13.0193 3916 AtiHdmiService - ok
    13:20:13.0367 3916 atikmdag (85193e1bcefe65d0a1befd4fda9180f9) C:\Windows\system32\DRIVERS\atikmdag.sys
    13:20:13.0459 3916 atikmdag - ok
    13:20:13.0586 3916 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    13:20:13.0594 3916 AVGIDSDriver - ok
    13:20:13.0626 3916 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    13:20:13.0632 3916 AVGIDSEH - ok
    13:20:13.0663 3916 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    13:20:13.0669 3916 AVGIDSFilter - ok
    13:20:13.0719 3916 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
    13:20:13.0729 3916 Avgldx64 - ok
    13:20:13.0771 3916 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
    13:20:13.0778 3916 Avgmfx64 - ok
    13:20:13.0801 3916 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
    13:20:13.0807 3916 Avgrkx64 - ok
    13:20:13.0848 3916 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
    13:20:13.0859 3916 Avgtdia - ok
    13:20:13.0912 3916 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    13:20:13.0970 3916 b06bdrv - ok
    13:20:14.0003 3916 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    13:20:14.0033 3916 b57nd60a - ok
    13:20:14.0086 3916 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    13:20:14.0157 3916 Beep - ok
    13:20:14.0236 3916 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    13:20:14.0265 3916 blbdrive - ok
    13:20:14.0352 3916 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    13:20:14.0402 3916 bowser - ok
    13:20:14.0430 3916 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    13:20:14.0492 3916 BrFiltLo - ok
    13:20:14.0528 3916 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    13:20:14.0561 3916 BrFiltUp - ok
    13:20:14.0596 3916 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    13:20:14.0640 3916 Brserid - ok
    13:20:14.0680 3916 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    13:20:14.0712 3916 BrSerWdm - ok
    13:20:14.0737 3916 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    13:20:14.0758 3916 BrUsbMdm - ok
    13:20:14.0778 3916 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    13:20:14.0804 3916 BrUsbSer - ok
    13:20:14.0870 3916 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
    13:20:14.0898 3916 BthEnum - ok
    13:20:14.0916 3916 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    13:20:14.0937 3916 BTHMODEM - ok
    13:20:14.0992 3916 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    13:20:15.0041 3916 BthPan - ok
    13:20:15.0072 3916 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
    13:20:15.0129 3916 BTHPORT - ok
    13:20:15.0184 3916 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
    13:20:15.0233 3916 BTHUSB - ok
    13:20:15.0304 3916 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    13:20:15.0354 3916 cdfs - ok
    13:20:15.0390 3916 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\drivers\cdrom.sys
    13:20:15.0416 3916 cdrom - ok
    13:20:15.0439 3916 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    13:20:15.0463 3916 circlass - ok
    13:20:15.0500 3916 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    13:20:15.0511 3916 CLFS - ok
    13:20:15.0572 3916 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    13:20:15.0626 3916 CmBatt - ok
    13:20:15.0699 3916 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    13:20:15.0706 3916 cmdide - ok
    13:20:15.0758 3916 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
    13:20:15.0800 3916 CNG - ok
    13:20:15.0819 3916 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    13:20:15.0827 3916 Compbatt - ok
    13:20:15.0870 3916 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
    13:20:15.0913 3916 CompositeBus - ok
    13:20:15.0961 3916 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    13:20:15.0968 3916 crcdisk - ok
    13:20:16.0041 3916 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    13:20:16.0079 3916 DfsC - ok
    13:20:16.0119 3916 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    13:20:16.0165 3916 discache - ok
    13:20:16.0210 3916 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    13:20:16.0218 3916 Disk - ok
    13:20:16.0272 3916 DLABMFSE (6ec7d7430cbf25e485f5b6f04e5a4081) C:\Windows\system32\DLA\DLABMFSE.SYS
    13:20:16.0279 3916 DLABMFSE - ok
    13:20:16.0290 3916 DLABOIOE (a37a9617c7ab06c559abc828afe4ccfe) C:\Windows\system32\DLA\DLABOIOE.SYS
    13:20:16.0295 3916 DLABOIOE - ok
    13:20:16.0313 3916 DLACDBHE (8bffdf668b5b3db82b45fd98f6d5b047) C:\Windows\system32\Drivers\DLACDBHE.SYS
    13:20:16.0319 3916 DLACDBHE - ok
    13:20:16.0332 3916 DLADResE (e79756b71ab9756460060d5fd762dd05) C:\Windows\system32\DLA\DLADResE.SYS
    13:20:16.0337 3916 DLADResE - ok
    13:20:16.0372 3916 DLAIFS_E (772d0587af1140cbd17da788ac42c688) C:\Windows\system32\DLA\DLAIFS_E.SYS
    13:20:16.0379 3916 DLAIFS_E - ok
    13:20:16.0393 3916 DLAOPIOE (faeaf561a580eb4e921b31e47db46c0d) C:\Windows\system32\DLA\DLAOPIOE.SYS
    13:20:16.0399 3916 DLAOPIOE - ok
    13:20:16.0415 3916 DLAPoolE (c72de612d67cee1e97f7ae5bbdbf84b7) C:\Windows\system32\DLA\DLAPoolE.SYS
    13:20:16.0420 3916 DLAPoolE - ok
    13:20:16.0438 3916 DLARTL_E (c8129d9fcd1e8d24beaa0a65a8e70c40) C:\Windows\system32\Drivers\DLARTL_E.SYS
    13:20:16.0444 3916 DLARTL_E - ok
    13:20:16.0462 3916 DLAUDFAE (6aec66c59d1afb3339ab49b55d6137f3) C:\Windows\system32\DLA\DLAUDFAE.SYS
    13:20:16.0470 3916 DLAUDFAE - ok
    13:20:16.0515 3916 DLAUDF_E (73dae9cad6b2b6816c8ca1328b46227c) C:\Windows\system32\DLA\DLAUDF_E.SYS
    13:20:16.0524 3916 DLAUDF_E - ok
    13:20:16.0577 3916 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    13:20:16.0613 3916 drmkaud - ok
    13:20:16.0689 3916 DrmRAudio (34059f6a04cc1797609246566898aeae) C:\Windows\system32\drivers\DrmRAudio.sys
    13:20:16.0706 3916 DrmRAudio - ok
    13:20:16.0727 3916 DRVECDB (401b92f84c65b05302a2c0b29c7a40f1) C:\Windows\system32\Drivers\DRVECDB.SYS
    13:20:16.0735 3916 DRVECDB - ok
    13:20:16.0773 3916 DRVEDDM (20c296250f155e60b16a3b4601d28695) C:\Windows\system32\Drivers\DRVEDDM.SYS
    13:20:16.0780 3916 DRVEDDM - ok
    13:20:16.0931 3916 dump_wmimmc - ok
    13:20:16.0971 3916 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    13:20:16.0994 3916 DXGKrnl - ok
    13:20:17.0026 3916 EagleX64 - ok
    13:20:17.0093 3916 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    13:20:17.0157 3916 ebdrv - ok
    13:20:17.0200 3916 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    13:20:17.0215 3916 elxstor - ok
    13:20:17.0274 3916 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    13:20:17.0300 3916 ErrDev - ok
    13:20:17.0324 3916 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    13:20:17.0387 3916 exfat - ok
    13:20:17.0405 3916 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    13:20:17.0458 3916 fastfat - ok
    13:20:17.0497 3916 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    13:20:17.0526 3916 fdc - ok
    13:20:17.0560 3916 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    13:20:17.0568 3916 FileInfo - ok
    13:20:17.0605 3916 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    13:20:17.0640 3916 Filetrace - ok
    13:20:17.0663 3916 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    13:20:17.0688 3916 flpydisk - ok
    13:20:17.0767 3916 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    13:20:17.0779 3916 FltMgr - ok
    13:20:17.0804 3916 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    13:20:17.0812 3916 FsDepends - ok
    13:20:17.0850 3916 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    13:20:17.0858 3916 Fs_Rec - ok
    13:20:17.0924 3916 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    13:20:17.0937 3916 fvevol - ok
    13:20:18.0001 3916 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    13:20:18.0009 3916 gagp30kx - ok
    13:20:18.0044 3916 gdwfpcd (fc9b3d24e18d08200f31aa3bace42f6a) C:\Windows\system32\drivers\gdwfpcd64.sys
    13:20:18.0070 3916 gdwfpcd - ok
    13:20:18.0113 3916 GearAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\drivers\GEARAspiWDM.sys
    13:20:18.0119 3916 GearAspiWDM - ok
    13:20:18.0160 3916 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
    13:20:18.0166 3916 hamachi - ok
    13:20:18.0237 3916 hardlock (d8bf3c594bd17a37960362e6c6739b90) C:\Windows\system32\drivers\hardlock.sys
    13:20:18.0249 3916 hardlock - ok
    13:20:18.0281 3916 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    13:20:18.0334 3916 hcw85cir - ok
    13:20:18.0404 3916 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    13:20:18.0431 3916 HdAudAddService - ok
    13:20:18.0495 3916 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
    13:20:18.0506 3916 HDAudBus - ok
    13:20:18.0534 3916 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    13:20:18.0554 3916 HidBatt - ok
    13:20:18.0575 3916 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    13:20:18.0598 3916 HidBth - ok
    13:20:18.0644 3916 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    13:20:18.0669 3916 HidIr - ok
    13:20:18.0709 3916 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
    13:20:18.0719 3916 HidUsb - ok
    13:20:18.0785 3916 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    13:20:18.0793 3916 HpSAMD - ok
    13:20:18.0855 3916 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    13:20:18.0912 3916 HTTP - ok
    13:20:18.0940 3916 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    13:20:18.0947 3916 hwpolicy - ok
    13:20:18.0963 3916 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    13:20:18.0974 3916 i8042prt - ok
    13:20:19.0047 3916 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    13:20:19.0061 3916 iaStorV - ok
    13:20:19.0095 3916 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    13:20:19.0103 3916 iirsp - ok
    13:20:19.0386 3916 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys
    13:20:19.0423 3916 IntcAzAudAddService - ok
    13:20:19.0572 3916 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    13:20:19.0580 3916 intelide - ok
    13:20:19.0627 3916 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    13:20:19.0652 3916 intelppm - ok
    13:20:19.0681 3916 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    13:20:19.0720 3916 IpFilterDriver - ok
    13:20:19.0769 3916 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    13:20:19.0792 3916 IPMIDRV - ok
    13:20:19.0835 3916 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    13:20:19.0873 3916 IPNAT - ok
    13:20:19.0914 3916 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    13:20:19.0946 3916 IRENUM - ok
    13:20:19.0964 3916 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    13:20:19.0972 3916 isapnp - ok
    13:20:20.0017 3916 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    13:20:20.0029 3916 iScsiPrt - ok
    13:20:20.0058 3916 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    13:20:20.0066 3916 kbdclass - ok
    13:20:20.0134 3916 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    13:20:20.0156 3916 kbdhid - ok
    13:20:20.0207 3916 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
    13:20:20.0215 3916 KSecDD - ok
    13:20:20.0300 3916 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
    13:20:20.0310 3916 KSecPkg - ok
    13:20:20.0332 3916 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    13:20:20.0372 3916 ksthunk - ok
    13:20:20.0419 3916 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    13:20:20.0455 3916 lltdio - ok
    13:20:20.0529 3916 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    13:20:20.0538 3916 LSI_FC - ok
    13:20:20.0555 3916 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    13:20:20.0563 3916 LSI_SAS - ok
    13:20:20.0584 3916 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    13:20:20.0593 3916 LSI_SAS2 - ok
    13:20:20.0629 3916 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    13:20:20.0638 3916 LSI_SCSI - ok
    13:20:20.0655 3916 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    13:20:20.0691 3916 luafv - ok
    13:20:20.0723 3916 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    13:20:20.0731 3916 megasas - ok
    13:20:20.0768 3916 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    13:20:20.0780 3916 MegaSR - ok
    13:20:20.0796 3916 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    13:20:20.0834 3916 Modem - ok
    13:20:20.0857 3916 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    13:20:20.0902 3916 monitor - ok
    13:20:20.0937 3916 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    13:20:20.0945 3916 mouclass - ok
    13:20:20.0958 3916 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    13:20:20.0981 3916 mouhid - ok
    13:20:21.0041 3916 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    13:20:21.0049 3916 mountmgr - ok
    13:20:21.0089 3916 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    13:20:21.0099 3916 mpio - ok
    13:20:21.0138 3916 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    13:20:21.0179 3916 mpsdrv - ok
    13:20:21.0207 3916 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    13:20:21.0270 3916 MRxDAV - ok
    13:20:21.0314 3916 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    13:20:21.0347 3916 mrxsmb - ok
    13:20:21.0380 3916 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    13:20:21.0418 3916 mrxsmb10 - ok
    13:20:21.0444 3916 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    13:20:21.0466 3916 mrxsmb20 - ok
    13:20:21.0508 3916 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    13:20:21.0516 3916 msahci - ok
    13:20:21.0563 3916 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    13:20:21.0572 3916 msdsm - ok
    13:20:21.0605 3916 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    13:20:21.0630 3916 Msfs - ok
    13:20:21.0676 3916 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    13:20:21.0717 3916 mshidkmdf - ok
    13:20:21.0737 3916 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    13:20:21.0744 3916 msisadrv - ok
    13:20:21.0802 3916 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    13:20:21.0838 3916 MSKSSRV - ok
    13:20:21.0859 3916 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    13:20:21.0894 3916 MSPCLOCK - ok
    13:20:21.0916 3916 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    13:20:21.0961 3916 MSPQM - ok
    13:20:22.0000 3916 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    13:20:22.0013 3916 MsRPC - ok
    13:20:22.0038 3916 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    13:20:22.0044 3916 mssmbios - ok
    13:20:22.0081 3916 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    13:20:22.0125 3916 MSTEE - ok
    13:20:22.0173 3916 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    13:20:22.0205 3916 MTConfig - ok
    13:20:22.0238 3916 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    13:20:22.0246 3916 Mup - ok
    13:20:22.0309 3916 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS
    wifi.sys
    13:20:22.0325 3916 NativeWifiP - ok
    13:20:22.0364 3916 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers
    dis.sys
    13:20:22.0387 3916 NDIS - ok
    13:20:22.0412 3916 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS
    discap.sys
    13:20:22.0452 3916 NdisCap - ok
    13:20:22.0485 3916 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS
    distapi.sys
    13:20:22.0525 3916 NdisTapi - ok
    13:20:22.0565 3916 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS
    disuio.sys
    13:20:22.0615 3916 Ndisuio - ok
    13:20:22.0677 3916 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS
    diswan.sys
    13:20:22.0711 3916 NdisWan - ok
    13:20:22.0750 3916 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    13:20:22.0784 3916 NDProxy - ok
    13:20:22.0846 3916 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS
    etbios.sys
    13:20:22.0884 3916 NetBIOS - ok
    13:20:22.0938 3916 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS
    etbt.sys
    13:20:22.0964 3916 NetBT - ok
    13:20:23.0048 3916 netr28ux (ba90f3931815703924bfe4d29d27a06c) C:\Windows\system32\DRIVERS
    etr28ux.sys
    13:20:23.0076 3916 netr28ux - ok
    13:20:23.0115 3916 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS
    frd960.sys
    13:20:23.0123 3916 nfrd960 - ok
    13:20:23.0202 3916 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers
    pf.sys
    13:20:23.0208 3916 NPF - ok
    13:20:23.0231 3916 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    13:20:23.0272 3916 Npfs - ok
    13:20:23.0340 3916 NPPTNT2 - ok
    13:20:23.0362 3916 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers
    siproxy.sys
    13:20:23.0398 3916 nsiproxy - ok
    13:20:23.0456 3916 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    13:20:23.0488 3916 Ntfs - ok
    13:20:23.0510 3916 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    13:20:23.0549 3916 Null - ok
    13:20:23.0740 3916 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS
    vlddmkm.sys
    13:20:23.0926 3916 nvlddmkm - ok
    13:20:24.0024 3916 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers
    vraid.sys
    13:20:24.0034 3916 nvraid - ok
    13:20:24.0055 3916 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers
    vstor.sys
    13:20:24.0065 3916 nvstor - ok
    13:20:24.0092 3916 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers
    v_agp.sys
    13:20:24.0102 3916 nv_agp - ok
    13:20:24.0124 3916 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    13:20:24.0133 3916 ohci1394 - ok
    13:20:24.0166 3916 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    13:20:24.0184 3916 Parport - ok
    13:20:24.0213 3916 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    13:20:24.0221 3916 partmgr - ok
    13:20:24.0259 3916 pbfilter - ok
    13:20:24.0286 3916 pccsmcfd (81b5e63131090879ad6ef9f32109b88d) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
    13:20:24.0319 3916 pccsmcfd - ok
    13:20:24.0341 3916 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
    13:20:24.0352 3916 pci - ok
    13:20:24.0377 3916 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    13:20:24.0384 3916 pciide - ok
    13:20:24.0408 3916 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    13:20:24.0418 3916 pcmcia - ok
    13:20:24.0473 3916 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
    13:20:24.0503 3916 pcouffin - ok
    13:20:24.0517 3916 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    13:20:24.0525 3916 pcw - ok
    13:20:24.0547 3916 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    13:20:24.0616 3916 PEAUTH - ok
    13:20:24.0842 3916 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    13:20:24.0875 3916 PptpMiniport - ok
    13:20:24.0894 3916 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    13:20:24.0923 3916 Processor - ok
    13:20:24.0990 3916 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    13:20:25.0029 3916 Psched - ok
    13:20:25.0062 3916 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
    13:20:25.0069 3916 PxHlpa64 - ok
    13:20:25.0139 3916 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    13:20:25.0170 3916 ql2300 - ok
    13:20:25.0184 3916 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    13:20:25.0193 3916 ql40xx - ok
    13:20:25.0210 3916 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    13:20:25.0235 3916 QWAVEdrv - ok
    13:20:25.0267 3916 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    13:20:25.0307 3916 RasAcd - ok
    13:20:25.0336 3916 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    13:20:25.0379 3916 RasAgileVpn - ok
    13:20:25.0413 3916 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    13:20:25.0453 3916 Rasl2tp - ok
    13:20:25.0471 3916 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    13:20:25.0506 3916 RasPppoe - ok
    13:20:25.0523 3916 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    13:20:25.0550 3916 RasSstp - ok
    13:20:25.0583 3916 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    13:20:25.0623 3916 rdbss - ok
    13:20:25.0645 3916 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    13:20:25.0666 3916 rdpbus - ok
    13:20:25.0697 3916 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    13:20:25.0737 3916 RDPCDD - ok
    13:20:25.0759 3916 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    13:20:25.0795 3916 RDPENCDD - ok
    13:20:25.0815 3916 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    13:20:25.0840 3916 RDPREFMP - ok
    13:20:25.0874 3916 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    13:20:25.0901 3916 RDPWD - ok
    13:20:25.0935 3916 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    13:20:25.0946 3916 rdyboost - ok
    13:20:26.0000 3916 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
    13:20:26.0024 3916 RFCOMM - ok
    13:20:26.0083 3916 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    13:20:26.0124 3916 rspndr - ok
    13:20:26.0149 3916 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
    13:20:26.0161 3916 RTL8167 - ok
    13:20:26.0172 3916 RxFilter (2dddd6e3fadee0d89365bfb90b1beeb9) C:\Windows\system32\DRIVERS\RxFilter.sys
    13:20:26.0195 3916 RxFilter ( UnsignedFile.Multi.Generic ) - warning
    13:20:26.0195 3916 RxFilter - detected UnsignedFile.Multi.Generic (1)
    13:20:26.0228 3916 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    13:20:26.0238 3916 sbp2port - ok
    13:20:26.0269 3916 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    13:20:26.0306 3916 scfilter - ok
    13:20:26.0342 3916 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    13:20:26.0382 3916 secdrv - ok
    13:20:26.0425 3916 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    13:20:26.0435 3916 Serenum - ok
    13:20:26.0453 3916 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    13:20:26.0477 3916 Serial - ok
    13:20:26.0495 3916 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    13:20:26.0503 3916 sermouse - ok
    13:20:26.0532 3916 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    13:20:26.0551 3916 sffdisk - ok
    13:20:26.0573 3916 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    13:20:26.0596 3916 sffp_mmc - ok
    13:20:26.0604 3916 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    13:20:26.0630 3916 sffp_sd - ok
    13:20:26.0660 3916 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    13:20:26.0668 3916 sfloppy - ok
    13:20:26.0712 3916 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    13:20:26.0720 3916 SiSRaid2 - ok
    13:20:26.0734 3916 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    13:20:26.0742 3916 SiSRaid4 - ok
    13:20:26.0772 3916 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    13:20:26.0815 3916 Smb - ok
    13:20:26.0856 3916 SndTAudio (5c46d998646a88c55c740179f33504ce) C:\Windows\system32\drivers\SndTAudio.sys
    13:20:26.0864 3916 SndTAudio - ok
    13:20:26.0890 3916 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    13:20:26.0898 3916 spldr - ok
    13:20:26.0948 3916 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
    13:20:26.0948 3916 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
    13:20:26.0950 3916 sptd ( LockedFile.Multi.Generic ) - warning
    13:20:26.0950 3916 sptd - detected LockedFile.Multi.Generic (1)
    13:20:27.0001 3916 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    13:20:27.0042 3916 srv - ok
    13:20:27.0087 3916 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    13:20:27.0102 3916 srv2 - ok
    13:20:27.0126 3916 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    13:20:27.0143 3916 srvnet - ok
    13:20:27.0197 3916 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    13:20:27.0205 3916 stexstor - ok
    13:20:27.0250 3916 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
    13:20:27.0272 3916 StillCam - ok
    13:20:27.0327 3916 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    13:20:27.0334 3916 swenum - ok
    13:20:27.0375 3916 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
    13:20:27.0382 3916 taphss - ok
    13:20:27.0444 3916 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    13:20:27.0481 3916 Tcpip - ok
    13:20:27.0519 3916 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    13:20:27.0546 3916 TCPIP6 - ok
    13:20:27.0576 3916 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    13:20:27.0609 3916 tcpipreg - ok
    13:20:27.0642 3916 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    13:20:27.0681 3916 TDPIPE - ok
    13:20:27.0699 3916 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    13:20:27.0724 3916 TDTCP - ok
    13:20:27.0762 3916 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    13:20:27.0800 3916 tdx - ok
    13:20:27.0854 3916 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
    13:20:27.0863 3916 TermDD - ok
    13:20:27.0872 3916 TFsExDisk - ok
    13:20:27.0919 3916 TIEHDUSB (199c2e87d9a5ec58d0bcd94e893bf629) C:\Windows\system32\DRIVERS\tiehdusb.sys
    13:20:27.0950 3916 TIEHDUSB - ok
    13:20:27.0981 3916 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    13:20:28.0017 3916 tssecsrv - ok
    13:20:28.0049 3916 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    13:20:28.0082 3916 TsUsbFlt - ok
    13:20:28.0130 3916 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    13:20:28.0160 3916 tunnel - ok
    13:20:28.0183 3916 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    13:20:28.0192 3916 uagp35 - ok
    13:20:28.0227 3916 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    13:20:28.0266 3916 udfs - ok
    13:20:28.0305 3916 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    13:20:28.0314 3916 uliagpkx - ok
    13:20:28.0340 3916 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\drivers\umbus.sys
    13:20:28.0362 3916 umbus - ok
    13:20:28.0391 3916 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    13:20:28.0415 3916 UmPass - ok
    13:20:28.0454 3916 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
    13:20:28.0488 3916 USBAAPL64 - ok
    13:20:28.0519 3916 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    13:20:28.0541 3916 usbccgp - ok
    13:20:28.0580 3916 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    13:20:28.0601 3916 usbcir - ok
    13:20:28.0628 3916 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    13:20:28.0662 3916 usbehci - ok
    13:20:28.0688 3916 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    13:20:28.0716 3916 usbhub - ok
    13:20:28.0743 3916 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
    13:20:28.0762 3916 usbohci - ok
    13:20:28.0798 3916 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    13:20:28.0823 3916 usbprint - ok
    13:20:28.0845 3916 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    13:20:28.0865 3916 USBSTOR - ok
    13:20:28.0880 3916 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
    13:20:28.0906 3916 usbuhci - ok
    13:20:28.0939 3916 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    13:20:28.0948 3916 vdrvroot - ok
    13:20:28.0966 3916 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    13:20:28.0977 3916 vga - ok
    13:20:28.0991 3916 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    13:20:29.0017 3916 VgaSave - ok
    13:20:29.0055 3916 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    13:20:29.0065 3916 vhdmp - ok
    13:20:29.0083 3916 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    13:20:29.0090 3916 viaide - ok
    13:20:29.0116 3916 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
    13:20:29.0124 3916 volmgr - ok
    13:20:29.0161 3916 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    13:20:29.0173 3916 volmgrx - ok
    13:20:29.0198 3916 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
    13:20:29.0209 3916 volsnap - ok
    13:20:29.0245 3916 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    13:20:29.0255 3916 vsmraid - ok
    13:20:29.0272 3916 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    13:20:29.0296 3916 vwifibus - ok
    13:20:29.0336 3916 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    13:20:29.0358 3916 vwififlt - ok
    13:20:29.0388 3916 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    13:20:29.0409 3916 WacomPen - ok
    13:20:29.0439 3916 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    13:20:29.0466 3916 WANARP - ok
    13:20:29.0476 3916 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    13:20:29.0501 3916 Wanarpv6 - ok
    13:20:29.0550 3916 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    13:20:29.0558 3916 Wd - ok
    13:20:29.0583 3916 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    13:20:29.0600 3916 Wdf01000 - ok
    13:20:29.0642 3916 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    13:20:29.0684 3916 WfpLwf - ok
    13:20:29.0715 3916 WimFltr (d1d786ae896be1f81132902d6206479c) C:\Windows\system32\DRIVERS\wimfltr.sys
    13:20:29.0726 3916 WimFltr - ok
    13:20:29.0746 3916 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    13:20:29.0753 3916 WIMMount - ok
    13:20:29.0846 3916 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    13:20:29.0858 3916 WinUsb - ok
    13:20:29.0884 3916 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    13:20:29.0904 3916 WmiAcpi - ok
    13:20:29.0953 3916 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    13:20:29.0989 3916 ws2ifsl - ok
    13:20:30.0037 3916 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    13:20:30.0063 3916 WudfPf - ok
    13:20:30.0072 3916 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    13:20:30.0098 3916 WUDFRd - ok
    13:20:30.0142 3916 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
    13:20:30.0175 3916 xusb21 - ok
    13:20:30.0228 3916 MBR (0x1B8) (77443cb5ff3d84f5ff3288a9c441020a) \Device\Harddisk0\DR0
    13:20:30.0507 3916 \Device\Harddisk0\DR0 - ok
    13:20:30.0523 3916 MBR (0x1B8) (a3eb1aed427833056370f3570283d6d0) \Device\Harddisk5\DR5
    13:20:30.0624 3916 \Device\Harddisk5\DR5 - ok
    13:20:30.0625 3916 Boot (0x1200) (4f82a57ef58abbde8769a0efd747a915) \Device\Harddisk0\DR0\Partition0
    13:20:30.0626 3916 \Device\Harddisk0\DR0\Partition0 - ok
    13:20:30.0629 3916 Boot (0x1200) (1d0d4bdfbb4597fad7cec34671a26102) \Device\Harddisk0\DR0\Partition1
    13:20:30.0630 3916 \Device\Harddisk0\DR0\Partition1 - ok
    13:20:30.0649 3916 Boot (0x1200) (ea5977bb6280339df65609ab957d45f1) \Device\Harddisk0\DR0\Partition2
    13:20:30.0650 3916 \Device\Harddisk0\DR0\Partition2 - ok
    13:20:30.0652 3916 Boot (0x1200) (b94d335ed3016158cdcdcef851c40e16) \Device\Harddisk5\DR5\Partition0
    13:20:30.0653 3916 \Device\Harddisk5\DR5\Partition0 - ok
    13:20:30.0654 3916 ============================================================
    13:20:30.0654 3916 Scan finished
    13:20:30.0654 3916 ============================================================
    13:20:30.0663 7324 Detected object count: 2
    13:20:30.0663 7324 Actual detected object count: 2
    13:21:21.0428 7324 RxFilter ( UnsignedFile.Multi.Generic ) - skipped by user
    13:21:21.0428 7324 RxFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
    13:21:21.0429 7324 sptd ( LockedFile.Multi.Generic ) - skipped by user
    13:21:21.0429 7324 sptd ( LockedFile.Multi.Generic ) - User select action: Skip


    [b:c879a59c6d]ComboFix log:[/b:c879a59c6d]

    ComboFix 12-01-06.03 - Milan 07-01-2012 13:52:12.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2359 [GMT 1:00]
    Gestart vanuit: c:\users\Milan\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\DragToDiscUserNameF.txt
    c:\users\Milan\AppData\Local\assembly\tmp
    c:\users\Milan\AppData\Roaming\inst.exe
    c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1 .lnk
    c:\users\Public\mdsys.s
    c:\users\Public\mdusys.s
    c:\windows\shutdown.dll
    c:\windows\system32\java.exe
    c:\windows\SysWow64\Packet.dll
    c:\windows\SysWow64\pthreadVC.dll
    c:\windows\SysWow64\wpcap.dll
    D:\install.exe
    E:\Autorun.inf
    K:\autorun.inf
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ——-\Legacy_NPF
    ——-\Service_NPF
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-12-07 to 2012-01-07 ))))))))))))))))))))))))))))))
    .
    .
    2012-01-07 12:58 . 2012-01-07 12:58 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-01-05 14:14 . 2012-01-05 14:14 ——– d—–w- c:\program files (x86)\LogMeIn Hamachi
    2012-01-04 15:31 . 2012-01-04 15:31 ——– d—–w- c:\users\Milan\AppData\Roaming\Image-Line
    2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\programdata\Skyline
    2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\program files (x86)\Skyline
    2011-12-27 17:23 . 2011-12-27 17:23 ——– d—–w- c:\program files (x86)\TeamViewer
    2011-12-15 15:41 . 2011-12-15 16:24 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server
    2011-12-15 07:39 . 2011-10-26 05:21 43520 —-a-w- c:\windows\system32\csrsrv.dll
    2011-12-15 07:39 . 2011-11-05 05:41 1188864 —-a-w- c:\windows\system32\wininet.dll
    2011-12-15 04:39 . 2011-12-15 04:39 42392 —-a-w- c:\windows\SysWow64\xfcodec.dll
    2011-12-15 04:39 . 2011-12-15 04:39 28056 —-a-w- c:\windows\system32\xfcodec64.dll
    2011-12-14 17:50 . 2011-12-14 17:51 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server ernis 1.0.0
    2011-12-14 16:03 . 2011-12-14 16:03 ——– d—–w- c:\program files\iPod
    2011-12-14 16:03 . 2011-12-14 16:04 ——– d—–w- c:\program files\iTunes
    2011-12-08 15:28 . 2011-12-08 15:28 ——– d—–w- c:\program files (x86)\Common Files\Java
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-08 15:27 . 2010-05-02 19:41 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2011-11-29 13:17 . 2011-11-29 13:17 159744 —-a-w- c:\windows\system32\atiapfxx.exe
    2011-11-29 13:17 . 2011-11-29 13:17 39936 —-a-w- c:\windows\system32\atig6txx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 31744 —-a-w- c:\windows\SysWow64\atiuxpag.dll
    2011-11-29 13:17 . 2011-11-29 13:17 10207232 —-a-w- c:\windows\system32\drivers\atikmdag.sys
    2011-11-29 13:17 . 2011-11-29 13:17 51200 —-a-w- c:\windows\system32\aticalrt64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 120320 —-a-w- c:\windows\system32\atitmm64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 356352 —-a-w- c:\windows\SysWow64\atipdlxx.dll
    2011-11-29 13:17 . 2010-12-27 15:39 38912 —-a-w- c:\windows\system32\atiu9p64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 278528 —-a-w- c:\windows\SysWow64\Oemdspif.dll
    2011-11-29 13:17 . 2011-11-29 13:17 1828864 —-a-w- c:\windows\SysWow64\atiumdmv.dll
    2011-11-29 13:17 . 2011-11-29 13:17 8391680 —-a-w- c:\windows\SysWow64\aticaldd.dll
    2011-11-29 13:17 . 2011-11-29 13:16 18630656 —-a-w- c:\windows\SysWow64\atioglxx.dll
    2011-11-29 13:17 . 2010-12-27 15:42 40960 —-a-w- c:\windows\system32\atiuxp64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 17408 —-a-w- c:\windows\system32\atig6pxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 4231680 —-a-w- c:\windows\SysWow64\atidxx32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 32768 —-a-w- c:\windows\SysWow64\atigktxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\atimpc32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\amdpcom32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 1113088 —-a-w- c:\windows\system32\atiumd6v.dll
    2011-11-29 13:17 . 2011-09-08 17:05 4289024 —-a-w- c:\windows\SysWow64\atiumdag.dll
    2011-11-29 13:17 . 2010-12-27 15:41 479744 —-a-w- c:\windows\system32\atiadlxx.dll
    2011-11-29 13:17 . 2010-12-27 15:41 58880 —-a-w- c:\windows\system32\coinst.dll
    2011-11-29 13:17 . 2011-11-29 13:16 24629760 —-a-w- c:\windows\system32\atio6axx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 46080 —-a-w- c:\windows\SysWow64\aticalrt.dll
    2011-11-29 13:17 . 2009-11-04 15:31 4960768 —-a-w- c:\windows\system32\atidxx64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\atimpc64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\amdpcom64.dll
    2011-11-29 13:17 . 2010-12-27 15:42 736768 —-a-w- c:\windows\SysWow64\aticfx32.dll
    2011-11-29 13:17 . 2010-12-27 15:41 867328 —-a-w- c:\windows\system32\aticfx64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53248 —-a-w- c:\windows\system32\drivers\ati2erec.dll
    2011-11-29 13:17 . 2011-11-29 13:17 466944 —-a-w- c:\windows\system32\ATIDEMGX.dll
    2011-11-29 13:17 . 2011-11-29 13:17 317952 —-a-w- c:\windows\system32\drivers\atikmpag.sys
    2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\SysWow64\atiglpxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\system32\atiglpxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 487936 —-a-w- c:\windows\system32\atieclxx.exe
    2011-11-29 13:17 . 2011-09-08 17:08 4174848 —-a-w- c:\windows\SysWow64\atiumdva.dll
    2011-11-29 13:17 . 2011-11-29 13:17 44032 —-a-w- c:\windows\SysWow64\aticalcl.dll
    2011-11-29 13:17 . 2010-12-27 15:39 29184 —-a-w- c:\windows\SysWow64\atiu9pag.dll
    2011-11-29 13:17 . 2011-11-29 13:16 9877504 —-a-w- c:\windows\system32\aticaldd64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 423424 —-a-w- c:\windows\system32\atipdl64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 21504 —-a-w- c:\windows\system32\atimuixx.dll
    2011-11-29 13:16 . 2011-09-13 17:10 5431808 —-a-w- c:\windows\system32\atiumd64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 43520 —-a-w- c:\windows\SysWow64\ati2edxx.dll
    2011-11-29 13:16 . 2011-11-29 13:16 335872 —-a-w- c:\windows\SysWow64\atiadlxy.dll
    2011-11-29 13:16 . 2011-11-29 13:16 44544 —-a-w- c:\windows\system32\aticalcl64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 204288 —-a-w- c:\windows\system32\atiesrxx.exe
    2011-11-29 13:16 . 2011-11-29 13:16 59392 —-a-w- c:\windows\system32\atiedu64.dll
    2011-11-29 13:16 . 2011-09-13 17:10 4023296 —-a-w- c:\windows\system32\atiumd6a.dll
    2011-11-26 14:19 . 2011-05-28 17:53 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut5_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut3_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut2_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-20 23:26 . 2011-10-20 23:26 94208 —-a-w- c:\windows\SysWow64\dpl100.dll
    2011-10-20 17:01 . 2011-10-20 17:01 3584 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
    2006-05-03 10:06 163328 –sh–r- c:\windows\SysWOW64\flvDX.dll
    2007-02-21 11:47 31232 –sh–r- c:\windows\SysWOW64\msfDX.dll
    2008-03-16 13:30 216064 –sh–r- c:\windows\SysWOW64
    bDX.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitComet"="k:\program files (x86)\BitLord\BitLord.exe" [2005-05-07 2224128]
    "Steam"="d:\program files (x86)\PacSteamT\steam.exe" [2011-08-15 1242448]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
    "ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
    "QuickTime Task"="k:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
    "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "AOD"="c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" [2011-07-28 361984]
    .
    c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    ToolBox.lnk - d:\program files (x86)\ToolBox v2.97j\toolbox.exe [2011-7-7 2193408]
    Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-12-15 3527576]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-3-14 113664]
    Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe [2010-1-22 1773568]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync
    estart
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [x]
    R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Webzen\ArchLord\GameGuard\dump_wmimmc.sys [x]
    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
    R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [x]
    R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
    R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2010-09-10 348160]
    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
    R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
    S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
    S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
    S1 DLACDBHE;DLACDBHE;c:\windows\system32\Drivers\DLACDBHE.SYS [x]
    S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS [x]
    S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
    S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    S2 DLABMFSE;DLABMFSE;c:\windows\system32\DLA\DLABMFSE.SYS [x]
    S2 DLABOIOE;DLABOIOE;c:\windows\system32\DLA\DLABOIOE.SYS [x]
    S2 DLADResE;DLADResE;c:\windows\system32\DLA\DLADResE.SYS [x]
    S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\DLA\DLAIFS_E.SYS [x]
    S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\DLA\DLAOPIOE.SYS [x]
    S2 DLAPoolE;DLAPoolE;c:\windows\system32\DLA\DLAPoolE.SYS [x]
    S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\DLA\DLAUDF_E.SYS [x]
    S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\DLA\DLAUDFAE.SYS [x]
    S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS [x]
    S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
    S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
    S2 TeamViewer6;TeamViewer 6;d:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
    S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
    S3 ALSysIO;ALSysIO;c:\users\Milan\AppData\Local\Temp\ALSysIO64.sys [x]
    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
    S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS
    etr28ux.sys [x]
    S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - WS2IFSL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
    @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
    @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
    @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
    @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
    @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
    @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
    @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
    @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
    @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-09 171520]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
    "combofix"="c:\combofix\CF577.3XE" [2010-11-20 345088]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x1
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    mSearch Bar = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
    TCP: Interfaces\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
    TCP: Interfaces\{AB8621B3-0285-48BA-8FC8-F18
  • De ComboFix scan duurde ongeveer 15 minuten van start tot log.
    Als ik Verkenner, Configuratiescherm of "Bureaublad aan voorkeur aanpassen" probeer te starten geeft ie nogsteeds dezelfde errors.

    (Ik kon dit niet in m'n vorige post zetten want hij sloeg het niet op.)
  • Het ComboFix log is niet compleet.

    Dus ga naar C:\ComboFix.txt en kopieer de gehele inhoud van het log en post dat in je volgende bericht.

    Overigens, ik kan niet toveren en die tools ook niet.
    Dus verwcht nu niet dat je probleem een twee drie opgelost is.
    Maar ik vind het wel fijn dat je tevens meld dat het probleem nog bestaat.

    En ik ga vragen of deze topic naar Beveiliging verplaatst kan woden!
  • [quote:be1faafb8d="Abraham54"]Het ComboFix log is niet compleet.

    Dus ga naar C:\ComboFix.txt en kopieer de gehele inhoud van het log en post dat in je volgende bericht.

    Overigens, ik kan niet toveren en die tools ook niet.
    Dus verwcht nu niet dat je probleem een twee drie opgelost is.
    Maar ik vind het wel fijn dat je tevens meld dat het probleem nog bestaat.

    En ik ga vragen of deze topic naar Beveiliging verplaatst kan woden![/quote:be1faafb8d]

    Ik zie nu ook dat het combofix log niet compleet is, sorry hiervoor. Dit komt omdat er een limiet is aan de lengte van een post die je kan maken, daardoor pastte niet het hele log erop. Dit had ik niet opgemerkt. Hier de complete log:

    [b:be1faafb8d]ComboFix Log[/b:be1faafb8d]

    ComboFix 12-01-06.03 - Milan 07-01-2012 13:52:12.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2359 [GMT 1:00]
    Gestart vanuit: c:\users\Milan\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\DragToDiscUserNameF.txt
    c:\users\Milan\AppData\Local\assembly\tmp
    c:\users\Milan\AppData\Roaming\inst.exe
    c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1 .lnk
    c:\users\Public\mdsys.s
    c:\users\Public\mdusys.s
    c:\windows\shutdown.dll
    c:\windows\system32\java.exe
    c:\windows\SysWow64\Packet.dll
    c:\windows\SysWow64\pthreadVC.dll
    c:\windows\SysWow64\wpcap.dll
    D:\install.exe
    E:\Autorun.inf
    K:\autorun.inf
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ——-\Legacy_NPF
    ——-\Service_NPF
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-12-07 to 2012-01-07 ))))))))))))))))))))))))))))))
    .
    .
    2012-01-07 12:58 . 2012-01-07 12:58 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-01-05 14:14 . 2012-01-05 14:14 ——– d—–w- c:\program files (x86)\LogMeIn Hamachi
    2012-01-04 15:31 . 2012-01-04 15:31 ——– d—–w- c:\users\Milan\AppData\Roaming\Image-Line
    2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\programdata\Skyline
    2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\program files (x86)\Skyline
    2011-12-27 17:23 . 2011-12-27 17:23 ——– d—–w- c:\program files (x86)\TeamViewer
    2011-12-15 15:41 . 2011-12-15 16:24 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server
    2011-12-15 07:39 . 2011-10-26 05:21 43520 —-a-w- c:\windows\system32\csrsrv.dll
    2011-12-15 07:39 . 2011-11-05 05:41 1188864 —-a-w- c:\windows\system32\wininet.dll
    2011-12-15 04:39 . 2011-12-15 04:39 42392 —-a-w- c:\windows\SysWow64\xfcodec.dll
    2011-12-15 04:39 . 2011-12-15 04:39 28056 —-a-w- c:\windows\system32\xfcodec64.dll
    2011-12-14 17:50 . 2011-12-14 17:51 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server ernis 1.0.0
    2011-12-14 16:03 . 2011-12-14 16:03 ——– d—–w- c:\program files\iPod
    2011-12-14 16:03 . 2011-12-14 16:04 ——– d—–w- c:\program files\iTunes
    2011-12-08 15:28 . 2011-12-08 15:28 ——– d—–w- c:\program files (x86)\Common Files\Java
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-08 15:27 . 2010-05-02 19:41 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2011-11-29 13:17 . 2011-11-29 13:17 159744 —-a-w- c:\windows\system32\atiapfxx.exe
    2011-11-29 13:17 . 2011-11-29 13:17 39936 —-a-w- c:\windows\system32\atig6txx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 31744 —-a-w- c:\windows\SysWow64\atiuxpag.dll
    2011-11-29 13:17 . 2011-11-29 13:17 10207232 —-a-w- c:\windows\system32\drivers\atikmdag.sys
    2011-11-29 13:17 . 2011-11-29 13:17 51200 —-a-w- c:\windows\system32\aticalrt64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 120320 —-a-w- c:\windows\system32\atitmm64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 356352 —-a-w- c:\windows\SysWow64\atipdlxx.dll
    2011-11-29 13:17 . 2010-12-27 15:39 38912 —-a-w- c:\windows\system32\atiu9p64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 278528 —-a-w- c:\windows\SysWow64\Oemdspif.dll
    2011-11-29 13:17 . 2011-11-29 13:17 1828864 —-a-w- c:\windows\SysWow64\atiumdmv.dll
    2011-11-29 13:17 . 2011-11-29 13:17 8391680 —-a-w- c:\windows\SysWow64\aticaldd.dll
    2011-11-29 13:17 . 2011-11-29 13:16 18630656 —-a-w- c:\windows\SysWow64\atioglxx.dll
    2011-11-29 13:17 . 2010-12-27 15:42 40960 —-a-w- c:\windows\system32\atiuxp64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 17408 —-a-w- c:\windows\system32\atig6pxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 4231680 —-a-w- c:\windows\SysWow64\atidxx32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 32768 —-a-w- c:\windows\SysWow64\atigktxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\atimpc32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\amdpcom32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 1113088 —-a-w- c:\windows\system32\atiumd6v.dll
    2011-11-29 13:17 . 2011-09-08 17:05 4289024 —-a-w- c:\windows\SysWow64\atiumdag.dll
    2011-11-29 13:17 . 2010-12-27 15:41 479744 —-a-w- c:\windows\system32\atiadlxx.dll
    2011-11-29 13:17 . 2010-12-27 15:41 58880 —-a-w- c:\windows\system32\coinst.dll
    2011-11-29 13:17 . 2011-11-29 13:16 24629760 —-a-w- c:\windows\system32\atio6axx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 46080 —-a-w- c:\windows\SysWow64\aticalrt.dll
    2011-11-29 13:17 . 2009-11-04 15:31 4960768 —-a-w- c:\windows\system32\atidxx64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\atimpc64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\amdpcom64.dll
    2011-11-29 13:17 . 2010-12-27 15:42 736768 —-a-w- c:\windows\SysWow64\aticfx32.dll
    2011-11-29 13:17 . 2010-12-27 15:41 867328 —-a-w- c:\windows\system32\aticfx64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53248 —-a-w- c:\windows\system32\drivers\ati2erec.dll
    2011-11-29 13:17 . 2011-11-29 13:17 466944 —-a-w- c:\windows\system32\ATIDEMGX.dll
    2011-11-29 13:17 . 2011-11-29 13:17 317952 —-a-w- c:\windows\system32\drivers\atikmpag.sys
    2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\SysWow64\atiglpxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\system32\atiglpxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 487936 —-a-w- c:\windows\system32\atieclxx.exe
    2011-11-29 13:17 . 2011-09-08 17:08 4174848 —-a-w- c:\windows\SysWow64\atiumdva.dll
    2011-11-29 13:17 . 2011-11-29 13:17 44032 —-a-w- c:\windows\SysWow64\aticalcl.dll
    2011-11-29 13:17 . 2010-12-27 15:39 29184 —-a-w- c:\windows\SysWow64\atiu9pag.dll
    2011-11-29 13:17 . 2011-11-29 13:16 9877504 —-a-w- c:\windows\system32\aticaldd64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 423424 —-a-w- c:\windows\system32\atipdl64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 21504 —-a-w- c:\windows\system32\atimuixx.dll
    2011-11-29 13:16 . 2011-09-13 17:10 5431808 —-a-w- c:\windows\system32\atiumd64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 43520 —-a-w- c:\windows\SysWow64\ati2edxx.dll
    2011-11-29 13:16 . 2011-11-29 13:16 335872 —-a-w- c:\windows\SysWow64\atiadlxy.dll
    2011-11-29 13:16 . 2011-11-29 13:16 44544 —-a-w- c:\windows\system32\aticalcl64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 204288 —-a-w- c:\windows\system32\atiesrxx.exe
    2011-11-29 13:16 . 2011-11-29 13:16 59392 —-a-w- c:\windows\system32\atiedu64.dll
    2011-11-29 13:16 . 2011-09-13 17:10 4023296 —-a-w- c:\windows\system32\atiumd6a.dll
    2011-11-26 14:19 . 2011-05-28 17:53 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut5_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut3_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut2_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-20 23:26 . 2011-10-20 23:26 94208 —-a-w- c:\windows\SysWow64\dpl100.dll
    2011-10-20 17:01 . 2011-10-20 17:01 3584 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
    2006-05-03 10:06 163328 –sh–r- c:\windows\SysWOW64\flvDX.dll
    2007-02-21 11:47 31232 –sh–r- c:\windows\SysWOW64\msfDX.dll
    2008-03-16 13:30 216064 –sh–r- c:\windows\SysWOW64
    bDX.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitComet"="k:\program files (x86)\BitLord\BitLord.exe" [2005-05-07 2224128]
    "Steam"="d:\program files (x86)\PacSteamT\steam.exe" [2011-08-15 1242448]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
    "ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
    "QuickTime Task"="k:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
    "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "AOD"="c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" [2011-07-28 361984]
    .
    c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    ToolBox.lnk - d:\program files (x86)\ToolBox v2.97j\toolbox.exe [2011-7-7 2193408]
    Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-12-15 3527576]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-3-14 113664]
    Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe [2010-1-22 1773568]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync
    estart
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [x]
    R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Webzen\ArchLord\GameGuard\dump_wmimmc.sys [x]
    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
    R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [x]
    R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
    R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2010-09-10 348160]
    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
    R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
    S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
    S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
    S1 DLACDBHE;DLACDBHE;c:\windows\system32\Drivers\DLACDBHE.SYS [x]
    S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS [x]
    S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
    S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    S2 DLABMFSE;DLABMFSE;c:\windows\system32\DLA\DLABMFSE.SYS [x]
    S2 DLABOIOE;DLABOIOE;c:\windows\system32\DLA\DLABOIOE.SYS [x]
    S2 DLADResE;DLADResE;c:\windows\system32\DLA\DLADResE.SYS [x]
    S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\DLA\DLAIFS_E.SYS [x]
    S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\DLA\DLAOPIOE.SYS [x]
    S2 DLAPoolE;DLAPoolE;c:\windows\system32\DLA\DLAPoolE.SYS [x]
    S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\DLA\DLAUDF_E.SYS [x]
    S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\DLA\DLAUDFAE.SYS [x]
    S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS [x]
    S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
    S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
    S2 TeamViewer6;TeamViewer 6;d:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
    S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
    S3 ALSysIO;ALSysIO;c:\users\Milan\AppData\Local\Temp\ALSysIO64.sys [x]
    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
    S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS
    etr28ux.sys [x]
    S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - WS2IFSL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
    @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
    @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
    @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
    @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
    @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
    @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
    @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
    @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
    @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-09 171520]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
    "combofix"="c:\combofix\CF577.3XE" [2010-11-20 345088]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x1
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    mSearch Bar = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
    TCP: Interfaces\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
    TCP: Interfaces\{AB8621B3-0285-48BA-8FC8-F1846E2DBB3F}: DhcpNameServer = 192.168.0.1
    FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qvqeg9e1.default\
    FF - prefs.js: browser.startup.homepage - www.google.nl
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
    BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
    Toolbar-{C8755E86-B8E7-4818-87FB-45EFC5539F09} - c:\windows\SysWow64\5878.dll
    Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
    Wow6432Node-HKCU-Run-AdobeBridge - (no file)
    Wow6432Node-HKLM-Run-NPSStartup - (no file)
    BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
    WebBrowser-{C8755E86-B8E7-4818-87FB-45EFC5539F09} - (no file)
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    AddRemove-dBpoweramp Dalet Codec - c:\windows\system32\SpoonUninstall.exe
    AddRemove-Noesis - Advanced Source Level Design - c:\windows\unvise32.exe
    AddRemove-PDFTiger_is1 - d:\program files (x86)\PDFTiger\unins000.exe
    AddRemove-SurfOffline Professional 2 - k:\program files (x86)\SurfOffline Professional 2\uninstall.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\services
    pggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\windows\system32\hasplms.exe
    c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    c:\program files (x86)\Sitecom\Common\RegistryWriter.exe
    c:\program files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    c:\program files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2012-01-07 14:07:13 - machine werd herstart
    ComboFix-quarantined-files.txt 2012-01-07 13:07
    .
    Pre-Run: 105.177.321.472 bytes beschikbaar
    Post-Run: 109.302.394.880 bytes beschikbaar
    .
    - - End Of File - - BD054E258D418A870BED827386D9ABDB
  • We gebruiken wederom ComboFix:

    zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
    Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:8fe45471d2]Kladblok (of Notepad)[/b:8fe45471d2]".

    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:8fe45471d2]ClearJavaCache::

    Folder::
    c:\program files (x86)\ask.com
    [/color:8fe45471d2][/b:8fe45471d2]


    Sla dit kladblokbestand op je bureaublad op als [b:8fe45471d2]CFScript.txt[/b:8fe45471d2].

    [b:8fe45471d2]Nu eerst de antivirus en eventuele spywarescanners deaktiveren![/color:8fe45471d2][/b:8fe45471d2]


    Sleep CFScript.txt in ComboFix.exe


    [img:8fe45471d2]http://crew.nucia.eu/smeenk/CFScript.gif[/img:8fe45471d2]

    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.


    Post het Combofix-log dat na het opnieuw starten wordt getoond via de kleurcodeerder!
    Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in [b:8fe45471d2]C:\Combofix.txt[/b:8fe45471d2]

    [b:8fe45471d2]Belangrijke opmerking[/b:8fe45471d2]:
    [list:8fe45471d2][*:8fe45471d2][b:8fe45471d2]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:8fe45471d2][/b:8fe45471d2]
    [*:8fe45471d2][b:8fe45471d2]Illegal operation attempted on a registery key that has been marked for deletion.[/color:8fe45471d2][/b:8fe45471d2]
    [*:8fe45471d2][b:8fe45471d2]Start dan de computer opnieuw op.[/color:8fe45471d2][/b:8fe45471d2][/list:u:8fe45471d2]
  • Bij het starten van combofix zei het programma dat er een update was en ik liet het hem die downloaden. Daarna startte combofix zichzelf opnieuw op en begon de scan zoals gewoonlijk. Na de scan is het CFScript bestand verwijderd. Hij heeft ook het ask.com mapje verwijderd. Ik snap niet wat je bedoelt met kleurcodeerder, maar hier is het log:

    ComboFix 12-01-09.07 - Milan 10-01-2012 16:41:09.2.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2390 [GMT 1:00]
    Gestart vanuit: c:\users\Milan\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Milan\Desktop\CFScript.txt
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\ask.com
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-12-10 to 2012-01-10 ))))))))))))))))))))))))))))))
    .
    .
    2012-01-10 15:46 . 2012-01-10 15:46 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-01-10 15:46 . 2012-01-10 15:46 ——– d—–w- c:\users\Administrator\AppData\Local\temp
    2012-01-10 15:34 . 2012-01-10 15:34 626688 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
    2012-01-10 15:34 . 2012-01-10 15:34 548864 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
    2012-01-10 15:34 . 2012-01-10 15:34 479232 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
    2012-01-10 15:34 . 2012-01-10 15:34 43992 —-a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
    2012-01-05 14:14 . 2012-01-05 14:14 ——– d—–w- c:\program files (x86)\LogMeIn Hamachi
    2012-01-04 15:31 . 2012-01-04 15:31 ——– d—–w- c:\users\Milan\AppData\Roaming\Image-Line
    2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\programdata\Skyline
    2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\program files (x86)\Skyline
    2011-12-27 17:23 . 2011-12-27 17:23 ——– d—–w- c:\program files (x86)\TeamViewer
    2011-12-15 15:41 . 2011-12-15 16:24 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server
    2011-12-15 07:39 . 2011-10-26 05:21 43520 —-a-w- c:\windows\system32\csrsrv.dll
    2011-12-15 07:39 . 2011-11-05 05:41 1188864 —-a-w- c:\windows\system32\wininet.dll
    2011-12-15 04:39 . 2011-12-15 04:39 42392 —-a-w- c:\windows\SysWow64\xfcodec.dll
    2011-12-15 04:39 . 2011-12-15 04:39 28056 —-a-w- c:\windows\system32\xfcodec64.dll
    2011-12-14 17:50 . 2011-12-14 17:51 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server ernis 1.0.0
    2011-12-14 16:03 . 2011-12-14 16:03 ——– d—–w- c:\program files\iPod
    2011-12-14 16:03 . 2011-12-14 16:04 ——– d—–w- c:\program files\iTunes
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-11-29 13:17 . 2011-11-29 13:17 159744 —-a-w- c:\windows\system32\atiapfxx.exe
    2011-11-29 13:17 . 2011-11-29 13:17 39936 —-a-w- c:\windows\system32\atig6txx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 31744 —-a-w- c:\windows\SysWow64\atiuxpag.dll
    2011-11-29 13:17 . 2011-11-29 13:17 10207232 —-a-w- c:\windows\system32\drivers\atikmdag.sys
    2011-11-29 13:17 . 2011-11-29 13:17 51200 —-a-w- c:\windows\system32\aticalrt64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 120320 —-a-w- c:\windows\system32\atitmm64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 356352 —-a-w- c:\windows\SysWow64\atipdlxx.dll
    2011-11-29 13:17 . 2010-12-27 15:39 38912 —-a-w- c:\windows\system32\atiu9p64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 278528 —-a-w- c:\windows\SysWow64\Oemdspif.dll
    2011-11-29 13:17 . 2011-11-29 13:17 1828864 —-a-w- c:\windows\SysWow64\atiumdmv.dll
    2011-11-29 13:17 . 2011-11-29 13:17 8391680 —-a-w- c:\windows\SysWow64\aticaldd.dll
    2011-11-29 13:17 . 2011-11-29 13:16 18630656 —-a-w- c:\windows\SysWow64\atioglxx.dll
    2011-11-29 13:17 . 2010-12-27 15:42 40960 —-a-w- c:\windows\system32\atiuxp64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 17408 —-a-w- c:\windows\system32\atig6pxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 4231680 —-a-w- c:\windows\SysWow64\atidxx32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 32768 —-a-w- c:\windows\SysWow64\atigktxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\atimpc32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\amdpcom32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 1113088 —-a-w- c:\windows\system32\atiumd6v.dll
    2011-11-29 13:17 . 2011-09-08 17:05 4289024 —-a-w- c:\windows\SysWow64\atiumdag.dll
    2011-11-29 13:17 . 2010-12-27 15:41 479744 —-a-w- c:\windows\system32\atiadlxx.dll
    2011-11-29 13:17 . 2010-12-27 15:41 58880 —-a-w- c:\windows\system32\coinst.dll
    2011-11-29 13:17 . 2011-11-29 13:16 24629760 —-a-w- c:\windows\system32\atio6axx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 46080 —-a-w- c:\windows\SysWow64\aticalrt.dll
    2011-11-29 13:17 . 2009-11-04 15:31 4960768 —-a-w- c:\windows\system32\atidxx64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\atimpc64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\amdpcom64.dll
    2011-11-29 13:17 . 2010-12-27 15:42 736768 —-a-w- c:\windows\SysWow64\aticfx32.dll
    2011-11-29 13:17 . 2010-12-27 15:41 867328 —-a-w- c:\windows\system32\aticfx64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53248 —-a-w- c:\windows\system32\drivers\ati2erec.dll
    2011-11-29 13:17 . 2011-11-29 13:17 466944 —-a-w- c:\windows\system32\ATIDEMGX.dll
    2011-11-29 13:17 . 2011-11-29 13:17 317952 —-a-w- c:\windows\system32\drivers\atikmpag.sys
    2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\SysWow64\atiglpxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\system32\atiglpxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 487936 —-a-w- c:\windows\system32\atieclxx.exe
    2011-11-29 13:17 . 2011-09-08 17:08 4174848 —-a-w- c:\windows\SysWow64\atiumdva.dll
    2011-11-29 13:17 . 2011-11-29 13:17 44032 —-a-w- c:\windows\SysWow64\aticalcl.dll
    2011-11-29 13:17 . 2010-12-27 15:39 29184 —-a-w- c:\windows\SysWow64\atiu9pag.dll
    2011-11-29 13:17 . 2011-11-29 13:16 9877504 —-a-w- c:\windows\system32\aticaldd64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 423424 —-a-w- c:\windows\system32\atipdl64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 21504 —-a-w- c:\windows\system32\atimuixx.dll
    2011-11-29 13:16 . 2011-09-13 17:10 5431808 —-a-w- c:\windows\system32\atiumd64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 43520 —-a-w- c:\windows\SysWow64\ati2edxx.dll
    2011-11-29 13:16 . 2011-11-29 13:16 335872 —-a-w- c:\windows\SysWow64\atiadlxy.dll
    2011-11-29 13:16 . 2011-11-29 13:16 44544 —-a-w- c:\windows\system32\aticalcl64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 204288 —-a-w- c:\windows\system32\atiesrxx.exe
    2011-11-29 13:16 . 2011-11-29 13:16 59392 —-a-w- c:\windows\system32\atiedu64.dll
    2011-11-29 13:16 . 2011-09-13 17:10 4023296 —-a-w- c:\windows\system32\atiumd6a.dll
    2011-11-26 14:19 . 2011-05-28 17:53 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-11-10 04:54 . 2010-05-02 19:41 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut5_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut3_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut2_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-20 23:26 . 2011-10-20 23:26 94208 —-a-w- c:\windows\SysWow64\dpl100.dll
    2011-10-20 17:01 . 2011-10-20 17:01 3584 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
    2006-05-03 10:06 163328 –sh–r- c:\windows\SysWOW64\flvDX.dll
    2007-02-21 11:47 31232 –sh–r- c:\windows\SysWOW64\msfDX.dll
    2008-03-16 13:30 216064 –sh–r- c:\windows\SysWOW64
    bDX.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-01-07_13.01.27 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2009-07-14 04:54 . 2012-01-05 14:19 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-07-14 04:54 . 2012-01-10 14:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-07-14 04:54 . 2012-01-05 14:19 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-07-14 04:54 . 2012-01-10 14:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2012-01-05 14:19 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2012-01-10 14:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-09-09 09:11 . 2012-01-07 13:12 67994 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:10 . 2012-01-07 13:12 52608 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2010-01-09 16:14 . 2012-01-07 13:12 24500 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3084355964-2815494572-3805623885-1000_UserData.bin
    + 2010-01-06 08:35 . 2012-01-07 13:11 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-01-06 08:35 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-01-06 08:35 . 2012-01-07 13:01 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-01-06 08:35 . 2012-01-07 13:11 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-07-14 04:54 . 2012-01-07 13:11 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2009-07-14 04:54 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2010-01-09 18:41 . 2012-01-07 13:11 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-07-14 04:46 . 2012-01-08 17:35 18784 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
    - 2010-01-09 18:41 . 2012-01-05 14:15 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-01-09 18:41 . 2012-01-07 13:11 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-01-09 18:41 . 2012-01-07 13:11 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2010-01-09 18:41 . 2012-01-07 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-01-09 18:41 . 2012-01-10 15:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-01-09 18:41 . 2012-01-10 15:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2010-01-09 18:41 . 2012-01-07 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2012-01-07 13:10 . 2012-01-07 13:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2012-01-07 13:10 . 2012-01-07 13:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2011-12-08 15:28 . 2011-12-08 15:27 157472 c:\windows\SysWOW64\javaws.exe
    + 2012-01-08 13:38 . 2011-11-10 04:54 157472 c:\windows\SysWOW64\javaws.exe
    + 2012-01-08 13:38 . 2011-11-10 04:54 149280 c:\windows\SysWOW64\javaw.exe
    + 2012-01-08 13:38 . 2011-11-10 04:54 149280 c:\windows\SysWOW64\java.exe
    + 2010-01-26 14:54 . 2012-01-09 16:17 493302 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
    - 2009-07-14 05:01 . 2012-01-07 12:59 554576 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2009-07-14 05:01 . 2012-01-07 13:09 554576 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    c:\program files (x86)\Ask.com\GenericAskToolbar.dll [BU]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{C8755E86-B8E7-4818-87FB-45EFC5539F09}"= "c:\windows\SysWow64\5878.dll" [BU]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [BU]
    .
    [HKEY_CLASSES_ROOT\clsid\{c8755e86-b8e7-4818-87fb-45efc5539f09}]
    [HKEY_CLASSES_ROOT\TypeLib\{B8C9134F-753E-4C8A-A185-0BA27A69B9CB}]
    .
    [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitComet"="k:\program files (x86)\BitLord\BitLord.exe" [2005-05-07 2224128]
    "Steam"="d:\program files (x86)\PacSteamT\steam.exe" [2011-08-15 1242448]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
    "ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
    "QuickTime Task"="k:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
    "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "AOD"="c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" [2011-07-28 361984]
    .
    c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    ToolBox.lnk - d:\program files (x86)\ToolBox v2.97j\toolbox.exe [2011-7-7 2193408]
    Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-12-15 3527576]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-3-14 113664]
    Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe [2010-1-22 1773568]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync
    estart
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [x]
    R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Webzen\ArchLord\GameGuard\dump_wmimmc.sys [x]
    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
    R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [x]
    R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
    R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2010-09-10 348160]
    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
    R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
    S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
    S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
    S1 DLACDBHE;DLACDBHE;c:\windows\system32\Drivers\DLACDBHE.SYS [x]
    S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS [x]
    S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
    S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
    S2 DLABMFSE;DLABMFSE;c:\windows\system32\DLA\DLABMFSE.SYS [x]
    S2 DLABOIOE;DLABOIOE;c:\windows\system32\DLA\DLABOIOE.SYS [x]
    S2 DLADResE;DLADResE;c:\windows\system32\DLA\DLADResE.SYS [x]
    S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\DLA\DLAIFS_E.SYS [x]
    S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\DLA\DLAOPIOE.SYS [x]
    S2 DLAPoolE;DLAPoolE;c:\windows\system32\DLA\DLAPoolE.SYS [x]
    S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\DLA\DLAUDF_E.SYS [x]
    S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\DLA\DLAUDFAE.SYS [x]
    S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS [x]
    S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
    S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
    S2 TeamViewer6;TeamViewer 6;d:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
    S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
    S3 ALSysIO;ALSysIO;c:\users\Milan\AppData\Local\Temp\ALSysIO64.sys [x]
    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
    S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS
    etr28ux.sys [x]
    S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - ALSYSIO
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
    c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [BU]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
    @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
    @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
    @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
    @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
    @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
    @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
    @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
    @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
    @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-09 171520]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    mSearch Bar = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
    TCP: Interfaces\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
    TCP: Interfaces\{AB8621B3-0285-48BA-8FC8-F1846E2DBB3F}: DhcpNameServer = 192.168.0.1
    FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qvqeg9e1.default\
    FF - prefs.js: browser.startup.homepage - www.google.nl
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\services
    pggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2012-01-10 16:49:16
    ComboFix-quarantined-files.txt 2012-01-10 15:49
    ComboFix2.txt 2012-01-07 13:07
    .
    Pre-Run: 111.687.262.208 bytes beschikbaar
    Post-Run: 111.163.908.096 bytes beschikbaar
    .
    - - End Of File - - F205CC794ACF8AE140E5AE25D32FA013
  • Voer het script nogmaals uit!
  • Combofix blijft het CFScript.txt bestand verwijderen.. Hier de log:

    ComboFix 12-01-12.02 - Milan 12-01-2012 15:57:10.3.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2418 [GMT 1:00]
    Gestart vanuit: c:\users\Milan\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Milan\Desktop\CFScript.txt
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-12-12 to 2012-01-12 ))))))))))))))))))))))))))))))
    .
    .
    2012-01-12 15:05 . 2012-01-12 15:05 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-01-12 15:05 . 2012-01-12 15:05 ——– d—–w- c:\users\Administrator\AppData\Local\temp
    2012-01-12 14:48 . 2012-01-12 14:48 ——– d—–w- c:\program files (x86)\Common Files\Java
    2012-01-11 15:41 . 2011-10-26 05:25 1572864 —-a-w- c:\windows\system32\quartz.dll
    2012-01-11 15:41 . 2011-10-26 05:25 366592 —-a-w- c:\windows\system32\qdvd.dll
    2012-01-11 15:41 . 2011-10-26 04:32 514560 —-a-w- c:\windows\SysWow64\qdvd.dll
    2012-01-11 15:41 . 2011-10-26 04:32 1328128 —-a-w- c:\windows\SysWow64\quartz.dll
    2012-01-11 15:41 . 2011-11-17 06:41 1731920 —-a-w- c:\windows\system32
    tdll.dll
    2012-01-11 15:41 . 2011-11-17 05:38 1292080 —-a-w- c:\windows\SysWow64
    tdll.dll
    2012-01-11 15:41 . 2011-11-19 14:58 77312 —-a-w- c:\windows\system32\packager.dll
    2012-01-11 15:41 . 2011-11-19 14:01 67072 —-a-w- c:\windows\SysWow64\packager.dll
    2012-01-10 15:34 . 2012-01-10 15:34 626688 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
    2012-01-10 15:34 . 2012-01-10 15:34 548864 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
    2012-01-10 15:34 . 2012-01-10 15:34 479232 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
    2012-01-10 15:34 . 2012-01-10 15:34 43992 —-a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
    2012-01-05 14:14 . 2012-01-05 14:14 ——– d—–w- c:\program files (x86)\LogMeIn Hamachi
    2012-01-04 15:31 . 2012-01-04 15:31 ——– d—–w- c:\users\Milan\AppData\Roaming\Image-Line
    2012-01-03 07:22 . 2012-01-03 07:22 103864 —-a-w- c:\program files (x86)\Mozilla Firefox\plugins
    ppdf32.dll
    2012-01-03 07:22 . 2012-01-03 07:22 103864 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    ppdf32.dll
    2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\programdata\Skyline
    2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\program files (x86)\Skyline
    2011-12-27 17:23 . 2011-12-27 17:23 ——– d—–w- c:\program files (x86)\TeamViewer
    2011-12-15 15:41 . 2011-12-15 16:24 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server
    2011-12-15 07:39 . 2011-10-26 05:21 43520 —-a-w- c:\windows\system32\csrsrv.dll
    2011-12-15 07:39 . 2011-11-05 05:41 1188864 —-a-w- c:\windows\system32\wininet.dll
    2011-12-15 04:39 . 2011-12-15 04:39 42392 —-a-w- c:\windows\SysWow64\xfcodec.dll
    2011-12-15 04:39 . 2011-12-15 04:39 28056 —-a-w- c:\windows\system32\xfcodec64.dll
    2011-12-14 17:50 . 2011-12-14 17:51 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server ernis 1.0.0
    2011-12-14 16:03 . 2011-12-14 16:03 ——– d—–w- c:\program files\iPod
    2011-12-14 16:03 . 2011-12-14 16:04 ——– d—–w- c:\program files\iTunes
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-01-12 14:47 . 2010-05-02 19:41 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2011-11-29 13:17 . 2011-11-29 13:17 159744 —-a-w- c:\windows\system32\atiapfxx.exe
    2011-11-29 13:17 . 2011-11-29 13:17 39936 —-a-w- c:\windows\system32\atig6txx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 31744 —-a-w- c:\windows\SysWow64\atiuxpag.dll
    2011-11-29 13:17 . 2011-11-29 13:17 10207232 —-a-w- c:\windows\system32\drivers\atikmdag.sys
    2011-11-29 13:17 . 2011-11-29 13:17 51200 —-a-w- c:\windows\system32\aticalrt64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 120320 —-a-w- c:\windows\system32\atitmm64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 356352 —-a-w- c:\windows\SysWow64\atipdlxx.dll
    2011-11-29 13:17 . 2010-12-27 15:39 38912 —-a-w- c:\windows\system32\atiu9p64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 278528 —-a-w- c:\windows\SysWow64\Oemdspif.dll
    2011-11-29 13:17 . 2011-11-29 13:17 1828864 —-a-w- c:\windows\SysWow64\atiumdmv.dll
    2011-11-29 13:17 . 2011-11-29 13:17 8391680 —-a-w- c:\windows\SysWow64\aticaldd.dll
    2011-11-29 13:17 . 2011-11-29 13:16 18630656 —-a-w- c:\windows\SysWow64\atioglxx.dll
    2011-11-29 13:17 . 2010-12-27 15:42 40960 —-a-w- c:\windows\system32\atiuxp64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 17408 —-a-w- c:\windows\system32\atig6pxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 4231680 —-a-w- c:\windows\SysWow64\atidxx32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 32768 —-a-w- c:\windows\SysWow64\atigktxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\atimpc32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\amdpcom32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 1113088 —-a-w- c:\windows\system32\atiumd6v.dll
    2011-11-29 13:17 . 2011-09-08 17:05 4289024 —-a-w- c:\windows\SysWow64\atiumdag.dll
    2011-11-29 13:17 . 2010-12-27 15:41 479744 —-a-w- c:\windows\system32\atiadlxx.dll
    2011-11-29 13:17 . 2010-12-27 15:41 58880 —-a-w- c:\windows\system32\coinst.dll
    2011-11-29 13:17 . 2011-11-29 13:16 24629760 —-a-w- c:\windows\system32\atio6axx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 46080 —-a-w- c:\windows\SysWow64\aticalrt.dll
    2011-11-29 13:17 . 2009-11-04 15:31 4960768 —-a-w- c:\windows\system32\atidxx64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\atimpc64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\amdpcom64.dll
    2011-11-29 13:17 . 2010-12-27 15:42 736768 —-a-w- c:\windows\SysWow64\aticfx32.dll
    2011-11-29 13:17 . 2010-12-27 15:41 867328 —-a-w- c:\windows\system32\aticfx64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53248 —-a-w- c:\windows\system32\drivers\ati2erec.dll
    2011-11-29 13:17 . 2011-11-29 13:17 466944 —-a-w- c:\windows\system32\ATIDEMGX.dll
    2011-11-29 13:17 . 2011-11-29 13:17 317952 —-a-w- c:\windows\system32\drivers\atikmpag.sys
    2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\SysWow64\atiglpxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\system32\atiglpxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 487936 —-a-w- c:\windows\system32\atieclxx.exe
    2011-11-29 13:17 . 2011-09-08 17:08 4174848 —-a-w- c:\windows\SysWow64\atiumdva.dll
    2011-11-29 13:17 . 2011-11-29 13:17 44032 —-a-w- c:\windows\SysWow64\aticalcl.dll
    2011-11-29 13:17 . 2010-12-27 15:39 29184 —-a-w- c:\windows\SysWow64\atiu9pag.dll
    2011-11-29 13:17 . 2011-11-29 13:16 9877504 —-a-w- c:\windows\system32\aticaldd64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 423424 —-a-w- c:\windows\system32\atipdl64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 21504 —-a-w- c:\windows\system32\atimuixx.dll
    2011-11-29 13:16 . 2011-09-13 17:10 5431808 —-a-w- c:\windows\system32\atiumd64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 43520 —-a-w- c:\windows\SysWow64\ati2edxx.dll
    2011-11-29 13:16 . 2011-11-29 13:16 335872 —-a-w- c:\windows\SysWow64\atiadlxy.dll
    2011-11-29 13:16 . 2011-11-29 13:16 44544 —-a-w- c:\windows\system32\aticalcl64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 204288 —-a-w- c:\windows\system32\atiesrxx.exe
    2011-11-29 13:16 . 2011-11-29 13:16 59392 —-a-w- c:\windows\system32\atiedu64.dll
    2011-11-29 13:16 . 2011-09-13 17:10 4023296 —-a-w- c:\windows\system32\atiumd6a.dll
    2011-11-26 14:19 . 2011-05-28 17:53 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut5_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut3_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut2_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-20 23:26 . 2011-10-20 23:26 94208 —-a-w- c:\windows\SysWow64\dpl100.dll
    2011-10-20 17:01 . 2011-10-20 17:01 3584 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
    2006-05-03 10:06 163328 –sh–r- c:\windows\SysWOW64\flvDX.dll
    2007-02-21 11:47 31232 –sh–r- c:\windows\SysWOW64\msfDX.dll
    2008-03-16 13:30 216064 –sh–r- c:\windows\SysWOW64
    bDX.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-01-07_13.01.27 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2009-07-14 04:54 . 2012-01-12 08:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-07-14 04:54 . 2012-01-05 14:19 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-07-14 04:54 . 2012-01-05 14:19 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-07-14 04:54 . 2012-01-12 08:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2012-01-05 14:19 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2012-01-12 08:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-09-09 09:11 . 2012-01-07 13:12 67994 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:10 . 2012-01-12 14:41 52624 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2010-01-09 16:14 . 2012-01-12 14:41 24532 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3084355964-2815494572-3805623885-1000_UserData.bin
    + 2010-01-06 08:35 . 2012-01-12 14:39 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-01-06 08:35 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-01-06 08:35 . 2012-01-12 14:39 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2010-01-06 08:35 . 2012-01-07 13:01 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2012-01-12 14:39 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2010-01-09 18:41 . 2012-01-12 14:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-07-14 04:46 . 2012-01-12 14:50 92488 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
    + 2010-01-09 18:41 . 2012-01-12 14:41 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2010-01-09 18:41 . 2012-01-05 14:15 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-01-09 18:41 . 2012-01-12 14:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2010-01-09 18:41 . 2012-01-12 14:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-01-09 18:41 . 2012-01-07 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-01-09 18:41 . 2012-01-07 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2010-01-09 18:41 . 2012-01-12 14:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2012-01-12 14:38 . 2012-01-12 14:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2012-01-12 14:38 . 2012-01-12 14:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2011-04-15 12:52 . 2011-02-18 05:41 716800 c:\windows\SysWOW64\jscript.dll
    + 2012-01-11 15:41 . 2011-10-14 04:24 716800 c:\windows\SysWOW64\jscript.dll
    + 2012-01-12 14:48 . 2012-01-12 14:47 157472 c:\windows\SysWOW64\javaws.exe
    - 2011-12-08 15:28 . 2011-12-08 15:27 157472 c:\windows\SysWOW64\javaws.exe
    + 2012-01-12 14:48 . 2012-01-12 14:47 149280 c:\windows\SysWOW64\javaw.exe
    + 2012-01-12 14:48 . 2012-01-12 14:47 149280 c:\windows\SysWOW64\java.exe
    + 2010-01-26 14:54 . 2012-01-12 14:34 494238 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
    + 2012-01-11 15:41 . 2011-10-14 05:31 918528 c:\windows\system32\jscript.dll
    + 2009-07-14 05:01 . 2012-01-12 14:36 554576 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    - 2009-07-14 05:01 . 2012-01-07 12:59 554576 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2012-01-12 14:48 . 2012-01-12 14:48 207360 c:\windows\Installer\80ad5.msi
    - 2009-07-14 04:45 . 2011-12-16 18:46 7202288 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
    + 2009-07-14 04:45 . 2012-01-12 14:49 7202288 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
    + 2012-01-04 08:57 . 2012-01-04 08:57 4001792 c:\windows\Installer\15e02dc9.msi
    + 2009-07-14 02:34 . 2012-01-12 14:36 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
    - 2009-07-14 02:34 . 2011-12-16 18:37 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
    + 2010-05-08 22:42 . 2012-01-12 14:36 51904308 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3084355964-2815494572-3805623885-1000-8192.dat
    + 2012-01-12 14:45 . 2012-01-12 14:45 12905472 c:\windows\Installer\80acd.msi
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    c:\program files (x86)\Ask.com\GenericAskToolbar.dll [BU]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{C8755E86-B8E7-4818-87FB-45EFC5539F09}"= "c:\windows\SysWow64\5878.dll" [BU]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [BU]
    .
    [HKEY_CLASSES_ROOT\clsid\{c8755e86-b8e7-4818-87fb-45efc5539f09}]
    [HKEY_CLASSES_ROOT\TypeLib\{B8C9134F-753E-4C8A-A185-0BA27A69B9CB}]
    .
    [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitComet"="k:\program files (x86)\BitLord\BitLord.exe" [2005-05-07 2224128]
    "Steam"="d:\program files (x86)\PacSteamT\steam.exe" [2011-08-15 1242448]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
    "ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
    "QuickTime Task"="k:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
    "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "AOD"="c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" [2011-07-28 361984]
    .
    c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    ToolBox.lnk - d:\program files (x86)\ToolBox v2.97j\toolbox.exe [2011-7-7 2193408]
    Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-12-15 3527576]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-3-14 113664]
    Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe [2010-1-22 1773568]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync
    estart
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [x]
    R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Webzen\ArchLord\GameGuard\dump_wmimmc.sys [x]
    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
    R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [x]
    R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
    R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2010-09-10 348160]
    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
    R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
    S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
    S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
    S1 DLACDBHE;DLACDBHE;c:\windows\system32\Drivers\DLACDBHE.SYS [x]
    S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS [x]
    S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
    S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
    S2 DLABMFSE;DLABMFSE;c:\windows\system32\DLA\DLABMFSE.SYS [x]
    S2 DLABOIOE;DLABOIOE;c:\windows\system32\DLA\DLABOIOE.SYS [x]
    S2 DLADResE;DLADResE;c:\windows\system32\DLA\DLADResE.SYS [x]
    S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\DLA\DLAIFS_E.SYS [x]
    S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\DLA\DLAOPIOE.SYS [x]
    S2 DLAPoolE;DLAPoolE;c:\windows\system32\DLA\DLAPoolE.SYS [x]
    S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\DLA\DLAUDF_E.SYS [x]
    S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\DLA\DLAUDFAE.SYS [x]
    S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS [x]
    S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
    S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
    S2 TeamViewer6;TeamViewer 6;d:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
    S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
    S3 ALSysIO;ALSysIO;c:\users\Milan\AppData\Local\Temp\ALSysIO64.sys [x]
    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
    S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS
    etr28ux.sys [x]
    S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
    c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [BU]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
    @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
    @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
    @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
    @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
    @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
    @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
    @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
    @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
    @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-09 171520]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    mSearch Bar = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
    TCP: Interfaces\{AB8621B3-0285-48BA-8FC8-F1846E2DBB3F}: DhcpNameServer = 192.168.0.1
    FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qvqeg9e1.default\
    FF - prefs.js: browser.startup.homepage - www.google.nl
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\services
    pggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2012-01-12 16:08:11
    ComboFix-quarantined-files.txt 2012-01-12 15:08
    ComboFix2.txt 2012-01-10 15:49
    ComboFix3.txt 2012-01-07 13:07
    .
    Pre-Run: 110.467.461.120 bytes beschikbaar
    Post-Run: 109.926.088.704 bytes beschikbaar
    .
    - - End Of File - - ADD38B98B86045F5A9C6E6789C417E87
  • Hallo David, voordat we ComboFix weer gaan gebruiken, doe nu eerst het volgende:

    a) verwijder ComboFix.exe van jouw bureaublad en leeg vervolgens de prullenbak.
    b) download CombiFix opnieuw naar jouw bureaublad - [b:1cb963c88e]Bleepingcomputer[/b:1cb963c88e]


    Zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
    Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:1cb963c88e]Kladblok (of Notepad)[/b:1cb963c88e]".

    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:1cb963c88e]ClearJavaCache::

    File::
    c:\windows\SysWow64\5878.dll"
    c:\program files (x86)\Ask.com\GenericAskToolbar.dl
    c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3084355964-2815494572-3805623885-1000_UserData.bin
    c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
    c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    c:\windows\SysWOW64\jscript.dll
    c:\windows\SysWOW64\jscript.dll
    :\windows\SysWOW64\javaws.exe
    c:\windows\SysWOW64\javaws.exe
    c:\windows\SysWOW64\javaw.exe
    c:\windows\SysWOW64\java.exe
    c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
    c:\windows\system32\jscript.dll
    c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    c:\windows\Installer\80ad5.msi
    c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
    c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
    c:\windows\Installer\15e02dc9.msi
    c:\windows\system32\SMI\Store\Machine\schema.dat
    c:\windows\system32\SMI\Store\Machine\schema.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3084355964-2815494572-3805623885-1000-8192.dat
    c:\windows\Installer\80acd.msi

    Registry::
    [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    c:\program files (x86)\Ask.com\GenericAskToolbar.dll [BU]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{C8755E86-B8E7-4818-87FB-45EFC5539F09}"=-
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
    [-HKEY_CLASSES_ROOT\clsid\{c8755e86-b8e7-4818-87fb-45efc5539f09}]
    [-HKEY_CLASSES_ROOT\TypeLib\{B8C9134F-753E-4C8A-A185-0BA27A69B9CB}]
    -HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    [/color:1cb963c88e][/b:1cb963c88e]


    Sla dit kladblokbestand op je bureaublad op als [b:1cb963c88e]CFScript.txt[/b:1cb963c88e].

    [b:1cb963c88e]Nu eerst de antivirus en eventuele spywarescanners deaktiveren![/color:1cb963c88e][/b:1cb963c88e]


    Sleep CFScript.txt in ComboFix.exe


    [img:1cb963c88e]http://crew.nucia.eu/smeenk/CFScript.gif[/img:1cb963c88e]

    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.


    Post het Combofix log dat na het opnieuw starten wordt getoond!
    Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in [b:1cb963c88e]C:\Combofix.txt[/b:1cb963c88e]

    [b:1cb963c88e]Belangrijke opmerking[/b:1cb963c88e]:
    [list:1cb963c88e][*:1cb963c88e][b:1cb963c88e]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:1cb963c88e][/b:1cb963c88e]
    [*:1cb963c88e][b:1cb963c88e]Illegal operation attempted on a registery key that has been marked for deletion.[/color:1cb963c88e][/b:1cb963c88e]
    [*:1cb963c88e][b:1cb963c88e]Start dan de computer opnieuw op.[/color:1cb963c88e][/b:1cb963c88e][/list:u:1cb963c88e]
  • CFScript is weer verwijderd door het programma en het probleem is er nog. Verder niets bijzonders. hier de log:

    ComboFix 12-01-13.03 - Milan 13-01-2012 16:29:15.4.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2454 [GMT 1:00]
    Gestart vanuit: c:\users\Milan\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Milan\Desktop\CFScript.txt
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\program files (x86)\Ask.com\GenericAskToolbar.dl"
    "c:\windows\Installer\15e02dc9.msi"
    "c:\windows\Installer\80acd.msi"
    "c:\windows\Installer\80ad5.msi"
    "c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3084355964-2815494572-3805623885-1000-8192.dat"
    "c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat"
    "c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat"
    "c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat"
    "c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat"
    "c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat"
    "c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat"
    "c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat"
    "c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat"
    "c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat"
    "c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat"
    "c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat"
    "c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat"
    "c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat"
    "c:\windows\system32\jscript.dll"
    "c:\windows\system32\SMI\Store\Machine\schema.dat"
    "c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3084355964-2815494572-3805623885-1000_UserData.bin"
    "c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin"
    "c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin"
    "c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin"
    "c:\windows\SysWow64\5878.dll"
    "c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat"
    "c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat"
    "c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat"
    "c:\windows\SysWOW64\java.exe"
    "c:\windows\SysWOW64\javaw.exe"
    "c:\windows\SysWOW64\javaws.exe"
    "c:\windows\SysWOW64\jscript.dll"
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\Installer\15e02dc9.msi
    c:\windows\Installer\80acd.msi
    c:\windows\Installer\80ad5.msi
    c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3084355964-2815494572-3805623885-1000-8192.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
    c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
    c:\windows\system32\SMI\Store\Machine\schema.dat
    c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3084355964-2815494572-3805623885-1000_UserData.bin
    c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
    c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-12-13 to 2012-01-13 ))))))))))))))))))))))))))))))
    .
    .
    2012-01-13 15:35 . 2012-01-13 15:35 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-01-13 15:35 . 2012-01-13 15:35 ——– d—–w- c:\users\Administrator\AppData\Local\temp
    2012-01-12 16:29 . 2012-01-12 16:32 ——– d—–w- c:\users\Milan\AppData\Roaming\Trine2
    2012-01-12 14:48 . 2012-01-12 14:48 ——– d—–w- c:\program files (x86)\Common Files\Java
    2012-01-11 15:41 . 2011-10-26 05:25 1572864 —-a-w- c:\windows\system32\quartz.dll
    2012-01-11 15:41 . 2011-10-26 05:25 366592 —-a-w- c:\windows\system32\qdvd.dll
    2012-01-11 15:41 . 2011-10-26 04:32 514560 —-a-w- c:\windows\SysWow64\qdvd.dll
    2012-01-11 15:41 . 2011-10-26 04:32 1328128 —-a-w- c:\windows\SysWow64\quartz.dll
    2012-01-11 15:41 . 2011-11-17 06:41 1731920 —-a-w- c:\windows\system32
    tdll.dll
    2012-01-11 15:41 . 2011-11-17 05:38 1292080 —-a-w- c:\windows\SysWow64
    tdll.dll
    2012-01-11 15:41 . 2011-11-19 14:58 77312 —-a-w- c:\windows\system32\packager.dll
    2012-01-11 15:41 . 2011-11-19 14:01 67072 —-a-w- c:\windows\SysWow64\packager.dll
    2012-01-10 15:34 . 2012-01-10 15:34 626688 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
    2012-01-10 15:34 . 2012-01-10 15:34 548864 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
    2012-01-10 15:34 . 2012-01-10 15:34 479232 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
    2012-01-10 15:34 . 2012-01-10 15:34 43992 —-a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
    2012-01-05 14:14 . 2012-01-05 14:14 ——– d—–w- c:\program files (x86)\LogMeIn Hamachi
    2012-01-04 15:31 . 2012-01-04 15:31 ——– d—–w- c:\users\Milan\AppData\Roaming\Image-Line
    2012-01-03 07:22 . 2012-01-03 07:22 103864 —-a-w- c:\program files (x86)\Mozilla Firefox\plugins
    ppdf32.dll
    2012-01-03 07:22 . 2012-01-03 07:22 103864 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    ppdf32.dll
    2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\programdata\Skyline
    2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\program files (x86)\Skyline
    2011-12-27 17:23 . 2011-12-27 17:23 ——– d—–w- c:\program files (x86)\TeamViewer
    2011-12-15 15:41 . 2011-12-15 16:24 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server
    2011-12-15 07:39 . 2011-10-26 05:21 43520 —-a-w- c:\windows\system32\csrsrv.dll
    2011-12-15 07:39 . 2011-11-05 05:41 1188864 —-a-w- c:\windows\system32\wininet.dll
    2011-12-15 04:39 . 2011-12-15 04:39 42392 —-a-w- c:\windows\SysWow64\xfcodec.dll
    2011-12-15 04:39 . 2011-12-15 04:39 28056 —-a-w- c:\windows\system32\xfcodec64.dll
    2011-12-14 17:50 . 2011-12-14 17:51 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server ernis 1.0.0
    2011-12-14 16:03 . 2011-12-14 16:03 ——– d—–w- c:\program files\iPod
    2011-12-14 16:03 . 2011-12-14 16:04 ——– d—–w- c:\program files\iTunes
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-01-12 14:47 . 2010-05-02 19:41 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2011-11-29 13:17 . 2011-11-29 13:17 159744 —-a-w- c:\windows\system32\atiapfxx.exe
    2011-11-29 13:17 . 2011-11-29 13:17 39936 —-a-w- c:\windows\system32\atig6txx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 31744 —-a-w- c:\windows\SysWow64\atiuxpag.dll
    2011-11-29 13:17 . 2011-11-29 13:17 10207232 —-a-w- c:\windows\system32\drivers\atikmdag.sys
    2011-11-29 13:17 . 2011-11-29 13:17 51200 —-a-w- c:\windows\system32\aticalrt64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 120320 —-a-w- c:\windows\system32\atitmm64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 356352 —-a-w- c:\windows\SysWow64\atipdlxx.dll
    2011-11-29 13:17 . 2010-12-27 15:39 38912 —-a-w- c:\windows\system32\atiu9p64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 278528 —-a-w- c:\windows\SysWow64\Oemdspif.dll
    2011-11-29 13:17 . 2011-11-29 13:17 1828864 —-a-w- c:\windows\SysWow64\atiumdmv.dll
    2011-11-29 13:17 . 2011-11-29 13:17 8391680 —-a-w- c:\windows\SysWow64\aticaldd.dll
    2011-11-29 13:17 . 2011-11-29 13:16 18630656 —-a-w- c:\windows\SysWow64\atioglxx.dll
    2011-11-29 13:17 . 2010-12-27 15:42 40960 —-a-w- c:\windows\system32\atiuxp64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 17408 —-a-w- c:\windows\system32\atig6pxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 4231680 —-a-w- c:\windows\SysWow64\atidxx32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 32768 —-a-w- c:\windows\SysWow64\atigktxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\atimpc32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\amdpcom32.dll
    2011-11-29 13:17 . 2011-11-29 13:17 1113088 —-a-w- c:\windows\system32\atiumd6v.dll
    2011-11-29 13:17 . 2011-09-08 17:05 4289024 —-a-w- c:\windows\SysWow64\atiumdag.dll
    2011-11-29 13:17 . 2010-12-27 15:41 479744 —-a-w- c:\windows\system32\atiadlxx.dll
    2011-11-29 13:17 . 2010-12-27 15:41 58880 —-a-w- c:\windows\system32\coinst.dll
    2011-11-29 13:17 . 2011-11-29 13:16 24629760 —-a-w- c:\windows\system32\atio6axx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 46080 —-a-w- c:\windows\SysWow64\aticalrt.dll
    2011-11-29 13:17 . 2009-11-04 15:31 4960768 —-a-w- c:\windows\system32\atidxx64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\atimpc64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\amdpcom64.dll
    2011-11-29 13:17 . 2010-12-27 15:42 736768 —-a-w- c:\windows\SysWow64\aticfx32.dll
    2011-11-29 13:17 . 2010-12-27 15:41 867328 —-a-w- c:\windows\system32\aticfx64.dll
    2011-11-29 13:17 . 2011-11-29 13:17 53248 —-a-w- c:\windows\system32\drivers\ati2erec.dll
    2011-11-29 13:17 . 2011-11-29 13:17 466944 —-a-w- c:\windows\system32\ATIDEMGX.dll
    2011-11-29 13:17 . 2011-11-29 13:17 317952 —-a-w- c:\windows\system32\drivers\atikmpag.sys
    2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\SysWow64\atiglpxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\system32\atiglpxx.dll
    2011-11-29 13:17 . 2011-11-29 13:17 487936 —-a-w- c:\windows\system32\atieclxx.exe
    2011-11-29 13:17 . 2011-09-08 17:08 4174848 —-a-w- c:\windows\SysWow64\atiumdva.dll
    2011-11-29 13:17 . 2011-11-29 13:17 44032 —-a-w- c:\windows\SysWow64\aticalcl.dll
    2011-11-29 13:17 . 2010-12-27 15:39 29184 —-a-w- c:\windows\SysWow64\atiu9pag.dll
    2011-11-29 13:17 . 2011-11-29 13:16 9877504 —-a-w- c:\windows\system32\aticaldd64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 423424 —-a-w- c:\windows\system32\atipdl64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 21504 —-a-w- c:\windows\system32\atimuixx.dll
    2011-11-29 13:16 . 2011-09-13 17:10 5431808 —-a-w- c:\windows\system32\atiumd64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 43520 —-a-w- c:\windows\SysWow64\ati2edxx.dll
    2011-11-29 13:16 . 2011-11-29 13:16 335872 —-a-w- c:\windows\SysWow64\atiadlxy.dll
    2011-11-29 13:16 . 2011-11-29 13:16 44544 —-a-w- c:\windows\system32\aticalcl64.dll
    2011-11-29 13:16 . 2011-11-29 13:16 204288 —-a-w- c:\windows\system32\atiesrxx.exe
    2011-11-29 13:16 . 2011-11-29 13:16 59392 —-a-w- c:\windows\system32\atiedu64.dll
    2011-11-29 13:16 . 2011-09-13 17:10 4023296 —-a-w- c:\windows\system32\atiumd6a.dll
    2011-11-26 14:19 . 2011-05-28 17:53 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut5_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut3_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut2_0CE1A6C0F3F749E68F9D2431F9827441.exe
    2011-10-20 23:26 . 2011-10-20 23:26 94208 —-a-w- c:\windows\SysWow64\dpl100.dll
    2011-10-20 17:01 . 2011-10-20 17:01 3584 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
    2006-05-03 10:06 163328 –sh–r- c:\windows\SysWOW64\flvDX.dll
    2007-02-21 11:47 31232 –sh–r- c:\windows\SysWOW64\msfDX.dll
    2008-03-16 13:30 216064 –sh–r- c:\windows\SysWOW64
    bDX.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-01-07_13.01.27 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2010-01-06 08:35 . 2012-01-13 06:50 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-01-06 08:35 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-01-06 08:35 . 2012-01-07 13:01 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-01-06 08:35 . 2012-01-13 06:50 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2012-01-13 06:50 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-01-09 18:41 . 2012-01-12 15:13 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-01-09 18:41 . 2012-01-12 15:13 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2010-01-09 18:41 . 2012-01-05 14:15 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2010-01-09 18:41 . 2012-01-12 15:13 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2012-01-12 14:50 . 2011-12-25 20:40 43280 c:\windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_wp.exe
    + 2012-01-12 14:50 . 2011-12-25 20:42 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
    - 2011-10-14 13:38 . 2011-10-14 13:38 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\e6aabbfb38a14559712fdf51064ff3a1\Microsoft.VisualC.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\e6aabbfb38a14559712fdf51064ff3a1\Microsoft.VisualC.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\d301e1d96d4f39f15482db09206f1fb1\Accessibility.ni.dll
    - 2011-10-14 13:40 . 2011-10-14 13:40 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\d301e1d96d4f39f15482db09206f1fb1\Accessibility.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\3cb6023aa6ab962babcee9c0ec8991de\Microsoft.VisualC.ni.dll
    - 2011-10-14 13:49 . 2011-10-14 13:49 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\3cb6023aa6ab962babcee9c0ec8991de\Microsoft.VisualC.ni.dll
    - 2011-10-14 13:51 . 2011-10-14 13:51 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll
    + 2012-01-12 15:11 . 2012-01-12 15:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2012-01-12 15:11 . 2012-01-12 15:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2011-04-15 12:52 . 2011-02-18 05:41 716800 c:\windows\SysWOW64\jscript.dll
    + 2012-01-11 15:41 . 2011-10-14 04:24 716800 c:\windows\SysWOW64\jscript.dll
    - 2011-12-08 15:28 . 2011-12-08 15:27 157472 c:\windows\SysWOW64\javaws.exe
    + 2012-01-12 14:48 . 2012-01-12 14:47 157472 c:\windows\SysWOW64\javaws.exe
    + 2012-01-12 14:48 . 2012-01-12 14:47 149280 c:\windows\SysWOW64\javaw.exe
    + 2012-01-12 14:48 . 2012-01-12 14:47 149280 c:\windows\SysWOW64\java.exe
    + 2012-01-11 15:41 . 2011-10-14 05:31 918528 c:\windows\system32\jscript.dll
    + 2012-01-12 14:50 . 2011-12-25 20:40 746256 c:\windows\Microsoft.NET\Framework64\v2.0.50727\webengine.dll
    + 2012-01-12 14:50 . 2011-12-25 20:42 437520 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8254.tmp\System.Configuration.Install.dll
    - 2011-10-14 13:45 . 2011-10-14 13:45 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\d78f9ad8894e441f38d96697bee1d6fa\System.Web.RegularExpressions.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\d78f9ad8894e441f38d96697bee1d6fa\System.Web.RegularExpressions.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\0e411c30fc2caebb55813b8fa0689d42\System.Web.Abstractions.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\f15a8af412d84b1fd14fc735fb5834f5\System.Transactions.ni.dll
    - 2011-10-14 13:44 . 2011-10-14 13:44 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\f15a8af412d84b1fd14fc735fb5834f5\System.Transactions.ni.dll
    - 2011-10-14 13:45 . 2011-10-14 13:45 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\8428a82fd82a1ef1d3dab07be67dd78f\System.ServiceProcess.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\8428a82fd82a1ef1d3dab07be67dd78f\System.ServiceProcess.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\a3202e5eeb5c84ca6d5453b50c28e1af\System.Security.ni.dll
    - 2011-10-14 13:39 . 2011-10-14 13:39 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\a3202e5eeb5c84ca6d5453b50c28e1af\System.Security.ni.dll
    - 2011-10-14 13:42 . 2011-10-14 13:42 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll
    - 2011-10-14 13:44 . 2011-10-14 13:44 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\4b0fd98f11e1e243efcfb810c170decf\System.EnterpriseServices.Wrapper.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\4b0fd98f11e1e243efcfb810c170decf\System.EnterpriseServices.Wrapper.dll
    + 2012-01-13 06:54 . 2012-01-13 06:54 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\4026f724cc80f1beb4450d3286d93c0d\System.Drawing.Design.ni.dll
    - 2011-10-14 13:45 . 2011-10-14 13:45 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\4026f724cc80f1beb4450d3286d93c0d\System.Drawing.Design.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\ea326d1e49d4824358eb5826fe52921a\System.DirectoryServices.Protocols.ni.dll
    - 2011-10-14 13:45 . 2011-10-14 13:45 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\ea326d1e49d4824358eb5826fe52921a\System.DirectoryServices.Protocols.ni.dll
    - 2011-10-14 13:45 . 2011-10-14 13:45 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a4757ccc20fa4dac96856aaaea05ffaa\PresentationFramework.Royale.ni.dll
    + 2012-01-13 06:54 . 2012-01-13 06:54 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a4757ccc20fa4dac96856aaaea05ffaa\PresentationFramework.Royale.ni.dll
    + 2012-01-13 06:54 . 2012-01-13 06:54 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9ab2ddfc6ccc7d84144aa45fc86969a1\PresentationFramework.Luna.ni.dll
    - 2011-10-14 13:45 . 2011-10-14 13:45 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9ab2ddfc6ccc7d84144aa45fc86969a1\PresentationFramework.Luna.ni.dll
    + 2012-01-13 06:54 . 2012-01-13 06:54 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\631667d5c4e1f0beee46c82e316ed0cb\PresentationFramework.Aero.ni.dll
    - 2011-10-14 13:45 . 2011-10-14 13:45 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\631667d5c4e1f0beee46c82e316ed0cb\PresentationFramework.Aero.ni.dll
    - 2011-10-14 13:45 . 2011-10-14 13:45 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\2de40f08930236c079d2653ade704bfc\PresentationFramework.Classic.ni.dll
    + 2012-01-13 06:54 . 2012-01-13 06:54 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\2de40f08930236c079d2653ade704bfc\PresentationFramework.Classic.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\88f32d62a8df469e8b9f12a8d3093627\System.Xml.Linq.ni.dll
    - 2011-10-14 18:16 . 2011-10-14 18:16 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\88f32d62a8df469e8b9f12a8d3093627\System.Xml.Linq.ni.dll
    - 2011-10-14 13:53 . 2011-10-14 13:53 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\54aff110093134e12558e26c7a038eb7\System.Web.RegularExpressions.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\54aff110093134e12558e26c7a038eb7\System.Web.RegularExpressions.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\2dc7ec41005f6e6fe45e0cc0a20a12bc\System.Web.Abstractions.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f5659a792c1f6832d9a45c1509d03497\System.Transactions.ni.dll
    - 2011-10-14 13:52 . 2011-10-14 13:52 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f5659a792c1f6832d9a45c1509d03497\System.Transactions.ni.dll
    - 2011-10-14 13:53 . 2011-10-14 13:53 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll
    - 2011-10-14 13:51 . 2011-10-14 13:51 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\ccba14fc93de40f4f53d401f07b9bcb8\System.Security.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\ccba14fc93de40f4f53d401f07b9bcb8\System.Security.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
    - 2011-10-14 13:52 . 2011-10-14 13:52 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\4ede0fecbdb3795efa9dca6b77c2031b\System.Messaging.ni.dll
    - 2011-10-14 18:06 . 2011-10-14 18:06 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\4ede0fecbdb3795efa9dca6b77c2031b\System.Messaging.ni.dll
    - 2011-10-14 18:08 . 2011-10-14 18:08 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\8a7d8a1bed270870c645ff47913f062a\System.IdentityModel.Selectors.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\8a7d8a1bed270870c645ff47913f062a\System.IdentityModel.Selectors.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\dfe859829abd7f108aa5d82382251690\System.EnterpriseServices.Wrapper.dll
    - 2011-10-14 13:52 . 2011-10-14 13:52 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\dfe859829abd7f108aa5d82382251690\System.EnterpriseServices.Wrapper.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\dfe859829abd7f108aa5d82382251690\System.EnterpriseServices.ni.dll
    - 2011-10-14 13:52 . 2011-10-14 13:52 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\dfe859829abd7f108aa5d82382251690\System.EnterpriseServices.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\8aa064c925a6b6bc885c3bd5bb1f4149\System.Drawing.Design.ni.dll
    - 2011-10-14 13:53 . 2011-10-14 13:53 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\8aa064c925a6b6bc885c3bd5bb1f4149\System.Drawing.Design.ni.dll
    - 2011-10-14 13:53 . 2011-10-14 13:53 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a5df8714e91f2e7d0f76081b6581d071\System.DirectoryServices.Protocols.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a5df8714e91f2e7d0f76081b6581d071\System.DirectoryServices.Protocols.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\50da9308aea01ad914cc87509dd968ec\System.Data.Services.Design.ni.dll
    - 2011-10-14 18:16 . 2011-10-14 18:16 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\50da9308aea01ad914cc87509dd968ec\System.Data.Services.Design.ni.dll
    - 2011-10-14 13:51 . 2011-10-14 13:51 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
    - 2011-10-14 13:53 . 2011-10-14 13:53 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\66a5094e521e34aecd51e4bae30ac266\System.Configuration.Install.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\66a5094e521e34aecd51e4bae30ac266\System.Configuration.Install.ni.dll
    - 2011-10-14 18:07 . 2011-10-14 18:07 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6294f61f25c953212b92b7e13a0fd9c1\SMDiagnostics.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6294f61f25c953212b92b7e13a0fd9c1\SMDiagnostics.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\aae0c17e133300ab45fb897647cdd8d7\PresentationFramework.Luna.ni.dll
    - 2011-10-14 13:53 . 2011-10-14 13:53 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\aae0c17e133300ab45fb897647cdd8d7\PresentationFramework.Luna.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9ad023d8c5d5925e50b96c0d63da0235\PresentationFramework.Royale.ni.dll
    - 2011-10-14 13:53 . 2011-10-14 13:53 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9ad023d8c5d5925e50b96c0d63da0235\PresentationFramework.Royale.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b57fb7ab01951581394186c32cd278b\PresentationFramework.Classic.ni.dll
    - 2011-10-14 13:53 . 2011-10-14 13:53 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b57fb7ab01951581394186c32cd278b\PresentationFramework.Classic.ni.dll
    - 2011-10-14 13:53 . 2011-10-14 13:53 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
    + 2012-01-12 14:50 . 2010-11-12 23:33 626688 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.resources.dll
    - 2009-09-09 10:02 . 2009-09-09 10:02 626688 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.resources.dll
    + 2012-01-12 14:50 . 2011-12-25 20:40 5263360 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Web.dll
    + 2012-01-12 14:50 . 2011-12-25 20:42 5255168 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
    + 2012-01-13 06:53 . 2012-01-13 06:53 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\bb70e6c85f728c359f1853e2d994dbae\WindowsBase.ni.dll
    - 2011-10-14 13:40 . 2011-10-14 13:40 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\bb70e6c85f728c359f1853e2d994dbae\WindowsBase.ni.dll
    - 2011-10-14 13:39 . 2011-10-14 13:39 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\372dfe1a5b9ed9217b0f491ba07745d2\System.Xml.ni.dll
    + 2012-01-13 06:55 . 2012-01-13 06:55 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\372dfe1a5b9ed9217b0f491ba07745d2\System.Xml.ni.dll
    + 2012-01-13 06:55 . 2012-01-13 06:55 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\45339e741d73e8f1f9393df8163c8c00\System.Workflow.Runtime.ni.dll
    + 2012-01-13 06:55 . 2012-01-13 06:55 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\48ef2f59740ad3d438d0514b335dd334\System.Workflow.ComponentModel.ni.dll
    + 2012-01-13 06:55 . 2012-01-13 06:55 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\7972e04df268430da009e63e90ff4ca9\System.Workflow.Activities.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\8d374a0a9c49f485a7ce6e89ec354b4c\System.Web.Services.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\d12c2299179cb05591cf08c8712a6495\System.Runtime.Remoting.ni.dll
    - 2011-10-14 13:44 . 2011-10-14 13:44 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\4b0fd98f11e1e243efcfb810c170decf\System.EnterpriseServices.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\4b0fd98f11e1e243efcfb810c170decf\System.EnterpriseServices.ni.dll
    + 2012-01-13 06:54 . 2012-01-13 06:54 2311168 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\7913f5c6b6fc7a75b2b8f558bb7b5568\System.Drawing.ni.dll
    - 2011-10-14 13:40 . 2011-10-14 13:40 2311168 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\7913f5c6b6fc7a75b2b8f558bb7b5568\System.Drawing.ni.dll
    - 2011-10-14 13:43 . 2011-10-14 13:43 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\3623e2ad193bcccf00ac1107d4f62236\System.DirectoryServices.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\3623e2ad193bcccf00ac1107d4f62236\System.DirectoryServices.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\9c394336e3ce35330907d1c51c47951c\System.Deployment.ni.dll
    - 2011-10-14 13:40 . 2011-10-14 13:40 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\9c394336e3ce35330907d1c51c47951c\System.Deployment.ni.dll
    - 2011-10-14 13:44 . 2011-10-14 13:44 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\4cfb4616eb3af7f91c1ea7113465860b\System.Data.ni.dll
    + 2012-01-13 06:54 . 2012-01-13 06:54 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\4cfb4616eb3af7f91c1ea7113465860b\System.Data.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\32cf78868a7f90ad05525253a2540e1f\System.Data.SqlXml.ni.dll
    - 2011-10-14 13:39 . 2011-10-14 13:39 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\32cf78868a7f90ad05525253a2540e1f\System.Data.SqlXml.ni.dll
    - 2011-10-14 13:45 . 2011-10-14 13:45 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\03c0fa3f53e9ddf45a7dce06ae740de8\System.Data.OracleClient.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\03c0fa3f53e9ddf45a7dce06ae740de8\System.Data.OracleClient.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fe860189c078d45125ca6366495fd414\System.Configuration.ni.dll
    - 2011-10-14 13:39 . 2011-10-14 13:39 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fe860189c078d45125ca6366495fd414\System.Configuration.ni.dll
    + 2012-01-13 06:51 . 2012-01-13 06:51 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
    - 2011-10-14 13:51 . 2011-10-14 13:51 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
    + 2012-01-13 06:51 . 2012-01-13 06:51 7963648 c:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
    - 2011-10-14 13:50 . 2011-10-14 13:50 7963648 c:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 5453312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
    - 2011-10-14 13:51 . 2011-10-14 13:51 5453312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\ad68aa9e6fa1ec8005e1f604579a76be\System.Workflow.Runtime.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 4515840 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\00b0a14ef5cb0154db7989da39a7f1e5\System.Workflow.ComponentModel.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\54873f241a4ad6d2a13e48d2da444538\System.Workflow.Activities.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\be4f1d78d06979df7fd08dedf0d8c804\System.Web.Services.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\a90f033a5a062ff29f7df8f9edc1a80c\System.Web.Extensions.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\828e31a37bfd9d432083be6307845630\System.ServiceModel.Web.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
    - 2011-10-14 18:07 . 2011-10-14 18:07 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c0d9df88f2b37d14cf416281364c5b7f\System.IdentityModel.ni.dll
    - 2011-10-14 13:51 . 2011-10-14 13:51 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f78fa584bb78607b65e8872d925a96af\System.DirectoryServices.ni.dll
    - 2011-10-14 13:52 . 2011-10-14 13:52 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f78fa584bb78607b65e8872d925a96af\System.DirectoryServices.ni.dll
    - 2011-10-14 13:51 . 2011-10-14 13:51 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\dd2070ee8e6e28ac8dc658404c50ebde\System.Deployment.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\dd2070ee8e6e28ac8dc658404c50ebde\System.Deployment.ni.dll
    - 2011-10-14 13:52 . 2011-10-14 13:52 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\75ab0cb54049a01ad53c7a022897e98e\System.Data.SqlXml.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\91ee2a5b20d39be70a1d4e39ca9e23bf\System.Data.Services.Client.ni.dll
    - 2011-10-14 18:16 . 2011-10-14 18:16 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\91ee2a5b20d39be70a1d4e39ca9e23bf\System.Data.Services.Client.ni.dll
    - 2011-10-14 13:53 . 2011-10-14 13:53 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\1171b168dc6db0132146d8e26ae00d22\System.Data.OracleClient.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\1171b168dc6db0132146d8e26ae00d22\System.Data.OracleClient.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\9d9e419b7157083a5a246768b29dd92f\System.Data.Linq.ni.dll
    - 2011-10-14 18:16 . 2011-10-14 18:16 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\9d9e419b7157083a5a246768b29dd92f\System.Data.Linq.ni.dll
    - 2011-10-14 18:15 . 2011-10-14 18:15 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\de785592a16c949cfb67da6781acd156\System.Data.Entity.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\de785592a16c949cfb67da6781acd156\System.Data.Entity.ni.dll
    - 2011-10-14 18:09 . 2011-10-14 18:09 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\a31ec9cb215741ea987630aa277ea658\Microsoft.Transactions.Bridge.ni.dll
    - 2011-10-14 18:08 . 2011-10-14 18:08 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\a31ec9cb215741ea987630aa277ea658\Microsoft.Transactions.Bridge.ni.dll
    - 2011-06-02 10:13 . 2010-11-05 01:53 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
    + 2012-01-12 14:50 . 2011-12-25 20:42 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
    + 2012-01-12 14:50 . 2011-12-25 20:40 5263360 c:\windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
    + 2012-01-12 14:50 . 2011-12-25 20:42 5255168 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
    + 2012-01-13 06:53 . 2012-01-13 06:53 10618880 c:\windows\assembly\NativeImages_v2.0.50727_64\System\8c862eb9bcba031e1479974a7d62aa0b\System.ni.dll
    - 2011-10-14 13:39 . 2011-10-14 13:39 10618880 c:\windows\assembly\NativeImages_v2.0.50727_64\System\8c862eb9bcba031e1479974a7d62aa0b\System.ni.dll
    - 2011-10-14 13:41 . 2011-10-14 13:41 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\bc4df91390f1b827ecb62a2edd0d1894\System.Windows.Forms.ni.dll
    + 2012-01-13 06:54 . 2012-01-13 06:54 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\bc4df91390f1b827ecb62a2edd0d1894\System.Windows.Forms.ni.dll
    + 2012-01-13 15:35 . 2012-01-13 15:35 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\ab920a032a9b63aa07f26c5592d7c72c\System.Web.ni.dll
    + 2012-01-13 06:54 . 2012-01-13 06:54 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\665178c1ccfd538896eaa0fff283b6ef\System.Design.ni.dll
    + 2012-01-13 06:54 . 2012-01-13 06:54 19195392 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\92eba0d443a423072e9c4b7ca1eec4cd\PresentationFramework.ni.dll
    - 2011-10-14 13:43 . 2011-10-14 13:43 19195392 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\92eba0d443a423072e9c4b7ca1eec4cd\PresentationFramework.ni.dll
    - 2011-10-14 13:40 . 2011-10-14 13:40 16540160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\11214511a256f136b8425bdd316b47c9\PresentationCore.ni.dll
    + 2012-01-13 06:53 . 2012-01-13 06:53 16540160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\11214511a256f136b8425bdd316b47c9\PresentationCore.ni.dll
    - 2011-10-14 13:38 . 2011-10-14 13:38 15568384 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\1d2d3e57724bcacaea5e41063dc565c1\mscorlib.ni.dll
    + 2012-01-13 06:53 . 2012-01-13 06:53 15568384 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\1d2d3e57724bcacaea5e41063dc565c1\mscorlib.ni.dll
    - 2011-10-14 13:52 . 2011-10-14 13:52 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\b41e38edbd6dfe20997f6ea7c080aceb\System.Web.ni.dll
    + 2012-01-13 15:34 . 2012-01-13 15:34 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\7bc7e33d4568a214f226cdb6a161a37a\System.ServiceModel.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\70f9f6de6dc9611157ed563bdb4e79a4\System.Design.ni.dll
    - 2011-10-14 13:52 . 2011-10-14 13:52 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
    + 2012-01-13 06:52 . 2012-01-13 06:52 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
    - 2011-10-14 13:51 . 2011-10-14 13:51 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
    + 2012-01-13 06:51 . 2012-01-13 06:51 11490304 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
    - 2011-10-14 13:49 . 2011-10-14 13:49 11490304 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
    .
    – Snapshot teruggezet naar huidige datum –
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitComet"="k:\program files (x86)\BitLord\BitLord.exe" [2005-05-07 2224128]
    "Steam"="d:\program files (x86)\PacSteamT\steam.exe" [2011-08-15 1242448]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
    "ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
    "QuickTime Task"="k:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
    "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "AOD"="c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" [2011-07-28 361984]
    .
    c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    ToolBox.lnk - d:\program files (x86)\ToolBox v2.97j\toolbox.exe [2011-7-7 2193408]
    Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-12-15 3527576]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-3-14 113664]
    Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe [2010-1-22 1773568]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync
    estart
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [x]
    R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Webzen\ArchLord\GameGuard\dump_wmimmc.sys [x]
    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
    R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [x]
    R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
    R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2010-09-10 348160]
    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
    R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
    S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
    S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
    S1 DLACDBHE;DLACDBHE;c:\windows\system32\Drivers\DLACDBHE.SYS [x]
    S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS [x]
    S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
    S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
    S2 DLABMFSE;DLABMFSE;c:\windows\system32\DLA\DLABMFSE.SYS [x]
    S2 DLABOIOE;DLABOIOE;c:\windows\system32\DLA\DLABOIOE.SYS [x]
    S2 DLADResE;DLADResE;c:\windows\system32\DLA\DLADResE.SYS [x]
    S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\DLA\DLAIFS_E.SYS [x]
    S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\DLA\DLAOPIOE.SYS [x]
    S2 DLAPoolE;DLAPoolE;c:\windows\system32\DLA\DLAPoolE.SYS [x]
    S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\DLA\DLAUDF_E.SYS [x]
    S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\DLA\DLAUDFAE.SYS [x]
    S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS [x]
    S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
    S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
    S2 TeamViewer6;TeamViewer 6;d:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
    S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
    S3 ALSysIO;ALSysIO;c:\users\Milan\AppData\Local\Temp\ALSysIO64.sys [x]
    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
    S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS
    etr28ux.sys [x]
    S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - ALSYSIO
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
    c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [BU]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
    @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
    @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
    @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
    @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
    @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
    @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
    @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
    @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
    @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
    2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-09 171520]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    mSearch Bar = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
    TCP: Interfaces\{AB8621B3-0285-48BA-8FC8-F1846E2DBB3F}: DhcpNameServer = 192.168.0.1
    FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qvqeg9e1.default\
    FF - prefs.js: browser.startup.homepage - www.google.nl
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\services
    pggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0&quo
  • Ugh, zit ik weer aan het tekenlimiet..
    Hier de volledige log:
    http://pastebin.com/KVt8nMxv
  • Dat laatste gedeelte had je gewoon in een volgend bericht kunnen posten!

    Maar vertel, hoe doet jouw Windows het nu?

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.