Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Combofix logje

Anoniem
Othuroyo
13 antwoorden
  • ComboFix 09-02-18.01 - Sadik 2009-02-19 20:59:08.1 - NTFSx86
    Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1043.18.2046.1131 [GMT 1:00]
    Gestart vanuit: c:\users\Sadik\Downloads\ComboFix.exe
    AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
    FW: ESET Personal firewall *disabled*
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\Tasks\opzelegl.job

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2009-01-19 to 2009-02-19 ))))))))))))))))))))))))))))))
    .

    2009-02-19 03:09 . 2006-09-05 17:03 3,968 –a—— c:\windows\System32\drivers\AvgAsCln.sys
    2009-02-15 21:05 . 2008-01-07 14:29 352 –ah—– c:\windows
    od32fixtemdono.reg
    2009-02-15 21:03 . 2009-02-15 21:03 <DIR> d——– c:\users\Sadik\AppData\Roaming\ESET
    2009-02-15 21:02 . 2009-02-15 21:02 <DIR> d——– c:\programdata\ESET
    2009-02-15 21:02 . 2009-02-15 21:02 <DIR> d——– c:\program files\ESET
    2009-02-14 20:35 . 2009-02-14 20:35 <DIR> d——– c:\users\Sadik\AppData\Roaming\Anonymizer
    2009-02-14 20:35 . 2009-02-14 20:35 <DIR> d——– c:\programdata\Anonymizer
    2009-02-14 20:35 . 2009-02-14 20:35 <DIR> d–h—– c:\programdata\{773E7240-B347-4DFF-A6EF-6E829EDD59DF}
    2009-02-14 20:35 . 2009-02-14 20:35 <DIR> d——– c:\program files\Anonymizer
    2009-02-14 18:23 . 2009-02-14 18:26 <DIR> d——– C:\Perl
    2009-02-13 00:09 . 2009-02-13 00:09 <DIR> d——– c:\users\Sadik\AppData\Roaming\atitray
    2009-02-13 00:08 . 2009-02-13 00:08 <DIR> d——– c:\program files\Ray Adams
    2009-02-12 19:54 . 2008-10-10 04:52 4,379,984 –a—— c:\windows\System32\D3DX9_40.dll
    2009-02-12 19:54 . 2008-07-10 11:00 3,851,784 –a—— c:\windows\System32\D3DX9_39.dll
    2009-02-12 19:54 . 2008-10-27 10:04 514,384 –a—— c:\windows\System32\XAudio2_3.dll
    2009-02-12 19:54 . 2008-07-30 06:20 509,448 –a—— c:\windows\System32\XAudio2_2.dll
    2009-02-12 19:54 . 2008-10-27 10:04 70,992 –a—— c:\windows\System32\XAPOFX1_2.dll
    2009-02-12 19:54 . 2008-07-30 06:20 68,616 –a—— c:\windows\System32\XAPOFX1_1.dll
    2009-02-12 19:54 . 2008-10-27 10:04 23,376 –a—— c:\windows\System32\X3DAudio1_5.dll
    2009-02-12 19:26 . 2009-02-12 19:47 <DIR> d——– c:\program files\F.E.A.R. 2
    2009-02-12 15:22 . 2008-06-20 02:14 781,344 –a—— c:\windows\System32\PresentationNative_v0300.dll
    2009-02-12 15:22 . 2008-06-20 02:14 622,080 –a—— c:\windows\System32\icardagt.exe
    2009-02-12 15:22 . 2008-06-20 02:14 326,160 –a—— c:\windows\System32\PresentationHost.exe
    2009-02-12 15:22 . 2008-06-20 02:14 105,016 –a—— c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
    2009-02-12 15:22 . 2008-06-20 02:14 97,800 –a—— c:\windows\System32\infocardapi.dll
    2009-02-12 15:22 . 2008-06-20 02:14 43,544 –a—— c:\windows\System32\PresentationHostProxy.dll
    2009-02-12 15:22 . 2008-06-20 02:14 37,384 –a—— c:\windows\System32\infocardcpl.cpl
    2009-02-12 15:22 . 2008-06-20 02:14 11,264 –a—— c:\windows\System32\icardres.dll
    2009-02-12 15:14 . 2008-07-27 19:03 282,112 –a—— c:\windows\System32\mscoree.dll
    2009-02-12 15:14 . 2008-07-27 19:03 158,720 –a—— c:\windows\System32\mscorier.dll
    2009-02-12 15:14 . 2008-07-27 19:03 96,760 –a—— c:\windows\System32\dfshim.dll
    2009-02-12 15:14 . 2008-07-27 19:03 83,968 –a—— c:\windows\System32\mscories.dll
    2009-02-12 15:14 . 2008-07-27 19:03 41,984 –a—— c:\windows\System32
    etfxperf.dll
    2009-02-12 15:13 . 2008-12-05 05:32 428,544 –a—— c:\windows\System32\EncDec.dll
    2009-02-12 15:13 . 2008-12-05 05:32 293,376 –a—— c:\windows\System32\psisdecd.dll
    2009-02-12 15:13 . 2008-12-05 05:31 217,088 –a—— c:\windows\System32\psisrndr.ax
    2009-02-12 15:13 . 2008-12-05 05:31 177,664 –a—— c:\windows\System32\mpg2splt.ax
    2009-02-12 15:13 . 2008-12-05 05:31 80,896 –a—— c:\windows\System32\MSNP.ax
    2009-02-11 22:33 . 2009-02-11 22:56 <DIR> d——– c:\program files\Google
    2009-02-11 19:06 . 2009-02-15 20:49 <DIR> d——– C:\FEAR 2
    2009-02-11 16:53 . 2009-01-15 04:36 1,383,424 –a—— c:\windows\System32\mshtml.tlb
    2009-02-11 16:53 . 2009-01-15 07:11 827,392 –a—— c:\windows\System32\wininet.dll
    2009-01-25 23:20 . 2009-01-25 23:22 <DIR> d——– c:\users\Sadik\.housecall6.6
    2009-01-24 22:59 . 2009-01-26 12:10 <DIR> d—-c— c:\windows\System32\DRVSTORE
    2009-01-24 17:06 . 2009-01-24 17:06 <DIR> d——– c:\programdata\Futuremark
    2009-01-24 12:12 . 2009-01-24 12:12 <DIR> d——– c:\programdata\Apple Computer
    2009-01-24 12:12 . 2009-01-24 12:13 <DIR> d——– c:\program files\QuickTime
    2009-01-23 14:23 . 2009-01-23 14:26 <DIR> d——– c:\programdata\NexonEU
    2009-01-23 14:10 . 2009-01-23 14:10 <DIR> d——– C:\Nexon
    2009-01-23 14:10 . 2009-01-23 14:10 421,888 –a—— c:\windows\NEXON_EU_DownloaderUpdater.exe
    2009-01-21 17:06 . 2009-01-21 17:06 <DIR> d——– c:\program files\Microsoft
    2009-01-20 22:05 . 2009-01-20 22:04 171,136 -rahs—- C:\grldr

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-02-16 13:28 ——— d—–w c:\programdata\Lavasoft
    2009-02-16 13:27 ——— d—–w c:\program files\Common Files\Wise Installation Wizard
    2009-02-15 19:50 ——— d—–w c:\program files\Error Repair Professional
    2009-02-15 19:10 ——— d—–w c:\program files\Messenger Plus! Live
    2009-02-12 21:49 ——— d—–w c:\program files\VDOWNLOADER
    2009-02-12 17:24 ——— d–h–w c:\program files\InstallShield Installation Information
    2009-02-12 14:49 ——— d—–w c:\program files\Windows Mail
    2009-02-08 21:55 ——— d—–w c:\users\Sadik\AppData\Roaming\LimeWire
    2009-02-04 22:22 ——— d—–w c:\program files\Common Files\Steam
    2009-02-03 00:15 201,352 —-a-w c:\windows\System32\PnkBstrB.exe
    2009-02-03 00:15 140,216 —-a-w c:\windows\system32\drivers\PnkBstrK.sys
    2009-01-23 13:43 ——— d—–w c:\programdata\Media Center Programs
    2009-01-22 21:06 66,872 —-a-w c:\windows\System32\PnkBstrA.exe
    2009-01-20 15:16 240,128 —-a-w c:\windows\system32\drivers\royal.sys
    2009-01-18 11:46 ——— d—–w c:\users\Sadik\AppData\Roaming\Autodesk
    2009-01-18 11:46 ——— d—–w c:\programdata\Autodesk
    2009-01-16 16:05 ——— d—–w c:\users\Sadik\AppData\Roaming\vlc
    2009-01-16 15:46 ——— d—–w c:\program files\VideoLAN
    2009-01-14 22:44 ——— d—–w c:\program files\LimeWire
    2009-01-14 18:40 ——— d—–w c:\program files\HP
    2009-01-14 17:21 ——— d—–w c:\program files\Common Files\Autodesk Shared
    2009-01-14 17:20 ——— d—–w c:\program files\AutoCAD 2009
    2009-01-13 16:04 ——— d—–w c:\program files\Lavasoft
    2009-01-10 17:04 ——— d—–w c:\users\Sadik\AppData\Roaming\DivX
    2009-01-10 16:42 ——— d—–w c:\program files\DivX
    2009-01-10 16:42 ——— d—–w c:\program files\Common Files\PX Storage Engine
    2009-01-10 16:36 505,128 —-a-w c:\windows\System32\msvcp71.dll
    2009-01-10 16:36 29,480 —-a-w c:\windows\System32\msxml3a.dll
    2009-01-05 22:38 ——— d—–w c:\program files\Athan
    2009-01-05 22:37 737,280 —-a-w c:\windows\iun6002.exe
    2009-01-05 21:24 ——— d—–w c:\programdata\InstallShield
    2009-01-05 21:23 ——— d—–w c:\program files\Common Files\InstallShield
    2009-01-02 23:14 ——— d—–w c:\program files\HD Tune Pro
    2009-01-02 22:23 ——— d—–w c:\program files\Metin2_Turkey
    2009-01-02 14:30 ——— d—–w c:\program files\Robster Productions
    2009-01-02 14:15 ——— d—–w c:\users\Sadik\AppData\Roaming\gtk-2.0
    2009-01-02 12:49 ——— d—–w c:\users\Sadik\AppData\Roaming\ArcticLine
    2009-01-02 12:48 ——— d—–w c:\program files\Folder Marker
    2009-01-01 18:52 ——— d—–w c:\users\Sadik\AppData\Roaming\CyberLink
    2009-01-01 18:52 ——— d—–w c:\programdata\CyberLink
    2009-01-01 18:50 ——— d—–w c:\program files\CyberLink
    2009-01-01 18:50 ——— d—–w c:\program files\Common Files\CyberLink
    2009-01-01 18:48 353,576 —-a-w c:\windows\System32\msvcr71.dll
    2009-01-01 18:48 ——— d—–w c:\programdata\Temp
    2009-01-01 02:12 ——— d—–w c:\programdata\Age of Empires 3
    2009-01-01 02:06 ——— d—–w c:\program files\Common Files\Microsoft Games
    2008-12-31 22:28 ——— d—–w c:\program files\Trend Micro
    2008-12-31 18:19 409,600 —-a-w c:\windows\System32\wrap_oal.dll
    2008-12-31 18:19 114,688 —-a-w c:\windows\System32\OpenAL32.dll
    2008-12-31 18:17 ——— d–h–w c:\program files\Creative Installation Information
    2008-12-31 18:17 ——— d—–w c:\program files\Creative
    2008-12-31 14:12 22,328 —-a-w c:\users\Sadik\AppData\Roaming\PnkBstrK.sys
    2008-12-29 20:48 0 —ha-w c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
    2008-12-26 02:16 410,984 —-a-w c:\windows\System32\deploytk.dll
    2008-12-26 02:16 ——— d—–w c:\program files\Java
    2008-12-26 00:38 107,888 —-a-w c:\windows\System32\CmdLineExt.dll
    2008-12-26 00:36 2,250,024 —-a-w c:\windows\System32\pbsvc.exe
    2008-12-24 19:01 ——— d—–w c:\program files\Common Files\Futuremark Shared
    2008-12-24 19:00 ——— d—–w c:\program files\Futuremark
    2008-12-24 19:00 ——— d—–w c:\program files\AGEIA Technologies
    2008-12-24 10:59 ——— d—–w c:\program files\Microsoft ActiveSync
    2008-12-24 10:58 ——— d—–w c:\program files\Microsoft.NET
    2008-12-24 10:57 ——— d—–w c:\users\Sadik\AppData\Roaming\DAEMON Tools Lite
    2008-12-24 10:56 ——— d—–w c:\users\Sadik\AppData\Roaming\DAEMON Tools Pro
    2008-12-24 10:56 ——— d—–w c:\users\Sadik\AppData\Roaming\DAEMON Tools
    2008-12-24 07:52 ——— d—–w c:\programdata\DAEMON Tools Lite
    2008-12-24 07:51 ——— d—–w c:\program files\DAEMON Tools Lite
    2008-12-24 07:49 ——— d—–w c:\programdata\NOS
    2008-12-24 07:49 ——— d—–w c:\program files\NOS
    2008-12-24 02:44 ——— d—–w c:\users\Sadik\AppData\Roaming\Sony
    2008-12-24 02:44 ——— d—–w c:\programdata\Sony
    2008-12-24 02:43 ——— d—–w c:\program files\Sony
    2008-12-24 02:43 ——— d—–w c:\program files\Common Files\Sony Shared
    2008-12-24 02:39 ——— d—–w c:\programdata\Apple
    2008-12-24 02:39 ——— d—–w c:\program files\Apple Software Update
    2008-12-24 02:36 ——— d—–w c:\users\Sadik\AppData\Roaming\Sony Setup
    2008-12-24 02:36 ——— d—–w c:\program files\Sony Setup
    2008-12-24 02:28 717,296 —-a-w c:\windows\system32\drivers\sptd.sys
    2008-12-24 01:49 ——— d—–w c:\program files\Common Files\Adobe
    2008-12-23 22:35 ——— d—–w c:\users\Sadik\AppData\Roaming\Ubisoft
    2008-12-23 21:52 ——— d—–w c:\programdata\Ubisoft
    2008-12-23 21:42 ——— d—–w c:\users\Sadik\AppData\Roaming\InstallShield
    2008-12-22 12:51 0 —ha-w c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
    2008-12-22 02:35 ——— d—–w c:\program files\MSXML 4.0
    2008-12-22 02:30 0 —ha-w c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
    2008-12-22 00:34 ——— d—–w c:\users\Sadik\AppData\Roaming\Ahead
    2008-12-22 00:31 ——— d—–w c:\programdata\Ahead
    2008-12-22 00:30 ——— d—–w c:\program files\Common Files\Ahead
    2008-12-22 00:29 ——— d—–w c:\programdata\Nero
    2008-12-22 00:29 ——— d—–w c:\program files\Nero
    2008-12-22 00:19 0 —ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
    2008-12-21 17:56 ——— d—–w c:\program files\Windows Live Safety Center
    2008-12-21 17:10 ——— d—–w c:\programdata\Messenger Plus!
    2008-12-21 16:34 ——— d—–w c:\program files\BitComet
    2008-12-21 16:06 ——— dcsh–w c:\program files\Common Files\WindowsLiveInstaller
    2008-12-21 16:06 ——— d—–w c:\program files\Windows Live
    2008-12-21 16:04 ——— d—–w c:\programdata\WLInstaller
    2008-12-21 15:58 ——— d—–w c:\programdata\Creative
    2008-12-21 15:57 ——— d—–w c:\users\Sadik\AppData\Roaming\Creative
    2008-12-21 15:50 ——— d—–w c:\program files\Common Files\Creative
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
    "Steam"="d:\steam\steam.exe" [2008-12-21 1410296]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "AtiTrayTools"="c:\program files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-05-22 521128]
    "ErrorRepairPro"="c:\program files\Error Repair Professional\autostart.exe" [2008-02-18 497664]
    "Anonymizer"="c:\program files\Anonymizer\Anonymizer Software\Anonymizer.exe" [2008-11-17 1557176]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
    "WheelMouse"="c:\program files\Trust\GM-4600 Gamer Mouse\Amoumain.exe" [2007-03-13 196608]
    "snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968]
    "VolPanel"="c:\program files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" [2007-02-28 180224]
    "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
    "Athan"="c:\program files\Athan\Athan.exe" [2005-09-12 937984]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
    "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
    "P17RunE"="P17RunE.dll" [2007-04-09 c:\windows\System32\P17RunE.dll]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{38BFAE7B-2D1D-40C2-8BD1-5778042B799C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{D6D22824-EC8E-4E04-915F-29C343E6FD9C}"= UDP:d:\battlefield 2\BF2.exe:Battlefield 2
    "{EC13292E-4B25-4ED7-95F1-26DBFB1EA0F0}"= TCP:d:\battlefield 2\BF2.exe:Battlefield 2
    "TCP Query User{52E19954-0EFC-4E48-AA50-9BE9D6CD2EF3}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
    "UDP Query User{0FA1CAB9-5905-4B8C-8FC6-F1841269E8F4}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
    "{7A4DC5E5-1211-4AB3-A19B-2D5680D43D7A}"= UDP:d:\company of heroes\RelicCOH.exe:Company of Heroes
    "{0F7F78A1-05C1-4759-A61E-560863AB9AE5}"= TCP:d:\company of heroes\RelicCOH.exe:Company of Heroes
    "TCP Query User{E87C746E-F0C3-4850-B1E4-EDBC02FE40C1}d:\\steam\\steamapps\\baris_sadik\\insurgency\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\insurgency\hl2.exe:hl2
    "UDP Query User{85FD4441-03D6-431D-B499-8193E5C935EE}d:\\steam\\steamapps\\baris_sadik\\insurgency\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\insurgency\hl2.exe:hl2
    "TCP Query User{1545CF23-C4E3-4470-967A-E7C682CEC91B}d:\\steam\\steamapps\\baris_sadik\\counter-strike source\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\counter-strike source\hl2.exe:hl2
    "UDP Query User{73C3A849-0490-481D-9F2B-0BE809E1276A}d:\\steam\\steamapps\\baris_sadik\\counter-strike source\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\counter-strike source\hl2.exe:hl2
    "TCP Query User{D768A7AE-4E42-4AF8-9FA3-27E9773CA304}d:\\steam\\steamapps\\baris_sadik\\garrysmod\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\garrysmod\hl2.exe:hl2
    "UDP Query User{E6240DFA-064D-4C33-9275-138DEBBBC39B}d:\\steam\\steamapps\\baris_sadik\\garrysmod\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\garrysmod\hl2.exe:hl2
    "{B3696E2A-958A-4CAA-B73C-EF93AEBFB0F3}"= UDP:23048:bitcomet1
    "{01CF1D05-F1B2-4673-A7F1-A6D687F2732F}"= TCP:23048:bitcomet1.1
    "{7C192EB4-4EAA-4251-B861-CE7C1960AE43}"= UDP:d:\assasins creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
    "{D219F45F-F049-4F93-ACC1-256D8120354C}"= TCP:d:\assasins creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
    "{8573CDE6-14FA-4D8C-8E35-F5A99E467F4D}"= UDP:d:\assasins creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
    "{36B55007-F954-4CBD-9369-BDE3CBDCE40D}"= TCP:d:\assasins creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
    "{BF454C73-6D20-41F3-9D00-2FD9CC482605}"= UDP:d:\assasins creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
    "{70B39965-287A-45B8-A578-E5EE950D4380}"= TCP:d:\assasins creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
    "{8AB5A2DE-687D-4EEC-B5DD-EB6D1107276C}"= UDP:d:\crysis\Bin32\Crysis.exe:Crysis_32
    "{A1A9C553-158A-454F-B18A-3911D4D4BDAB}"= TCP:d:\crysis\Bin32\Crysis.exe:Crysis_32
    "{3EDF14D3-F816-4E2E-BDF3-FC32E9DE5A38}"= UDP:d:\crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
    "{393F8113-D4AE-4B00-B681-ABBB36361429}"= TCP:d:\crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
    "{B613C33A-706C-4F2D-BD08-29AF3FCFB32F}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
    "{043F9B1F-840F-4B03-9EC8-DC7A83E43850}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
    "{9B7FECDC-F105-4E24-B33A-EF43FFE1818B}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
    "{B1BD6C4E-4C5E-4C81-989A-FC12605568D2}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
    "TCP Query User{B70B1A0D-AE15-4B2E-895F-5BE656927FA4}d:\\steam\\steamapps\\baris_sadik\\condition zero\\hl.exe"= UDP:d:\steam\steamapps\baris_sadik\condition zero\hl.exe:Half-Life Launcher
    "UDP Query User{D225EFF6-E408-4039-AB3F-1EC0165D0CF0}d:\\steam\\steamapps\\baris_sadik\\condition zero\\hl.exe"= TCP:d:\steam\steamapps\baris_sadik\condition zero\hl.exe:Half-Life Launcher
    "TCP Query User{BEDB7213-410F-4080-B51C-6AAAFF4C4233}d:\\steam\\steamapps\\baris_sadik\\counter-strike\\hl.exe"= UDP:d:\steam\steamapps\baris_sadik\counter-strike\hl.exe:Half-Life Launcher
    "UDP Query User{964987BE-E75E-41BD-A9B4-E72BE8266001}d:\\steam\\steamapps\\baris_sadik\\counter-strike\\hl.exe"= TCP:d:\steam\steamapps\baris_sadik\counter-strike\hl.exe:Half-Life Launcher
    "{2F18F0D1-0541-41DF-8BB0-BC5CB9127A35}"= UDP:c:\program files\Sony\Media Manager for WALKMAN\MediaManager.exe:Media Manager for WALKMAN 1.2
    "{4ACEBD31-B8F2-4AA8-84B5-86EE1D064D25}"= TCP:c:\program files\Sony\Media Manager for WALKMAN\MediaManager.exe:Media Manager for WALKMAN 1.2
    "{7DDB4087-28BA-41ED-8BCE-8C481E80B948}"= UDP:d:\far cry 2\bin\FarCry2.exe:Far Cry 2
    "{DA106CB4-F1D4-4103-A2FE-E27453173497}"= TCP:d:\far cry 2\bin\FarCry2.exe:Far Cry 2
    "{E454078D-3ED7-4AAE-A468-DF0231D1FD4B}"= UDP:d:\far cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
    "{AA224F9B-9C29-4F71-B002-42A95FFA9BAB}"= TCP:d:\far cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
    "{B143BA48-6062-40D3-9230-3D5AB8BFD1FA}"= UDP:d:\far cry 2\bin\FC2Editor.exe:Editor
    "{3AE75AF0-8FBC-41BE-8910-F5D1F2B6F4FB}"= TCP:d:\far cry 2\bin\FC2Editor.exe:Editor
    "{6BF9DDA3-DC93-4FD4-94E5-77A23AB473B3}"= UDP:d:\call of duty 4 modern warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "{66560A0E-D3DE-468A-AC39-140DEEF3B85D}"= TCP:d:\call of duty 4 modern warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "{8509792F-93FC-47A2-92C5-E1F59CF22D64}"= UDP:d:\age of empires iii\age3.exe:Age of Empires III
    "{155C8F43-795F-41EA-99D4-C805AE278095}"= TCP:d:\age of empires iii\age3.exe:Age of Empires III
    "{227138F3-6E44-4F71-98AD-386AF37642A7}"= c:\program files\CyberLink\PowerDVD8\PowerDVD8.EXE:CyberLink PowerDVD 8.0
    "TCP Query User{D0A3D7CA-5EED-4EB0-B345-5389BFFA4669}c:\\users\\sadik\\desktop\\pack-smileys-blue-class-crystalxp.net-en-894\\packmatronic 1.0 crystalxp.exe"= UDP:c:\users\sadik\desktop\pack-smileys-blue-class-crystalxp.net-en-894\packmatronic 1.0 crystalxp.exe:packmatronic 1.0 crystalxp.exe
    "UDP Query User{DF5D4592-B31A-4CC9-9B8C-19DE4A0F20BF}c:\\users\\sadik\\desktop\\pack-smileys-blue-class-crystalxp.net-en-894\\packmatronic 1.0 crystalxp.exe"= TCP:c:\users\sadik\desktop\pack-smileys-blue-class-crystalxp.net-en-894\packmatronic 1.0 crystalxp.exe:packmatronic 1.0 crystalxp.exe
    "TCP Query User{0B11957C-B56C-4A7A-8C9A-29ADA2FE4FA9}d:\\steam\\steamapps\\baris_sadik\\zombie panic! source\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\zombie panic! source\hl2.exe:hl2
    "UDP Query User{E3BB89DC-56DD-4FE2-8CF2-BE93BE58872D}d:\\steam\\steamapps\\baris_sadik\\zombie panic! source\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\zombie panic! source\hl2.exe:hl2
    "TCP Query User{78F0F734-5B67-4708-B0EA-3C4514B2296E}d:\\steam\\steamapps\\baris_sadik\\day of defeat source\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\day of defeat source\hl2.exe:hl2
    "UDP Query User{7325866B-2FE4-4CCA-87C9-60E17049A00A}d:\\steam\\steamapps\\baris_sadik\\day of defeat source\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\day of defeat source\hl2.exe:hl2
    "TCP Query User{20896A36-514A-4B11-A8B2-841EFD54C235}d:\\steam\\steamapps\\baris_sadik\\synergy\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\synergy\hl2.exe:hl2
    "UDP Query User{47CF42FC-A65E-43DC-A4D9-3FB58450E526}d:\\steam\\steamapps\\baris_sadik\\synergy\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\synergy\hl2.exe:hl2
    "TCP Query User{08119E40-A230-4387-A8DB-687DE48DA351}d:\\steam\\steamapps\\baris_sadik\\half-life 2 deathmatch\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\half-life 2 deathmatch\hl2.exe:hl2
    "UDP Query User{EAF29220-992B-44AD-9F44-5D6510018EA6}d:\\steam\\steamapps\\baris_sadik\\half-life 2 deathmatch\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\half-life 2 deathmatch\hl2.exe:hl2
    "TCP Query User{F69DD863-522F-46B0-8961-82C799EB0419}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "UDP Query User{5EA777EC-762E-4718-A358-BE3A639A0E32}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "TCP Query User{C02D6B16-916E-472D-87BF-23D9FE89B6BA}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{D4C5093C-B1BC-4CE0-9073-7982938DE1A0}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
    "TCP Query User{7BE4ECFC-3AF0-49E0-9727-82B143834CED}c:\\program files\\metin2_turkey\\metin2.bin"= UDP:c:\program files\metin2_turkey\metin2.bin:metin2
    "UDP Query User{2A8670E3-43F5-46AF-811D-974202AADCE1}c:\\program files\\metin2_turkey\\metin2.bin"= TCP:c:\program files\metin2_turkey\metin2.bin:metin2
    "TCP Query User{73D844E0-CB5E-4076-949B-673CCBAAF82F}c:\
    exon\
    exon_eu_downloader\
    exon_eu_downloader_engine.exe"= UDP:c:
    exon
    exon_eu_downloader
    exon_eu_downloader_engine.exe:NEXON_EU_Downloader_Engine
    "UDP Query User{3E9424E4-DBF7-49B2-B5F1-E7BCEF78F5C6}c:\
    exon\
    exon_eu_downloader\
    exon_eu_downloader_engine.exe"= TCP:c:
    exon
    exon_eu_downloader
    exon_eu_downloader_engine.exe:NEXON_EU_Downloader_Engine
    "{B8C5C387-CE51-4CB9-80A0-297164BD517A}"= UDP:c:\programdata\NexonEU\NGM\NGM.exe:Nexon Game Manager
    "{3288549B-A411-4C4E-9DBB-10A8AECA1DB3}"= TCP:c:\programdata\NexonEU\NGM\NGM.exe:Nexon Game Manager
    "{F55CC4DB-93AF-438B-BAB3-C119CD2E7F74}"= UDP:d:\combat arms eu\NMService.exe:Nexon Messenger Core
    "{B80B1B19-5510-4586-9F68-1460D92DF64E}"= TCP:d:\combat arms eu\NMService.exe:Nexon Messenger Core
    "TCP Query User{D00BC63F-A580-4A77-A527-B8EC98E63053}c:\\program files\\proxyway\\proxyway.exe"= UDP:c:\program files\proxyway\proxyway.exe:ProxyWay
    "UDP Query User{CAFF68E3-13D8-4588-8A8F-844143FD7AD5}c:\\program files\\proxyway\\proxyway.exe"= TCP:c:\program files\proxyway\proxyway.exe:ProxyWay
    "TCP Query User{F0337197-7069-4ACF-8380-381A1A634441}c:\\program files\\anonymizer\\anonymizer software\\common\\anonproxy.exe"= UDP:c:\program files\anonymizer\anonymizer software\common\anonproxy.exe:AnonProxy
    "UDP Query User{F5BBD4BF-5244-4901-821E-8675AE801D01}c:\\program files\\anonymizer\\anonymizer software\\common\\anonproxy.exe"= TCP:c:\program files\anonymizer\anonymizer software\common\anonproxy.exe:AnonProxy

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 18088]
    R2 AnonMgmtSvc;Anonymizer Management Service;c:\program files\Anonymizer\Anonymizer Software\Common\AnonMgmtSvc.exe [2008-11-17 37560]
    R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
    S0 OemBiosDevice;Royalty OEM Bios Extension;c:\windows\System32\drivers\royal.sys [2008-12-22 240128]
    S2 gupdate1c98c9381221489;Google Update Service (gupdate1c98c9381221489);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
    S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2008-12-21 79360]

    — Andere Services/Drivers In Geheugen —

    *NewlyCreated* - AVGASCLN

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    bthsvcs REG_MULTI_SZ BthServ
    .
    Inhoud van de 'Gedeelde Taken' map

    2009-02-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

    2009-02-19 c:\windows\Tasks\GoogleUpdateTaskMachine.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 22:55]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
    IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
    IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
    FF - ProfilePath - c:\users\Sadik\AppData\Roaming\Mozilla\Firefox\Profiles\yeyevwnh.default\
    FF - prefs.js: browser.search.selectedEngine - qtl
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
    FF - prefs.js: network.proxy.http - 127.0.0.1
    FF - prefs.js: network.proxy.http_port - 81
    FF - prefs.js: network.proxy.socks - 127.0.0.1
    FF - prefs.js: network.proxy.socks_port - 81
    FF - prefs.js: network.proxy.ssl - 127.0.0.1
    FF - prefs.js: network.proxy.ssl_port - 81
    FF - prefs.js: network.proxy.type - 4
    1 bestand(en) zijn verplaatst.
    FF - component: c:\users\Sadik\AppData\Roaming\Mozilla\Firefox\Profiles\yeyevwnh.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
    FF - plugin: c:\program files\Google\Update\1.2.141.5
    pGoogleOneClick7.dll
    FF - plugin: c:\program files\Microsoft\Office Live
    pOLW.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins
    p-mswmp.dll
    FF - plugin: c:\programdata\NexonEU\NGM
    pNxGameeu.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-19 21:01:38
    Windows 6.0.6001 Service Pack 1 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2009-02-19 21:03:28
    ComboFix-quarantined-files.txt 2009-02-19 20:03:26

    Pre-Run: 35.832.143.872 bytes beschikbaar
    Post-Run: 35,596,886,016 bytes beschikbaar

    333 — E O F — 2009-02-13 16:47:46



    Volledig gekopieerd en geplakt…


    PC doet traag.
    Start traag op.
    Traag surfen en browsen.
    IE7 en MF 3 starten allebei traag op en laden ook traag. Home pagina is google.nl… en dat duurt nog even voordat hij komt.

    PRogrammas starten trager op..

    Heb eerder gescant met Eset nod32
    Ad aware 2008
    en AVG Anti-Spyware
    Allemaal up-to-date
    niks gevonden..

    Hoop dat jullie wat vinden…
    Erg bedankt voor je mededeling.

    Prettige dag verder.

















  • Plaats voor de compleetheid nog even een HJTlog
  • Oookkeeejjj!!!!!


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:01:40, on 25-1-2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
    C:\Program Files\Athan\Athan.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\conime.exe
    D:\Steam\Steam.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe
    O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
    O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe"

    O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
    O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - (no file)
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - (no file)
    O9 - Extra button: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe


    End of file - 5912 bytes


    Gebruik Windows Vista Home Premium SP1
  • Start hijackthis en kies voor 'do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    [b:c1c00950f7]R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O9 - Extra button: (no name) - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - (no file)
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - (no file)
    O9 - Extra button: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file) [/b:c1c00950f7]

    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.


    Download [b:c1c00950f7] en sla het op je bureaublad op.
    Dubbelklik op [b:c1c00950f7]mbam-setup.exe[/b:c1c00950f7] om het programma te installeren.

    Zorg dat er na de installatie een vinkje is geplaatst bij:[list:c1c00950f7]
    [*:c1c00950f7]Update MalwareBytes' Anti-Malware
    [*:c1c00950f7]Start MalwareBytes' Anti-Malware
    [/list:u:c1c00950f7]Klik daarna op "[b:c1c00950f7]Voltooien[/b:c1c00950f7]".
    Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.[list:c1c00950f7]
    [*:c1c00950f7]Zodra het programma gestart is, ga dan naar het tabblad "[b:c1c00950f7]Instellingen[/b:c1c00950f7]".
    [*:c1c00950f7]Vink hier aan: "[b:c1c00950f7]Sluit Internet Explorer tijdens verwijdering van malware[/b:c1c00950f7]".
    [*:c1c00950f7]Ga daarna naar het tabblad "[b:c1c00950f7]Scanner[/b:c1c00950f7]", kies hier voor "[b:c1c00950f7]Snelle Scan[/b:c1c00950f7]".
    [*:c1c00950f7]Druk vervolgens op "[b:c1c00950f7]Scannen[/b:c1c00950f7]" om de scan te starten.
    [*:c1c00950f7]Het scannen kan een tijdje duren, dus wees geduldig.

    [*:c1c00950f7]Wanneer de scan voltooid is, klik op [b:c1c00950f7]OK[/b:c1c00950f7], daarna "[b:c1c00950f7]Bekijk Resultaten[/b:c1c00950f7]" om de resultaten te zien.
    [*:c1c00950f7]Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "[b:c1c00950f7]Verwijder geselecteerde[/b:c1c00950f7]".
    [*:c1c00950f7]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [/list:u:c1c00950f7]Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "[b:c1c00950f7]Logs[/b:c1c00950f7]" tab te klikken in het programma.

    Plaats dit logje


    Plaats nu een nieuw logje met ComboFix.
  • Echt sorry dat ik erg laat reageer.

    Ik dacht dat er een mail zou komen ofsow..

    Maar goed..


    [b:adfdc4b1ca]Malwarebytes Anti-Malware Logje:[/b:adfdc4b1ca]


    Malwarebytes' Anti-Malware 1.34
    Database versie: 1799
    Windows 6.0.6001 Service Pack 1

    24-2-2009 22:48:30
    mbam-log-2009-02-24 (22-48-30).txt

    Scan type: Snelle Scan
    Objecten gescand: 57982
    Verstreken tijd: 3 minute(s), 11 second(s)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata bestanden geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerdata bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Mappen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)


    [b:adfdc4b1ca]Combofix logje:[/b:adfdc4b1ca]


    ComboFix 09-02-24.01 - Sadik 2009-02-24 22:51:52.2 - NTFSx86
    Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1043.18.2046.1167 [GMT 1:00]
    Gestart vanuit: c:\users\Sadik\Downloads\ComboFix.exe
    AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
    FW: ESET Personal firewall *disabled*
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((( Bestanden Gemaakt van 2009-01-24 to 2009-02-24 ))))))))))))))))))))))))))))))
    .

    2009-02-24 22:44 . 2009-02-24 22:44 <DIR> d——– c:\users\Sadik\AppData\Roaming\Malwarebytes
    2009-02-24 22:44 . 2009-02-24 22:44 <DIR> d——– c:\programdata\Malwarebytes
    2009-02-24 22:44 . 2009-02-24 22:44 <DIR> d——– c:\program files\Malwarebytes' Anti-Malware
    2009-02-24 22:44 . 2009-02-11 10:19 38,496 –a—— c:\windows\System32\drivers\mbamswissarmy.sys
    2009-02-24 22:44 . 2009-02-11 10:19 15,504 –a—— c:\windows\System32\drivers\mbam.sys
    2009-02-23 18:34 . 2009-02-23 18:34 <DIR> d——– c:\programdata\ATI
    2009-02-23 18:30 . 2009-02-23 18:32 <DIR> d——– c:\program files\ATI Technologies
    2009-02-23 18:24 . 2009-02-23 18:24 <DIR> d——– C:\ATI
    2009-02-22 20:43 . 2009-02-22 20:43 <DIR> d——– c:\program files\IP Privacy
    2009-02-19 03:09 . 2006-09-05 17:03 3,968 –a—— c:\windows\System32\drivers\AvgAsCln.sys
    2009-02-15 21:05 . 2008-01-07 14:29 352 –ah—– c:\windows
    od32fixtemdono.reg
    2009-02-15 21:03 . 2009-02-15 21:03 <DIR> d——– c:\users\Sadik\AppData\Roaming\ESET
    2009-02-15 21:02 . 2009-02-15 21:02 <DIR> d——– c:\programdata\ESET
    2009-02-15 21:02 . 2009-02-15 21:02 <DIR> d——– c:\program files\ESET
    2009-02-14 20:35 . 2009-02-14 20:35 <DIR> d——– c:\users\Sadik\AppData\Roaming\Anonymizer
    2009-02-14 20:35 . 2009-02-14 20:35 <DIR> d——– c:\programdata\Anonymizer
    2009-02-14 18:23 . 2009-02-14 18:26 <DIR> d——– C:\Perl
    2009-02-13 00:09 . 2009-02-13 00:09 <DIR> d——– c:\users\Sadik\AppData\Roaming\atitray
    2009-02-13 00:08 . 2009-02-13 00:08 <DIR> d——– c:\program files\Ray Adams
    2009-02-12 19:54 . 2008-10-10 04:52 4,379,984 –a—— c:\windows\System32\D3DX9_40.dll
    2009-02-12 19:54 . 2008-07-10 11:00 3,851,784 –a—— c:\windows\System32\D3DX9_39.dll
    2009-02-12 19:54 . 2008-10-27 10:04 514,384 –a—— c:\windows\System32\XAudio2_3.dll
    2009-02-12 19:54 . 2008-07-30 06:20 509,448 –a—— c:\windows\System32\XAudio2_2.dll
    2009-02-12 19:54 . 2008-10-27 10:04 70,992 –a—— c:\windows\System32\XAPOFX1_2.dll
    2009-02-12 19:54 . 2008-07-30 06:20 68,616 –a—— c:\windows\System32\XAPOFX1_1.dll
    2009-02-12 19:54 . 2008-10-27 10:04 23,376 –a—— c:\windows\System32\X3DAudio1_5.dll
    2009-02-12 19:26 . 2009-02-12 19:47 <DIR> d——– c:\program files\F.E.A.R. 2
    2009-02-12 15:22 . 2008-06-20 02:14 781,344 –a—— c:\windows\System32\PresentationNative_v0300.dll
    2009-02-12 15:22 . 2008-06-20 02:14 622,080 –a—— c:\windows\System32\icardagt.exe
    2009-02-12 15:22 . 2008-06-20 02:14 326,160 –a—— c:\windows\System32\PresentationHost.exe
    2009-02-12 15:22 . 2008-06-20 02:14 105,016 –a—— c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
    2009-02-12 15:22 . 2008-06-20 02:14 97,800 –a—— c:\windows\System32\infocardapi.dll
    2009-02-12 15:22 . 2008-06-20 02:14 43,544 –a—— c:\windows\System32\PresentationHostProxy.dll
    2009-02-12 15:22 . 2008-06-20 02:14 37,384 –a—— c:\windows\System32\infocardcpl.cpl
    2009-02-12 15:22 . 2008-06-20 02:14 11,264 –a—— c:\windows\System32\icardres.dll
    2009-02-12 15:14 . 2008-07-27 19:03 282,112 –a—— c:\windows\System32\mscoree.dll
    2009-02-12 15:14 . 2008-07-27 19:03 158,720 –a—— c:\windows\System32\mscorier.dll
    2009-02-12 15:14 . 2008-07-27 19:03 96,760 –a—— c:\windows\System32\dfshim.dll
    2009-02-12 15:14 . 2008-07-27 19:03 83,968 –a—— c:\windows\System32\mscories.dll
    2009-02-12 15:14 . 2008-07-27 19:03 41,984 –a—— c:\windows\System32
    etfxperf.dll
    2009-02-12 15:13 . 2008-12-05 05:32 428,544 –a—— c:\windows\System32\EncDec.dll
    2009-02-12 15:13 . 2008-12-05 05:32 293,376 –a—— c:\windows\System32\psisdecd.dll
    2009-02-12 15:13 . 2008-12-05 05:31 217,088 –a—— c:\windows\System32\psisrndr.ax
    2009-02-12 15:13 . 2008-12-05 05:31 177,664 –a—— c:\windows\System32\mpg2splt.ax
    2009-02-12 15:13 . 2008-12-05 05:31 80,896 –a—— c:\windows\System32\MSNP.ax
    2009-02-11 22:33 . 2009-02-11 22:56 <DIR> d——– c:\program files\Google
    2009-02-11 19:06 . 2009-02-15 20:49 <DIR> d——– C:\FEAR 2
    2009-02-11 16:53 . 2009-01-15 04:36 1,383,424 –a—— c:\windows\System32\mshtml.tlb
    2009-02-11 16:53 . 2009-01-15 07:11 827,392 –a—— c:\windows\System32\wininet.dll
    2009-02-04 08:29 . 2009-02-04 08:29 4,303,360 –a—— c:\windows\System32\drivers\atikmdag.sys
    2009-02-04 06:02 . 2009-02-04 06:02 442,368 –a—— c:\windows\System32\ATIDEMGX.dll
    2009-02-04 06:00 . 2009-02-04 06:00 348,160 –a—— c:\windows\System32\atipdlxx.dll
    2009-02-04 06:00 . 2009-02-04 06:00 274,432 –a—— c:\windows\System32\Oemdspif.dll
    2009-02-04 06:00 . 2009-02-04 06:00 159,744 –a—— c:\windows\System32\atitmmxx.dll
    2009-02-04 06:00 . 2009-02-04 06:00 43,520 –a—— c:\windows\System32\ati2edxx.dll
    2009-02-04 06:00 . 2009-02-04 06:00 11,264 –a—— c:\windows\System32\atimuixx.dll
    2009-02-04 05:59 . 2009-02-04 05:59 286,720 –a—— c:\windows\System32\Ati2evxx.dll
    2009-02-04 05:58 . 2009-02-04 05:58 729,088 –a—— c:\windows\System32\Ati2evxx.exe
    2009-02-04 05:49 . 2009-02-04 05:49 2,391,552 –a—— c:\windows\System32\atidxx32.dll
    2009-02-04 05:43 . 2009-02-04 05:43 3,903,488 –a—— c:\windows\System32\atiumdag.dll
    2009-02-04 05:22 . 2009-02-04 05:22 4,905,472 –a—— c:\windows\System32\atiumdva.dll
    2009-02-04 05:21 . 2009-02-04 05:21 121,808 –a—— c:\windows\System32\atiumdva.cap
    2009-02-04 05:11 . 2009-02-04 05:11 11,366,400 –a—— c:\windows\System32\atioglxx.dll
    2009-02-04 05:07 . 2009-02-04 05:07 131,072 –a—— c:\windows\System32\atiadlxx.dll
    2009-02-04 05:07 . 2009-02-04 05:07 51,712 –a—— c:\windows\System32\amdpcom32.dll
    2009-02-04 04:53 . 2009-02-04 04:53 53,248 –a—— c:\windows\System32\drivers\ati2erec.dll
    2009-02-04 04:01 . 2009-02-04 04:01 57,344 –a—— c:\windows\System32\aticalrt.dll
    2009-02-04 04:01 . 2009-02-04 04:01 53,248 –a—— c:\windows\System32\aticalcl.dll
    2009-02-04 03:58 . 2009-02-04 03:58 3,252,224 –a—— c:\windows\System32\aticaldd.dll
    2009-01-25 23:20 . 2009-01-25 23:22 <DIR> d——– c:\users\Sadik\.housecall6.6
    2009-01-24 22:59 . 2009-01-26 12:10 <DIR> d—-c— c:\windows\System32\DRVSTORE
    2009-01-24 17:06 . 2009-01-24 17:06 <DIR> d——– c:\programdata\Futuremark
    2009-01-24 12:12 . 2009-01-24 12:12 <DIR> d——– c:\programdata\Apple Computer
    2009-01-24 12:12 . 2009-01-24 12:13 <DIR> d——– c:\program files\QuickTime

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-02-23 17:35 ——— d—–w c:\program files\ATI
    2009-02-21 01:52 140,216 —-a-w c:\windows\system32\drivers\PnkBstrK.sys
    2009-02-21 01:49 201,352 —-a-w c:\windows\System32\PnkBstrB.exe
    2009-02-16 13:28 ——— d—–w c:\programdata\Lavasoft
    2009-02-16 13:27 ——— d—–w c:\program files\Common Files\Wise Installation Wizard
    2009-02-15 19:50 ——— d—–w c:\program files\Error Repair Professional
    2009-02-15 19:10 ——— d—–w c:\program files\Messenger Plus! Live
    2009-02-12 21:49 ——— d—–w c:\program files\VDOWNLOADER
    2009-02-12 17:24 ——— d–h–w c:\program files\InstallShield Installation Information
    2009-02-12 14:49 ——— d—–w c:\program files\Windows Mail
    2009-02-08 21:55 ——— d—–w c:\users\Sadik\AppData\Roaming\LimeWire
    2009-02-04 22:22 ——— d—–w c:\program files\Common Files\Steam
    2009-01-23 13:43 ——— d—–w c:\programdata\Media Center Programs
    2009-01-23 13:26 ——— d—–w c:\programdata\NexonEU
    2009-01-23 13:10 421,888 —-a-w c:\windows\NEXON_EU_DownloaderUpdater.exe
    2009-01-22 21:06 66,872 —-a-w c:\windows\System32\PnkBstrA.exe
    2009-01-21 16:06 ——— d—–w c:\program files\Microsoft
    2009-01-20 15:16 240,128 —-a-w c:\windows\system32\drivers\royal.sys
    2009-01-18 11:46 ——— d—–w c:\users\Sadik\AppData\Roaming\Autodesk
    2009-01-18 11:46 ——— d—–w c:\programdata\Autodesk
    2009-01-16 16:05 ——— d—–w c:\users\Sadik\AppData\Roaming\vlc
    2009-01-16 15:46 ——— d—–w c:\program files\VideoLAN
    2009-01-14 22:44 ——— d—–w c:\program files\LimeWire
    2009-01-14 18:40 ——— d—–w c:\program files\HP
    2009-01-14 17:21 ——— d—–w c:\program files\Common Files\Autodesk Shared
    2009-01-14 17:20 ——— d—–w c:\program files\AutoCAD 2009
    2009-01-13 16:04 ——— d—–w c:\program files\Lavasoft
    2009-01-10 17:04 ——— d—–w c:\users\Sadik\AppData\Roaming\DivX
    2009-01-10 16:42 ——— d—–w c:\program files\DivX
    2009-01-10 16:42 ——— d—–w c:\program files\Common Files\PX Storage Engine
    2009-01-10 16:36 505,128 —-a-w c:\windows\System32\msvcp71.dll
    2009-01-10 16:36 29,480 —-a-w c:\windows\System32\msxml3a.dll
    2009-01-05 22:38 ——— d—–w c:\program files\Athan
    2009-01-05 22:37 737,280 —-a-w c:\windows\iun6002.exe
    2009-01-05 21:24 ——— d—–w c:\programdata\InstallShield
    2009-01-05 21:23 ——— d—–w c:\program files\Common Files\InstallShield
    2009-01-02 23:14 ——— d—–w c:\program files\HD Tune Pro
    2009-01-02 22:23 ——— d—–w c:\program files\Metin2_Turkey
    2009-01-02 14:30 ——— d—–w c:\program files\Robster Productions
    2009-01-02 14:15 ——— d—–w c:\users\Sadik\AppData\Roaming\gtk-2.0
    2009-01-02 12:49 ——— d—–w c:\users\Sadik\AppData\Roaming\ArcticLine
    2009-01-02 12:48 ——— d—–w c:\program files\Folder Marker
    2009-01-01 18:52 ——— d—–w c:\users\Sadik\AppData\Roaming\CyberLink
    2009-01-01 18:52 ——— d—–w c:\programdata\CyberLink
    2009-01-01 18:50 ——— d—–w c:\program files\CyberLink
    2009-01-01 18:50 ——— d—–w c:\program files\Common Files\CyberLink
    2009-01-01 18:48 353,576 —-a-w c:\windows\System32\msvcr71.dll
    2009-01-01 18:48 ——— d—–w c:\programdata\Temp
    2009-01-01 02:12 ——— d—–w c:\programdata\Age of Empires 3
    2009-01-01 02:06 ——— d—–w c:\program files\Common Files\Microsoft Games
    2008-12-31 22:28 ——— d—–w c:\program files\Trend Micro
    2008-12-31 18:19 409,600 —-a-w c:\windows\System32\wrap_oal.dll
    2008-12-31 18:19 114,688 —-a-w c:\windows\System32\OpenAL32.dll
    2008-12-31 18:17 ——— d–h–w c:\program files\Creative Installation Information
    2008-12-31 18:17 ——— d—–w c:\program files\Creative
    2008-12-31 14:12 22,328 —-a-w c:\users\Sadik\AppData\Roaming\PnkBstrK.sys
    2008-12-29 20:48 0 —ha-w c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
    2008-12-26 02:16 410,984 —-a-w c:\windows\System32\deploytk.dll
    2008-12-26 02:16 ——— d—–w c:\program files\Java
    2008-12-26 00:38 107,888 —-a-w c:\windows\System32\CmdLineExt.dll
    2008-12-26 00:36 2,250,024 —-a-w c:\windows\System32\pbsvc.exe
    2008-12-24 19:01 ——— d—–w c:\program files\Common Files\Futuremark Shared
    2008-12-24 19:00 ——— d—–w c:\program files\Futuremark
    2008-12-24 19:00 ——— d—–w c:\program files\AGEIA Technologies
    2008-12-24 10:59 ——— d—–w c:\program files\Microsoft ActiveSync
    2008-12-24 10:58 ——— d—–w c:\program files\Microsoft.NET
    2008-12-24 10:57 ——— d—–w c:\users\Sadik\AppData\Roaming\DAEMON Tools Lite
    2008-12-24 10:56 ——— d—–w c:\users\Sadik\AppData\Roaming\DAEMON Tools Pro
    2008-12-24 10:56 ——— d—–w c:\users\Sadik\AppData\Roaming\DAEMON Tools
    2008-12-24 07:52 ——— d—–w c:\programdata\DAEMON Tools Lite
    2008-12-24 07:51 ——— d—–w c:\program files\DAEMON Tools Lite
    2008-12-24 07:49 ——— d—–w c:\programdata\NOS
    2008-12-24 07:49 ——— d—–w c:\program files\NOS
    2008-12-24 02:44 ——— d—–w c:\users\Sadik\AppData\Roaming\Sony
    2008-12-24 02:44 ——— d—–w c:\programdata\Sony
    2008-12-24 02:43 ——— d—–w c:\program files\Sony
    2008-12-24 02:43 ——— d—–w c:\program files\Common Files\Sony Shared
    2008-12-24 02:39 ——— d—–w c:\programdata\Apple
    2008-12-24 02:39 ——— d—–w c:\program files\Apple Software Update
    2008-12-24 02:36 ——— d—–w c:\users\Sadik\AppData\Roaming\Sony Setup
    2008-12-24 02:36 ——— d—–w c:\program files\Sony Setup
    2008-12-24 02:28 717,296 —-a-w c:\windows\system32\drivers\sptd.sys
    2008-12-24 01:49 ——— d—–w c:\program files\Common Files\Adobe
    2008-12-11 00:33 86,016 —-a-w c:\windows\System32\dpl100.dll
    2008-12-11 00:33 200,704 —-a-w c:\windows\System32\dtu100.dll
    2008-12-09 02:28 593,920 —-a-w c:\windows\System32\dpuGUI11.dll
    2008-12-09 02:28 57,344 —-a-w c:\windows\System32\dpv11.dll
    2008-12-09 02:28 344,064 —-a-w c:\windows\System32\dpus11.dll
    2008-12-09 02:28 294,912 —-a-w c:\windows\System32\dpu11.dll
    2008-01-21 02:43 174 –sha-w c:\program files\desktop.ini
    .

    ((((((((((((((((((((((((((((( SnapShot@2009-02-19_21.02.09,20 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-12-21 15:06:15 135,168 —-a-w c:\windows\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
    + 2009-02-23 17:32:59 135,168 —-a-w c:\windows\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
    - 2008-12-21 15:06:15 212,992 —-a-w c:\windows\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\AxInterop.MSForms.DLL
    + 2009-02-23 17:32:59 212,992 —-a-w c:\windows\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\AxInterop.MSForms.DLL
    - 2008-12-21 15:06:09 143,360 —-a-w c:\windows\assembly\GAC\ICSharpCode.SharpZipLib\[u:adfdc4b1ca]0[/u:adfdc4b1ca].84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.DLL
    + 2009-02-23 17:32:54 143,360 —-a-w c:\windows\assembly\GAC\ICSharpCode.SharpZipLib\[u:adfdc4b1ca]0[/u:adfdc4b1ca].84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.DLL
    - 2008-12-21 15:06:15 225,280 —-a-w c:\windows\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\Interop.MSComctlLib.DLL
    + 2009-02-23 17:32:59 225,280 —-a-w c:\windows\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\Interop.MSComctlLib.DLL
    - 2008-12-21 15:06:17 360,448 —-a-w c:\windows\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\Interop.MSForms.DLL
    + 2009-02-23 17:32:59 360,448 —-a-w c:\windows\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\Interop.MSForms.DLL
    - 2008-12-21 15:06:20 49,152 —-a-w c:\windows\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRuntimeLibrary.DLL
    + 2009-02-23 17:32:59 49,152 —-a-w c:\windows\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRuntimeLibrary.DLL
    - 2008-12-21 15:06:09 13,312 —-a-w c:\windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.DLL
    + 2009-02-23 17:32:54 13,312 —-a-w c:\windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.DLL
    - 2008-12-21 15:06:10 24,576 —-a-w c:\windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.DLL
    + 2009-02-23 17:32:54 24,576 —-a-w c:\windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.DLL
    + 2009-02-23 17:33:00 20,480 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL
    + 2009-02-23 17:33:00 16,384 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL
    + 2009-02-23 17:33:00 16,384 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL
    + 2009-02-23 17:33:00 16,384 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL
    + 2009-02-23 17:33:00 20,480 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL
    + 2009-02-23 17:33:00 16,384 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.DLL
    + 2009-02-23 17:32:59 16,384 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.EEU.Shared\2.0.3294.18789__90ba9c70f846762e\AEM.Plugin.Source.EEU.Shared.DLL
    + 2009-02-23 17:33:00 16,384 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.GD.Shared\2.0.3294.18792__90ba9c70f846762e\AEM.Plugin.Source.GD.Shared.DLL
    + 2009-02-23 17:32:54 45,056 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3321.40409__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL
    + 2009-02-23 17:33:00 16,384 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.DLL
    + 2009-02-23 17:32:54 16,384 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.DLL
    + 2009-02-23 17:32:52 45,056 —-a-w c:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3321.40297__90ba9c70f846762e\AEM.Server.DLL
    + 2009-02-23 17:32:54 20,480 —-a-w c:\windows\assembly\GAC_MSIL\AEM.UI.Shared\2.0.3294.18781__90ba9c70f846762e\AEM.UI.Shared.DLL
    + 2009-02-23 17:32:52 61,440 —-a-w c:\windows\assembly\GAC_MSIL\AEM.UI\2.0.3321.40392__90ba9c70f846762e\AEM.UI.DLL
    + 2009-02-23 17:32:54 20,480 —-a-w c:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.DLL
    + 2009-02-23 17:32:52 61,440 —-a-w c:\windows\assembly\GAC_MSIL\APM.Server\2.0.3321.40298__90ba9c70f846762e\APM.Server.DLL
    - 2008-12-21 15:06:06 32,768 —-a-w c:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
    + 2009-02-23 17:32:52 32,768 —-a-w c:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
    + 2009-02-23 17:32:52 81,920 —-a-w c:\windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3321.40299__90ba9c70f846762e\ATIDEMOS.DLL
    - 2008-12-21 15:06:20 6,656 —-a-w c:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
    + 2009-02-23 17:32:59 7,168 —-a-w c:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
    - 2008-12-21 15:06:15 45,056 —-a-w c:\windows\assembly\GAC_MSIL\AxInterop.SHDocVw\1.1.0.0__90ba9c70f846762e\AxInterop.SHDocVw.DLL
    + 2009-02-23 17:32:59 45,056 —-a-w c:\windows\assembly\GAC_MSIL\AxInterop.SHDocVw\1.1.0.0__90ba9c70f846762e\AxInterop.SHDocVw.DLL
    - 2008-12-21 15:06:09 14,848 —-a-w c:\windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL
    + 2009-02-23 17:32:54 14,848 —-a-w c:\windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL
    + 2009-02-23 17:32:52 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3321.40392__90ba9c70f846762e\CCC.Implementation.DLL
    - 2008-12-21 15:06:15 49,152 —-a-w c:\windows\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e\CCC.EXE
    + 2009-02-23 17:32:59 49,152 —-a-w c:\windows\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e\CCC.EXE
    - 2008-12-21 15:06:05 262,144 —-a-w c:\windows\assembly\GAC_MSIL\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard\1.2.2600.29179__90ba9c70f846762e\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard.DLL
    + 2009-02-23 17:32:51 262,144 —-a-w c:\windows\assembly\GAC_MSIL\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard\1.2.2600.29179__90ba9c70f846762e\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard.DLL
    + 2009-02-23 17:33:00 90,112 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Dashboard\2.0.3321.40409__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:00 12,288 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Runtime\2.0.3321.40408__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Runtime.DLL
    + 2009-02-23 17:32:54 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Shared\2.0.3294.18793__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Shared.DLL
    + 2009-02-23 17:33:00 86,016 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Dashboard\2.0.3321.40429__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:00 36,864 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Runtime\2.0.3321.40428__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Runtime.DLL
    + 2009-02-23 17:32:54 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Shared\2.0.3294.18782__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Shared.DLL
    + 2009-02-23 17:32:54 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL
    + 2009-02-23 17:32:52 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.DLL
    + 2009-02-23 17:33:00 98,304 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard\2.0.3321.40336__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:04 208,896 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3321.40423__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.DLL
    + 2009-02-23 17:33:04 36,864 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3321.40422__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.DLL
    + 2009-02-23 17:33:04 12,800 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3321.40422__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.DLL
    + 2009-02-23 17:33:00 438,272 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:00 40,960 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL
    + 2009-02-23 17:32:54 53,248 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL
    + 2009-02-23 17:33:00 675,840 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3321.40359__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:02 69,632 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3321.40357__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL
    + 2009-02-23 17:32:54 40,960 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL
    + 2009-02-23 17:33:02 692,224 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3321.40369__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.DLL
    + 2009-02-23 17:33:00 450,560 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3321.40340__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:00 65,536 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL
    + 2009-02-23 17:32:54 49,152 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL
    + 2009-02-23 17:33:00 401,408 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3321.40356__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:00 32,768 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3321.40355__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL
    + 2009-02-23 17:32:54 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL
    + 2009-02-23 17:33:00 307,200 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3321.40325__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL
    + 2009-02-23 17:33:00 286,720 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared\2.0.3321.40337__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.DLL
    + 2009-02-23 17:33:02 36,864 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL
    + 2009-02-23 17:32:54 32,768 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL
    + 2009-02-23 17:33:00 798,720 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3321.40380__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:03 77,824 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3321.40378__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL
    + 2009-02-23 17:32:54 65,536 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL
    + 2009-02-23 17:33:03 364,544 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3321.40384__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.DLL
    + 2009-02-23 17:33:00 589,824 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:00 40,960 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3321.40324__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL
    + 2009-02-23 17:32:54 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL
    + 2009-02-23 17:33:00 712,704 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3321.40310__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:03 1,691,648 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3321.40317__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.DLL
    + 2009-02-23 17:33:00 126,976 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:00 36,864 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL
    + 2009-02-23 17:32:54 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL
    + 2009-02-23 17:33:04 192,512 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3321.40418__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.DLL
    + 2009-02-23 17:33:04 36,864 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3321.40418__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.DLL
    + 2009-02-23 17:33:04 10,240 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3321.40417__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.DLL
    + 2009-02-23 17:33:03 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3321.40308__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL
    + 2009-02-23 17:32:55 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL
    + 2009-02-23 17:33:04 311,296 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3321.40425__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.DLL
    + 2009-02-23 17:33:00 225,280 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:03 204,800 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3321.40319__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL
    + 2009-02-23 17:33:01 245,760 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Dashboard\2.0.3321.40329__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:00 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime\2.0.3321.40329__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime.DLL
    + 2009-02-23 17:32:55 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared\2.0.3294.18761__90ba9c70f846762e\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared.DLL
    + 2009-02-23 17:33:04 258,048 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3321.40424__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.DLL
    + 2009-02-23 17:33:04 32,768 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3321.40423__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.DLL
    + 2009-02-23 17:33:04 10,240 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3321.40423__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.DLL
    + 2009-02-23 17:33:01 811,008 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3321.40346__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:01 81,920 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3321.40345__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL
    + 2009-02-23 17:32:55 53,248 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL
    + 2009-02-23 17:33:01 405,504 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3321.40372__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL
    + 2009-02-23 17:33:04 286,720 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3321.40425__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.DLL
    + 2009-02-23 17:33:04 32,768 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3321.40424__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.DLL
    + 2009-02-23 17:33:04 9,728 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3321.40424__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.DLL
    + 2009-02-23 17:33:01 192,512 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Dashboard\2.0.3321.40347__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:01 40,960 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Runtime\2.0.3321.40346__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Runtime.DLL
    + 2009-02-23 17:32:55 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Shared\2.0.3294.18763__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Shared.DLL
    + 2009-02-23 17:33:01 192,512 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Dashboard\2.0.3321.40351__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:01 45,056 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Runtime\2.0.3321.40350__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Runtime.DLL
    + 2009-02-23 17:32:55 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Shared\2.0.3294.18768__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Shared.DLL
    + 2009-02-23 17:33:01 196,608 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Dashboard\2.0.3321.40394__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:01 40,960 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Runtime\2.0.3321.40393__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Runtime.DLL
    + 2009-02-23 17:32:55 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Shared\2.0.3294.18784__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Shared.DLL
    + 2009-02-23 17:33:01 151,552 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Dashboard\2.0.3321.40420__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:01 40,960 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Runtime\2.0.3321.40419__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Runtime.DLL
    + 2009-02-23 17:32:55 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Shared\2.0.3294.18781__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Shared.DLL
    + 2009-02-23 17:33:01 479,232 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Dashboard\2.0.3321.40330__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:01 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Runtime\2.0.3321.40329__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Runtime.DLL
    + 2009-02-23 17:32:55 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive2.Graphics.Shared\2.0.3294.18761__90ba9c70f846762e\CLI.Aspect.OverDrive2.Graphics.Shared.DLL
    + 2009-02-23 17:33:01 1,036,288 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3321.40331__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:01 69,632 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3321.40331__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.DLL
    + 2009-02-23 17:32:55 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3294.18762__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.DLL
    + 2009-02-23 17:33:01 671,744 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3321.40415__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:01 77,824 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3321.40415__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.DLL
    + 2009-02-23 17:32:55 61,440 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3294.18797__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.DLL
    + 2009-02-23 17:33:01 172,032 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Dashboard\2.0.3321.40356__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:01 49,152 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Runtime\2.0.3321.40357__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Runtime.DLL
    + 2009-02-23 17:32:55 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Shared\2.0.3294.18770__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Shared.DLL
    + 2009-02-23 17:33:01 147,456 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Dashboard\2.0.3321.40405__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:01 49,152 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Runtime\2.0.3321.40404__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Runtime.DLL
    + 2009-02-23 17:32:56 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Shared\2.0.3294.18786__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Shared.DLL
    + 2009-02-23 17:33:02 147,456 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3321.40398__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:01 45,056 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3321.40398__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL
    + 2009-02-23 17:32:56 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3294.18784__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL
    + 2009-02-23 17:33:02 172,032 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3321.40413__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:02 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3321.40414__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.DLL
    + 2009-02-23 17:32:57 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3294.18795__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.DLL
    + 2009-02-23 17:33:02 364,544 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:02 61,440 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3321.40362__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL
    + 2009-02-23 17:32:57 49,152 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL
    + 2009-02-23 17:33:02 94,208 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL
    + 2009-02-23 17:33:02 286,720 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Dashboard\2.0.3321.40328__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:02 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Runtime\2.0.3321.40328__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Runtime.DLL
    + 2009-02-23 17:32:57 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Shared.DLL
    + 2009-02-23 17:32:58 40,960 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL
    + 2009-02-23 17:33:02 491,520 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3321.40399__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL
    + 2009-02-23 17:33:02 167,936 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard\2.0.3321.40355__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:02 32,768 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime.DLL
    + 2009-02-23 17:32:58 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Shared\2.0.3294.18770__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Shared.DLL
    + 2009-02-23 17:33:02 106,496 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3321.40318__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:02 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3321.40318__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.DLL
    + 2009-02-23 17:32:58 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3294.18759__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.DLL
    + 2009-02-23 17:33:02 139,264 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3321.40400__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:02 110,592 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard\2.0.3321.40421__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard.DLL
    + 2009-02-23 17:33:02 32,768 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Runtime\2.0.3321.40421__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Runtime.DLL
    + 2009-02-23 17:32:58 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Shared\2.0.3294.18768__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Shared.DLL
    + 2009-02-23 17:32:58 16,384 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL
    + 2009-02-23 17:33:02 73,728 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3321.40308__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL
    + 2009-02-23 17:32:52 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL
    + 2009-02-23 17:33:03 290,816 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3321.40301__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL
    + 2009-02-23 17:32:58 61,440 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL
    + 2009-02-23 17:32:58 16,384 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL
    + 2009-02-23 17:33:03 40,960 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL
    + 2009-02-23 17:33:03 7,680 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.DLL
    + 2009-02-23 17:33:03 11,776 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.DLL
    + 2009-02-23 17:33:03 8,704 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.DLL
    + 2009-02-23 17:33:04 7,680 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3321.40422__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.DLL
    + 2009-02-23 17:32:52 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.AutoRemoval\2.0.3321.40378__90ba9c70f846762e\CLI.Component.Autoremoval.DLL
    + 2009-02-23 17:32:53 40,960 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL
    + 2009-02-23 17:32:58 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.DLL
    + 2009-02-23 17:32:53 65,536 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager.Resources\2.0.3321.40335__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.Resources.DLL
    + 2009-02-23 17:32:53 196,608 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager\2.0.3321.40334__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.DLL
    + 2009-02-23 17:32:53 65,536 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager.Resources\2.0.3321.40335__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.Resources.DLL
    + 2009-02-23 17:32:53 184,320 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager\2.0.3321.40335__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.DLL
    + 2009-02-23 17:32:53 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL
    + 2009-02-23 17:32:58 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL
    + 2009-02-23 17:32:53 1,142,784 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3321.40305__90ba9c70f846762e\CLI.Component.Dashboard.DLL
    + 2009-02-23 17:32:53 1,019,904 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Eeu\2.0.3321.40374__90ba9c70f846762e\CLI.Component.Eeu.DLL
    + 2009-02-23 17:32:53 61,440 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Erecord\2.0.3321.40330__90ba9c70f846762e\CLI.Component.Erecord.DLL
    + 2009-02-23 17:32:53 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Help\2.0.3321.40390__90ba9c70f846762e\CLI.Component.Help.DLL
    + 2009-02-23 17:32:53 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Icomponent\2.0.3321.40319__90ba9c70f846762e\CLI.Component.Icomponent.DLL
    + 2009-02-23 17:32:53 278,528 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Launchpad\2.0.3321.40414__90ba9c70f846762e\CLI.Component.Launchpad.DLL
    + 2009-02-23 17:32:53 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Load\2.0.3321.40391__90ba9c70f846762e\CLI.Component.Load.DLL
    + 2009-02-23 17:33:02 122,880 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.PowerXpressHybrid\2.0.3321.40426__90ba9c70f846762e\CLI.Component.PowerXpressHybrid.DLL
    + 2009-02-23 17:32:54 7,168 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3321.40297__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL
    + 2009-02-23 17:32:53 45,056 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL
    + 2009-02-23 17:32:58 16,384 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL
    + 2009-02-23 17:32:53 77,824 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3321.40298__90ba9c70f846762e\CLI.Component.Runtime.DLL
    + 2009-02-23 17:32:53 57,344 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3321.40300__90ba9c70f846762e\CLI.Component.SkinFactory.DLL
    + 2009-02-23 17:32:54 540,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3321.40387__90ba9c70f846762e\CLI.Component.Systemtray.DLL
    + 2009-02-23 17:32:54 24,576 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL
    + 2009-02-23 17:32:59 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL
    + 2009-02-23 17:32:54 405,504 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Component.Wizard.DLL
    + 2009-02-23 17:32:54 40,960 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.DLL
    + 2009-02-23 17:32:59 28,672 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.DLL
    + 2009-02-23 17:32:59 73,728 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.DLL
    + 2009-02-23 17:32:54 20,480 —-a-w c:\windows\assembly\GAC_MSIL\CLI.Implementation\2.0.3321.40296__90ba9c70f846762e\CLI.Implementation.DLL
    - 2008-12-21 15:06:15 49,152 —-a-w c:\windows\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e\CLI.EXE
    + 2009-02-23 17:32:59 49,152 —-a-w c:\windows\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e\CLI.EXE
    - 2008-12-21 15:06:14 16,384 —-a-w c:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
    + 2009-02-23 17:32:59 16,384 —-a-w c:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
    - 2008-12-21 15:06:14 45,056 —-a-w c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
    + 2009-02-23 17:32:59 45,056 —-a-w c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
    - 2008-12-21 15:06:14 16,384 —-a-w c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.DLL
    + 2009-02-23 17:32:59 16,384 —-a-w c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.DLL
    - 2008-12-21 15:06:14 20,480 —-a-w c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.DLL
    + 2009-02-23 17:32:59 20,480 —-a-w c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.DLL
    - 2008-12-21 15:06:14 16,384 —-a-w c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL
    + 2009-02-23 17:32:59 16,384 —-a-w c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL
    + 2009-02-23 17:32:59 16,384 —-a-w c:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.DLL
    + 2009-02-23 17:32:59 20,480 —-a-w c:\windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.DLL
    + 2009-02-23 17:32:59 16,384 —-a-w c:\windows\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.DLL
    - 2008-12-21 15:06:20 131,072 —-a-w c:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__90ba9c70f846762e\Interop.SHDocVw.DLL
    + 2009-02-23 17:32:59 131,072 —-a-w c:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__90ba9c70f846762e\Interop.SHDocVw.DLL
    + 2009-02-23 17:32:54 20,480 —-a-w c:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL
    + 2009-02-23 17:32:54 61,440 —-a-w c:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3321.40391__90ba9c70f846762e\LOG.Foundation.Implementation.DLL
    + 2009-02-23 17:32:54 32,768 —-a-w c:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.DLL
    + 2009-02-23 17:32:59 32,768 —-a-w c:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.DLL
    + 2009-02-23 17:32:54 86,016 —-a-w c:\windows\assembly\GAC_MSIL\LOG\2.0.3321.40391__90ba9c70f846762e\LOG.EXE
    + 2009-02-23 17:32:59 16,384 —-a-w c:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.DLL
    + 2009-02-23 17:32:54 106,496 —-a-w c:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3321.40393__90ba9c70f846762e\MOM.Implementation.DLL
    - 2008-12-21 15:06:15 49,152 —-a-w c:\windows\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e\MOM.EXE
    + 2009-02-23 17:32:59 49,152 —-a-w c:\windows\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e\MOM.EXE
    + 2009-02-23 17:32:59 28,672 —-a-w c:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.DLL
    + 2009-02-23 17:32:54 19,968 —-a-w c:\windows\assembly\GAC_MSIL\PCKGHLP.Foundation.Implementation\2.0.3321.40410__90ba9c70f846762e\PCKGHLP.Foundation.Implementation.DLL
    + 2009-02-23 17:32:54 16,384 —-a-w c:\windows\assembly\GAC_MSIL\PCKGHLP.Foundation.Private\2.0.3294.18783__90ba9c70f846762e\PCKGHLP.Foundation.Private.DLL
    + 2009-02-23 17:32:54 503,808 —-a-w c:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3321.40431__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.DLL
    + 2009-02-23 17:32:54 20,480 —-a-w c:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.DLL
    - 2009-02-15 20:03:13 51,200 —-a-w c:\windows\inf\infpub.dat
    + 2009-02-23 17:31:50 51,200 —-a-w c:\windows\inf\infpub.dat
    - 2009-02-15 20:03:12 86,016 —-a-w c:\windows\inf\infstor.dat
    + 2009-02-23 17:31:47 86,016 —-a-w c:\windows\inf\infstor.dat
    - 2009-02-15 20:03:13 86,016 —-a-w c:\windows\inf\infstrng.dat
    + 2009-02-23 17:31:50 86,016 —-a-w c:\windows\inf\infstrng.dat
    + 2009-02-23 17:32:40 10,134 —-a-r c:\windows\Installer\{0ED1A22E-39F3-0B9A-FFDC-33ABCEE505C0}\ARPPRODUCTICON.exe
    + 2009-02-23 17:32:29 10,134 —-a-r c:\windows\Installer\{6468C32A-026A-37DD-A013-C8A8B0995B52}\ARPPRODUCTICON.exe
    + 2009-02-23 17:32:21 10,134 —-a-r c:\windows\Installer\{67A58A97-9612-C607-0245-F3F417EFDB6D}\ARPPRODUCTICON.exe
    + 2009-02-23 17:32:36 10,134 —-a-r c:\windows\Installer\{69F6B6BC-D64C-BE30-6334-C7A76E9FF2AD}\ARPPRODUCTICON.exe
    + 2009-02-23 17:32:48 10,134 —-a-r c:\windows\Installer\{6F2A00E1-46C9-6DAE-E6E3-BEE4C9D5A0C3}\ARPPRODUCTICON.exe
    + 2009-02-23 17:32:48 9,158 —-a-r c:\windows\Installer\{6F2A00E1-46C9-6DAE-E6E3-BEE4C9D5A0C3}\NewShortcut11_EAB9635D261D49BE88DDE71A7C809B2D.exe
    + 2009-02-23 17:32:27 10,134 —-a-r c:\windows\Installer\{9D1DE3AD-75C5-9C43-3F07-206600BB2D30}\ARPPRODUCTICON.exe
    + 2009-02-23 17:30:46 9,158 —-a-r c:\windows\Installer\{9F827E95-123C-EAA5-6CCD-9D9E8FC2A80E}\ARPPRODUCTICON.exe
    + 2009-02-23 17:30:46 9,158 —-a-r c:\windows\Installer\{9F827E95-123C-EAA5-6CCD-9D9E8FC2A80E}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2009-02-23 17:30:46 9,158 —-a-r c:\windows\Installer\{9F827E95-123C-EAA5-6CCD-9D9E8FC2A80E}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2009-02-23 17:30:46 9,158 —-a-r c:\windows\Installer\{9F827E95-123C-EAA5-6CCD-9D9E8FC2A80E}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2009-02-23 17:30:46 9,158 —-a-r c:\windows\Installer\{9F827E95-123C-EAA5-6CCD-9D9E8FC2A80E}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
    + 2009-02-23 17:32:42 10,134 —-a-r c:\windows\Installer\{A035580E-3EDF-EA34-F229-0E17DF3A6E7C}\ARPPRODUCTICON.exe
    + 2009-02-23 17:32:32 10,134 —-a-r c:\windows\Installer\{A3797713-6859-379F-4E0C-ADCB3BE3C87E}\ARPPRODUCTICON.exe
    + 2009-02-23 17:32:37 10,134 —-a-r c:\windows\Installer\{AFF84D5E-EB68-728E-1BD5-10BCFDCF25FF}\ARPPRODUCTICON.exe
    + 2009-02-23 17:32:34 10,134 —-a-r c:\windows\Installer\{C357E7BE-A832-CFAF-A1B2-23EC0C08011E}\ARPPRODUCTICON.exe
    + 2009-02-23 17:32:24 10,134 —-a-r c:\windows\Installer\{D244622B-F2BC-AD1E-6BA6-40345EC55BAA}\ARPPRODUCTICON.exe
    - 2008-12-21 15:05:22 10,134 —-a-r c:\windows\Installer\{D3B1C799-CB73-42DE-BA0F-2344793A095C}\ARPPRODUCTICON.exe
    + 2009-02-23 17:32:17 10,134 —-a-r c:\windows\Installer\{D3B1C799-CB73-42DE-BA0F-2344793A095C}\ARPPRODUCTICON.exe
    - 2009-02-19 13:24:15 2,048 –sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2009-02-24 19:44:01 2,048 –sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2009-02-19 13:24:15 2,048 –sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2009-02-24 19:44:01 2,048 –sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2009-02-19 13:26:32 262,144 –sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2009-02-24 19:46:02 262,144 –sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2009-02-24 19:46:02 262,144 —ha-w c:\windows\ServiceProfiles\LocalService
    tuser.dat.LOG1
    - 2009-02-19 20:01:26 262,144 –sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2009-02-24 21:53:59 262,144 –sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
    - 2008-10-30 14:45:42 180,720 —-a-w c:\windows\System32\atiicdxx.dat
    + 2008-10-29 22:13:33 180,720 —-a-w c:\windows\System32\atiicdxx.dat
    - 2009-02-19 19:58:52 262,144 —-a-w c:\windows\System32\config\systemprofile
    tuser.dat
    + 2009-02-24 21:51:36 262,144 —-a-w c:\windows\System32\config\systemprofile
    tuser.dat
    + 2009-02-04 04:07:50 51,712 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\amdpcom32.dll
    + 2009-02-04 05:00:01 43,520 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\ati2edxx.dll
    + 2009-02-04 03:53:59 53,248 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\ati2erec.dll
    + 2009-02-04 04:59:50 286,720 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\Ati2evxx.dll
    + 2009-02-04 04:58:34 729,088 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\Ati2evxx.exe
    + 2009-02-04 04:07:27 131,072 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\atiadlxx.dll
    + 2009-02-04 03:01:23 53,248 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\aticalcl.dll
    + 2009-02-04 02:58:37 3,252,224 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\aticaldd.dll
    + 2009-02-04 03:01:35 57,344 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\aticalrt.dll
    + 2009-02-04 05:02:00 442,368 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\ATIDEMGX.dll
    + 2009-02-04 04:49:23 2,391,552 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\atidxx32.dll
    + 2008-10-29 22:13:33 180,720 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\atiicdxx.dat
    + 2009-02-04 07:29:03 4,303,360 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\atikmdag.sys
    + 2009-02-04 05:00:07 11,264 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\atimuixx.dll
    + 2008-10-21 17:40:00 45,056 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\ATIODCLI.exe
    + 2008-10-21 17:40:00 81,920 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\ATIODE.exe
    + 2009-02-04 04:11:38 11,366,400 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\atioglxx.dll
    + 2009-02-04 05:00:24 348,160 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\atipdlxx.dll
    + 2009-02-04 05:00:36 159,744 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\atitmmxx.dll
    + 2009-02-04 04:43:06 3,903,488 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\atiumdag.dll
    + 2009-02-04 04:22:03 4,905,472 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\atiumdva.dll
    + 2009-02-04 05:00:13 274,432 —-a-w c:\windows\System32\DriverStore\FileRepository\cl_75976.inf_931778e3\B_75569\Oemdspif.dll
    - 2009-02-15 22:50:22 116,946 —-a-w c:\windows\System32\perfc009.dat
    + 2009-02-24 21:11:51 116,946 —-a-w c:\windows\System32\perfc009.dat
    - 2009-02-15 22:50:22 147,296 —-a-w c:\windows\System32\perfc013.dat
    + 2009-02-24 21:11:51 147,296 —-a-w c:\windows\System32\perfc013.dat
    - 2009-02-15 22:50:22 625,384 —-a-w c:\windows\System32\perfh009.dat
    + 2009-02-24 21:11:51 625,384 —-a-w c:\windows\System32\perfh009.dat
    - 2009-02-15 22:50:22 711,660 —-a-w c:\windows\System32\perfh013.dat
    + 2009-02-24 21:11:51 711,660 —-a-w c:\windows\System32\perfh013.dat
    - 2009-02-13 01:51:40 6,291,456 —-a-w c:\windows\System32\SMI\Store\Machine\schema.dat
    + 2009-02-23 17:33:33 6,291,456 —-a-w c:\windows\System32\SMI\Store\Machine\schema.dat
    - 2009-02-18 20:29:24 7,930 —-a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3641328066-175046317-483997091-1000_UserData.bin
    + 2009-02-24 19:46:06 8,090 —-a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3641328066-175046317-483997091-1000_UserData.bin
    - 2009-02-18 20:29:23 68,012 —-a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2009-02-24 19:46:06 70,168 —-a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    - 2009-02-19 13:26:40 40,216 —-a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2009-02-24 19:46:04 40,732 —-a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    - 2009-02-12 14:32:21 82,490,237 —-a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
    + 2009-02-23 17:31:10 82,503,679 —-a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
    + 2009-02-23 17:30:55 479,232 —-a-w c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad\msvcm80.dll
    + 2009-02-23 17:30:55 548,864 —-a-w c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad\msvcp80.dll
    + 2009-02-23 17:30:55 626,688 —-a-w c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad\msvcr80.dll
    + 2009-02-23 17:31:00 1,093,632 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80.dll
    + 2009-02-23 17:31:00 1,079,808 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll
    + 2009-02-23 17:31:00 69,632 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80.dll
    + 2009-02-23 17:31:00 57,344 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80u.dll
    + 2009-02-23 17:31:02 40,960 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHS.dll
    + 2009-02-23 17:31:02 45,056 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHT.dll
    + 2009-02-23 17:31:02 65,536 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80DEU.dll
    + 2009-02-23 17:31:02 57,344 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ENU.dll
    + 2009-02-23 17:31:02 61,440 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ESP.dll
    + 2009-02-23 17:31:02 61,440 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80FRA.dll
    + 2009-02-23 17:31:02 61,440 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ITA.dll
    + 2009-02-23 17:31:02 49,152 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80JPN.dll
    + 2009-02-23 17:31:02 49,152 —-a-w c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80KOR.dll
    + 2009-02-23 17:31:04 65,536 —-a-w c:\windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_45e008191e507087\vcomp.dll
    .
    – Snapshot teruggezet naar huidige datum –
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
    "Steam"="d:\steam\steam.exe" [2008-12-21 1410296]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "AtiTrayTools"="c:\program files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-05-22 521128]
    "ErrorRepairPro"="c:\program files\Error Repair Professional\autostart.exe" [2008-02-18 497664]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WheelMouse"="c:\program files\Trust\GM-4600 Gamer Mouse\Amoumain.exe" [2007-03-13 196608]
    "snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968]
    "VolPanel"="c:\program files\Creative\SBAudigy\Volume Panel\VolPanlu.exe




  • Dat maakt niet uit, waarom heb je nod32 trouwens op de "illegale manier" aangeschaft?
    Zou je trouwens de volledige inhoud van het logje willen plaatsen?
  • [b:3561d4ea69]***LOGJE AANGEPAST***[/b:3561d4ea69]

    Vond hem tijdens het internetten.. dacht download hem even.




    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
    "Steam"="d:\steam\steam.exe" [2008-12-21 1410296]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "AtiTrayTools"="c:\program files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-05-22 521128]
    "ErrorRepairPro"="c:\program files\Error Repair Professional\autostart.exe" [2008-02-18 497664]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WheelMouse"="c:\program files\Trust\GM-4600 Gamer Mouse\Amoumain.exe" [2007-03-13 196608]
    "snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968]
    "VolPanel"="c:\program files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" [2007-02-28 180224]
    "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
    "Athan"="c:\program files\Athan\Athan.exe" [2005-09-12 937984]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
    "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
    "IPPrivacy"="c:\program files\IP Privacy\IP Privacy.exe" [2008-07-14 999424]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
    "P17RunE"="P17RunE.dll" [2007-04-09 c:\windows\System32\P17RunE.dll]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{38BFAE7B-2D1D-40C2-8BD1-5778042B799C}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{D6D22824-EC8E-4E04-915F-29C343E6FD9C}"= UDP:d:\battlefield 2\BF2.exe:Battlefield 2
    "{EC13292E-4B25-4ED7-95F1-26DBFB1EA0F0}"= TCP:d:\battlefield 2\BF2.exe:Battlefield 2
    "TCP Query User{52E19954-0EFC-4E48-AA50-9BE9D6CD2EF3}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
    "UDP Query User{0FA1CAB9-5905-4B8C-8FC6-F1841269E8F4}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
    "{7A4DC5E5-1211-4AB3-A19B-2D5680D43D7A}"= UDP:d:\company of heroes\RelicCOH.exe:Company of Heroes
    "{0F7F78A1-05C1-4759-A61E-560863AB9AE5}"= TCP:d:\company of heroes\RelicCOH.exe:Company of Heroes
    "TCP Query User{E87C746E-F0C3-4850-B1E4-EDBC02FE40C1}d:\\steam\\steamapps\\baris_sadik\\insurgency\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\insurgency\hl2.exe:hl2
    "UDP Query User{85FD4441-03D6-431D-B499-8193E5C935EE}d:\\steam\\steamapps\\baris_sadik\\insurgency\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\insurgency\hl2.exe:hl2
    "TCP Query User{1545CF23-C4E3-4470-967A-E7C682CEC91B}d:\\steam\\steamapps\\baris_sadik\\counter-strike source\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\counter-strike source\hl2.exe:hl2
    "UDP Query User{73C3A849-0490-481D-9F2B-0BE809E1276A}d:\\steam\\steamapps\\baris_sadik\\counter-strike source\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\counter-strike source\hl2.exe:hl2
    "TCP Query User{D768A7AE-4E42-4AF8-9FA3-27E9773CA304}d:\\steam\\steamapps\\baris_sadik\\garrysmod\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\garrysmod\hl2.exe:hl2
    "UDP Query User{E6240DFA-064D-4C33-9275-138DEBBBC39B}d:\\steam\\steamapps\\baris_sadik\\garrysmod\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\garrysmod\hl2.exe:hl2
    "{B3696E2A-958A-4CAA-B73C-EF93AEBFB0F3}"= UDP:23048:bitcomet1
    "{01CF1D05-F1B2-4673-A7F1-A6D687F2732F}"= TCP:23048:bitcomet1.1
    "{7C192EB4-4EAA-4251-B861-CE7C1960AE43}"= UDP:d:\assasins creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
    "{D219F45F-F049-4F93-ACC1-256D8120354C}"= TCP:d:\assasins creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
    "{8573CDE6-14FA-4D8C-8E35-F5A99E467F4D}"= UDP:d:\assasins creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
    "{36B55007-F954-4CBD-9369-BDE3CBDCE40D}"= TCP:d:\assasins creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
    "{BF454C73-6D20-41F3-9D00-2FD9CC482605}"= UDP:d:\assasins creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
    "{70B39965-287A-45B8-A578-E5EE950D4380}"= TCP:d:\assasins creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
    "{8AB5A2DE-687D-4EEC-B5DD-EB6D1107276C}"= UDP:d:\crysis\Bin32\Crysis.exe:Crysis_32
    "{A1A9C553-158A-454F-B18A-3911D4D4BDAB}"= TCP:d:\crysis\Bin32\Crysis.exe:Crysis_32
    "{3EDF14D3-F816-4E2E-BDF3-FC32E9DE5A38}"= UDP:d:\crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
    "{393F8113-D4AE-4B00-B681-ABBB36361429}"= TCP:d:\crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
    "{B613C33A-706C-4F2D-BD08-29AF3FCFB32F}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
    "{043F9B1F-840F-4B03-9EC8-DC7A83E43850}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
    "{9B7FECDC-F105-4E24-B33A-EF43FFE1818B}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
    "{B1BD6C4E-4C5E-4C81-989A-FC12605568D2}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
    "TCP Query User{B70B1A0D-AE15-4B2E-895F-5BE656927FA4}d:\\steam\\steamapps\\baris_sadik\\condition zero\\hl.exe"= UDP:d:\steam\steamapps\baris_sadik\condition zero\hl.exe:Half-Life Launcher
    "UDP Query User{D225EFF6-E408-4039-AB3F-1EC0165D0CF0}d:\\steam\\steamapps\\baris_sadik\\condition zero\\hl.exe"= TCP:d:\steam\steamapps\baris_sadik\condition zero\hl.exe:Half-Life Launcher
    "TCP Query User{BEDB7213-410F-4080-B51C-6AAAFF4C4233}d:\\steam\\steamapps\\baris_sadik\\counter-strike\\hl.exe"= UDP:d:\steam\steamapps\baris_sadik\counter-strike\hl.exe:Half-Life Launcher
    "UDP Query User{964987BE-E75E-41BD-A9B4-E72BE8266001}d:\\steam\\steamapps\\baris_sadik\\counter-strike\\hl.exe"= TCP:d:\steam\steamapps\baris_sadik\counter-strike\hl.exe:Half-Life Launcher
    "{2F18F0D1-0541-41DF-8BB0-BC5CB9127A35}"= UDP:c:\program files\Sony\Media Manager for WALKMAN\MediaManager.exe:Media Manager for WALKMAN 1.2
    "{4ACEBD31-B8F2-4AA8-84B5-86EE1D064D25}"= TCP:c:\program files\Sony\Media Manager for WALKMAN\MediaManager.exe:Media Manager for WALKMAN 1.2
    "{7DDB4087-28BA-41ED-8BCE-8C481E80B948}"= UDP:d:\far cry 2\bin\FarCry2.exe:Far Cry 2
    "{DA106CB4-F1D4-4103-A2FE-E27453173497}"= TCP:d:\far cry 2\bin\FarCry2.exe:Far Cry 2
    "{E454078D-3ED7-4AAE-A468-DF0231D1FD4B}"= UDP:d:\far cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
    "{AA224F9B-9C29-4F71-B002-42A95FFA9BAB}"= TCP:d:\far cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
    "{B143BA48-6062-40D3-9230-3D5AB8BFD1FA}"= UDP:d:\far cry 2\bin\FC2Editor.exe:Editor
    "{3AE75AF0-8FBC-41BE-8910-F5D1F2B6F4FB}"= TCP:d:\far cry 2\bin\FC2Editor.exe:Editor
    "{6BF9DDA3-DC93-4FD4-94E5-77A23AB473B3}"= UDP:d:\call of duty 4 modern warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "{66560A0E-D3DE-468A-AC39-140DEEF3B85D}"= TCP:d:\call of duty 4 modern warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "{8509792F-93FC-47A2-92C5-E1F59CF22D64}"= UDP:d:\age of empires iii\age3.exe:Age of Empires III
    "{155C8F43-795F-41EA-99D4-C805AE278095}"= TCP:d:\age of empires iii\age3.exe:Age of Empires III
    "{227138F3-6E44-4F71-98AD-386AF37642A7}"= c:\program files\CyberLink\PowerDVD8\PowerDVD8.EXE:CyberLink PowerDVD 8.0
    "TCP Query User{D0A3D7CA-5EED-4EB0-B345-5389BFFA4669}c:\\users\\sadik\\desktop\\pack-smileys-blue-class-crystalxp.net-en-894\\packmatronic 1.0 crystalxp.exe"= UDP:c:\users\sadik\desktop\pack-smileys-blue-class-crystalxp.net-en-894\packmatronic 1.0 crystalxp.exe:packmatronic 1.0 crystalxp.exe
    "UDP Query User{DF5D4592-B31A-4CC9-9B8C-19DE4A0F20BF}c:\\users\\sadik\\desktop\\pack-smileys-blue-class-crystalxp.net-en-894\\packmatronic 1.0 crystalxp.exe"= TCP:c:\users\sadik\desktop\pack-smileys-blue-class-crystalxp.net-en-894\packmatronic 1.0 crystalxp.exe:packmatronic 1.0 crystalxp.exe
    "TCP Query User{0B11957C-B56C-4A7A-8C9A-29ADA2FE4FA9}d:\\steam\\steamapps\\baris_sadik\\zombie panic! source\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\zombie panic! source\hl2.exe:hl2
    "UDP Query User{E3BB89DC-56DD-4FE2-8CF2-BE93BE58872D}d:\\steam\\steamapps\\baris_sadik\\zombie panic! source\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\zombie panic! source\hl2.exe:hl2
    "TCP Query User{78F0F734-5B67-4708-B0EA-3C4514B2296E}d:\\steam\\steamapps\\baris_sadik\\day of defeat source\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\day of defeat source\hl2.exe:hl2
    "UDP Query User{7325866B-2FE4-4CCA-87C9-60E17049A00A}d:\\steam\\steamapps\\baris_sadik\\day of defeat source\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\day of defeat source\hl2.exe:hl2
    "TCP Query User{20896A36-514A-4B11-A8B2-841EFD54C235}d:\\steam\\steamapps\\baris_sadik\\synergy\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\synergy\hl2.exe:hl2
    "UDP Query User{47CF42FC-A65E-43DC-A4D9-3FB58450E526}d:\\steam\\steamapps\\baris_sadik\\synergy\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\synergy\hl2.exe:hl2
    "TCP Query User{08119E40-A230-4387-A8DB-687DE48DA351}d:\\steam\\steamapps\\baris_sadik\\half-life 2 deathmatch\\hl2.exe"= UDP:d:\steam\steamapps\baris_sadik\half-life 2 deathmatch\hl2.exe:hl2
    "UDP Query User{EAF29220-992B-44AD-9F44-5D6510018EA6}d:\\steam\\steamapps\\baris_sadik\\half-life 2 deathmatch\\hl2.exe"= TCP:d:\steam\steamapps\baris_sadik\half-life 2 deathmatch\hl2.exe:hl2
    "TCP Query User{F69DD863-522F-46B0-8961-82C799EB0419}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "UDP Query User{5EA777EC-762E-4718-A358-BE3A639A0E32}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "TCP Query User{C02D6B16-916E-472D-87BF-23D9FE89B6BA}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{D4C5093C-B1BC-4CE0-9073-7982938DE1A0}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
    "TCP Query User{7BE4ECFC-3AF0-49E0-9727-82B143834CED}c:\\program files\\metin2_turkey\\metin2.bin"= UDP:c:\program files\metin2_turkey\metin2.bin:metin2
    "UDP Query User{2A8670E3-43F5-46AF-811D-974202AADCE1}c:\\program files\\metin2_turkey\\metin2.bin"= TCP:c:\program files\metin2_turkey\metin2.bin:metin2
    "TCP Query User{73D844E0-CB5E-4076-949B-673CCBAAF82F}c:\
    exon\
    exon_eu_downloader\
    exon_eu_downloader_engine.exe"= UDP:c:
    exon
    exon_eu_downloader
    exon_eu_downloader_engine.exe:NEXON_EU_Downloader_Engine
    "UDP Query User{3E9424E4-DBF7-49B2-B5F1-E7BCEF78F5C6}c:\
    exon\
    exon_eu_downloader\
    exon_eu_downloader_engine.exe"= TCP:c:
    exon
    exon_eu_downloader
    exon_eu_downloader_engine.exe:NEXON_EU_Downloader_Engine
    "{B8C5C387-CE51-4CB9-80A0-297164BD517A}"= UDP:c:\programdata\NexonEU\NGM\NGM.exe:Nexon Game Manager
    "{3288549B-A411-4C4E-9DBB-10A8AECA1DB3}"= TCP:c:\programdata\NexonEU\NGM\NGM.exe:Nexon Game Manager
    "{F55CC4DB-93AF-438B-BAB3-C119CD2E7F74}"= UDP:d:\combat arms eu\NMService.exe:Nexon Messenger Core
    "{B80B1B19-5510-4586-9F68-1460D92DF64E}"= TCP:d:\combat arms eu\NMService.exe:Nexon Messenger Core
    "TCP Query User{D00BC63F-A580-4A77-A527-B8EC98E63053}c:\\program files\\proxyway\\proxyway.exe"= UDP:c:\program files\proxyway\proxyway.exe:ProxyWay
    "UDP Query User{CAFF68E3-13D8-4588-8A8F-844143FD7AD5}c:\\program files\\proxyway\\proxyway.exe"= TCP:c:\program files\proxyway\proxyway.exe:ProxyWay
    "TCP Query User{F0337197-7069-4ACF-8380-381A1A634441}c:\\program files\\anonymizer\\anonymizer software\\common\\anonproxy.exe"= UDP:c:\program files\anonymizer\anonymizer software\common\anonproxy.exe:AnonProxy
    "UDP Query User{F5BBD4BF-5244-4901-821E-8675AE801D01}c:\\program files\\anonymizer\\anonymizer software\\common\\anonproxy.exe"= TCP:c:\program files\anonymizer\anonymizer software\common\anonproxy.exe:AnonProxy

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 18088]
    R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
    S0 OemBiosDevice;Royalty OEM Bios Extension;c:\windows\System32\drivers\royal.sys [2008-12-22 240128]
    S2 gupdate1c98c9381221489;Google Update Service (gupdate1c98c9381221489);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
    S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2008-12-21 79360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    bthsvcs REG_MULTI_SZ BthServ

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01ea4fd3-cf6d-11dd-a620-806e6f6e6963}]
    \shell\AutoRun\command - F:\autorun.exe
    \shell\directx\command - f:\directx9\dxsetup.exe
    \shell\setup\command - F:\setup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5609cf3-ff8e-11dd-bc3c-001a9232e76e}]
    \shell\AutoRun\command - H:\x2tpc.cmd
    \shell\open\Command - H:\x2tpc.cmd
    .
    Inhoud van de 'Gedeelde Taken' map

    2009-02-24 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

    2009-02-24 c:\windows\Tasks\GoogleUpdateTaskMachine.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 22:55]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    uInternet Settings,ProxyServer = 127.0.0.1:8080
    uInternet Settings,ProxyOverride = local
    IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
    IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
    IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
    FF - ProfilePath - c:\users\Sadik\AppData\Roaming\Mozilla\Firefox\Profiles\yeyevwnh.default\
    FF - prefs.js: browser.search.selectedEngine - qtl
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
    FF - prefs.js: network.proxy.http - 127.0.0.1
    FF - prefs.js: network.proxy.http_port - 81
    FF - prefs.js: network.proxy.socks - 127.0.0.1
    FF - prefs.js: network.proxy.socks_port - 81
    FF - prefs.js: network.proxy.ssl - 127.0.0.1
    FF - prefs.js: network.proxy.ssl_port - 81
    FF - prefs.js: network.proxy.type - 4
    FF - component: c:\users\Sadik\AppData\Roaming\Mozilla\Firefox\Profiles\yeyevwnh.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
    FF - plugin: c:\program files\Google\Update\1.2.141.5
    pGoogleOneClick7.dll
    FF - plugin: c:\program files\Microsoft\Office Live
    pOLW.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins
    p-mswmp.dll
    FF - plugin: c:\programdata\NexonEU\NGM
    pNxGameeu.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-24 22:53:57
    Windows 6.0.6001 Service Pack 1 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————

    - - - - - - - > 'Explorer.exe'(3332)
    c:\program files\Ray Adams\ATI Tray Tools\raphook.dll
    .
    Voltooingstijd: 2009-02-24 22:55:51
    ComboFix-quarantined-files.txt 2009-02-24 21:55:47
    ComboFix2.txt 2009-02-19 20:03:29

    Pre-Run: 40.669.687.808 bytes beschikbaar
    Post-Run: 40,639,336,448 bytes beschikbaar

    683 — E O F — 2009-02-13 16:47:46















  • Ik was op vakantie in Duitsland, vandaar dat ik niet kon reageren.


    Tjah, als jij het zo goed vind kan ik er niks aan veranderen, zou je trouwens de [b:941a1c4de4]volledige[/b:941a1c4de4] inhoud van het log willen plaatsen, want er ontbreekt nog steeds een stuk.
  • Had hem gewijzigd
    probleem is dat ie niet past :D

    zal hem aanpasse

    geeft niet hoorr
  • Hmm, jouw log lijkt me schoon was deze log geplaatst uit controle of omdat je last hebt van Malware?
  • Pc begint traag te doen daarom

    Maar toch iedereen bedankt voor jullie mededelingen!

    Zo te zien is ie toch schoonn…

    Echt bedankt!
  • Download ATF cleaner (mirror)(gemaakt door Atribune)

    Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

    Dubbelklik op

    ATF cleaner om het programma te starten.
    Op het tabblad Main, plaats je een vinkje bij Select All.
    Klik op de knop Empty Selected.

    Het volgende doen als je ook FireFox als browser hebt:

    Klik op tabblad Firefox, plaats een vinkje bij Select All.
    Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op No.
    (dit haalt het vinkje weer weg bij Firefox saved passwords)
    Klik op de knop Empty Selected.

    Het volgende doen als je ook Opera als browser hebt:

    Klik op tabblad Opera, plaats een vinkje bij Select All.
    Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op No.
    Klik op de knop Empty Selected.
    Ga naar het tabblad Main en klik op de knop Exit om het programma af te sluiten.3. Je mag alle gebruikte tools en aangemaakte mappen terug verwijderen.(Denk eraan Combofix verwijderen doormiddel van start->uitvoeren [b:bf83143b4c]ComboFix /U[/b:bf83143b4c] typen en op enter drukken!!)


    - Ga naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
    - Klik in de linkerhelft van het venster op "Instellingen van systeemherstel".
    - Zet een vinkje voor "Systeemherstel uitschakelen".
    - Klik "Toepassen".
    - Windows vraagt of je dat zeker weet.
    - Klik "Ja".
    - Klik "OK".
    - Start de pc opnieuw op.
    - Ga weer naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
    - Je krijgt de melding: "Systeemherstel is uitgeschakeld. Wilt u systeemherstel nu inschakelen?"
    - Klik "Ja".
    - Verwijder het vinkje voor "Systeemherstel uitschakelen".
    - Klik "Toepassen".
    - Klik "OK".
    - Start de pc opnieuw op
    - Er is nu een nieuw schoon herstel punt aangemaakt


    Graag gedaan The only way.
    Wanneer is de laatste keer dat je jouw pc geformatteerd hebt?
    En wat zijn jouw pc specificaties?
    Dat kunnen namelijk redenen zijn waarom jouw pc zo traag gaat.
  • Erg bednakt Othuroyo voor je medeling en hulp

    Atf cleaner gebruik ik ook maar helpt niet..
    Nogmaals bedankt

    En bedankt voor je systeem herstel tip

    Specificaties:

    Intel Pentium D 930 (3.0 ghz)
    Asus P5GZ-MX
    G.E.I.L. 2GB CL4 667mhz kit @533mhz
    HD 3850 256mb van sapphire
    Maxtor Diamondmax 21 250GB
    Soundblaster Audigy SE
    Gebruik windows Vista Home Premium 32bits

    Alles up-to-date
    Geheugen loopt op 533mhz omdat mobo maar 533mhz ondersteund


    Niet zo lang geleden.
    2/3 Maanden

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.