Sinds kort heb ik het probleem dat ik niet meer in het configuratiescherm kan, ik kan verkenner niet meer gebruiken en ik kan op mijn bureaublad "Aan persoonlijke voorkeur aanpassen" niet meer gebruiken.
Ik krijg de volgende errors bij configuratiescherm:

::{26EE0668-A00A-44D7-9371-BEB064C98683}
Interface wordt niet ondersteund

explorer.exe
Interface wordt niet ondersteund

Screenshots:
http://img832.imageshack.us/img832/7106/config1.png
http://img830.imageshack.us/img830/4337/config2i.png

Bij verkenner krijg ik ook:

explorer.exe
Interface wordt niet ondersteund

Bij "Aan persoonlijke voorkeur aanpassen" op het bureaublad krijg ik:

explorer.exe
Kan opgegeven module niet vinden.

Screenshot:
http://img221.imageshack.us/img221/2086/bureaubladeb.png

Ik heb al geprobeerd deze errors op te lossen door alle .dll bestanden opnieuw te registreren, maar dit heeft niet geholpen.
Ik gebruik Windows 7 64 bit

herstelpunt terugzetten en meteen grondig scannen met antivirus en malwarebytes!

Kan te maken hebben met een virus. Post eens een Hijack This Log in een topic van Beveiliging & privacy
http://forum.computertotaal.nl/phpBB2/viewforum.php?f=15

[quote:217d18a3ec="derkdejong"]herstelpunt terugzetten en meteen grondig scannen met antivirus en malwarebytes![/quote:217d18a3ec]

Ik heb al geprobeert een herstelpunt terug te zetten maar dit heeft niet geholpen. Ook de scan naar virussen heeft niets opgeleverd. Ik zal proberen te scannen met Hijack This en malwarebytes.

Ik heb met beide programma's gescant en hier zijn de logs:

Malwarebytes:
[code:1:82b0afca6a]Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Databaseversie: 8279

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

1-12-2011 19:13:04
mbam-log-2011-12-01 (19-13-04).txt

Scantype: Volledige scan (C:\|D:\|E:\|K:\|)
Objecten gescand: 1345958
Verstreken tijd: 2 uur/uren, 43 minuut/minuten, 23 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 10
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 3
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 13

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\IEBarProperties (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C8755E87-B8E7-4818-87FB-45EFC5539F09} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C8755E87-B8E7-4818-87FB-45EFC5539F09} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C8755E87-B8E7-4818-87FB-45EFC5539F09} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C8755E87-B8E7-4818-87FB-45EFC5539F09} (Trojan.BHO) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (http://www.mirarsearch.com/?useie5=1&q=) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (http://www.mirarsearch.com/?useie5=1&q=) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
c:\Users\Milan\AppData\Local\Temp\ey75+wmt.exe.part (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Users\Milan\AppData\Local\Temp\okmCBA5.tmp (Adware.Dropper) -> Quarantined and deleted successfully.
c:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qvqeg9e1.default\extensions\{e45a0de0-b4de-11de-8a39-0800200c9a66}-trash\components\wsff.dll (Adware.WhereSphere) -> Quarantined and deleted successfully.
k:\program files\Cain\Cain.exe (PUP.Passwordtool.Cain) -> Not selected for removal.
k:\program files\Cain\Abel.exe (HackTool.Cain) -> Quarantined and deleted successfully.
k:\program files\Cain\Abel64.exe (HackTool.Cain) -> Quarantined and deleted successfully.
k:\my downloads\smileycentralpfsetup2.3.69.8.sa.hp.znfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
k:\r4ds\Spellen\DSHobro\Server.exe (Trojan.Banker) -> Quarantined and deleted successfully.
k:\mijn programma's\Control.txt\Project1.exe (HackTool.Agent.Gen) -> Quarantined and deleted successfully.
k:\program files (x86)\Cain\Cain.exe (PUP.Passwordtool.Cain) -> Not selected for removal.
k:\program files (x86)\Cain\Abel.exe (HackTool.Cain) -> Quarantined and deleted successfully.
k:\program files (x86)\Cain\Abel64.exe (HackTool.Cain) -> Quarantined and deleted successfully.
c:\Users\Public\winbrd.jpg (Malware.Trace) -> Quarantined and deleted successfully.

[/code:1:82b0afca6a]
HijackThis:
[code:1:82b0afca6a]Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:08:51, on 2-12-2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
K:\Program Files (x86)\BitLord\BitLord.exe
D:\Program Files (x86)\PacSteamT\Steam.exe
C:\Program Files (x86)\Sitecom\Common\RaUI.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
D:\Program Files (x86)\ToolBox v2.97j\toolbox.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
D:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
D:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
D:\My Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\ProgramData\Adobe\CS5\jre\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Mirar - {C8755E86-B8E7-4818-87FB-45EFC5539F09} - C:\Windows\SysWow64\5878.dll (file missing)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" –auto-start
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [QuickTime Task] "K:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BitComet] "K:\Program Files (x86)\BitLord\BitLord.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files (x86)\PacSteamT\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'Default user')
O4 - Startup: OpenOffice.org 3.1 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: ToolBox.lnk = D:\Program Files (x86)\ToolBox v2.97j\toolbox.exe
O4 - Startup: Xfire.lnk = D:\Program Files (x86)\Xfire\Xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files (x86)\Sitecom\Common\RaUI.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{AB8621B3-0285-48BA-8FC8-F1846E2DBB3F}: NameServer = 192.168.0.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: STSService - Unknown owner - C:\Program Files (x86)\SoundTaxi Media Suite\STSService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - D:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

–
End of file - 14280 bytes

[/code:1:82b0afca6a]

Jammer dat niemand weet hoe ik dit op kan lossen :/

David, ik heb even een persoonlijk bericht gestuurd aan Abraham54. Hij is de virusspecialist van dit forum.
Ik neem aan dat hij wel zal reageren in dit topic.

Hallo David, een eerste vraag aan jou is de logs in het vervolg gewoon in je bericht erbij te plakken en geen code of quote te gebruiken.
De forumsoftware op deze site is in principe verouderd en door code te gebruiken wordt e.e.a. onduidelijker.

[b:6f48989ad3]Verder wil ik bij deze opmerken dat ik voor de zoveelste keer constateer dat het inmiddels veelgeprezen AVG Free 2012
grotendeels is uitgeschakeld door malware.
Iets wat een zeldzaamheid is bij Avast 6 Free en Avira 2012![/b:6f48989ad3]

David, lees alles eerst goed door!

[b:6f48989ad3]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:6f48989ad3]

[b:c879a59c6d]TDSSKiller log:[/b:c879a59c6d]

13:17:00.0074 7712 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
13:17:00.0249 7712 ============================================================
13:17:00.0249 7712 Current date / time: 2012/01/07 13:17:00.0249
13:17:00.0249 7712 SystemInfo:
13:17:00.0249 7712
13:17:00.0250 7712 OS Version: 6.1.7601 ServicePack: 1.0
13:17:00.0250 7712 Product type: Workstation
13:17:00.0250 7712 ComputerName: MILAN-PC
13:17:00.0250 7712 UserName: Milan
13:17:00.0250 7712 Windows directory: C:\Windows
13:17:00.0250 7712 System windows directory: C:\Windows
13:17:00.0250 7712 Running under WOW64
13:17:00.0250 7712 Processor architecture: Intel x64
13:17:00.0250 7712 Number of processors: 4
13:17:00.0250 7712 Page size: 0x1000
13:17:00.0250 7712 Boot type: Normal boot
13:17:00.0250 7712 ============================================================
13:17:01.0605 7712 Initialize success
13:20:09.0554 3916 ============================================================
13:20:09.0554 3916 Scan started
13:20:09.0554 3916 Mode: Manual; SigCheck; TDLFS;
13:20:09.0554 3916 ============================================================
13:20:10.0140 3916 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:20:10.0380 3916 1394ohci - ok
13:20:10.0427 3916 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
13:20:10.0440 3916 ACPI - ok
13:20:10.0487 3916 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:20:10.0552 3916 AcpiPmi - ok
13:20:10.0607 3916 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:20:10.0622 3916 adp94xx - ok
13:20:10.0643 3916 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:20:10.0656 3916 adpahci - ok
13:20:10.0675 3916 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:20:10.0685 3916 adpu320 - ok
13:20:10.0741 3916 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
13:20:10.0787 3916 AFD - ok
13:20:10.0820 3916 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:20:10.0828 3916 agp440 - ok
13:20:10.0863 3916 aksdf (89cd44c10d9b4d87725ff07f18a5702f) C:\Windows\system32\drivers\aksdf.sys
13:20:10.0916 3916 aksdf - ok
13:20:10.0938 3916 aksfridge (ba0b6fd78ae88d39b9d3d984f295a137) C:\Windows\system32\drivers\aksfridge.sys
13:20:10.0990 3916 aksfridge - ok
13:20:11.0014 3916 akshasp (0b51c78fa897482730f226e833873f7a) C:\Windows\system32\DRIVERS\akshasp.sys
13:20:11.0087 3916 akshasp - ok
13:20:11.0120 3916 aksusb (884503ead99e5c16bf99c91ea7f2071d) C:\Windows\system32\DRIVERS\aksusb.sys
13:20:11.0178 3916 aksusb - ok
13:20:11.0243 3916 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:20:11.0250 3916 aliide - ok
13:20:11.0412 3916 ALSysIO - ok
13:20:11.0471 3916 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:20:11.0479 3916 amdide - ok
13:20:11.0529 3916 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
13:20:11.0606 3916 amdiox64 - ok
13:20:11.0656 3916 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:20:11.0724 3916 AmdK8 - ok
13:20:11.0932 3916 amdkmdag (85193e1bcefe65d0a1befd4fda9180f9) C:\Windows\system32\DRIVERS\atikmdag.sys
13:20:12.0142 3916 amdkmdag - ok
13:20:12.0252 3916 amdkmdap (60ab0b979198da597b7251b3c7444f7e) C:\Windows\system32\DRIVERS\atikmpag.sys
13:20:12.0305 3916 amdkmdap - ok
13:20:12.0337 3916 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:20:12.0383 3916 AmdPPM - ok
13:20:12.0443 3916 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:20:12.0452 3916 amdsata - ok
13:20:12.0494 3916 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:20:12.0503 3916 amdsbs - ok
13:20:12.0515 3916 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:20:12.0523 3916 amdxata - ok
13:20:12.0582 3916 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:20:12.0588 3916 AODDriver4.01 - ok
13:20:12.0634 3916 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:20:12.0731 3916 AppID - ok
13:20:12.0793 3916 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:20:12.0802 3916 arc - ok
13:20:12.0840 3916 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:20:12.0848 3916 arcsas - ok
13:20:12.0916 3916 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:20:13.0027 3916 AsyncMac - ok
13:20:13.0047 3916 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:20:13.0055 3916 atapi - ok
13:20:13.0138 3916 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
13:20:13.0148 3916 AtiHDAudioService - ok
13:20:13.0185 3916 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
13:20:13.0193 3916 AtiHdmiService - ok
13:20:13.0367 3916 atikmdag (85193e1bcefe65d0a1befd4fda9180f9) C:\Windows\system32\DRIVERS\atikmdag.sys
13:20:13.0459 3916 atikmdag - ok
13:20:13.0586 3916 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
13:20:13.0594 3916 AVGIDSDriver - ok
13:20:13.0626 3916 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
13:20:13.0632 3916 AVGIDSEH - ok
13:20:13.0663 3916 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
13:20:13.0669 3916 AVGIDSFilter - ok
13:20:13.0719 3916 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
13:20:13.0729 3916 Avgldx64 - ok
13:20:13.0771 3916 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
13:20:13.0778 3916 Avgmfx64 - ok
13:20:13.0801 3916 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
13:20:13.0807 3916 Avgrkx64 - ok
13:20:13.0848 3916 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
13:20:13.0859 3916 Avgtdia - ok
13:20:13.0912 3916 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:20:13.0970 3916 b06bdrv - ok
13:20:14.0003 3916 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:20:14.0033 3916 b57nd60a - ok
13:20:14.0086 3916 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:20:14.0157 3916 Beep - ok
13:20:14.0236 3916 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:20:14.0265 3916 blbdrive - ok
13:20:14.0352 3916 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:20:14.0402 3916 bowser - ok
13:20:14.0430 3916 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:20:14.0492 3916 BrFiltLo - ok
13:20:14.0528 3916 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:20:14.0561 3916 BrFiltUp - ok
13:20:14.0596 3916 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:20:14.0640 3916 Brserid - ok
13:20:14.0680 3916 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:20:14.0712 3916 BrSerWdm - ok
13:20:14.0737 3916 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:20:14.0758 3916 BrUsbMdm - ok
13:20:14.0778 3916 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:20:14.0804 3916 BrUsbSer - ok
13:20:14.0870 3916 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
13:20:14.0898 3916 BthEnum - ok
13:20:14.0916 3916 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:20:14.0937 3916 BTHMODEM - ok
13:20:14.0992 3916 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:20:15.0041 3916 BthPan - ok
13:20:15.0072 3916 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
13:20:15.0129 3916 BTHPORT - ok
13:20:15.0184 3916 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
13:20:15.0233 3916 BTHUSB - ok
13:20:15.0304 3916 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:20:15.0354 3916 cdfs - ok
13:20:15.0390 3916 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\drivers\cdrom.sys
13:20:15.0416 3916 cdrom - ok
13:20:15.0439 3916 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:20:15.0463 3916 circlass - ok
13:20:15.0500 3916 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:20:15.0511 3916 CLFS - ok
13:20:15.0572 3916 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:20:15.0626 3916 CmBatt - ok
13:20:15.0699 3916 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:20:15.0706 3916 cmdide - ok
13:20:15.0758 3916 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
13:20:15.0800 3916 CNG - ok
13:20:15.0819 3916 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:20:15.0827 3916 Compbatt - ok
13:20:15.0870 3916 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
13:20:15.0913 3916 CompositeBus - ok
13:20:15.0961 3916 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:20:15.0968 3916 crcdisk - ok
13:20:16.0041 3916 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:20:16.0079 3916 DfsC - ok
13:20:16.0119 3916 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:20:16.0165 3916 discache - ok
13:20:16.0210 3916 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:20:16.0218 3916 Disk - ok
13:20:16.0272 3916 DLABMFSE (6ec7d7430cbf25e485f5b6f04e5a4081) C:\Windows\system32\DLA\DLABMFSE.SYS
13:20:16.0279 3916 DLABMFSE - ok
13:20:16.0290 3916 DLABOIOE (a37a9617c7ab06c559abc828afe4ccfe) C:\Windows\system32\DLA\DLABOIOE.SYS
13:20:16.0295 3916 DLABOIOE - ok
13:20:16.0313 3916 DLACDBHE (8bffdf668b5b3db82b45fd98f6d5b047) C:\Windows\system32\Drivers\DLACDBHE.SYS
13:20:16.0319 3916 DLACDBHE - ok
13:20:16.0332 3916 DLADResE (e79756b71ab9756460060d5fd762dd05) C:\Windows\system32\DLA\DLADResE.SYS
13:20:16.0337 3916 DLADResE - ok
13:20:16.0372 3916 DLAIFS_E (772d0587af1140cbd17da788ac42c688) C:\Windows\system32\DLA\DLAIFS_E.SYS
13:20:16.0379 3916 DLAIFS_E - ok
13:20:16.0393 3916 DLAOPIOE (faeaf561a580eb4e921b31e47db46c0d) C:\Windows\system32\DLA\DLAOPIOE.SYS
13:20:16.0399 3916 DLAOPIOE - ok
13:20:16.0415 3916 DLAPoolE (c72de612d67cee1e97f7ae5bbdbf84b7) C:\Windows\system32\DLA\DLAPoolE.SYS
13:20:16.0420 3916 DLAPoolE - ok
13:20:16.0438 3916 DLARTL_E (c8129d9fcd1e8d24beaa0a65a8e70c40) C:\Windows\system32\Drivers\DLARTL_E.SYS
13:20:16.0444 3916 DLARTL_E - ok
13:20:16.0462 3916 DLAUDFAE (6aec66c59d1afb3339ab49b55d6137f3) C:\Windows\system32\DLA\DLAUDFAE.SYS
13:20:16.0470 3916 DLAUDFAE - ok
13:20:16.0515 3916 DLAUDF_E (73dae9cad6b2b6816c8ca1328b46227c) C:\Windows\system32\DLA\DLAUDF_E.SYS
13:20:16.0524 3916 DLAUDF_E - ok
13:20:16.0577 3916 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:20:16.0613 3916 drmkaud - ok
13:20:16.0689 3916 DrmRAudio (34059f6a04cc1797609246566898aeae) C:\Windows\system32\drivers\DrmRAudio.sys
13:20:16.0706 3916 DrmRAudio - ok
13:20:16.0727 3916 DRVECDB (401b92f84c65b05302a2c0b29c7a40f1) C:\Windows\system32\Drivers\DRVECDB.SYS
13:20:16.0735 3916 DRVECDB - ok
13:20:16.0773 3916 DRVEDDM (20c296250f155e60b16a3b4601d28695) C:\Windows\system32\Drivers\DRVEDDM.SYS
13:20:16.0780 3916 DRVEDDM - ok
13:20:16.0931 3916 dump_wmimmc - ok
13:20:16.0971 3916 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:20:16.0994 3916 DXGKrnl - ok
13:20:17.0026 3916 EagleX64 - ok
13:20:17.0093 3916 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:20:17.0157 3916 ebdrv - ok
13:20:17.0200 3916 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:20:17.0215 3916 elxstor - ok
13:20:17.0274 3916 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:20:17.0300 3916 ErrDev - ok
13:20:17.0324 3916 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:20:17.0387 3916 exfat - ok
13:20:17.0405 3916 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:20:17.0458 3916 fastfat - ok
13:20:17.0497 3916 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:20:17.0526 3916 fdc - ok
13:20:17.0560 3916 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:20:17.0568 3916 FileInfo - ok
13:20:17.0605 3916 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:20:17.0640 3916 Filetrace - ok
13:20:17.0663 3916 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:20:17.0688 3916 flpydisk - ok
13:20:17.0767 3916 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:20:17.0779 3916 FltMgr - ok
13:20:17.0804 3916 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:20:17.0812 3916 FsDepends - ok
13:20:17.0850 3916 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:20:17.0858 3916 Fs_Rec - ok
13:20:17.0924 3916 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:20:17.0937 3916 fvevol - ok
13:20:18.0001 3916 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:20:18.0009 3916 gagp30kx - ok
13:20:18.0044 3916 gdwfpcd (fc9b3d24e18d08200f31aa3bace42f6a) C:\Windows\system32\drivers\gdwfpcd64.sys
13:20:18.0070 3916 gdwfpcd - ok
13:20:18.0113 3916 GearAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\drivers\GEARAspiWDM.sys
13:20:18.0119 3916 GearAspiWDM - ok
13:20:18.0160 3916 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
13:20:18.0166 3916 hamachi - ok
13:20:18.0237 3916 hardlock (d8bf3c594bd17a37960362e6c6739b90) C:\Windows\system32\drivers\hardlock.sys
13:20:18.0249 3916 hardlock - ok
13:20:18.0281 3916 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:20:18.0334 3916 hcw85cir - ok
13:20:18.0404 3916 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:20:18.0431 3916 HdAudAddService - ok
13:20:18.0495 3916 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
13:20:18.0506 3916 HDAudBus - ok
13:20:18.0534 3916 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:20:18.0554 3916 HidBatt - ok
13:20:18.0575 3916 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:20:18.0598 3916 HidBth - ok
13:20:18.0644 3916 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:20:18.0669 3916 HidIr - ok
13:20:18.0709 3916 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
13:20:18.0719 3916 HidUsb - ok
13:20:18.0785 3916 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:20:18.0793 3916 HpSAMD - ok
13:20:18.0855 3916 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:20:18.0912 3916 HTTP - ok
13:20:18.0940 3916 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:20:18.0947 3916 hwpolicy - ok
13:20:18.0963 3916 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:20:18.0974 3916 i8042prt - ok
13:20:19.0047 3916 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:20:19.0061 3916 iaStorV - ok
13:20:19.0095 3916 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:20:19.0103 3916 iirsp - ok
13:20:19.0386 3916 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys
13:20:19.0423 3916 IntcAzAudAddService - ok
13:20:19.0572 3916 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:20:19.0580 3916 intelide - ok
13:20:19.0627 3916 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:20:19.0652 3916 intelppm - ok
13:20:19.0681 3916 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:20:19.0720 3916 IpFilterDriver - ok
13:20:19.0769 3916 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:20:19.0792 3916 IPMIDRV - ok
13:20:19.0835 3916 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:20:19.0873 3916 IPNAT - ok
13:20:19.0914 3916 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:20:19.0946 3916 IRENUM - ok
13:20:19.0964 3916 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:20:19.0972 3916 isapnp - ok
13:20:20.0017 3916 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:20:20.0029 3916 iScsiPrt - ok
13:20:20.0058 3916 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:20:20.0066 3916 kbdclass - ok
13:20:20.0134 3916 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:20:20.0156 3916 kbdhid - ok
13:20:20.0207 3916 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
13:20:20.0215 3916 KSecDD - ok
13:20:20.0300 3916 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
13:20:20.0310 3916 KSecPkg - ok
13:20:20.0332 3916 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:20:20.0372 3916 ksthunk - ok
13:20:20.0419 3916 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:20:20.0455 3916 lltdio - ok
13:20:20.0529 3916 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:20:20.0538 3916 LSI_FC - ok
13:20:20.0555 3916 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:20:20.0563 3916 LSI_SAS - ok
13:20:20.0584 3916 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:20:20.0593 3916 LSI_SAS2 - ok
13:20:20.0629 3916 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:20:20.0638 3916 LSI_SCSI - ok
13:20:20.0655 3916 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:20:20.0691 3916 luafv - ok
13:20:20.0723 3916 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:20:20.0731 3916 megasas - ok
13:20:20.0768 3916 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:20:20.0780 3916 MegaSR - ok
13:20:20.0796 3916 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:20:20.0834 3916 Modem - ok
13:20:20.0857 3916 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:20:20.0902 3916 monitor - ok
13:20:20.0937 3916 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
13:20:20.0945 3916 mouclass - ok
13:20:20.0958 3916 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:20:20.0981 3916 mouhid - ok
13:20:21.0041 3916 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:20:21.0049 3916 mountmgr - ok
13:20:21.0089 3916 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:20:21.0099 3916 mpio - ok
13:20:21.0138 3916 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:20:21.0179 3916 mpsdrv - ok
13:20:21.0207 3916 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:20:21.0270 3916 MRxDAV - ok
13:20:21.0314 3916 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:20:21.0347 3916 mrxsmb - ok
13:20:21.0380 3916 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:20:21.0418 3916 mrxsmb10 - ok
13:20:21.0444 3916 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:20:21.0466 3916 mrxsmb20 - ok
13:20:21.0508 3916 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:20:21.0516 3916 msahci - ok
13:20:21.0563 3916 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:20:21.0572 3916 msdsm - ok
13:20:21.0605 3916 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:20:21.0630 3916 Msfs - ok
13:20:21.0676 3916 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:20:21.0717 3916 mshidkmdf - ok
13:20:21.0737 3916 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:20:21.0744 3916 msisadrv - ok
13:20:21.0802 3916 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:20:21.0838 3916 MSKSSRV - ok
13:20:21.0859 3916 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:20:21.0894 3916 MSPCLOCK - ok
13:20:21.0916 3916 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:20:21.0961 3916 MSPQM - ok
13:20:22.0000 3916 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:20:22.0013 3916 MsRPC - ok
13:20:22.0038 3916 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:20:22.0044 3916 mssmbios - ok
13:20:22.0081 3916 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:20:22.0125 3916 MSTEE - ok
13:20:22.0173 3916 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:20:22.0205 3916 MTConfig - ok
13:20:22.0238 3916 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:20:22.0246 3916 Mup - ok
13:20:22.0309 3916 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:20:22.0325 3916 NativeWifiP - ok
13:20:22.0364 3916 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:20:22.0387 3916 NDIS - ok
13:20:22.0412 3916 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:20:22.0452 3916 NdisCap - ok
13:20:22.0485 3916 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:20:22.0525 3916 NdisTapi - ok
13:20:22.0565 3916 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:20:22.0615 3916 Ndisuio - ok
13:20:22.0677 3916 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:20:22.0711 3916 NdisWan - ok
13:20:22.0750 3916 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:20:22.0784 3916 NDProxy - ok
13:20:22.0846 3916 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:20:22.0884 3916 NetBIOS - ok
13:20:22.0938 3916 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:20:22.0964 3916 NetBT - ok
13:20:23.0048 3916 netr28ux (ba90f3931815703924bfe4d29d27a06c) C:\Windows\system32\DRIVERS\netr28ux.sys
13:20:23.0076 3916 netr28ux - ok
13:20:23.0115 3916 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:20:23.0123 3916 nfrd960 - ok
13:20:23.0202 3916 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
13:20:23.0208 3916 NPF - ok
13:20:23.0231 3916 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:20:23.0272 3916 Npfs - ok
13:20:23.0340 3916 NPPTNT2 - ok
13:20:23.0362 3916 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:20:23.0398 3916 nsiproxy - ok
13:20:23.0456 3916 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:20:23.0488 3916 Ntfs - ok
13:20:23.0510 3916 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:20:23.0549 3916 Null - ok
13:20:23.0740 3916 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:20:23.0926 3916 nvlddmkm - ok
13:20:24.0024 3916 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:20:24.0034 3916 nvraid - ok
13:20:24.0055 3916 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:20:24.0065 3916 nvstor - ok
13:20:24.0092 3916 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:20:24.0102 3916 nv_agp - ok
13:20:24.0124 3916 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:20:24.0133 3916 ohci1394 - ok
13:20:24.0166 3916 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:20:24.0184 3916 Parport - ok
13:20:24.0213 3916 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:20:24.0221 3916 partmgr - ok
13:20:24.0259 3916 pbfilter - ok
13:20:24.0286 3916 pccsmcfd (81b5e63131090879ad6ef9f32109b88d) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
13:20:24.0319 3916 pccsmcfd - ok
13:20:24.0341 3916 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
13:20:24.0352 3916 pci - ok
13:20:24.0377 3916 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:20:24.0384 3916 pciide - ok
13:20:24.0408 3916 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:20:24.0418 3916 pcmcia - ok
13:20:24.0473 3916 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
13:20:24.0503 3916 pcouffin - ok
13:20:24.0517 3916 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:20:24.0525 3916 pcw - ok
13:20:24.0547 3916 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:20:24.0616 3916 PEAUTH - ok
13:20:24.0842 3916 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:20:24.0875 3916 PptpMiniport - ok
13:20:24.0894 3916 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:20:24.0923 3916 Processor - ok
13:20:24.0990 3916 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:20:25.0029 3916 Psched - ok
13:20:25.0062 3916 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
13:20:25.0069 3916 PxHlpa64 - ok
13:20:25.0139 3916 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:20:25.0170 3916 ql2300 - ok
13:20:25.0184 3916 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:20:25.0193 3916 ql40xx - ok
13:20:25.0210 3916 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:20:25.0235 3916 QWAVEdrv - ok
13:20:25.0267 3916 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:20:25.0307 3916 RasAcd - ok
13:20:25.0336 3916 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:20:25.0379 3916 RasAgileVpn - ok
13:20:25.0413 3916 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:20:25.0453 3916 Rasl2tp - ok
13:20:25.0471 3916 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:20:25.0506 3916 RasPppoe - ok
13:20:25.0523 3916 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:20:25.0550 3916 RasSstp - ok
13:20:25.0583 3916 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:20:25.0623 3916 rdbss - ok
13:20:25.0645 3916 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:20:25.0666 3916 rdpbus - ok
13:20:25.0697 3916 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:20:25.0737 3916 RDPCDD - ok
13:20:25.0759 3916 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:20:25.0795 3916 RDPENCDD - ok
13:20:25.0815 3916 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:20:25.0840 3916 RDPREFMP - ok
13:20:25.0874 3916 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
13:20:25.0901 3916 RDPWD - ok
13:20:25.0935 3916 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:20:25.0946 3916 rdyboost - ok
13:20:26.0000 3916 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:20:26.0024 3916 RFCOMM - ok
13:20:26.0083 3916 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:20:26.0124 3916 rspndr - ok
13:20:26.0149 3916 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:20:26.0161 3916 RTL8167 - ok
13:20:26.0172 3916 RxFilter (2dddd6e3fadee0d89365bfb90b1beeb9) C:\Windows\system32\DRIVERS\RxFilter.sys
13:20:26.0195 3916 RxFilter ( UnsignedFile.Multi.Generic ) - warning
13:20:26.0195 3916 RxFilter - detected UnsignedFile.Multi.Generic (1)
13:20:26.0228 3916 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:20:26.0238 3916 sbp2port - ok
13:20:26.0269 3916 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:20:26.0306 3916 scfilter - ok
13:20:26.0342 3916 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:20:26.0382 3916 secdrv - ok
13:20:26.0425 3916 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:20:26.0435 3916 Serenum - ok
13:20:26.0453 3916 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:20:26.0477 3916 Serial - ok
13:20:26.0495 3916 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:20:26.0503 3916 sermouse - ok
13:20:26.0532 3916 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:20:26.0551 3916 sffdisk - ok
13:20:26.0573 3916 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:20:26.0596 3916 sffp_mmc - ok
13:20:26.0604 3916 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:20:26.0630 3916 sffp_sd - ok
13:20:26.0660 3916 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:20:26.0668 3916 sfloppy - ok
13:20:26.0712 3916 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:20:26.0720 3916 SiSRaid2 - ok
13:20:26.0734 3916 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:20:26.0742 3916 SiSRaid4 - ok
13:20:26.0772 3916 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:20:26.0815 3916 Smb - ok
13:20:26.0856 3916 SndTAudio (5c46d998646a88c55c740179f33504ce) C:\Windows\system32\drivers\SndTAudio.sys
13:20:26.0864 3916 SndTAudio - ok
13:20:26.0890 3916 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:20:26.0898 3916 spldr - ok
13:20:26.0948 3916 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
13:20:26.0948 3916 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
13:20:26.0950 3916 sptd ( LockedFile.Multi.Generic ) - warning
13:20:26.0950 3916 sptd - detected LockedFile.Multi.Generic (1)
13:20:27.0001 3916 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:20:27.0042 3916 srv - ok
13:20:27.0087 3916 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:20:27.0102 3916 srv2 - ok
13:20:27.0126 3916 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:20:27.0143 3916 srvnet - ok
13:20:27.0197 3916 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:20:27.0205 3916 stexstor - ok
13:20:27.0250 3916 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
13:20:27.0272 3916 StillCam - ok
13:20:27.0327 3916 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:20:27.0334 3916 swenum - ok
13:20:27.0375 3916 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
13:20:27.0382 3916 taphss - ok
13:20:27.0444 3916 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:20:27.0481 3916 Tcpip - ok
13:20:27.0519 3916 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:20:27.0546 3916 TCPIP6 - ok
13:20:27.0576 3916 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:20:27.0609 3916 tcpipreg - ok
13:20:27.0642 3916 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:20:27.0681 3916 TDPIPE - ok
13:20:27.0699 3916 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:20:27.0724 3916 TDTCP - ok
13:20:27.0762 3916 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:20:27.0800 3916 tdx - ok
13:20:27.0854 3916 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
13:20:27.0863 3916 TermDD - ok
13:20:27.0872 3916 TFsExDisk - ok
13:20:27.0919 3916 TIEHDUSB (199c2e87d9a5ec58d0bcd94e893bf629) C:\Windows\system32\DRIVERS\tiehdusb.sys
13:20:27.0950 3916 TIEHDUSB - ok
13:20:27.0981 3916 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:20:28.0017 3916 tssecsrv - ok
13:20:28.0049 3916 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:20:28.0082 3916 TsUsbFlt - ok
13:20:28.0130 3916 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:20:28.0160 3916 tunnel - ok
13:20:28.0183 3916 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:20:28.0192 3916 uagp35 - ok
13:20:28.0227 3916 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:20:28.0266 3916 udfs - ok
13:20:28.0305 3916 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:20:28.0314 3916 uliagpkx - ok
13:20:28.0340 3916 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\drivers\umbus.sys
13:20:28.0362 3916 umbus - ok
13:20:28.0391 3916 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:20:28.0415 3916 UmPass - ok
13:20:28.0454 3916 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
13:20:28.0488 3916 USBAAPL64 - ok
13:20:28.0519 3916 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:20:28.0541 3916 usbccgp - ok
13:20:28.0580 3916 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:20:28.0601 3916 usbcir - ok
13:20:28.0628 3916 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:20:28.0662 3916 usbehci - ok
13:20:28.0688 3916 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:20:28.0716 3916 usbhub - ok
13:20:28.0743 3916 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
13:20:28.0762 3916 usbohci - ok
13:20:28.0798 3916 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:20:28.0823 3916 usbprint - ok
13:20:28.0845 3916 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:20:28.0865 3916 USBSTOR - ok
13:20:28.0880 3916 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:20:28.0906 3916 usbuhci - ok
13:20:28.0939 3916 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:20:28.0948 3916 vdrvroot - ok
13:20:28.0966 3916 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:20:28.0977 3916 vga - ok
13:20:28.0991 3916 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:20:29.0017 3916 VgaSave - ok
13:20:29.0055 3916 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:20:29.0065 3916 vhdmp - ok
13:20:29.0083 3916 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:20:29.0090 3916 viaide - ok
13:20:29.0116 3916 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
13:20:29.0124 3916 volmgr - ok
13:20:29.0161 3916 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:20:29.0173 3916 volmgrx - ok
13:20:29.0198 3916 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
13:20:29.0209 3916 volsnap - ok
13:20:29.0245 3916 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:20:29.0255 3916 vsmraid - ok
13:20:29.0272 3916 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:20:29.0296 3916 vwifibus - ok
13:20:29.0336 3916 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:20:29.0358 3916 vwififlt - ok
13:20:29.0388 3916 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:20:29.0409 3916 WacomPen - ok
13:20:29.0439 3916 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:20:29.0466 3916 WANARP - ok
13:20:29.0476 3916 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:20:29.0501 3916 Wanarpv6 - ok
13:20:29.0550 3916 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:20:29.0558 3916 Wd - ok
13:20:29.0583 3916 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:20:29.0600 3916 Wdf01000 - ok
13:20:29.0642 3916 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:20:29.0684 3916 WfpLwf - ok
13:20:29.0715 3916 WimFltr (d1d786ae896be1f81132902d6206479c) C:\Windows\system32\DRIVERS\wimfltr.sys
13:20:29.0726 3916 WimFltr - ok
13:20:29.0746 3916 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:20:29.0753 3916 WIMMount - ok
13:20:29.0846 3916 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:20:29.0858 3916 WinUsb - ok
13:20:29.0884 3916 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:20:29.0904 3916 WmiAcpi - ok
13:20:29.0953 3916 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:20:29.0989 3916 ws2ifsl - ok
13:20:30.0037 3916 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:20:30.0063 3916 WudfPf - ok
13:20:30.0072 3916 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:20:30.0098 3916 WUDFRd - ok
13:20:30.0142 3916 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
13:20:30.0175 3916 xusb21 - ok
13:20:30.0228 3916 MBR (0x1B8) (77443cb5ff3d84f5ff3288a9c441020a) \Device\Harddisk0\DR0
13:20:30.0507 3916 \Device\Harddisk0\DR0 - ok
13:20:30.0523 3916 MBR (0x1B8) (a3eb1aed427833056370f3570283d6d0) \Device\Harddisk5\DR5
13:20:30.0624 3916 \Device\Harddisk5\DR5 - ok
13:20:30.0625 3916 Boot (0x1200) (4f82a57ef58abbde8769a0efd747a915) \Device\Harddisk0\DR0\Partition0
13:20:30.0626 3916 \Device\Harddisk0\DR0\Partition0 - ok
13:20:30.0629 3916 Boot (0x1200) (1d0d4bdfbb4597fad7cec34671a26102) \Device\Harddisk0\DR0\Partition1
13:20:30.0630 3916 \Device\Harddisk0\DR0\Partition1 - ok
13:20:30.0649 3916 Boot (0x1200) (ea5977bb6280339df65609ab957d45f1) \Device\Harddisk0\DR0\Partition2
13:20:30.0650 3916 \Device\Harddisk0\DR0\Partition2 - ok
13:20:30.0652 3916 Boot (0x1200) (b94d335ed3016158cdcdcef851c40e16) \Device\Harddisk5\DR5\Partition0
13:20:30.0653 3916 \Device\Harddisk5\DR5\Partition0 - ok
13:20:30.0654 3916 ============================================================
13:20:30.0654 3916 Scan finished
13:20:30.0654 3916 ============================================================
13:20:30.0663 7324 Detected object count: 2
13:20:30.0663 7324 Actual detected object count: 2
13:21:21.0428 7324 RxFilter ( UnsignedFile.Multi.Generic ) - skipped by user
13:21:21.0428 7324 RxFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:21:21.0429 7324 sptd ( LockedFile.Multi.Generic ) - skipped by user
13:21:21.0429 7324 sptd ( LockedFile.Multi.Generic ) - User select action: Skip


[b:c879a59c6d]ComboFix log:[/b:c879a59c6d]

ComboFix 12-01-06.03 - Milan 07-01-2012 13:52:12.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2359 [GMT 1:00]
Gestart vanuit: c:\users\Milan\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\DragToDiscUserNameF.txt
c:\users\Milan\AppData\Local\assembly\tmp
c:\users\Milan\AppData\Roaming\inst.exe
c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1 .lnk
c:\users\Public\mdsys.s
c:\users\Public\mdusys.s
c:\windows\shutdown.dll
c:\windows\system32\java.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
D:\install.exe
E:\Autorun.inf
K:\autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
——-\Legacy_NPF
——-\Service_NPF
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-07 to 2012-01-07 ))))))))))))))))))))))))))))))
.
.
2012-01-07 12:58 . 2012-01-07 12:58 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-01-05 14:14 . 2012-01-05 14:14 ——– d—–w- c:\program files (x86)\LogMeIn Hamachi
2012-01-04 15:31 . 2012-01-04 15:31 ——– d—–w- c:\users\Milan\AppData\Roaming\Image-Line
2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\programdata\Skyline
2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\program files (x86)\Skyline
2011-12-27 17:23 . 2011-12-27 17:23 ——– d—–w- c:\program files (x86)\TeamViewer
2011-12-15 15:41 . 2011-12-15 16:24 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server
2011-12-15 07:39 . 2011-10-26 05:21 43520 —-a-w- c:\windows\system32\csrsrv.dll
2011-12-15 07:39 . 2011-11-05 05:41 1188864 —-a-w- c:\windows\system32\wininet.dll
2011-12-15 04:39 . 2011-12-15 04:39 42392 —-a-w- c:\windows\SysWow64\xfcodec.dll
2011-12-15 04:39 . 2011-12-15 04:39 28056 —-a-w- c:\windows\system32\xfcodec64.dll
2011-12-14 17:50 . 2011-12-14 17:51 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server ernis 1.0.0
2011-12-14 16:03 . 2011-12-14 16:03 ——– d—–w- c:\program files\iPod
2011-12-14 16:03 . 2011-12-14 16:04 ——– d—–w- c:\program files\iTunes
2011-12-08 15:28 . 2011-12-08 15:28 ——– d—–w- c:\program files (x86)\Common Files\Java
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-08 15:27 . 2010-05-02 19:41 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
2011-11-29 13:17 . 2011-11-29 13:17 159744 —-a-w- c:\windows\system32\atiapfxx.exe
2011-11-29 13:17 . 2011-11-29 13:17 39936 —-a-w- c:\windows\system32\atig6txx.dll
2011-11-29 13:17 . 2011-11-29 13:17 31744 —-a-w- c:\windows\SysWow64\atiuxpag.dll
2011-11-29 13:17 . 2011-11-29 13:17 10207232 —-a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-29 13:17 . 2011-11-29 13:17 51200 —-a-w- c:\windows\system32\aticalrt64.dll
2011-11-29 13:17 . 2011-11-29 13:17 120320 —-a-w- c:\windows\system32\atitmm64.dll
2011-11-29 13:17 . 2011-11-29 13:17 356352 —-a-w- c:\windows\SysWow64\atipdlxx.dll
2011-11-29 13:17 . 2010-12-27 15:39 38912 —-a-w- c:\windows\system32\atiu9p64.dll
2011-11-29 13:17 . 2011-11-29 13:17 278528 —-a-w- c:\windows\SysWow64\Oemdspif.dll
2011-11-29 13:17 . 2011-11-29 13:17 1828864 —-a-w- c:\windows\SysWow64\atiumdmv.dll
2011-11-29 13:17 . 2011-11-29 13:17 8391680 —-a-w- c:\windows\SysWow64\aticaldd.dll
2011-11-29 13:17 . 2011-11-29 13:16 18630656 —-a-w- c:\windows\SysWow64\atioglxx.dll
2011-11-29 13:17 . 2010-12-27 15:42 40960 —-a-w- c:\windows\system32\atiuxp64.dll
2011-11-29 13:17 . 2011-11-29 13:17 17408 —-a-w- c:\windows\system32\atig6pxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 4231680 —-a-w- c:\windows\SysWow64\atidxx32.dll
2011-11-29 13:17 . 2011-11-29 13:17 32768 —-a-w- c:\windows\SysWow64\atigktxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\atimpc32.dll
2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\amdpcom32.dll
2011-11-29 13:17 . 2011-11-29 13:17 1113088 —-a-w- c:\windows\system32\atiumd6v.dll
2011-11-29 13:17 . 2011-09-08 17:05 4289024 —-a-w- c:\windows\SysWow64\atiumdag.dll
2011-11-29 13:17 . 2010-12-27 15:41 479744 —-a-w- c:\windows\system32\atiadlxx.dll
2011-11-29 13:17 . 2010-12-27 15:41 58880 —-a-w- c:\windows\system32\coinst.dll
2011-11-29 13:17 . 2011-11-29 13:16 24629760 —-a-w- c:\windows\system32\atio6axx.dll
2011-11-29 13:17 . 2011-11-29 13:17 46080 —-a-w- c:\windows\SysWow64\aticalrt.dll
2011-11-29 13:17 . 2009-11-04 15:31 4960768 —-a-w- c:\windows\system32\atidxx64.dll
2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\atimpc64.dll
2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\amdpcom64.dll
2011-11-29 13:17 . 2010-12-27 15:42 736768 —-a-w- c:\windows\SysWow64\aticfx32.dll
2011-11-29 13:17 . 2010-12-27 15:41 867328 —-a-w- c:\windows\system32\aticfx64.dll
2011-11-29 13:17 . 2011-11-29 13:17 53248 —-a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-29 13:17 . 2011-11-29 13:17 466944 —-a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-29 13:17 . 2011-11-29 13:17 317952 —-a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\SysWow64\atiglpxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\system32\atiglpxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 487936 —-a-w- c:\windows\system32\atieclxx.exe
2011-11-29 13:17 . 2011-09-08 17:08 4174848 —-a-w- c:\windows\SysWow64\atiumdva.dll
2011-11-29 13:17 . 2011-11-29 13:17 44032 —-a-w- c:\windows\SysWow64\aticalcl.dll
2011-11-29 13:17 . 2010-12-27 15:39 29184 —-a-w- c:\windows\SysWow64\atiu9pag.dll
2011-11-29 13:17 . 2011-11-29 13:16 9877504 —-a-w- c:\windows\system32\aticaldd64.dll
2011-11-29 13:16 . 2011-11-29 13:16 423424 —-a-w- c:\windows\system32\atipdl64.dll
2011-11-29 13:16 . 2011-11-29 13:16 21504 —-a-w- c:\windows\system32\atimuixx.dll
2011-11-29 13:16 . 2011-09-13 17:10 5431808 —-a-w- c:\windows\system32\atiumd64.dll
2011-11-29 13:16 . 2011-11-29 13:16 43520 —-a-w- c:\windows\SysWow64\ati2edxx.dll
2011-11-29 13:16 . 2011-11-29 13:16 335872 —-a-w- c:\windows\SysWow64\atiadlxy.dll
2011-11-29 13:16 . 2011-11-29 13:16 44544 —-a-w- c:\windows\system32\aticalcl64.dll
2011-11-29 13:16 . 2011-11-29 13:16 204288 —-a-w- c:\windows\system32\atiesrxx.exe
2011-11-29 13:16 . 2011-11-29 13:16 59392 —-a-w- c:\windows\system32\atiedu64.dll
2011-11-29 13:16 . 2011-09-13 17:10 4023296 —-a-w- c:\windows\system32\atiumd6a.dll
2011-11-26 14:19 . 2011-05-28 17:53 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut5_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut3_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut2_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-20 23:26 . 2011-10-20 23:26 94208 —-a-w- c:\windows\SysWow64\dpl100.dll
2011-10-20 17:01 . 2011-10-20 17:01 3584 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2006-05-03 10:06 163328 –sh–r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 –sh–r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 –sh–r- c:\windows\SysWOW64\nbDX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"="k:\program files (x86)\BitLord\BitLord.exe" [2005-05-07 2224128]
"Steam"="d:\program files (x86)\PacSteamT\steam.exe" [2011-08-15 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="k:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AOD"="c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" [2011-07-28 361984]
.
c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ToolBox.lnk - d:\program files (x86)\ToolBox v2.97j\toolbox.exe [2011-7-7 2193408]
Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-12-15 3527576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-3-14 113664]
Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe [2010-1-22 1773568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Webzen\ArchLord\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [x]
R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2010-09-10 348160]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 DLACDBHE;DLACDBHE;c:\windows\system32\Drivers\DLACDBHE.SYS [x]
S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS [x]
S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DLABMFSE;DLABMFSE;c:\windows\system32\DLA\DLABMFSE.SYS [x]
S2 DLABOIOE;DLABOIOE;c:\windows\system32\DLA\DLABOIOE.SYS [x]
S2 DLADResE;DLADResE;c:\windows\system32\DLA\DLADResE.SYS [x]
S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\DLA\DLAIFS_E.SYS [x]
S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\DLA\DLAOPIOE.SYS [x]
S2 DLAPoolE;DLAPoolE;c:\windows\system32\DLA\DLAPoolE.SYS [x]
S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\DLA\DLAUDF_E.SYS [x]
S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\DLA\DLAUDFAE.SYS [x]
S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 TeamViewer6;TeamViewer 6;d:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S3 ALSysIO;ALSysIO;c:\users\Milan\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
——— x86-64 ———–
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-09 171520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"combofix"="c:\combofix\CF577.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
mSearch Bar = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: Interfaces\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
TCP: Interfaces\{AB8621B3-0285-48BA-8FC8-F18

De ComboFix scan duurde ongeveer 15 minuten van start tot log.
Als ik Verkenner, Configuratiescherm of "Bureaublad aan voorkeur aanpassen" probeer te starten geeft ie nogsteeds dezelfde errors.

(Ik kon dit niet in m'n vorige post zetten want hij sloeg het niet op.)

Het ComboFix log is niet compleet.

Dus ga naar C:\ComboFix.txt en kopieer de gehele inhoud van het log en post dat in je volgende bericht.

Overigens, ik kan niet toveren en die tools ook niet.
Dus verwcht nu niet dat je probleem een twee drie opgelost is.
Maar ik vind het wel fijn dat je tevens meld dat het probleem nog bestaat.

En ik ga vragen of deze topic naar Beveiliging verplaatst kan woden!

[quote:be1faafb8d="Abraham54"]Het ComboFix log is niet compleet.

Dus ga naar C:\ComboFix.txt en kopieer de gehele inhoud van het log en post dat in je volgende bericht.

Overigens, ik kan niet toveren en die tools ook niet.
Dus verwcht nu niet dat je probleem een twee drie opgelost is.
Maar ik vind het wel fijn dat je tevens meld dat het probleem nog bestaat.

En ik ga vragen of deze topic naar Beveiliging verplaatst kan woden![/quote:be1faafb8d]

Ik zie nu ook dat het combofix log niet compleet is, sorry hiervoor. Dit komt omdat er een limiet is aan de lengte van een post die je kan maken, daardoor pastte niet het hele log erop. Dit had ik niet opgemerkt. Hier de complete log:

[b:be1faafb8d]ComboFix Log[/b:be1faafb8d]

ComboFix 12-01-06.03 - Milan 07-01-2012 13:52:12.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2359 [GMT 1:00]
Gestart vanuit: c:\users\Milan\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\DragToDiscUserNameF.txt
c:\users\Milan\AppData\Local\assembly\tmp
c:\users\Milan\AppData\Roaming\inst.exe
c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1 .lnk
c:\users\Public\mdsys.s
c:\users\Public\mdusys.s
c:\windows\shutdown.dll
c:\windows\system32\java.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
D:\install.exe
E:\Autorun.inf
K:\autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
——-\Legacy_NPF
——-\Service_NPF
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-07 to 2012-01-07 ))))))))))))))))))))))))))))))
.
.
2012-01-07 12:58 . 2012-01-07 12:58 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-01-05 14:14 . 2012-01-05 14:14 ——– d—–w- c:\program files (x86)\LogMeIn Hamachi
2012-01-04 15:31 . 2012-01-04 15:31 ——– d—–w- c:\users\Milan\AppData\Roaming\Image-Line
2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\programdata\Skyline
2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\program files (x86)\Skyline
2011-12-27 17:23 . 2011-12-27 17:23 ——– d—–w- c:\program files (x86)\TeamViewer
2011-12-15 15:41 . 2011-12-15 16:24 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server
2011-12-15 07:39 . 2011-10-26 05:21 43520 —-a-w- c:\windows\system32\csrsrv.dll
2011-12-15 07:39 . 2011-11-05 05:41 1188864 —-a-w- c:\windows\system32\wininet.dll
2011-12-15 04:39 . 2011-12-15 04:39 42392 —-a-w- c:\windows\SysWow64\xfcodec.dll
2011-12-15 04:39 . 2011-12-15 04:39 28056 —-a-w- c:\windows\system32\xfcodec64.dll
2011-12-14 17:50 . 2011-12-14 17:51 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server ernis 1.0.0
2011-12-14 16:03 . 2011-12-14 16:03 ——– d—–w- c:\program files\iPod
2011-12-14 16:03 . 2011-12-14 16:04 ——– d—–w- c:\program files\iTunes
2011-12-08 15:28 . 2011-12-08 15:28 ——– d—–w- c:\program files (x86)\Common Files\Java
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-08 15:27 . 2010-05-02 19:41 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
2011-11-29 13:17 . 2011-11-29 13:17 159744 —-a-w- c:\windows\system32\atiapfxx.exe
2011-11-29 13:17 . 2011-11-29 13:17 39936 —-a-w- c:\windows\system32\atig6txx.dll
2011-11-29 13:17 . 2011-11-29 13:17 31744 —-a-w- c:\windows\SysWow64\atiuxpag.dll
2011-11-29 13:17 . 2011-11-29 13:17 10207232 —-a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-29 13:17 . 2011-11-29 13:17 51200 —-a-w- c:\windows\system32\aticalrt64.dll
2011-11-29 13:17 . 2011-11-29 13:17 120320 —-a-w- c:\windows\system32\atitmm64.dll
2011-11-29 13:17 . 2011-11-29 13:17 356352 —-a-w- c:\windows\SysWow64\atipdlxx.dll
2011-11-29 13:17 . 2010-12-27 15:39 38912 —-a-w- c:\windows\system32\atiu9p64.dll
2011-11-29 13:17 . 2011-11-29 13:17 278528 —-a-w- c:\windows\SysWow64\Oemdspif.dll
2011-11-29 13:17 . 2011-11-29 13:17 1828864 —-a-w- c:\windows\SysWow64\atiumdmv.dll
2011-11-29 13:17 . 2011-11-29 13:17 8391680 —-a-w- c:\windows\SysWow64\aticaldd.dll
2011-11-29 13:17 . 2011-11-29 13:16 18630656 —-a-w- c:\windows\SysWow64\atioglxx.dll
2011-11-29 13:17 . 2010-12-27 15:42 40960 —-a-w- c:\windows\system32\atiuxp64.dll
2011-11-29 13:17 . 2011-11-29 13:17 17408 —-a-w- c:\windows\system32\atig6pxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 4231680 —-a-w- c:\windows\SysWow64\atidxx32.dll
2011-11-29 13:17 . 2011-11-29 13:17 32768 —-a-w- c:\windows\SysWow64\atigktxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\atimpc32.dll
2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\amdpcom32.dll
2011-11-29 13:17 . 2011-11-29 13:17 1113088 —-a-w- c:\windows\system32\atiumd6v.dll
2011-11-29 13:17 . 2011-09-08 17:05 4289024 —-a-w- c:\windows\SysWow64\atiumdag.dll
2011-11-29 13:17 . 2010-12-27 15:41 479744 —-a-w- c:\windows\system32\atiadlxx.dll
2011-11-29 13:17 . 2010-12-27 15:41 58880 —-a-w- c:\windows\system32\coinst.dll
2011-11-29 13:17 . 2011-11-29 13:16 24629760 —-a-w- c:\windows\system32\atio6axx.dll
2011-11-29 13:17 . 2011-11-29 13:17 46080 —-a-w- c:\windows\SysWow64\aticalrt.dll
2011-11-29 13:17 . 2009-11-04 15:31 4960768 —-a-w- c:\windows\system32\atidxx64.dll
2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\atimpc64.dll
2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\amdpcom64.dll
2011-11-29 13:17 . 2010-12-27 15:42 736768 —-a-w- c:\windows\SysWow64\aticfx32.dll
2011-11-29 13:17 . 2010-12-27 15:41 867328 —-a-w- c:\windows\system32\aticfx64.dll
2011-11-29 13:17 . 2011-11-29 13:17 53248 —-a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-29 13:17 . 2011-11-29 13:17 466944 —-a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-29 13:17 . 2011-11-29 13:17 317952 —-a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\SysWow64\atiglpxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\system32\atiglpxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 487936 —-a-w- c:\windows\system32\atieclxx.exe
2011-11-29 13:17 . 2011-09-08 17:08 4174848 —-a-w- c:\windows\SysWow64\atiumdva.dll
2011-11-29 13:17 . 2011-11-29 13:17 44032 —-a-w- c:\windows\SysWow64\aticalcl.dll
2011-11-29 13:17 . 2010-12-27 15:39 29184 —-a-w- c:\windows\SysWow64\atiu9pag.dll
2011-11-29 13:17 . 2011-11-29 13:16 9877504 —-a-w- c:\windows\system32\aticaldd64.dll
2011-11-29 13:16 . 2011-11-29 13:16 423424 —-a-w- c:\windows\system32\atipdl64.dll
2011-11-29 13:16 . 2011-11-29 13:16 21504 —-a-w- c:\windows\system32\atimuixx.dll
2011-11-29 13:16 . 2011-09-13 17:10 5431808 —-a-w- c:\windows\system32\atiumd64.dll
2011-11-29 13:16 . 2011-11-29 13:16 43520 —-a-w- c:\windows\SysWow64\ati2edxx.dll
2011-11-29 13:16 . 2011-11-29 13:16 335872 —-a-w- c:\windows\SysWow64\atiadlxy.dll
2011-11-29 13:16 . 2011-11-29 13:16 44544 —-a-w- c:\windows\system32\aticalcl64.dll
2011-11-29 13:16 . 2011-11-29 13:16 204288 —-a-w- c:\windows\system32\atiesrxx.exe
2011-11-29 13:16 . 2011-11-29 13:16 59392 —-a-w- c:\windows\system32\atiedu64.dll
2011-11-29 13:16 . 2011-09-13 17:10 4023296 —-a-w- c:\windows\system32\atiumd6a.dll
2011-11-26 14:19 . 2011-05-28 17:53 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut5_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut3_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut2_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-20 23:26 . 2011-10-20 23:26 94208 —-a-w- c:\windows\SysWow64\dpl100.dll
2011-10-20 17:01 . 2011-10-20 17:01 3584 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2006-05-03 10:06 163328 –sh–r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 –sh–r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 –sh–r- c:\windows\SysWOW64\nbDX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"="k:\program files (x86)\BitLord\BitLord.exe" [2005-05-07 2224128]
"Steam"="d:\program files (x86)\PacSteamT\steam.exe" [2011-08-15 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="k:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AOD"="c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" [2011-07-28 361984]
.
c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ToolBox.lnk - d:\program files (x86)\ToolBox v2.97j\toolbox.exe [2011-7-7 2193408]
Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-12-15 3527576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-3-14 113664]
Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe [2010-1-22 1773568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Webzen\ArchLord\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [x]
R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2010-09-10 348160]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 DLACDBHE;DLACDBHE;c:\windows\system32\Drivers\DLACDBHE.SYS [x]
S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS [x]
S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DLABMFSE;DLABMFSE;c:\windows\system32\DLA\DLABMFSE.SYS [x]
S2 DLABOIOE;DLABOIOE;c:\windows\system32\DLA\DLABOIOE.SYS [x]
S2 DLADResE;DLADResE;c:\windows\system32\DLA\DLADResE.SYS [x]
S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\DLA\DLAIFS_E.SYS [x]
S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\DLA\DLAOPIOE.SYS [x]
S2 DLAPoolE;DLAPoolE;c:\windows\system32\DLA\DLAPoolE.SYS [x]
S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\DLA\DLAUDF_E.SYS [x]
S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\DLA\DLAUDFAE.SYS [x]
S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 TeamViewer6;TeamViewer 6;d:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S3 ALSysIO;ALSysIO;c:\users\Milan\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
——— x86-64 ———–
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-09 171520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"combofix"="c:\combofix\CF577.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
mSearch Bar = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: Interfaces\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
TCP: Interfaces\{AB8621B3-0285-48BA-8FC8-F1846E2DBB3F}: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qvqeg9e1.default\
FF - prefs.js: browser.startup.homepage - www.google.nl
.
- - - - ORPHANS VERWIJDERD - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-{C8755E86-B8E7-4818-87FB-45EFC5539F09} - c:\windows\SysWow64\5878.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-NPSStartup - (no file)
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
WebBrowser-{C8755E86-B8E7-4818-87FB-45EFC5539F09} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-dBpoweramp Dalet Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-Noesis - Advanced Source Level Design - c:\windows\unvise32.exe
AddRemove-PDFTiger_is1 - d:\program files (x86)\PDFTiger\unins000.exe
AddRemove-SurfOffline Professional 2 - k:\program files (x86)\SurfOffline Professional 2\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
———————— Andere Aktieve Processen ————————
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\Sitecom\Common\RegistryWriter.exe
c:\program files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
.
**************************************************************************
.
Voltooingstijd: 2012-01-07 14:07:13 - machine werd herstart
ComboFix-quarantined-files.txt 2012-01-07 13:07
.
Pre-Run: 105.177.321.472 bytes beschikbaar
Post-Run: 109.302.394.880 bytes beschikbaar
.
- - End Of File - - BD054E258D418A870BED827386D9ABDB

We gebruiken wederom ComboFix:

zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:8fe45471d2]Kladblok (of Notepad)[/b:8fe45471d2]".

Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


[b:8fe45471d2]

Bij het starten van combofix zei het programma dat er een update was en ik liet het hem die downloaden. Daarna startte combofix zichzelf opnieuw op en begon de scan zoals gewoonlijk. Na de scan is het CFScript bestand verwijderd. Hij heeft ook het ask.com mapje verwijderd. Ik snap niet wat je bedoelt met kleurcodeerder, maar hier is het log:

ComboFix 12-01-09.07 - Milan 10-01-2012 16:41:09.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2390 [GMT 1:00]
Gestart vanuit: c:\users\Milan\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Milan\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ask.com
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-10 to 2012-01-10 ))))))))))))))))))))))))))))))
.
.
2012-01-10 15:46 . 2012-01-10 15:46 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-01-10 15:46 . 2012-01-10 15:46 ——– d—–w- c:\users\Administrator\AppData\Local\temp
2012-01-10 15:34 . 2012-01-10 15:34 626688 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-10 15:34 . 2012-01-10 15:34 548864 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-10 15:34 . 2012-01-10 15:34 479232 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-10 15:34 . 2012-01-10 15:34 43992 —-a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-05 14:14 . 2012-01-05 14:14 ——– d—–w- c:\program files (x86)\LogMeIn Hamachi
2012-01-04 15:31 . 2012-01-04 15:31 ——– d—–w- c:\users\Milan\AppData\Roaming\Image-Line
2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\programdata\Skyline
2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\program files (x86)\Skyline
2011-12-27 17:23 . 2011-12-27 17:23 ——– d—–w- c:\program files (x86)\TeamViewer
2011-12-15 15:41 . 2011-12-15 16:24 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server
2011-12-15 07:39 . 2011-10-26 05:21 43520 —-a-w- c:\windows\system32\csrsrv.dll
2011-12-15 07:39 . 2011-11-05 05:41 1188864 —-a-w- c:\windows\system32\wininet.dll
2011-12-15 04:39 . 2011-12-15 04:39 42392 —-a-w- c:\windows\SysWow64\xfcodec.dll
2011-12-15 04:39 . 2011-12-15 04:39 28056 —-a-w- c:\windows\system32\xfcodec64.dll
2011-12-14 17:50 . 2011-12-14 17:51 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server ernis 1.0.0
2011-12-14 16:03 . 2011-12-14 16:03 ——– d—–w- c:\program files\iPod
2011-12-14 16:03 . 2011-12-14 16:04 ——– d—–w- c:\program files\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-29 13:17 . 2011-11-29 13:17 159744 —-a-w- c:\windows\system32\atiapfxx.exe
2011-11-29 13:17 . 2011-11-29 13:17 39936 —-a-w- c:\windows\system32\atig6txx.dll
2011-11-29 13:17 . 2011-11-29 13:17 31744 —-a-w- c:\windows\SysWow64\atiuxpag.dll
2011-11-29 13:17 . 2011-11-29 13:17 10207232 —-a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-29 13:17 . 2011-11-29 13:17 51200 —-a-w- c:\windows\system32\aticalrt64.dll
2011-11-29 13:17 . 2011-11-29 13:17 120320 —-a-w- c:\windows\system32\atitmm64.dll
2011-11-29 13:17 . 2011-11-29 13:17 356352 —-a-w- c:\windows\SysWow64\atipdlxx.dll
2011-11-29 13:17 . 2010-12-27 15:39 38912 —-a-w- c:\windows\system32\atiu9p64.dll
2011-11-29 13:17 . 2011-11-29 13:17 278528 —-a-w- c:\windows\SysWow64\Oemdspif.dll
2011-11-29 13:17 . 2011-11-29 13:17 1828864 —-a-w- c:\windows\SysWow64\atiumdmv.dll
2011-11-29 13:17 . 2011-11-29 13:17 8391680 —-a-w- c:\windows\SysWow64\aticaldd.dll
2011-11-29 13:17 . 2011-11-29 13:16 18630656 —-a-w- c:\windows\SysWow64\atioglxx.dll
2011-11-29 13:17 . 2010-12-27 15:42 40960 —-a-w- c:\windows\system32\atiuxp64.dll
2011-11-29 13:17 . 2011-11-29 13:17 17408 —-a-w- c:\windows\system32\atig6pxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 4231680 —-a-w- c:\windows\SysWow64\atidxx32.dll
2011-11-29 13:17 . 2011-11-29 13:17 32768 —-a-w- c:\windows\SysWow64\atigktxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\atimpc32.dll
2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\amdpcom32.dll
2011-11-29 13:17 . 2011-11-29 13:17 1113088 —-a-w- c:\windows\system32\atiumd6v.dll
2011-11-29 13:17 . 2011-09-08 17:05 4289024 —-a-w- c:\windows\SysWow64\atiumdag.dll
2011-11-29 13:17 . 2010-12-27 15:41 479744 —-a-w- c:\windows\system32\atiadlxx.dll
2011-11-29 13:17 . 2010-12-27 15:41 58880 —-a-w- c:\windows\system32\coinst.dll
2011-11-29 13:17 . 2011-11-29 13:16 24629760 —-a-w- c:\windows\system32\atio6axx.dll
2011-11-29 13:17 . 2011-11-29 13:17 46080 —-a-w- c:\windows\SysWow64\aticalrt.dll
2011-11-29 13:17 . 2009-11-04 15:31 4960768 —-a-w- c:\windows\system32\atidxx64.dll
2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\atimpc64.dll
2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\amdpcom64.dll
2011-11-29 13:17 . 2010-12-27 15:42 736768 —-a-w- c:\windows\SysWow64\aticfx32.dll
2011-11-29 13:17 . 2010-12-27 15:41 867328 —-a-w- c:\windows\system32\aticfx64.dll
2011-11-29 13:17 . 2011-11-29 13:17 53248 —-a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-29 13:17 . 2011-11-29 13:17 466944 —-a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-29 13:17 . 2011-11-29 13:17 317952 —-a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\SysWow64\atiglpxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\system32\atiglpxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 487936 —-a-w- c:\windows\system32\atieclxx.exe
2011-11-29 13:17 . 2011-09-08 17:08 4174848 —-a-w- c:\windows\SysWow64\atiumdva.dll
2011-11-29 13:17 . 2011-11-29 13:17 44032 —-a-w- c:\windows\SysWow64\aticalcl.dll
2011-11-29 13:17 . 2010-12-27 15:39 29184 —-a-w- c:\windows\SysWow64\atiu9pag.dll
2011-11-29 13:17 . 2011-11-29 13:16 9877504 —-a-w- c:\windows\system32\aticaldd64.dll
2011-11-29 13:16 . 2011-11-29 13:16 423424 —-a-w- c:\windows\system32\atipdl64.dll
2011-11-29 13:16 . 2011-11-29 13:16 21504 —-a-w- c:\windows\system32\atimuixx.dll
2011-11-29 13:16 . 2011-09-13 17:10 5431808 —-a-w- c:\windows\system32\atiumd64.dll
2011-11-29 13:16 . 2011-11-29 13:16 43520 —-a-w- c:\windows\SysWow64\ati2edxx.dll
2011-11-29 13:16 . 2011-11-29 13:16 335872 —-a-w- c:\windows\SysWow64\atiadlxy.dll
2011-11-29 13:16 . 2011-11-29 13:16 44544 —-a-w- c:\windows\system32\aticalcl64.dll
2011-11-29 13:16 . 2011-11-29 13:16 204288 —-a-w- c:\windows\system32\atiesrxx.exe
2011-11-29 13:16 . 2011-11-29 13:16 59392 —-a-w- c:\windows\system32\atiedu64.dll
2011-11-29 13:16 . 2011-09-13 17:10 4023296 —-a-w- c:\windows\system32\atiumd6a.dll
2011-11-26 14:19 . 2011-05-28 17:53 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-10 04:54 . 2010-05-02 19:41 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut5_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut3_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut2_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-20 23:26 . 2011-10-20 23:26 94208 —-a-w- c:\windows\SysWow64\dpl100.dll
2011-10-20 17:01 . 2011-10-20 17:01 3584 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2006-05-03 10:06 163328 –sh–r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 –sh–r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 –sh–r- c:\windows\SysWOW64\nbDX.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-07_13.01.27 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-01-05 14:19 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-10 14:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-01-05 14:19 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-10 14:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-05 14:19 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-10 14:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-09 09:11 . 2012-01-07 13:12 67994 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-01-07 13:12 52608 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-09 16:14 . 2012-01-07 13:12 24500 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3084355964-2815494572-3805623885-1000_UserData.bin
+ 2010-01-06 08:35 . 2012-01-07 13:11 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-06 08:35 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-06 08:35 . 2012-01-07 13:01 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-06 08:35 . 2012-01-07 13:11 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-07 13:11 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-09 18:41 . 2012-01-07 13:11 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-01-08 17:35 18784 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-01-09 18:41 . 2012-01-05 14:15 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-09 18:41 . 2012-01-07 13:11 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-09 18:41 . 2012-01-07 13:11 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-09 18:41 . 2012-01-07 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-09 18:41 . 2012-01-10 15:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-09 18:41 . 2012-01-10 15:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-09 18:41 . 2012-01-07 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-01-07 13:10 . 2012-01-07 13:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-07 13:10 . 2012-01-07 13:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-12-08 15:28 . 2011-12-08 15:27 157472 c:\windows\SysWOW64\javaws.exe
+ 2012-01-08 13:38 . 2011-11-10 04:54 157472 c:\windows\SysWOW64\javaws.exe
+ 2012-01-08 13:38 . 2011-11-10 04:54 149280 c:\windows\SysWOW64\javaw.exe
+ 2012-01-08 13:38 . 2011-11-10 04:54 149280 c:\windows\SysWOW64\java.exe
+ 2010-01-26 14:54 . 2012-01-09 16:17 493302 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
- 2009-07-14 05:01 . 2012-01-07 12:59 554576 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-01-07 13:09 554576 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
c:\program files (x86)\Ask.com\GenericAskToolbar.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{C8755E86-B8E7-4818-87FB-45EFC5539F09}"= "c:\windows\SysWow64\5878.dll" [BU]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{c8755e86-b8e7-4818-87fb-45efc5539f09}]
[HKEY_CLASSES_ROOT\TypeLib\{B8C9134F-753E-4C8A-A185-0BA27A69B9CB}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"="k:\program files (x86)\BitLord\BitLord.exe" [2005-05-07 2224128]
"Steam"="d:\program files (x86)\PacSteamT\steam.exe" [2011-08-15 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="k:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AOD"="c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" [2011-07-28 361984]
.
c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ToolBox.lnk - d:\program files (x86)\ToolBox v2.97j\toolbox.exe [2011-7-7 2193408]
Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-12-15 3527576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-3-14 113664]
Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe [2010-1-22 1773568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Webzen\ArchLord\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [x]
R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2010-09-10 348160]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 DLACDBHE;DLACDBHE;c:\windows\system32\Drivers\DLACDBHE.SYS [x]
S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS [x]
S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 DLABMFSE;DLABMFSE;c:\windows\system32\DLA\DLABMFSE.SYS [x]
S2 DLABOIOE;DLABOIOE;c:\windows\system32\DLA\DLABOIOE.SYS [x]
S2 DLADResE;DLADResE;c:\windows\system32\DLA\DLADResE.SYS [x]
S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\DLA\DLAIFS_E.SYS [x]
S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\DLA\DLAOPIOE.SYS [x]
S2 DLAPoolE;DLAPoolE;c:\windows\system32\DLA\DLAPoolE.SYS [x]
S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\DLA\DLAUDF_E.SYS [x]
S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\DLA\DLAUDFAE.SYS [x]
S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 TeamViewer6;TeamViewer 6;d:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S3 ALSysIO;ALSysIO;c:\users\Milan\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
——— x86-64 ———–
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-09 171520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
mSearch Bar = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: Interfaces\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
TCP: Interfaces\{AB8621B3-0285-48BA-8FC8-F1846E2DBB3F}: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qvqeg9e1.default\
FF - prefs.js: browser.startup.homepage - www.google.nl
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-01-10 16:49:16
ComboFix-quarantined-files.txt 2012-01-10 15:49
ComboFix2.txt 2012-01-07 13:07
.
Pre-Run: 111.687.262.208 bytes beschikbaar
Post-Run: 111.163.908.096 bytes beschikbaar
.
- - End Of File - - F205CC794ACF8AE140E5AE25D32FA013

Voer het script nogmaals uit!

Combofix blijft het CFScript.txt bestand verwijderen.. Hier de log:

ComboFix 12-01-12.02 - Milan 12-01-2012 15:57:10.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2418 [GMT 1:00]
Gestart vanuit: c:\users\Milan\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Milan\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-12 to 2012-01-12 ))))))))))))))))))))))))))))))
.
.
2012-01-12 15:05 . 2012-01-12 15:05 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-01-12 15:05 . 2012-01-12 15:05 ——– d—–w- c:\users\Administrator\AppData\Local\temp
2012-01-12 14:48 . 2012-01-12 14:48 ——– d—–w- c:\program files (x86)\Common Files\Java
2012-01-11 15:41 . 2011-10-26 05:25 1572864 —-a-w- c:\windows\system32\quartz.dll
2012-01-11 15:41 . 2011-10-26 05:25 366592 —-a-w- c:\windows\system32\qdvd.dll
2012-01-11 15:41 . 2011-10-26 04:32 514560 —-a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 15:41 . 2011-10-26 04:32 1328128 —-a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 15:41 . 2011-11-17 06:41 1731920 —-a-w- c:\windows\system32\ntdll.dll
2012-01-11 15:41 . 2011-11-17 05:38 1292080 —-a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 15:41 . 2011-11-19 14:58 77312 —-a-w- c:\windows\system32\packager.dll
2012-01-11 15:41 . 2011-11-19 14:01 67072 —-a-w- c:\windows\SysWow64\packager.dll
2012-01-10 15:34 . 2012-01-10 15:34 626688 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-10 15:34 . 2012-01-10 15:34 548864 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-10 15:34 . 2012-01-10 15:34 479232 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-10 15:34 . 2012-01-10 15:34 43992 —-a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-05 14:14 . 2012-01-05 14:14 ——– d—–w- c:\program files (x86)\LogMeIn Hamachi
2012-01-04 15:31 . 2012-01-04 15:31 ——– d—–w- c:\users\Milan\AppData\Roaming\Image-Line
2012-01-03 07:22 . 2012-01-03 07:22 103864 —-a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 07:22 . 2012-01-03 07:22 103864 —-a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\programdata\Skyline
2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\program files (x86)\Skyline
2011-12-27 17:23 . 2011-12-27 17:23 ——– d—–w- c:\program files (x86)\TeamViewer
2011-12-15 15:41 . 2011-12-15 16:24 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server
2011-12-15 07:39 . 2011-10-26 05:21 43520 —-a-w- c:\windows\system32\csrsrv.dll
2011-12-15 07:39 . 2011-11-05 05:41 1188864 —-a-w- c:\windows\system32\wininet.dll
2011-12-15 04:39 . 2011-12-15 04:39 42392 —-a-w- c:\windows\SysWow64\xfcodec.dll
2011-12-15 04:39 . 2011-12-15 04:39 28056 —-a-w- c:\windows\system32\xfcodec64.dll
2011-12-14 17:50 . 2011-12-14 17:51 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server ernis 1.0.0
2011-12-14 16:03 . 2011-12-14 16:03 ——– d—–w- c:\program files\iPod
2011-12-14 16:03 . 2011-12-14 16:04 ——– d—–w- c:\program files\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-12 14:47 . 2010-05-02 19:41 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
2011-11-29 13:17 . 2011-11-29 13:17 159744 —-a-w- c:\windows\system32\atiapfxx.exe
2011-11-29 13:17 . 2011-11-29 13:17 39936 —-a-w- c:\windows\system32\atig6txx.dll
2011-11-29 13:17 . 2011-11-29 13:17 31744 —-a-w- c:\windows\SysWow64\atiuxpag.dll
2011-11-29 13:17 . 2011-11-29 13:17 10207232 —-a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-29 13:17 . 2011-11-29 13:17 51200 —-a-w- c:\windows\system32\aticalrt64.dll
2011-11-29 13:17 . 2011-11-29 13:17 120320 —-a-w- c:\windows\system32\atitmm64.dll
2011-11-29 13:17 . 2011-11-29 13:17 356352 —-a-w- c:\windows\SysWow64\atipdlxx.dll
2011-11-29 13:17 . 2010-12-27 15:39 38912 —-a-w- c:\windows\system32\atiu9p64.dll
2011-11-29 13:17 . 2011-11-29 13:17 278528 —-a-w- c:\windows\SysWow64\Oemdspif.dll
2011-11-29 13:17 . 2011-11-29 13:17 1828864 —-a-w- c:\windows\SysWow64\atiumdmv.dll
2011-11-29 13:17 . 2011-11-29 13:17 8391680 —-a-w- c:\windows\SysWow64\aticaldd.dll
2011-11-29 13:17 . 2011-11-29 13:16 18630656 —-a-w- c:\windows\SysWow64\atioglxx.dll
2011-11-29 13:17 . 2010-12-27 15:42 40960 —-a-w- c:\windows\system32\atiuxp64.dll
2011-11-29 13:17 . 2011-11-29 13:17 17408 —-a-w- c:\windows\system32\atig6pxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 4231680 —-a-w- c:\windows\SysWow64\atidxx32.dll
2011-11-29 13:17 . 2011-11-29 13:17 32768 —-a-w- c:\windows\SysWow64\atigktxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\atimpc32.dll
2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\amdpcom32.dll
2011-11-29 13:17 . 2011-11-29 13:17 1113088 —-a-w- c:\windows\system32\atiumd6v.dll
2011-11-29 13:17 . 2011-09-08 17:05 4289024 —-a-w- c:\windows\SysWow64\atiumdag.dll
2011-11-29 13:17 . 2010-12-27 15:41 479744 —-a-w- c:\windows\system32\atiadlxx.dll
2011-11-29 13:17 . 2010-12-27 15:41 58880 —-a-w- c:\windows\system32\coinst.dll
2011-11-29 13:17 . 2011-11-29 13:16 24629760 —-a-w- c:\windows\system32\atio6axx.dll
2011-11-29 13:17 . 2011-11-29 13:17 46080 —-a-w- c:\windows\SysWow64\aticalrt.dll
2011-11-29 13:17 . 2009-11-04 15:31 4960768 —-a-w- c:\windows\system32\atidxx64.dll
2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\atimpc64.dll
2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\amdpcom64.dll
2011-11-29 13:17 . 2010-12-27 15:42 736768 —-a-w- c:\windows\SysWow64\aticfx32.dll
2011-11-29 13:17 . 2010-12-27 15:41 867328 —-a-w- c:\windows\system32\aticfx64.dll
2011-11-29 13:17 . 2011-11-29 13:17 53248 —-a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-29 13:17 . 2011-11-29 13:17 466944 —-a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-29 13:17 . 2011-11-29 13:17 317952 —-a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\SysWow64\atiglpxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\system32\atiglpxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 487936 —-a-w- c:\windows\system32\atieclxx.exe
2011-11-29 13:17 . 2011-09-08 17:08 4174848 —-a-w- c:\windows\SysWow64\atiumdva.dll
2011-11-29 13:17 . 2011-11-29 13:17 44032 —-a-w- c:\windows\SysWow64\aticalcl.dll
2011-11-29 13:17 . 2010-12-27 15:39 29184 —-a-w- c:\windows\SysWow64\atiu9pag.dll
2011-11-29 13:17 . 2011-11-29 13:16 9877504 —-a-w- c:\windows\system32\aticaldd64.dll
2011-11-29 13:16 . 2011-11-29 13:16 423424 —-a-w- c:\windows\system32\atipdl64.dll
2011-11-29 13:16 . 2011-11-29 13:16 21504 —-a-w- c:\windows\system32\atimuixx.dll
2011-11-29 13:16 . 2011-09-13 17:10 5431808 —-a-w- c:\windows\system32\atiumd64.dll
2011-11-29 13:16 . 2011-11-29 13:16 43520 —-a-w- c:\windows\SysWow64\ati2edxx.dll
2011-11-29 13:16 . 2011-11-29 13:16 335872 —-a-w- c:\windows\SysWow64\atiadlxy.dll
2011-11-29 13:16 . 2011-11-29 13:16 44544 —-a-w- c:\windows\system32\aticalcl64.dll
2011-11-29 13:16 . 2011-11-29 13:16 204288 —-a-w- c:\windows\system32\atiesrxx.exe
2011-11-29 13:16 . 2011-11-29 13:16 59392 —-a-w- c:\windows\system32\atiedu64.dll
2011-11-29 13:16 . 2011-09-13 17:10 4023296 —-a-w- c:\windows\system32\atiumd6a.dll
2011-11-26 14:19 . 2011-05-28 17:53 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut5_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut3_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut2_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-20 23:26 . 2011-10-20 23:26 94208 —-a-w- c:\windows\SysWow64\dpl100.dll
2011-10-20 17:01 . 2011-10-20 17:01 3584 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2006-05-03 10:06 163328 –sh–r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 –sh–r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 –sh–r- c:\windows\SysWOW64\nbDX.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-07_13.01.27 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-01-12 08:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-01-05 14:19 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-01-05 14:19 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-12 08:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-05 14:19 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-12 08:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-09 09:11 . 2012-01-07 13:12 67994 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-01-12 14:41 52624 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-09 16:14 . 2012-01-12 14:41 24532 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3084355964-2815494572-3805623885-1000_UserData.bin
+ 2010-01-06 08:35 . 2012-01-12 14:39 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-06 08:35 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-06 08:35 . 2012-01-12 14:39 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-06 08:35 . 2012-01-07 13:01 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-12 14:39 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-09 18:41 . 2012-01-12 14:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-01-12 14:50 92488 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-01-09 18:41 . 2012-01-12 14:41 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-09 18:41 . 2012-01-05 14:15 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-09 18:41 . 2012-01-12 14:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-09 18:41 . 2012-01-12 14:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-09 18:41 . 2012-01-07 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-09 18:41 . 2012-01-07 12:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-09 18:41 . 2012-01-12 14:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-12 14:38 . 2012-01-12 14:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-12 14:38 . 2012-01-12 14:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-15 12:52 . 2011-02-18 05:41 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-01-11 15:41 . 2011-10-14 04:24 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-01-12 14:48 . 2012-01-12 14:47 157472 c:\windows\SysWOW64\javaws.exe
- 2011-12-08 15:28 . 2011-12-08 15:27 157472 c:\windows\SysWOW64\javaws.exe
+ 2012-01-12 14:48 . 2012-01-12 14:47 149280 c:\windows\SysWOW64\javaw.exe
+ 2012-01-12 14:48 . 2012-01-12 14:47 149280 c:\windows\SysWOW64\java.exe
+ 2010-01-26 14:54 . 2012-01-12 14:34 494238 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2012-01-11 15:41 . 2011-10-14 05:31 918528 c:\windows\system32\jscript.dll
+ 2009-07-14 05:01 . 2012-01-12 14:36 554576 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-01-07 12:59 554576 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-12 14:48 . 2012-01-12 14:48 207360 c:\windows\Installer\80ad5.msi
- 2009-07-14 04:45 . 2011-12-16 18:46 7202288 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-01-12 14:49 7202288 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2012-01-04 08:57 . 2012-01-04 08:57 4001792 c:\windows\Installer\15e02dc9.msi
+ 2009-07-14 02:34 . 2012-01-12 14:36 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2011-12-16 18:37 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2010-05-08 22:42 . 2012-01-12 14:36 51904308 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3084355964-2815494572-3805623885-1000-8192.dat
+ 2012-01-12 14:45 . 2012-01-12 14:45 12905472 c:\windows\Installer\80acd.msi
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
c:\program files (x86)\Ask.com\GenericAskToolbar.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{C8755E86-B8E7-4818-87FB-45EFC5539F09}"= "c:\windows\SysWow64\5878.dll" [BU]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{c8755e86-b8e7-4818-87fb-45efc5539f09}]
[HKEY_CLASSES_ROOT\TypeLib\{B8C9134F-753E-4C8A-A185-0BA27A69B9CB}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"="k:\program files (x86)\BitLord\BitLord.exe" [2005-05-07 2224128]
"Steam"="d:\program files (x86)\PacSteamT\steam.exe" [2011-08-15 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="k:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AOD"="c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" [2011-07-28 361984]
.
c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ToolBox.lnk - d:\program files (x86)\ToolBox v2.97j\toolbox.exe [2011-7-7 2193408]
Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-12-15 3527576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-3-14 113664]
Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe [2010-1-22 1773568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Webzen\ArchLord\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [x]
R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2010-09-10 348160]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 DLACDBHE;DLACDBHE;c:\windows\system32\Drivers\DLACDBHE.SYS [x]
S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS [x]
S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 DLABMFSE;DLABMFSE;c:\windows\system32\DLA\DLABMFSE.SYS [x]
S2 DLABOIOE;DLABOIOE;c:\windows\system32\DLA\DLABOIOE.SYS [x]
S2 DLADResE;DLADResE;c:\windows\system32\DLA\DLADResE.SYS [x]
S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\DLA\DLAIFS_E.SYS [x]
S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\DLA\DLAOPIOE.SYS [x]
S2 DLAPoolE;DLAPoolE;c:\windows\system32\DLA\DLAPoolE.SYS [x]
S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\DLA\DLAUDF_E.SYS [x]
S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\DLA\DLAUDFAE.SYS [x]
S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 TeamViewer6;TeamViewer 6;d:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S3 ALSysIO;ALSysIO;c:\users\Milan\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
——— x86-64 ———–
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-09 171520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
mSearch Bar = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
TCP: Interfaces\{AB8621B3-0285-48BA-8FC8-F1846E2DBB3F}: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qvqeg9e1.default\
FF - prefs.js: browser.startup.homepage - www.google.nl
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-01-12 16:08:11
ComboFix-quarantined-files.txt 2012-01-12 15:08
ComboFix2.txt 2012-01-10 15:49
ComboFix3.txt 2012-01-07 13:07
.
Pre-Run: 110.467.461.120 bytes beschikbaar
Post-Run: 109.926.088.704 bytes beschikbaar
.
- - End Of File - - ADD38B98B86045F5A9C6E6789C417E87

Hallo David, voordat we ComboFix weer gaan gebruiken, doe nu eerst het volgende:

a) verwijder ComboFix.exe van jouw bureaublad en leeg vervolgens de prullenbak.
b) download CombiFix opnieuw naar jouw bureaublad - [b:1cb963c88e]Bleepingcomputer[/b:1cb963c88e]


Zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:1cb963c88e]Kladblok (of Notepad)[/b:1cb963c88e]".

Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


[b:1cb963c88e]

CFScript is weer verwijderd door het programma en het probleem is er nog. Verder niets bijzonders. hier de log:

ComboFix 12-01-13.03 - Milan 13-01-2012 16:29:15.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2454 [GMT 1:00]
Gestart vanuit: c:\users\Milan\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Milan\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Ask.com\GenericAskToolbar.dl"
"c:\windows\Installer\15e02dc9.msi"
"c:\windows\Installer\80acd.msi"
"c:\windows\Installer\80ad5.msi"
"c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3084355964-2815494572-3805623885-1000-8192.dat"
"c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat"
"c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat"
"c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat"
"c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat"
"c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat"
"c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat"
"c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat"
"c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat"
"c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat"
"c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat"
"c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat"
"c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat"
"c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat"
"c:\windows\system32\jscript.dll"
"c:\windows\system32\SMI\Store\Machine\schema.dat"
"c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3084355964-2815494572-3805623885-1000_UserData.bin"
"c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin"
"c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin"
"c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin"
"c:\windows\SysWow64\5878.dll"
"c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat"
"c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat"
"c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat"
"c:\windows\SysWOW64\java.exe"
"c:\windows\SysWOW64\javaw.exe"
"c:\windows\SysWOW64\javaws.exe"
"c:\windows\SysWOW64\jscript.dll"
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Installer\15e02dc9.msi
c:\windows\Installer\80acd.msi
c:\windows\Installer\80ad5.msi
c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3084355964-2815494572-3805623885-1000-8192.dat
c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
c:\windows\system32\SMI\Store\Machine\schema.dat
c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3084355964-2815494572-3805623885-1000_UserData.bin
c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-12-13 to 2012-01-13 ))))))))))))))))))))))))))))))
.
.
2012-01-13 15:35 . 2012-01-13 15:35 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-01-13 15:35 . 2012-01-13 15:35 ——– d—–w- c:\users\Administrator\AppData\Local\temp
2012-01-12 16:29 . 2012-01-12 16:32 ——– d—–w- c:\users\Milan\AppData\Roaming\Trine2
2012-01-12 14:48 . 2012-01-12 14:48 ——– d—–w- c:\program files (x86)\Common Files\Java
2012-01-11 15:41 . 2011-10-26 05:25 1572864 —-a-w- c:\windows\system32\quartz.dll
2012-01-11 15:41 . 2011-10-26 05:25 366592 —-a-w- c:\windows\system32\qdvd.dll
2012-01-11 15:41 . 2011-10-26 04:32 514560 —-a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 15:41 . 2011-10-26 04:32 1328128 —-a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 15:41 . 2011-11-17 06:41 1731920 —-a-w- c:\windows\system32\ntdll.dll
2012-01-11 15:41 . 2011-11-17 05:38 1292080 —-a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 15:41 . 2011-11-19 14:58 77312 —-a-w- c:\windows\system32\packager.dll
2012-01-11 15:41 . 2011-11-19 14:01 67072 —-a-w- c:\windows\SysWow64\packager.dll
2012-01-10 15:34 . 2012-01-10 15:34 626688 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-10 15:34 . 2012-01-10 15:34 548864 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-10 15:34 . 2012-01-10 15:34 479232 —-a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-10 15:34 . 2012-01-10 15:34 43992 —-a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-05 14:14 . 2012-01-05 14:14 ——– d—–w- c:\program files (x86)\LogMeIn Hamachi
2012-01-04 15:31 . 2012-01-04 15:31 ——– d—–w- c:\users\Milan\AppData\Roaming\Image-Line
2012-01-03 07:22 . 2012-01-03 07:22 103864 —-a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 07:22 . 2012-01-03 07:22 103864 —-a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\programdata\Skyline
2011-12-31 19:13 . 2011-12-31 19:13 ——– d—–w- c:\program files (x86)\Skyline
2011-12-27 17:23 . 2011-12-27 17:23 ——– d—–w- c:\program files (x86)\TeamViewer
2011-12-15 15:41 . 2011-12-15 16:24 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server
2011-12-15 07:39 . 2011-10-26 05:21 43520 —-a-w- c:\windows\system32\csrsrv.dll
2011-12-15 07:39 . 2011-11-05 05:41 1188864 —-a-w- c:\windows\system32\wininet.dll
2011-12-15 04:39 . 2011-12-15 04:39 42392 —-a-w- c:\windows\SysWow64\xfcodec.dll
2011-12-15 04:39 . 2011-12-15 04:39 28056 —-a-w- c:\windows\system32\xfcodec64.dll
2011-12-14 17:50 . 2011-12-14 17:51 ——– d—–w- c:\users\Milan\AppData\Roaming\.minecraft server ernis 1.0.0
2011-12-14 16:03 . 2011-12-14 16:03 ——– d—–w- c:\program files\iPod
2011-12-14 16:03 . 2011-12-14 16:04 ——– d—–w- c:\program files\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-12 14:47 . 2010-05-02 19:41 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
2011-11-29 13:17 . 2011-11-29 13:17 159744 —-a-w- c:\windows\system32\atiapfxx.exe
2011-11-29 13:17 . 2011-11-29 13:17 39936 —-a-w- c:\windows\system32\atig6txx.dll
2011-11-29 13:17 . 2011-11-29 13:17 31744 —-a-w- c:\windows\SysWow64\atiuxpag.dll
2011-11-29 13:17 . 2011-11-29 13:17 10207232 —-a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-29 13:17 . 2011-11-29 13:17 51200 —-a-w- c:\windows\system32\aticalrt64.dll
2011-11-29 13:17 . 2011-11-29 13:17 120320 —-a-w- c:\windows\system32\atitmm64.dll
2011-11-29 13:17 . 2011-11-29 13:17 356352 —-a-w- c:\windows\SysWow64\atipdlxx.dll
2011-11-29 13:17 . 2010-12-27 15:39 38912 —-a-w- c:\windows\system32\atiu9p64.dll
2011-11-29 13:17 . 2011-11-29 13:17 278528 —-a-w- c:\windows\SysWow64\Oemdspif.dll
2011-11-29 13:17 . 2011-11-29 13:17 1828864 —-a-w- c:\windows\SysWow64\atiumdmv.dll
2011-11-29 13:17 . 2011-11-29 13:17 8391680 —-a-w- c:\windows\SysWow64\aticaldd.dll
2011-11-29 13:17 . 2011-11-29 13:16 18630656 —-a-w- c:\windows\SysWow64\atioglxx.dll
2011-11-29 13:17 . 2010-12-27 15:42 40960 —-a-w- c:\windows\system32\atiuxp64.dll
2011-11-29 13:17 . 2011-11-29 13:17 17408 —-a-w- c:\windows\system32\atig6pxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 4231680 —-a-w- c:\windows\SysWow64\atidxx32.dll
2011-11-29 13:17 . 2011-11-29 13:17 32768 —-a-w- c:\windows\SysWow64\atigktxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\atimpc32.dll
2011-11-29 13:17 . 2011-11-29 13:17 53760 —-a-w- c:\windows\SysWow64\amdpcom32.dll
2011-11-29 13:17 . 2011-11-29 13:17 1113088 —-a-w- c:\windows\system32\atiumd6v.dll
2011-11-29 13:17 . 2011-09-08 17:05 4289024 —-a-w- c:\windows\SysWow64\atiumdag.dll
2011-11-29 13:17 . 2010-12-27 15:41 479744 —-a-w- c:\windows\system32\atiadlxx.dll
2011-11-29 13:17 . 2010-12-27 15:41 58880 —-a-w- c:\windows\system32\coinst.dll
2011-11-29 13:17 . 2011-11-29 13:16 24629760 —-a-w- c:\windows\system32\atio6axx.dll
2011-11-29 13:17 . 2011-11-29 13:17 46080 —-a-w- c:\windows\SysWow64\aticalrt.dll
2011-11-29 13:17 . 2009-11-04 15:31 4960768 —-a-w- c:\windows\system32\atidxx64.dll
2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\atimpc64.dll
2011-11-29 13:17 . 2011-11-29 13:17 54784 —-a-w- c:\windows\system32\amdpcom64.dll
2011-11-29 13:17 . 2010-12-27 15:42 736768 —-a-w- c:\windows\SysWow64\aticfx32.dll
2011-11-29 13:17 . 2010-12-27 15:41 867328 —-a-w- c:\windows\system32\aticfx64.dll
2011-11-29 13:17 . 2011-11-29 13:17 53248 —-a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-29 13:17 . 2011-11-29 13:17 466944 —-a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-29 13:17 . 2011-11-29 13:17 317952 —-a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\SysWow64\atiglpxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 14336 —-a-w- c:\windows\system32\atiglpxx.dll
2011-11-29 13:17 . 2011-11-29 13:17 487936 —-a-w- c:\windows\system32\atieclxx.exe
2011-11-29 13:17 . 2011-09-08 17:08 4174848 —-a-w- c:\windows\SysWow64\atiumdva.dll
2011-11-29 13:17 . 2011-11-29 13:17 44032 —-a-w- c:\windows\SysWow64\aticalcl.dll
2011-11-29 13:17 . 2010-12-27 15:39 29184 —-a-w- c:\windows\SysWow64\atiu9pag.dll
2011-11-29 13:17 . 2011-11-29 13:16 9877504 —-a-w- c:\windows\system32\aticaldd64.dll
2011-11-29 13:16 . 2011-11-29 13:16 423424 —-a-w- c:\windows\system32\atipdl64.dll
2011-11-29 13:16 . 2011-11-29 13:16 21504 —-a-w- c:\windows\system32\atimuixx.dll
2011-11-29 13:16 . 2011-09-13 17:10 5431808 —-a-w- c:\windows\system32\atiumd64.dll
2011-11-29 13:16 . 2011-11-29 13:16 43520 —-a-w- c:\windows\SysWow64\ati2edxx.dll
2011-11-29 13:16 . 2011-11-29 13:16 335872 —-a-w- c:\windows\SysWow64\atiadlxy.dll
2011-11-29 13:16 . 2011-11-29 13:16 44544 —-a-w- c:\windows\system32\aticalcl64.dll
2011-11-29 13:16 . 2011-11-29 13:16 204288 —-a-w- c:\windows\system32\atiesrxx.exe
2011-11-29 13:16 . 2011-11-29 13:16 59392 —-a-w- c:\windows\system32\atiedu64.dll
2011-11-29 13:16 . 2011-09-13 17:10 4023296 —-a-w- c:\windows\system32\atiumd6a.dll
2011-11-26 14:19 . 2011-05-28 17:53 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut5_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut4_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut3_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-21 11:26 . 2011-10-21 11:26 65536 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\NewShortcut2_0CE1A6C0F3F749E68F9D2431F9827441.exe
2011-10-20 23:26 . 2011-10-20 23:26 94208 —-a-w- c:\windows\SysWow64\dpl100.dll
2011-10-20 17:01 . 2011-10-20 17:01 3584 —-a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2006-05-03 10:06 163328 –sh–r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 –sh–r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 –sh–r- c:\windows\SysWOW64\nbDX.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-07_13.01.27 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-06 08:35 . 2012-01-13 06:50 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-06 08:35 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-06 08:35 . 2012-01-07 13:01 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-06 08:35 . 2012-01-13 06:50 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-07 13:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-13 06:50 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-09 18:41 . 2012-01-12 15:13 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-09 18:41 . 2012-01-12 15:13 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-09 18:41 . 2012-01-05 14:15 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-09 18:41 . 2012-01-05 14:15 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-09 18:41 . 2012-01-12 15:13 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-01-12 14:50 . 2011-12-25 20:40 43280 c:\windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_wp.exe
+ 2012-01-12 14:50 . 2011-12-25 20:42 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2011-10-14 13:38 . 2011-10-14 13:38 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\e6aabbfb38a14559712fdf51064ff3a1\Microsoft.VisualC.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\e6aabbfb38a14559712fdf51064ff3a1\Microsoft.VisualC.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\d301e1d96d4f39f15482db09206f1fb1\Accessibility.ni.dll
- 2011-10-14 13:40 . 2011-10-14 13:40 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\d301e1d96d4f39f15482db09206f1fb1\Accessibility.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\3cb6023aa6ab962babcee9c0ec8991de\Microsoft.VisualC.ni.dll
- 2011-10-14 13:49 . 2011-10-14 13:49 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\3cb6023aa6ab962babcee9c0ec8991de\Microsoft.VisualC.ni.dll
- 2011-10-14 13:51 . 2011-10-14 13:51 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll
+ 2012-01-12 15:11 . 2012-01-12 15:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-12 15:11 . 2012-01-12 15:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-01-07 13:00 . 2012-01-07 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-15 12:52 . 2011-02-18 05:41 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-01-11 15:41 . 2011-10-14 04:24 716800 c:\windows\SysWOW64\jscript.dll
- 2011-12-08 15:28 . 2011-12-08 15:27 157472 c:\windows\SysWOW64\javaws.exe
+ 2012-01-12 14:48 . 2012-01-12 14:47 157472 c:\windows\SysWOW64\javaws.exe
+ 2012-01-12 14:48 . 2012-01-12 14:47 149280 c:\windows\SysWOW64\javaw.exe
+ 2012-01-12 14:48 . 2012-01-12 14:47 149280 c:\windows\SysWOW64\java.exe
+ 2012-01-11 15:41 . 2011-10-14 05:31 918528 c:\windows\system32\jscript.dll
+ 2012-01-12 14:50 . 2011-12-25 20:40 746256 c:\windows\Microsoft.NET\Framework64\v2.0.50727\webengine.dll
+ 2012-01-12 14:50 . 2011-12-25 20:42 437520 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8254.tmp\System.Configuration.Install.dll
- 2011-10-14 13:45 . 2011-10-14 13:45 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\d78f9ad8894e441f38d96697bee1d6fa\System.Web.RegularExpressions.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\d78f9ad8894e441f38d96697bee1d6fa\System.Web.RegularExpressions.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\0e411c30fc2caebb55813b8fa0689d42\System.Web.Abstractions.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\f15a8af412d84b1fd14fc735fb5834f5\System.Transactions.ni.dll
- 2011-10-14 13:44 . 2011-10-14 13:44 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\f15a8af412d84b1fd14fc735fb5834f5\System.Transactions.ni.dll
- 2011-10-14 13:45 . 2011-10-14 13:45 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\8428a82fd82a1ef1d3dab07be67dd78f\System.ServiceProcess.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\8428a82fd82a1ef1d3dab07be67dd78f\System.ServiceProcess.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\a3202e5eeb5c84ca6d5453b50c28e1af\System.Security.ni.dll
- 2011-10-14 13:39 . 2011-10-14 13:39 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\a3202e5eeb5c84ca6d5453b50c28e1af\System.Security.ni.dll
- 2011-10-14 13:42 . 2011-10-14 13:42 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll
- 2011-10-14 13:44 . 2011-10-14 13:44 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\4b0fd98f11e1e243efcfb810c170decf\System.EnterpriseServices.Wrapper.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\4b0fd98f11e1e243efcfb810c170decf\System.EnterpriseServices.Wrapper.dll
+ 2012-01-13 06:54 . 2012-01-13 06:54 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\4026f724cc80f1beb4450d3286d93c0d\System.Drawing.Design.ni.dll
- 2011-10-14 13:45 . 2011-10-14 13:45 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\4026f724cc80f1beb4450d3286d93c0d\System.Drawing.Design.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\ea326d1e49d4824358eb5826fe52921a\System.DirectoryServices.Protocols.ni.dll
- 2011-10-14 13:45 . 2011-10-14 13:45 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\ea326d1e49d4824358eb5826fe52921a\System.DirectoryServices.Protocols.ni.dll
- 2011-10-14 13:45 . 2011-10-14 13:45 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a4757ccc20fa4dac96856aaaea05ffaa\PresentationFramework.Royale.ni.dll
+ 2012-01-13 06:54 . 2012-01-13 06:54 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a4757ccc20fa4dac96856aaaea05ffaa\PresentationFramework.Royale.ni.dll
+ 2012-01-13 06:54 . 2012-01-13 06:54 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9ab2ddfc6ccc7d84144aa45fc86969a1\PresentationFramework.Luna.ni.dll
- 2011-10-14 13:45 . 2011-10-14 13:45 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9ab2ddfc6ccc7d84144aa45fc86969a1\PresentationFramework.Luna.ni.dll
+ 2012-01-13 06:54 . 2012-01-13 06:54 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\631667d5c4e1f0beee46c82e316ed0cb\PresentationFramework.Aero.ni.dll
- 2011-10-14 13:45 . 2011-10-14 13:45 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\631667d5c4e1f0beee46c82e316ed0cb\PresentationFramework.Aero.ni.dll
- 2011-10-14 13:45 . 2011-10-14 13:45 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\2de40f08930236c079d2653ade704bfc\PresentationFramework.Classic.ni.dll
+ 2012-01-13 06:54 . 2012-01-13 06:54 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\2de40f08930236c079d2653ade704bfc\PresentationFramework.Classic.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\88f32d62a8df469e8b9f12a8d3093627\System.Xml.Linq.ni.dll
- 2011-10-14 18:16 . 2011-10-14 18:16 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\88f32d62a8df469e8b9f12a8d3093627\System.Xml.Linq.ni.dll
- 2011-10-14 13:53 . 2011-10-14 13:53 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\54aff110093134e12558e26c7a038eb7\System.Web.RegularExpressions.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\54aff110093134e12558e26c7a038eb7\System.Web.RegularExpressions.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\2dc7ec41005f6e6fe45e0cc0a20a12bc\System.Web.Abstractions.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f5659a792c1f6832d9a45c1509d03497\System.Transactions.ni.dll
- 2011-10-14 13:52 . 2011-10-14 13:52 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f5659a792c1f6832d9a45c1509d03497\System.Transactions.ni.dll
- 2011-10-14 13:53 . 2011-10-14 13:53 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll
- 2011-10-14 13:51 . 2011-10-14 13:51 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\ccba14fc93de40f4f53d401f07b9bcb8\System.Security.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\ccba14fc93de40f4f53d401f07b9bcb8\System.Security.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
- 2011-10-14 13:52 . 2011-10-14 13:52 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\4ede0fecbdb3795efa9dca6b77c2031b\System.Messaging.ni.dll
- 2011-10-14 18:06 . 2011-10-14 18:06 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\4ede0fecbdb3795efa9dca6b77c2031b\System.Messaging.ni.dll
- 2011-10-14 18:08 . 2011-10-14 18:08 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\8a7d8a1bed270870c645ff47913f062a\System.IdentityModel.Selectors.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\8a7d8a1bed270870c645ff47913f062a\System.IdentityModel.Selectors.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\dfe859829abd7f108aa5d82382251690\System.EnterpriseServices.Wrapper.dll
- 2011-10-14 13:52 . 2011-10-14 13:52 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\dfe859829abd7f108aa5d82382251690\System.EnterpriseServices.Wrapper.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\dfe859829abd7f108aa5d82382251690\System.EnterpriseServices.ni.dll
- 2011-10-14 13:52 . 2011-10-14 13:52 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\dfe859829abd7f108aa5d82382251690\System.EnterpriseServices.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\8aa064c925a6b6bc885c3bd5bb1f4149\System.Drawing.Design.ni.dll
- 2011-10-14 13:53 . 2011-10-14 13:53 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\8aa064c925a6b6bc885c3bd5bb1f4149\System.Drawing.Design.ni.dll
- 2011-10-14 13:53 . 2011-10-14 13:53 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a5df8714e91f2e7d0f76081b6581d071\System.DirectoryServices.Protocols.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a5df8714e91f2e7d0f76081b6581d071\System.DirectoryServices.Protocols.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\50da9308aea01ad914cc87509dd968ec\System.Data.Services.Design.ni.dll
- 2011-10-14 18:16 . 2011-10-14 18:16 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\50da9308aea01ad914cc87509dd968ec\System.Data.Services.Design.ni.dll
- 2011-10-14 13:51 . 2011-10-14 13:51 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
- 2011-10-14 13:53 . 2011-10-14 13:53 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\66a5094e521e34aecd51e4bae30ac266\System.Configuration.Install.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\66a5094e521e34aecd51e4bae30ac266\System.Configuration.Install.ni.dll
- 2011-10-14 18:07 . 2011-10-14 18:07 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6294f61f25c953212b92b7e13a0fd9c1\SMDiagnostics.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6294f61f25c953212b92b7e13a0fd9c1\SMDiagnostics.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\aae0c17e133300ab45fb897647cdd8d7\PresentationFramework.Luna.ni.dll
- 2011-10-14 13:53 . 2011-10-14 13:53 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\aae0c17e133300ab45fb897647cdd8d7\PresentationFramework.Luna.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9ad023d8c5d5925e50b96c0d63da0235\PresentationFramework.Royale.ni.dll
- 2011-10-14 13:53 . 2011-10-14 13:53 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9ad023d8c5d5925e50b96c0d63da0235\PresentationFramework.Royale.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b57fb7ab01951581394186c32cd278b\PresentationFramework.Classic.ni.dll
- 2011-10-14 13:53 . 2011-10-14 13:53 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b57fb7ab01951581394186c32cd278b\PresentationFramework.Classic.ni.dll
- 2011-10-14 13:53 . 2011-10-14 13:53 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
+ 2012-01-12 14:50 . 2010-11-12 23:33 626688 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.resources.dll
- 2009-09-09 10:02 . 2009-09-09 10:02 626688 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.resources.dll
+ 2012-01-12 14:50 . 2011-12-25 20:40 5263360 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Web.dll
+ 2012-01-12 14:50 . 2011-12-25 20:42 5255168 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2012-01-13 06:53 . 2012-01-13 06:53 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\bb70e6c85f728c359f1853e2d994dbae\WindowsBase.ni.dll
- 2011-10-14 13:40 . 2011-10-14 13:40 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\bb70e6c85f728c359f1853e2d994dbae\WindowsBase.ni.dll
- 2011-10-14 13:39 . 2011-10-14 13:39 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\372dfe1a5b9ed9217b0f491ba07745d2\System.Xml.ni.dll
+ 2012-01-13 06:55 . 2012-01-13 06:55 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\372dfe1a5b9ed9217b0f491ba07745d2\System.Xml.ni.dll
+ 2012-01-13 06:55 . 2012-01-13 06:55 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\45339e741d73e8f1f9393df8163c8c00\System.Workflow.Runtime.ni.dll
+ 2012-01-13 06:55 . 2012-01-13 06:55 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\48ef2f59740ad3d438d0514b335dd334\System.Workflow.ComponentModel.ni.dll
+ 2012-01-13 06:55 . 2012-01-13 06:55 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\7972e04df268430da009e63e90ff4ca9\System.Workflow.Activities.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\8d374a0a9c49f485a7ce6e89ec354b4c\System.Web.Services.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\d12c2299179cb05591cf08c8712a6495\System.Runtime.Remoting.ni.dll
- 2011-10-14 13:44 . 2011-10-14 13:44 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\4b0fd98f11e1e243efcfb810c170decf\System.EnterpriseServices.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\4b0fd98f11e1e243efcfb810c170decf\System.EnterpriseServices.ni.dll
+ 2012-01-13 06:54 . 2012-01-13 06:54 2311168 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\7913f5c6b6fc7a75b2b8f558bb7b5568\System.Drawing.ni.dll
- 2011-10-14 13:40 . 2011-10-14 13:40 2311168 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\7913f5c6b6fc7a75b2b8f558bb7b5568\System.Drawing.ni.dll
- 2011-10-14 13:43 . 2011-10-14 13:43 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\3623e2ad193bcccf00ac1107d4f62236\System.DirectoryServices.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\3623e2ad193bcccf00ac1107d4f62236\System.DirectoryServices.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\9c394336e3ce35330907d1c51c47951c\System.Deployment.ni.dll
- 2011-10-14 13:40 . 2011-10-14 13:40 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\9c394336e3ce35330907d1c51c47951c\System.Deployment.ni.dll
- 2011-10-14 13:44 . 2011-10-14 13:44 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\4cfb4616eb3af7f91c1ea7113465860b\System.Data.ni.dll
+ 2012-01-13 06:54 . 2012-01-13 06:54 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\4cfb4616eb3af7f91c1ea7113465860b\System.Data.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\32cf78868a7f90ad05525253a2540e1f\System.Data.SqlXml.ni.dll
- 2011-10-14 13:39 . 2011-10-14 13:39 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\32cf78868a7f90ad05525253a2540e1f\System.Data.SqlXml.ni.dll
- 2011-10-14 13:45 . 2011-10-14 13:45 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\03c0fa3f53e9ddf45a7dce06ae740de8\System.Data.OracleClient.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\03c0fa3f53e9ddf45a7dce06ae740de8\System.Data.OracleClient.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fe860189c078d45125ca6366495fd414\System.Configuration.ni.dll
- 2011-10-14 13:39 . 2011-10-14 13:39 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fe860189c078d45125ca6366495fd414\System.Configuration.ni.dll
+ 2012-01-13 06:51 . 2012-01-13 06:51 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
- 2011-10-14 13:51 . 2011-10-14 13:51 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
+ 2012-01-13 06:51 . 2012-01-13 06:51 7963648 c:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
- 2011-10-14 13:50 . 2011-10-14 13:50 7963648 c:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 5453312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
- 2011-10-14 13:51 . 2011-10-14 13:51 5453312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\ad68aa9e6fa1ec8005e1f604579a76be\System.Workflow.Runtime.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 4515840 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\00b0a14ef5cb0154db7989da39a7f1e5\System.Workflow.ComponentModel.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\54873f241a4ad6d2a13e48d2da444538\System.Workflow.Activities.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\be4f1d78d06979df7fd08dedf0d8c804\System.Web.Services.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\a90f033a5a062ff29f7df8f9edc1a80c\System.Web.Extensions.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\828e31a37bfd9d432083be6307845630\System.ServiceModel.Web.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
- 2011-10-14 18:07 . 2011-10-14 18:07 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c0d9df88f2b37d14cf416281364c5b7f\System.IdentityModel.ni.dll
- 2011-10-14 13:51 . 2011-10-14 13:51 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f78fa584bb78607b65e8872d925a96af\System.DirectoryServices.ni.dll
- 2011-10-14 13:52 . 2011-10-14 13:52 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f78fa584bb78607b65e8872d925a96af\System.DirectoryServices.ni.dll
- 2011-10-14 13:51 . 2011-10-14 13:51 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\dd2070ee8e6e28ac8dc658404c50ebde\System.Deployment.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\dd2070ee8e6e28ac8dc658404c50ebde\System.Deployment.ni.dll
- 2011-10-14 13:52 . 2011-10-14 13:52 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\75ab0cb54049a01ad53c7a022897e98e\System.Data.SqlXml.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\91ee2a5b20d39be70a1d4e39ca9e23bf\System.Data.Services.Client.ni.dll
- 2011-10-14 18:16 . 2011-10-14 18:16 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\91ee2a5b20d39be70a1d4e39ca9e23bf\System.Data.Services.Client.ni.dll
- 2011-10-14 13:53 . 2011-10-14 13:53 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\1171b168dc6db0132146d8e26ae00d22\System.Data.OracleClient.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\1171b168dc6db0132146d8e26ae00d22\System.Data.OracleClient.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\9d9e419b7157083a5a246768b29dd92f\System.Data.Linq.ni.dll
- 2011-10-14 18:16 . 2011-10-14 18:16 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\9d9e419b7157083a5a246768b29dd92f\System.Data.Linq.ni.dll
- 2011-10-14 18:15 . 2011-10-14 18:15 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\de785592a16c949cfb67da6781acd156\System.Data.Entity.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\de785592a16c949cfb67da6781acd156\System.Data.Entity.ni.dll
- 2011-10-14 18:09 . 2011-10-14 18:09 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\a31ec9cb215741ea987630aa277ea658\Microsoft.Transactions.Bridge.ni.dll
- 2011-10-14 18:08 . 2011-10-14 18:08 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\a31ec9cb215741ea987630aa277ea658\Microsoft.Transactions.Bridge.ni.dll
- 2011-06-02 10:13 . 2010-11-05 01:53 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-01-12 14:50 . 2011-12-25 20:42 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-01-12 14:50 . 2011-12-25 20:40 5263360 c:\windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-01-12 14:50 . 2011-12-25 20:42 5255168 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-01-13 06:53 . 2012-01-13 06:53 10618880 c:\windows\assembly\NativeImages_v2.0.50727_64\System\8c862eb9bcba031e1479974a7d62aa0b\System.ni.dll
- 2011-10-14 13:39 . 2011-10-14 13:39 10618880 c:\windows\assembly\NativeImages_v2.0.50727_64\System\8c862eb9bcba031e1479974a7d62aa0b\System.ni.dll
- 2011-10-14 13:41 . 2011-10-14 13:41 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\bc4df91390f1b827ecb62a2edd0d1894\System.Windows.Forms.ni.dll
+ 2012-01-13 06:54 . 2012-01-13 06:54 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\bc4df91390f1b827ecb62a2edd0d1894\System.Windows.Forms.ni.dll
+ 2012-01-13 15:35 . 2012-01-13 15:35 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\ab920a032a9b63aa07f26c5592d7c72c\System.Web.ni.dll
+ 2012-01-13 06:54 . 2012-01-13 06:54 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\665178c1ccfd538896eaa0fff283b6ef\System.Design.ni.dll
+ 2012-01-13 06:54 . 2012-01-13 06:54 19195392 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\92eba0d443a423072e9c4b7ca1eec4cd\PresentationFramework.ni.dll
- 2011-10-14 13:43 . 2011-10-14 13:43 19195392 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\92eba0d443a423072e9c4b7ca1eec4cd\PresentationFramework.ni.dll
- 2011-10-14 13:40 . 2011-10-14 13:40 16540160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\11214511a256f136b8425bdd316b47c9\PresentationCore.ni.dll
+ 2012-01-13 06:53 . 2012-01-13 06:53 16540160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\11214511a256f136b8425bdd316b47c9\PresentationCore.ni.dll
- 2011-10-14 13:38 . 2011-10-14 13:38 15568384 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\1d2d3e57724bcacaea5e41063dc565c1\mscorlib.ni.dll
+ 2012-01-13 06:53 . 2012-01-13 06:53 15568384 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\1d2d3e57724bcacaea5e41063dc565c1\mscorlib.ni.dll
- 2011-10-14 13:52 . 2011-10-14 13:52 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\b41e38edbd6dfe20997f6ea7c080aceb\System.Web.ni.dll
+ 2012-01-13 15:34 . 2012-01-13 15:34 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\7bc7e33d4568a214f226cdb6a161a37a\System.ServiceModel.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\70f9f6de6dc9611157ed563bdb4e79a4\System.Design.ni.dll
- 2011-10-14 13:52 . 2011-10-14 13:52 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
+ 2012-01-13 06:52 . 2012-01-13 06:52 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
- 2011-10-14 13:51 . 2011-10-14 13:51 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
+ 2012-01-13 06:51 . 2012-01-13 06:51 11490304 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
- 2011-10-14 13:49 . 2011-10-14 13:49 11490304 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
.
– Snapshot teruggezet naar huidige datum –
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"="k:\program files (x86)\BitLord\BitLord.exe" [2005-05-07 2224128]
"Steam"="d:\program files (x86)\PacSteamT\steam.exe" [2011-08-15 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="k:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AOD"="c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" [2011-07-28 361984]
.
c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ToolBox.lnk - d:\program files (x86)\ToolBox v2.97j\toolbox.exe [2011-7-7 2193408]
Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-12-15 3527576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-3-14 113664]
Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe [2010-1-22 1773568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\Webzen\ArchLord\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [x]
R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2010-09-10 348160]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 DLACDBHE;DLACDBHE;c:\windows\system32\Drivers\DLACDBHE.SYS [x]
S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS [x]
S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 DLABMFSE;DLABMFSE;c:\windows\system32\DLA\DLABMFSE.SYS [x]
S2 DLABOIOE;DLABOIOE;c:\windows\system32\DLA\DLABOIOE.SYS [x]
S2 DLADResE;DLADResE;c:\windows\system32\DLA\DLADResE.SYS [x]
S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\DLA\DLAIFS_E.SYS [x]
S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\DLA\DLAOPIOE.SYS [x]
S2 DLAPoolE;DLAPoolE;c:\windows\system32\DLA\DLAPoolE.SYS [x]
S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\DLA\DLAUDF_E.SYS [x]
S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\DLA\DLAUDFAE.SYS [x]
S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 TeamViewer6;TeamViewer 6;d:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S3 ALSysIO;ALSysIO;c:\users\Milan\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
——— x86-64 ———–
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 18:12 98056 —-a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-09 171520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
mSearch Bar = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8C6CACD3-12C3-4DEB-9BBF-CBF7202016BF}: NameServer = 10.73.24.1
TCP: Interfaces\{AB8621B3-0285-48BA-8FC8-F1846E2DBB3F}: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qvqeg9e1.default\
FF - prefs.js: browser.startup.homepage - www.google.nl
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0&quo

Ugh, zit ik weer aan het tekenlimiet..
Hier de volledige log:
http://pastebin.com/KVt8nMxv

Dat laatste gedeelte had je gewoon in een volgend bericht kunnen posten!

Maar vertel, hoe doet jouw Windows het nu?