Archief - Kan deze HijackThis logje eens gecontroleerd worden aub ?

Pc van mijn broer krijgt steeds popups en hij kan er niet meer mee op internet...
Iets van AV Security Suite ofzo.;
Alvast bedankt !


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:17:19, on 14/06/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\Amocoa.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Windows\System32\regsvr32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Users\Gebruiker\AppData\Local\Temp\At1.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Gebruiker\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:1054
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: voguecash browser enhancer - {63AA04E1-A8F8-3771-20A4-81AC7F982F57} - C:\Windows\system32\yxnzqpxgqw.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Street-Ads Browser Enhancer ljfcpuod - {ED538631-E7D9-4F84-9462-D5FE1A81E780} - C:\Windows\system32\ljfcpuod.dll
O2 - BHO: Sky-Banners Browser Enhancer ivnehcjx - {FFB6F197-F72D-4FBB-A805-580969BD7AB3} - C:\Windows\system32\ivnehcjx.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - HKLM\..\Run: [skb] rundll32 "ivnehcjx.dll",,Run
O4 - HKLM\..\Run: [ypmzbpywdlg] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\yxnzqpxgqw.dll"
O4 - HKLM\..\Run: [MChk] C:\Windows\system32\mtnpsufv.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Halo2] rundll32.exe C:\Windows\system32\sshnas21.dll,GetMainWnd
O4 - HKCU\..\Run: [lsrurivgd] c:\users\gebruiker\appdata\local\vubkgymxw\uajkbw.exe
O4 - HKCU\..\Run: [M5T8QL3YW3] C:\Users\Gebruiker\AppData\Local\Temp\At1.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload alle video met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

--
End of file - 8377 bytes

Update ,
Ik heb al eens het proggie Malwarebytes Anti-Malware gebruikt in veilige modus (upgedated).
Daarmee zijn al een heel boel broll verwijderd denk ik.
Bij het starten van windows7 krijg na het inloggen deze foutmelding nu :
Er is een probleem opgetreden tijdens het starten van ivnehcjx.dll
Kan opgegeven module niet vinden.
Zeker een dll van van die verwijderde broll ?

Zie logje Anti-Maleware en nieuwe HijackThis log.

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Databaseversie: 4198

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

14/06/2010 21:26:22
mbam-log-2010-06-14 (21-26-22).txt

Scantype: Snelle scan
Objecten gescand: 148801
Verstreken tijd: 5 minuut/minuten, 3 seconde

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 33
Registerwaarden geïnfecteerd: 6
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 17

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\CLSID\{63aa04e1-a8f8-3771-20a4-81ac7f982f57} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{63aa04e1-a8f8-3771-20a4-81ac7f982f57} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63aa04e1-a8f8-3771-20a4-81ac7f982f57} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{63aa04e1-a8f8-3771-20a4-81ac7f982f57} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cscrptxt.cscrptxt (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e0ec6fba-f009-3535-95d6-b6390db27da1} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ffb6f197-f72d-4fbb-a805-580969bd7ab3} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{ffb6f197-f72d-4fbb-a805-580969bd7ab3} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ffb6f197-f72d-4fbb-a805-580969bd7ab3} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffb6f197-f72d-4fbb-a805-580969bd7ab3} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cscrptxt.cscrptxt.1.0 (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{38061edc-40bb-4618-a8da-e56353347e6d} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7b6a2552-e65b-4a9e-add4-c45577ffd8fd} (Adware.EZLife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ed538631-e7d9-4f84-9462-d5fe1a81e780} (Adware.Lifze) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{ed538631-e7d9-4f84-9462-d5fe1a81e780} (Adware.Lifze) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ed538631-e7d9-4f84-9462-d5fe1a81e780} (Adware.Lifze) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ed538631-e7d9-4f84-9462-d5fe1a81e780} (Adware.Lifze) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mcfbrwshuclij (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\V71IQL7HI7 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adgj.aghlp (Adware.EZLife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adgj.aghlp.1 (Adware.EZLife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adshothlpr.adshothlpr (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adshothlpr.adshothlpr.1.0 (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsrurivgd (Rogue.AVSecuritySuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ypmzbpywdlg (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mchk (Adware.Lifze) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\halo2 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\m5t8ql3yw3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\regedit32 (Trojan.Agent) -> Quarantined and deleted successfully.

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
c:\Users\gebruiker\AppData\Local\vubkgymxw\uajkbw.exe (Rogue.AVSecuritySuite) -> Quarantined and deleted successfully.
C:\Windows\System32\yxnzqpxgqw.dll (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Windows\System32\mtnpsufv.exe (Adware.Lifze) -> Quarantined and deleted successfully.
C:\Windows\System32\ivnehcjx.dll (Adware.EZlife) -> Quarantined and deleted successfully.
C:\Windows\System32\ljfcpuod.dll (Adware.Lifze) -> Quarantined and deleted successfully.
C:\Windows\System32\mcfbrwshuclij.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Users\Gebruiker\AppData\Local\Temp\arapj.exe (Rogue.AVSecuritySuite) -> Quarantined and deleted successfully.
C:\Users\Gebruiker\AppData\Local\Temp\sitlpsqc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas21.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Céline\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Gebruiker\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Sabine\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Gebruiker\AppData\Local\Temp\At1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\System32\regedit.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Gebruiker\Local Settings\Application Data\syssvc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

--------------------------------------------------------------------


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:31:52, on 14/06/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\Amocoa.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Gebruiker\Desktop\HijackThis\HijackThis.exe
C:\Windows\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:1054
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [skb] rundll32 "ivnehcjx.dll",,Run
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload alle video met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 7886 bytes

Zo zo wat een brol, ik vraag mij af of het wel zin heeft om iemand te helpen die een nieuw windows systeem in zo een korte tijd zo naar de getver helpt. Je broer is de pc gewoon niet waard. Ik ga iig even kijken want een systeem die zo is vervuild mag niet als zodanig het internet weer op.
Momentje.

succes

ComboFix 10-06-15.01 - Gebruiker 15/06/2010 18:55:31.1.3 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.2814.1960 [GMT 2:00]
Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
* Aanwezig AV is actief

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\$NtUninstallWTF1012$
c:\program files\$NtUninstallWTF1012$\elUninstall.exe
c:\users\Gebruiker\AppData\Roaming\4652FDED2782403E4FB194297E29EC8C
c:\users\Gebruiker\AppData\Roaming\4652FDED2782403E4FB194297E29EC8C\enemies-names.txt
c:\users\Gebruiker\AppData\Roaming\4652FDED2782403E4FB194297E29EC8C\local.ini
c:\users\Gebruiker\AppData\Roaming\4652FDED2782403E4FB194297E29EC8C\setupupdater0000.exe.vir
c:\windows\$NtUninstallMTF1011$
c:\windows\$NtUninstallMTF1011$\apUninstall.exe
c:\windows\system32\%appdata%
c:\windows\system32\atiesrxx.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_AMD External Events Utility


(((((((((((((((((((( Bestanden Gemaakt van 2010-05-15 to 2010-06-15 ))))))))))))))))))))))))))))))
.

2010-06-15 17:03 . 2010-06-15 17:03 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-06-15 17:02 . 2010-06-15 17:02 -------- d-----w- C:\Device
2010-06-15 17:00 . 2010-06-15 17:04 -------- d-----w- c:\users\Gebruiker\AppData\Local\temp
2010-06-15 17:00 . 2010-06-15 17:00 -------- d-----w- c:\users\Sabine\AppData\Local\temp
2010-06-15 17:00 . 2010-06-15 17:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-14 22:48 . 2010-06-14 22:48 4096 ----a-w- c:\windows\d3dx.dat
2010-06-14 19:30 . 2010-06-14 19:30 -------- d-----w- c:\users\Gebruiker\AppData\Local\Threat Expert
2010-06-14 19:19 . 2010-06-14 19:19 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Malwarebytes
2010-06-14 19:19 . 2010-06-14 19:19 -------- d-----w- c:\programdata\Malwarebytes
2010-06-14 19:19 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-14 19:19 . 2010-06-14 19:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-14 19:19 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-14 19:08 . 2010-06-14 23:31 -------- d-----w- c:\program files\Spyware Doctor
2010-06-11 15:41 . 2010-06-11 15:41 28672 ---ha-w- C:\SZKGFS.dat
2010-06-11 15:36 . 2010-06-11 15:36 -------- d-----w- c:\programdata\SITEguard
2010-06-11 15:26 . 2010-06-11 16:52 -------- d-----w- c:\program files\STOPzilla!
2010-06-11 15:26 . 2010-06-11 15:26 -------- d-----w- c:\program files\Common Files\iS3
2010-06-11 15:26 . 2010-06-11 15:42 -------- d-----w- c:\programdata\STOPzilla!
2010-06-10 16:05 . 2010-06-10 16:05 -------- d-----w- c:\users\Sabine\AppData\Roaming\vlc
2010-06-10 15:40 . 2010-06-10 15:40 -------- d-----w- c:\users\Sabine\AppData\Roaming\Nero
2010-06-10 15:24 . 2010-06-10 15:24 -------- d-----w- c:\users\Sabine\Office Genuine Advantage
2010-06-10 14:57 . 2010-06-13 14:20 -------- d-----w- c:\users\Sabine\AppData\Local\Adobe
2010-06-09 20:50 . 2010-06-14 17:33 -------- d-----w- c:\users\Sabine\Tracing
2010-06-09 20:50 . 2010-06-09 20:50 115264 ----a-w- c:\users\Sabine\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-09 20:46 . 2010-06-09 20:46 -------- d-----w- c:\users\Sabine\AppData\Local\Scansoft
2010-06-09 11:50 . 2010-06-14 19:26 -------- d-----w- c:\users\Gebruiker\AppData\Local\vubkgymxw
2010-06-03 17:19 . 2010-06-03 17:19 -------- d-----w- c:\program files\YouTube Downloader
2010-05-30 11:01 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-05-30 11:00 . 2010-04-23 07:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-05-30 11:00 . 2010-03-04 07:33 740864 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-17 19:44 . 2010-05-17 19:44 -------- d-----w- C:\MP Navigator

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-15 17:04 . 2010-01-14 17:58 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\LimeWire
2010-06-15 16:58 . 2009-07-14 08:27 696240 ----a-w- c:\windows\system32\perfh013.dat
2010-06-15 16:58 . 2009-07-14 08:27 131734 ----a-w- c:\windows\system32\perfc013.dat
2010-06-15 16:49 . 2009-11-24 16:52 -------- d-----w- c:\program files\BitComet
2010-06-15 16:45 . 2010-03-09 19:07 -------- d-----w- c:\program files\Ask.com
2010-06-14 17:57 . 2009-11-22 14:41 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\vlc
2010-06-10 16:46 . 2010-05-03 19:17 -------- d-----w- c:\program files\Vuze_Remote
2010-06-07 20:10 . 2009-12-01 13:21 -------- d-----w- c:\program files\realtime
2010-05-30 11:01 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-05-30 11:01 . 2009-11-22 14:27 -------- d-----w- c:\programdata\Microsoft Help
2010-05-17 19:48 . 2010-05-01 14:24 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Canon
2010-05-07 19:42 . 2010-05-07 19:42 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-05-07 19:42 . 2010-05-07 19:42 -------- d-----w- c:\program files\MSXML 4.0
2010-05-04 20:02 . 2010-05-03 19:47 -------- d-----w- c:\programdata\Norton
2010-05-03 19:51 . 2010-05-03 19:17 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Azureus
2010-05-03 19:47 . 2010-05-03 19:47 -------- d-----w- c:\programdata\Symantec
2010-05-03 19:47 . 2010-05-03 19:47 -------- d-----w- c:\programdata\NortonInstaller
2010-05-03 19:17 . 2010-05-03 19:17 -------- d-----w- c:\programdata\Azureus
2010-05-03 19:17 . 2010-05-03 19:17 -------- d-----w- c:\program files\Conduit
2010-04-27 18:53 . 2010-04-27 18:44 -------- d-----w- c:\program files\Canon
2010-04-27 18:50 . 2010-04-27 18:50 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\ScanSoft
2010-04-27 18:50 . 2010-04-27 18:49 -------- d-----w- c:\programdata\ScanSoft
2010-04-27 18:49 . 2010-04-27 18:49 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2010-04-27 18:49 . 2010-04-27 18:49 -------- d-----w- c:\program files\ScanSoft
2010-04-27 18:48 . 2009-11-24 20:04 -------- d-----w- c:\program files\Common Files\InstallShield
2010-04-27 18:48 . 2010-04-27 18:48 -------- d-----w- c:\program files\ArcSoft
2010-04-27 18:48 . 2009-11-24 20:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-27 18:45 . 2010-04-27 18:45 -------- d--h--w- c:\program files\CanonBJ
2010-04-21 17:05 . 2010-04-21 17:05 50354 ----a-w- c:\users\Gebruiker\AppData\Roaming\Facebook\uninstall.exe
2010-04-21 17:05 . 2010-04-21 17:05 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Facebook
2010-04-17 09:51 . 2009-11-22 15:55 115264 ----a-w- c:\users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-16 19:14 . 2010-03-26 17:46 -------- d-----w- c:\program files\Adobe.Photoshop.CS.Dutch_Key
2010-04-16 18:58 . 2010-04-16 18:56 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\GetRightToGo
2010-04-16 18:50 . 2010-04-13 14:45 5018 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-04-16 18:41 . 2010-04-16 18:41 -------- d-----w- c:\programdata\InstallShield
2010-04-15 20:46 . 2010-04-15 20:46 12399 ----a-w- c:\program files\[MONOVA.ORG]_Adobe.Photoshop.8.CS.Dutch.Nederlands.torrent
2010-04-13 14:45 . 2010-04-13 14:45 8 --sh--r- c:\windows\system32\C2C30EAAA3.sys
2010-04-03 12:25 . 2010-04-03 12:25 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-12-12 17:36 . 2009-12-12 17:36 158243 ----a-w- c:\program files\no$gba-w.zip
2009-11-25 18:00 . 2009-11-25 17:59 734160 ----a-w- c:\program files\VobSub_2.23.exe
2009-11-24 11:07 . 2009-11-24 11:01 6233136 ----a-w- c:\program files\bitcomet_setup.exe
2009-11-22 18:36 . 2009-11-22 18:36 5146520 ----a-w- c:\program files\MsgPlusLive-483.exe
2009-11-22 18:23 . 2009-11-22 18:21 144408392 ----a-w- c:\program files\wlsetup-all.exe
2009-11-22 18:20 . 2009-11-22 18:20 1160528 ----a-w- c:\program files\wlsetup-custom.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-04-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-04-15 10:33 2515552 ----a-w- c:\program files\Vuze_Remote\tbVuze.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-04-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-04-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2009-07-24 118640]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]

c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-8 503808]
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-4-15 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2009-07-24 30560]
R3 oflpydin;oflpydin;c:\users\GEBRUI~1\AppData\Local\Temp\oflpydin.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-11-22 722416]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 92800]
S3 RTL8167;Realtek 8167 NT-stuurprogramma;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]


--- Andere Services/Drivers In Geheugen ---

*Deregistered* - sfwvuy
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uInternet Settings,ProxyServer = http=127.0.0.1:1054
uInternet Settings,ProxyOverride = <local>
IE: &D&ownload &met BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload alle video met BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload alles met BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ln9o2ej1.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.search.selectedengine - Google
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 1054
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\users\Gebruiker\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - ORPHANS VERWIJDERD - - - -

Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-$NtUninstallMTF1011$ - c:\windows\$NtUninstallMTF1011$\apUninstall.exe
AddRemove-$NtUninstallWTF1012$ - c:\program files\$NtUninstallWTF1012$\elUninstall.exe



**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x858FA1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
IoDeviceObjectType -> DumpProcedure -> 0xd46a624f
SecurityProcedure -> 0x85945aa0
QueryNameProcedure -> 0x85945c30
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sfwvuy]

.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'Explorer.exe'(3292)
c:\program files\ESET\ESET NOD32 Antivirus\eplgHooks.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Voltooingstijd: 2010-06-15 19:07:41 - machine werd herstart
ComboFix-quarantined-files.txt 2010-06-15 17:07

Pre-Run: 95.124.660.224 bytes beschikbaar
Post-Run: 102.943.318.016 bytes beschikbaar

- - End Of File - - 84FB95AA21FC2D18E6C709E33D15576A

Ja daar was ik al bang voor, een rootkit.

1. Sommige cd-emulators kunnen het interpreteren van de logs bemoeilijken.
We zullen deze daarom tijdelijk uitschakelen.

• Download Defogger en plaats het op je bureaublad.
• Dubbelklik op Defogger.exe om de tool te starten.
• In het scherm dat verschijnt klik je op de knop "Disable".
• In het volgende scherm klik je op Ja (Yes) om verder te gaan.
• Wacht tot je de melding 'Finished' krijgt en klik in dat scherm op "Ok".
• Indien DeFogger vraagt om de computer te herstarten doe je dit.

NOTA: Krijg je een foutmelding wanneer je Defogger gebruikt, dan zoek je op het bureaublad naar het bestand defogger_disable en post je de inhoud van dit bestand.

CD-emulator software kan je weer inschakelen met behulp van Defogger door de tool te starten en op de knop "Re-enable" te klikken.
Dit doe je pas wanneer we volledig klaar zijn met de analyse van de computer.


2.Download TDSSKiller.zip, unzip het en plaats het op je bureaublad: http://support.kaspersky.com/downloads/utils/tdsskiller.zip

Open een kladblokbestand.
Kopieer onderstaande code in dit kladblokbestand.

@ECHO OFF
TDSSKiller.exe -l report.txt -v
DEL %0

Ga naar Bestand - Opslaan als.
Bij "Opslaan in" kies je: de map waarin TDSSKiller.exe staat.
Bij "Bestandsnaam" zet je: start.bat
Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
Klik op de knop Opslaan.
Daarna, Dubbelklik op start.bat
Dit zal de TDSSKiller.exe starten en een logfile (report.txt) maken in dezelfde map.
Wanneer TDSSKiller.exe klaar is post je de inhoud van report.txt. (eventueel na een reboot)

De logjes die ik moest posten :


defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:12 on 15/06/2010 (ty)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read sfwvuy.sys
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-

23:18:47:025 3376 TDSS rootkit removing tool 2.3.2.0 May 31 2010 10:39:48
23:18:47:025 3376 ===================================================
23:18:47:025 3376 SystemInfo:

23:18:47:025 3376 OS Version: 6.1.7600 ServicePack: 0.0
23:18:47:025 3376 Product type: Workstation
23:18:47:025 3376 ComputerName: GEBRUIK-8OJNBRW
23:18:47:025 3376 UserName: thierry
23:18:47:025 3376 Windows directory: C:\Windows
23:18:47:025 3376 Processor architecture: Intel x86
23:18:47:025 3376 Number of processors: 3
23:18:47:025 3376 Page size: 0x1000
23:18:47:025 3376 Boot type: Normal boot
23:18:47:025 3376 ===========================================================
23:18:47:602 3376 Initialize success
23:18:47:602 3376
23:18:47:602 3376 Scanning Services ...
23:18:49:381 3376 Raw services enum returned 456 services
23:18:49:396 3376 Suspicious serv sfwvuy (h: 0, b: 1)
23:18:49:396 3376
23:18:49:396 3376 Hidden service detected!
23:18:49:396 3376 Service name: sfwvuy
23:18:49:396 3376 Image path:
23:18:49:396 3376 Type "delete" (without quotes) to delete it: 23:19:24:372 3376
23:19:24:372 3376 By user detect sfwvuy
23:19:24:372 3376 RegNode HKLM\SYSTEM\ControlSet001\services\sfwvuy infected by TDSS rootkit ... 23:19:24:372 3376 will be deleted on reboot
23:19:24:419 3376 RegNode HKLM\SYSTEM\ControlSet002\services\sfwvuy infected by TDSS rootkit ... 23:19:24:419 3376 will be deleted on reboot
23:19:24:450 3376 File C:\Windows\system32\drivers\sfwvuy.sys infected by TDSS rootkit ... 23:19:24:450 3376 will be deleted on reboot
23:19:24:450 3376
23:19:24:450 3376 Scanning Drivers ...
23:19:25:417 3376 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
23:19:25:433 3376 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
23:19:25:464 3376 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
23:19:25:495 3376 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
23:19:25:526 3376 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
23:19:25:557 3376 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
23:19:25:573 3376 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
23:19:25:589 3376 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
23:19:25:620 3376 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
23:19:25:620 3376 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
23:19:25:635 3376 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
23:19:25:667 3376 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
23:19:25:682 3376 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
23:19:25:807 3376 amdkmdag (19529728442d4794b96d1b8a9a63eca1) C:\Windows\system32\DRIVERS\atikmdag.sys
23:19:25:963 3376 amdkmdap (b44737ff566b5888d15fdb66849f34e5) C:\Windows\system32\DRIVERS\atikmpag.sys
23:19:25:979 3376 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
23:19:25:994 3376 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
23:19:26:010 3376 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
23:19:26:025 3376 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
23:19:26:072 3376 AMON (78ece71701d5d65cc42125a4ef2d76aa) C:\Windows\system32\drivers\amon.sys
23:19:26:088 3376 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
23:19:26:103 3376 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
23:19:26:135 3376 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
23:19:26:150 3376 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
23:19:26:166 3376 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
23:19:26:197 3376 AtiHdmiService (c822c615b2f693ef4e5b355432976a81) C:\Windows\system32\drivers\AtiHdmi.sys
23:19:26:322 3376 atikmdag (19529728442d4794b96d1b8a9a63eca1) C:\Windows\system32\DRIVERS\atikmdag.sys
23:19:26:384 3376 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
23:19:26:400 3376 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
23:19:26:431 3376 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
23:19:26:431 3376 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
23:19:26:478 3376 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
23:19:26:493 3376 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:19:26:509 3376 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:19:26:525 3376 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
23:19:26:556 3376 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
23:19:26:571 3376 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:19:26:587 3376 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
23:19:26:618 3376 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
23:19:26:712 3376 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
23:19:26:712 3376 cdrom (656d1ec977e3c5316a62dbbe52cb9663) C:\Windows\system32\DRIVERS\cdrom.sys
23:19:26:743 3376 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
23:19:26:774 3376 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
23:19:26:790 3376 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
23:19:26:805 3376 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
23:19:26:837 3376 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
23:19:26:852 3376 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
23:19:26:868 3376 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:19:26:883 3376 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
23:19:26:883 3376 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
23:19:26:915 3376 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
23:19:26:930 3376 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
23:19:26:946 3376 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
23:19:26:977 3376 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
23:19:27:024 3376 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
23:19:27:086 3376 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
23:19:27:195 3376 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
23:19:27:227 3376 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
23:19:27:242 3376 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
23:19:27:273 3376 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
23:19:27:289 3376 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
23:19:27:305 3376 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
23:19:27:320 3376 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
23:19:27:336 3376 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
23:19:27:351 3376 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
23:19:27:367 3376 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
23:19:27:383 3376 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
23:19:27:414 3376 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
23:19:27:429 3376 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:19:27:461 3376 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
23:19:27:492 3376 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
23:19:27:507 3376 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:19:27:523 3376 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
23:19:27:539 3376 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
23:19:27:554 3376 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
23:19:27:585 3376 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
23:19:27:601 3376 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
23:19:27:617 3376 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
23:19:27:648 3376 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
23:19:27:663 3376 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
23:19:27:679 3376 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
23:19:27:710 3376 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
23:19:27:726 3376 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
23:19:27:741 3376 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
23:19:27:757 3376 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:19:27:788 3376 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:19:27:788 3376 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
23:19:27:804 3376 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
23:19:27:819 3376 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
23:19:27:835 3376 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
23:19:27:866 3376 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
23:19:27:882 3376 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
23:19:27:897 3376 klmd23 (67e1faa88fb397b3d56909d7e04f4dd3) C:\Windows\system32\drivers\klmd.sys
23:19:27:913 3376 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
23:19:27:960 3376 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
23:19:27:975 3376 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
23:19:27:991 3376 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:19:28:007 3376 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:19:28:038 3376 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:19:28:053 3376 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:19:28:069 3376 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
23:19:28:069 3376 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
23:19:28:100 3376 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
23:19:28:116 3376 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
23:19:28:131 3376 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
23:19:28:147 3376 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
23:19:28:163 3376 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
23:19:28:178 3376 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
23:19:28:194 3376 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
23:19:28:209 3376 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
23:19:28:225 3376 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
23:19:28:272 3376 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:19:28:287 3376 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:19:28:319 3376 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:19:28:334 3376 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
23:19:28:350 3376 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
23:19:28:381 3376 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
23:19:28:381 3376 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
23:19:28:412 3376 MSHUSBVideo (29e0ec2a9dc4c7913657a51dfff97856) C:\Windows\system32\Drivers\nx6000.sys
23:19:28:428 3376 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
23:19:28:443 3376 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
23:19:28:459 3376 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
23:19:28:490 3376 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
23:19:28:506 3376 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
23:19:28:521 3376 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
23:19:28:537 3376 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
23:19:28:537 3376 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
23:19:28:568 3376 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
23:19:28:584 3376 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
23:19:28:615 3376 NDIS (779e9149d3662ed6beb58a67e3c775f4) C:\Windows\system32\drivers\ndis.sys
23:19:28:646 3376 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
23:19:28:677 3376 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
23:19:28:693 3376 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
23:19:28:709 3376 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
23:19:28:724 3376 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
23:19:28:740 3376 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
23:19:28:755 3376 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
23:19:28:787 3376 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
23:19:28:802 3376 nod32drv (0d91989c0c37fdc7f6ffbef238fe9dfb) C:\Windows\system32\drivers\nod32drv.sys
23:19:28:833 3376 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
23:19:28:849 3376 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
23:19:28:880 3376 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
23:19:28:927 3376 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
23:19:28:943 3376 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
23:19:28:974 3376 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
23:19:28:989 3376 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
23:19:29:099 3376 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
23:19:29:130 3376 ovt519 (db5e1d29aa509d58067aed5cc83d8170) C:\Windows\system32\Drivers\ov519vid.sys
23:19:29:145 3376 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
23:19:29:161 3376 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
23:19:29:177 3376 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
23:19:29:208 3376 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
23:19:29:223 3376 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
23:19:29:223 3376 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
23:19:29:255 3376 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
23:19:29:286 3376 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
23:19:29:317 3376 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
23:19:29:333 3376 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
23:19:29:364 3376 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
23:19:29:411 3376 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
23:19:29:489 3376 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
23:19:29:504 3376 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
23:19:29:520 3376 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
23:19:29:535 3376 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:19:29:551 3376 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:19:29:567 3376 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
23:19:29:582 3376 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
23:19:29:598 3376 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
23:19:29:613 3376 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
23:19:29:645 3376 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:19:29:660 3376 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
23:19:29:676 3376 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
23:19:29:691 3376 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
23:19:29:723 3376 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
23:19:29:738 3376 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
23:19:29:754 3376 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
23:19:29:785 3376 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys
23:19:29:832 3376 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
23:19:29:863 3376 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
23:19:29:863 3376 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
23:19:29:879 3376 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:19:29:894 3376 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
23:19:29:925 3376 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
23:19:29:925 3376 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
23:19:29:957 3376 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
23:19:29:972 3376 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:19:29:988 3376 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:19:30:003 3376 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
23:19:30:050 3376 sfwvuy (80c6af4f948d4168fc90da1a6f4b6924) C:\Windows\system32\drivers\sfwvuy.sys
23:19:30:050 3376 Suspicious file (NoAccess): C:\Windows\system32\drivers\sfwvuy.sys. md5: 80c6af4f948d4168fc90da1a6f4b6924
23:19:30:066 3376 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
23:19:30:081 3376 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:19:30:113 3376 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
23:19:30:128 3376 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
23:19:30:144 3376 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
23:19:30:175 3376 sptd (a80cd850d69d996c832bea37e3a6aa1e) C:\Windows\System32\Drivers\sptd.sys
23:19:30:347 3376 srv (50a83ca406c808bd35ac9141a0c7618f) C:\Windows\system32\DRIVERS\srv.sys
23:19:30:362 3376 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys
23:19:30:393 3376 srvnet (bd1433a32792fd0dc450479094fc435a) C:\Windows\system32\DRIVERS\srvnet.sys
23:19:30:534 3376 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
23:19:30:581 3376 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
23:19:30:596 3376 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
23:19:30:612 3376 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
23:19:30:643 3376 Tcpip (a1edfae89bc8956c925b99950e3558ad) C:\Windows\system32\drivers\tcpip.sys
23:19:30:737 3376 TCPIP6 (a1edfae89bc8956c925b99950e3558ad) C:\Windows\system32\DRIVERS\tcpip.sys
23:19:30:768 3376 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
23:19:30:783 3376 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
23:19:30:799 3376 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
23:19:30:830 3376 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
23:19:30:846 3376 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
23:19:30:861 3376 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:19:30:877 3376 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
23:19:30:893 3376 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
23:19:30:924 3376 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
23:19:30:939 3376 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
23:19:30:955 3376 umbus (71bbf3e8078d585abf27411a8986eb95) C:\Windows\system32\DRIVERS\umbus.sys
23:19:30:971 3376 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
23:19:31:017 3376 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
23:19:31:049 3376 usbccgp (09fc6fb240988f50c65ad258ee043f0b) C:\Windows\system32\DRIVERS\usbccgp.sys
23:19:31:064 3376 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
23:19:31:064 3376 usbehci (172de63ef82a480602dbad6f06ad00d6) C:\Windows\system32\DRIVERS\usbehci.sys
23:19:31:080 3376 usbhub (1a7f6c31cd4258b6cd9dfc2bbd5ab673) C:\Windows\system32\DRIVERS\usbhub.sys
23:19:31:095 3376 usbohci (6befe7c958ba88342c886fa7d98ab120) C:\Windows\system32\DRIVERS\usbohci.sys
23:19:31:111 3376 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
23:19:31:127 3376 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
23:19:31:158 3376 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:19:31:189 3376 usbuhci (ea5490e7166038a2b12140d8b2b58dd6) C:\Windows\system32\DRIVERS\usbuhci.sys
23:19:31:205 3376 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
23:19:31:220 3376 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
23:19:31:251 3376 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
23:19:31:267 3376 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
23:19:31:283 3376 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
23:19:31:314 3376 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
23:19:31:329 3376 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
23:19:31:345 3376 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
23:19:31:361 3376 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
23:19:31:376 3376 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
23:19:31:392 3376 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
23:19:31:423 3376 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
23:19:31:470 3376 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
23:19:31:501 3376 vpcbus (63ef70b7bfb875436d5983e3c77f0681) C:\Windows\system32\DRIVERS\vpchbus.sys
23:19:31:517 3376 vpcnfltr (2559494dc74877afce97c6f75e4b7020) C:\Windows\system32\DRIVERS\vpcnfltr.sys
23:19:31:548 3376 vpcusb (ac0adad2ad5a166100cf59fb9a7880b7) C:\Windows\system32\DRIVERS\vpcusb.sys
23:19:31:563 3376 vpcvmm (7a806cc4416fe9b1b9c091e31bc638bc) C:\Windows\system32\drivers\vpcvmm.sys
23:19:31:579 3376 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
23:19:31:610 3376 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
23:19:31:626 3376 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
23:19:31:641 3376 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
23:19:31:641 3376 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
23:19:31:657 3376 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
23:19:31:673 3376 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:19:31:704 3376 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
23:19:31:704 3376 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
23:19:31:735 3376 WinUsb (b5ba3cc19d00f2eba92f1cfbebb5d650) C:\Windows\system32\DRIVERS\WinUsb.sys
23:19:31:751 3376 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:19:31:782 3376 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
23:19:31:797 3376 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
23:19:31:813 3376 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:19:31:813 3376 Reboot required for cure complete..
23:19:32:109 3376 Cure on reboot scheduled successfully
23:19:32:109 3376
23:19:32:109 3376 Completed
23:19:32:109 3376
23:19:32:109 3376 Results:
23:19:32:109 3376 Registry objects infected / cured / cured on reboot: 2 / 0 / 2
23:19:32:109 3376 File objects infected / cured / cured on reboot: 1 / 0 / 1
23:19:32:109 3376
23:19:32:109 3376 KLMD(ARK) unloaded successfully

Ok maak nu een nieuwe scan met combofix aub.

Deel1

ComboFix 10-06-15.04 - Gebruiker 16/06/2010 18:36:40.2.3 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.2814.1954 [GMT 2:00]
Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe
AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Aanwezig AV is actief

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-05-16 to 2010-06-16 ))))))))))))))))))))))))))))))
.

2010-06-16 16:40 . 2010-06-16 16:40 -------- d-----w- c:\users\Sabine\AppData\Local\temp
2010-06-16 16:40 . 2010-06-16 16:40 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-06-16 16:40 . 2010-06-16 16:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-15 20:32 . 2010-05-21 05:18 977920 ----a-w- c:\windows\system32\wininet.dll
2010-06-15 20:32 . 2010-05-01 14:49 2326528 ----a-w- c:\windows\system32\win32k.sys
2010-06-15 20:32 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-15 20:21 . 2010-06-15 20:21 -------- d-----w- c:\users\Sabine\AppData\Roaming\ATI
2010-06-15 20:21 . 2010-06-15 20:21 -------- d-----w- c:\users\Sabine\AppData\Local\ATI
2010-06-15 18:29 . 2010-05-21 12:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-06-15 18:12 . 2010-06-15 18:12 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\ATI
2010-06-15 18:12 . 2010-06-15 18:12 -------- d-----w- c:\users\Gebruiker\AppData\Local\ATI
2010-06-15 18:12 . 2010-06-15 18:12 -------- d-----w- c:\programdata\ATI
2010-06-15 18:08 . 2010-06-15 18:08 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-06-15 18:07 . 2010-06-15 18:08 -------- d-----w- c:\program files\ATI
2010-06-15 18:06 . 2010-06-15 18:08 -------- d-----w- c:\program files\ATI Technologies
2010-06-15 18:04 . 2010-06-15 18:04 -------- d-----w- C:\ATI
2010-06-15 17:29 . 2010-06-15 17:28 512096 ----a-w- c:\windows\system32\drivers\amon.sys
2010-06-15 17:29 . 2010-06-15 17:28 298104 ----a-w- c:\windows\system32\imon.dll
2010-06-15 17:29 . 2010-06-15 17:28 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys
2010-06-15 17:03 . 2010-06-15 17:03 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-06-15 17:02 . 2010-06-15 17:02 -------- d-----w- C:\Device
2010-06-15 17:00 . 2010-06-16 16:40 -------- d-----w- c:\users\Gebruiker\AppData\Local\temp
2010-06-14 22:48 . 2010-06-14 22:48 4096 ----a-w- c:\windows\d3dx.dat
2010-06-14 19:30 . 2010-06-14 19:30 -------- d-----w- c:\users\Gebruiker\AppData\Local\Threat Expert
2010-06-14 19:19 . 2010-06-14 19:19 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Malwarebytes
2010-06-14 19:19 . 2010-06-14 19:19 -------- d-----w- c:\programdata\Malwarebytes
2010-06-14 19:19 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-14 19:19 . 2010-06-14 19:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-14 19:19 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-14 19:08 . 2010-06-14 23:31 -------- d-----w- c:\program files\Spyware Doctor
2010-06-11 15:41 . 2010-06-11 15:41 28672 ---ha-w- C:\SZKGFS.dat
2010-06-11 15:36 . 2010-06-11 15:36 -------- d-----w- c:\programdata\SITEguard
2010-06-11 15:26 . 2010-06-11 16:52 -------- d-----w- c:\program files\STOPzilla!
2010-06-11 15:26 . 2010-06-11 15:26 -------- d-----w- c:\program files\Common Files\iS3
2010-06-11 15:26 . 2010-06-11 15:42 -------- d-----w- c:\programdata\STOPzilla!
2010-06-10 16:05 . 2010-06-10 16:05 -------- d-----w- c:\users\Sabine\AppData\Roaming\vlc
2010-06-10 15:40 . 2010-06-10 15:40 -------- d-----w- c:\users\Sabine\AppData\Roaming\Nero
2010-06-10 15:24 . 2010-06-10 15:24 -------- d-----w- c:\users\Sabine\Office Genuine Advantage
2010-06-10 14:57 . 2010-06-13 14:20 -------- d-----w- c:\users\Sabine\AppData\Local\Adobe
2010-06-09 20:50 . 2010-06-15 22:23 -------- d-----w- c:\users\Sabine\Tracing
2010-06-09 20:50 . 2010-06-09 20:50 115264 ----a-w- c:\users\Sabine\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-09 20:46 . 2010-06-09 20:46 -------- d-----w- c:\users\Sabine\AppData\Local\Scansoft
2010-06-09 11:50 . 2010-06-14 19:26 -------- d-----w- c:\users\Gebruiker\AppData\Local\vubkgymxw
2010-06-03 17:19 . 2010-06-03 17:19 -------- d-----w- c:\program files\YouTube Downloader
2010-05-30 11:01 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-05-30 11:00 . 2010-04-23 07:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-05-30 11:00 . 2010-03-04 07:33 740864 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-17 19:44 . 2010-05-17 19:44 -------- d-----w- C:\MP Navigator

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-16 16:33 . 2009-07-14 08:27 696240 ----a-w- c:\windows\system32\perfh013.dat
2010-06-16 16:33 . 2009-07-14 08:27 131734 ----a-w- c:\windows\system32\perfc013.dat
2010-06-16 16:25 . 2010-01-14 17:58 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\LimeWire
2010-06-15 20:36 . 2009-11-22 14:27 -------- d-----w- c:\programdata\Microsoft Help
2010-06-15 18:35 . 2009-11-22 14:23 -------- d-----w- c:\program files\ESET
2010-06-15 18:25 . 2009-11-22 14:41 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\vlc
2010-06-15 18:04 . 2009-11-24 16:52 -------- d-----w- c:\program files\BitComet
2010-06-15 16:45 . 2010-03-09 19:07 -------- d-----w- c:\program files\Ask.com
2010-06-10 16:46 . 2010-05-03 19:17 -------- d-----w- c:\program files\Vuze_Remote
2010-06-07 20:10 . 2009-12-01 13:21 -------- d-----w- c:\program files\realtime
2010-05-30 11:01 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-05-17 19:48 . 2010-05-01 14:24 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Canon
2010-05-07 19:42 . 2010-05-07 19:42 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-05-07 19:42 . 2010-05-07 19:42 -------- d-----w- c:\program files\MSXML 4.0
2010-05-05 02:46 . 2010-05-05 02:46 5550592 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-05-05 02:19 . 2010-05-05 02:19 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-05-05 02:19 . 2010-05-05 02:19 506880 ----a-w- c:\windows\system32\aticfx32.dll
2010-05-05 02:16 . 2010-05-05 02:16 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-05-05 02:15 . 2010-05-05 02:15 372736 ----a-w- c:\windows\system32\atieclxx.exe
2010-05-05 02:14 . 2010-05-05 02:14 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2010-05-05 02:14 . 2010-05-05 02:14 15024128 ----a-w- c:\windows\system32\atioglxx.dll
2010-05-05 02:13 . 2010-05-05 02:13 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-05-05 02:13 . 2010-05-05 02:13 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-05-05 02:12 . 2010-05-05 02:12 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-05-05 02:12 . 2010-05-05 02:12 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-05-05 02:12 . 2010-05-05 02:12 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-05-05 02:08 . 2009-07-13 22:09 3611648 ----a-w- c:\windows\system32\atidxx32.dll
2010-05-05 01:41 . 2009-08-18 01:20 3788288 ----a-w- c:\windows\system32\atiumdag.dll
2010-05-05 01:41 . 2010-05-05 01:41 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-05-05 01:41 . 2010-05-05 01:41 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-05-05 01:38 . 2010-05-05 01:38 4022272 ----a-w- c:\windows\system32\aticaldd.dll
2010-05-05 01:34 . 2010-05-05 01:34 50176 ----a-w- c:\windows\system32\coinst.dll
2010-05-05 01:23 . 2010-05-05 01:23 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2010-05-05 01:23 . 2010-05-05 01:23 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-05-05 01:23 . 2010-05-05 01:23 15360 ----a-w- c:\windows\system32\atigktxx.dll
2010-05-05 01:23 . 2010-05-05 01:23 176128 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-05-05 01:22 . 2010-05-05 01:22 28160 ----a-w- c:\windows\system32\atiuxpag.dll
2010-05-05 01:22 . 2010-05-05 01:22 20480 ----a-w- c:\windows\system32\atiu9pag.dll
2010-05-05 01:21 . 2010-05-05 01:21 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-05-05 01:19 . 2009-08-18 01:05 3015680 ----a-w- c:\windows\system32\atiumdva.dll
2010-05-05 01:08 . 2010-05-05 01:08 52224 ----a-w- c:\windows\system32\atimpc32.dll
2010-05-05 01:08 . 2010-05-05 01:08 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2010-05-04 20:02 . 2010-05-03 19:47 -------- d-----w- c:\programdata\Norton
2010-05-03 19:51 . 2010-05-03 19:17 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Azureus
2010-05-03 19:47 . 2010-05-03 19:47 -------- d-----w- c:\programdata\Symantec
2010-05-03 19:47 . 2010-05-03 19:47 -------- d-----w- c:\programdata\NortonInstaller
2010-05-03 19:17 . 2010-05-03 19:17 -------- d-----w- c:\programdata\Azureus
2010-05-03 19:17 . 2010-05-03 19:17 -------- d-----w- c:\program files\Conduit
2010-04-28 21:17 . 2010-04-28 21:17 2110 ----a-w- c:\windows\system32\atipblag.dat
2010-04-27 18:53 . 2010-04-27 18:44 -------- d-----w- c:\program files\Canon
2010-04-27 18:50 . 2010-04-27 18:50 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\ScanSoft
2010-04-27 18:50 . 2010-04-27 18:49 -------- d-----w- c:\programdata\ScanSoft
2010-04-27 18:49 . 2010-04-27 18:49 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2010-04-27 18:49 . 2010-04-27 18:49 -------- d-----w- c:\program files\ScanSoft
2010-04-27 18:48 . 2009-11-24 20:04 -------- d-----w- c:\program files\Common Files\InstallShield
2010-04-27 18:48 . 2010-04-27 18:48 -------- d-----w- c:\program files\ArcSoft
2010-04-27 18:48 . 2009-11-24 20:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-27 18:45 . 2010-04-27 18:45 -------- d--h--w- c:\program files\CanonBJ
2010-04-21 17:05 . 2010-04-21 17:05 50354 ----a-w- c:\users\Gebruiker\AppData\Roaming\Facebook\uninstall.exe
2010-04-21 17:05 . 2010-04-21 17:05 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Facebook
2010-04-17 09:51 . 2009-11-22 15:55 115264 ----a-w- c:\users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-16 18:50 . 2010-04-13 14:45 5018 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-04-15 20:46 . 2010-04-15 20:46 12399 ----a-w- c:\program files\[MONOVA.ORG]_Adobe.Photoshop.8.CS.Dutch.Nederlands.torrent
2010-04-13 14:45 . 2010-04-13 14:45 8 --sh--r- c:\windows\system32\C2C30EAAA3.sys
2010-04-03 12:25 . 2010-04-03 12:25 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-03-25 15:56 . 2010-03-25 15:56 203331 ----a-w- c:\windows\system32\atiicdxx.dat
2009-12-12 17:36 . 2009-12-12 17:36 158243 ----a-w- c:\program files\no$gba-w.zip
2009-11-25 18:00 . 2009-11-25 17:59 734160 ----a-w- c:\program files\VobSub_2.23.exe
2009-11-24 11:07 . 2009-11-24 11:01 6233136 ----a-w- c:\program files\bitcomet_setup.exe
2009-11-22 18:36 . 2009-11-22 18:36 5146520 ----a-w- c:\program files\MsgPlusLive-483.exe
2009-11-22 18:23 . 2009-11-22 18:21 144408392 ----a-w- c:\program files\wlsetup-all.exe
2009-11-22 18:20 . 2009-11-22 18:20 1160528 ----a-w- c:\program files\wlsetup-custom.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

Deel2

((((((((((((((((((((((((((((( SnapShot@2010-06-15_17.04.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-15 18:07 . 2010-06-15 18:07 51008 c:\windows\winsxs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_80b7c8a91e9dd16a\vcomp90.dll
+ 2010-06-15 18:07 . 2010-06-15 18:07 59728 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90RUS.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 42832 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90KOR.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 43344 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90JPN.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 61264 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ITA.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 62800 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90FRA.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 61760 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ESP.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 61776 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ESN.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 53568 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 63296 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90DEU.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 36688 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90CHT.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 35648 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90CHS.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfcm90u.dll
+ 2010-06-15 18:07 . 2010-06-15 18:07 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfcm90.dll
+ 2010-06-15 20:32 . 2010-03-05 07:28 67584 c:\windows\winsxs\x86_microsoft-windows-o..mation-asyncfilters_31bf3856ad364e35_6.1.7600.20660_none_7739ff463386a390\asycfilt.dll
+ 2010-06-15 20:32 . 2010-03-05 07:42 67584 c:\windows\winsxs\x86_microsoft-windows-o..mation-asyncfilters_31bf3856ad364e35_6.1.7600.16544_none_76ca037b1a553140\asycfilt.dll
+ 2010-06-15 20:32 . 2010-05-06 12:47 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.20708_none_17c1af1fcbf1956f\msfeedsbs.dll
+ 2010-06-15 20:32 . 2010-05-06 12:41 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16588_none_16e1910eb314d806\msfeedsbs.dll
+ 2010-06-15 20:32 . 2010-05-21 05:09 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20716_none_1d4fe313930c8cd3\WininetPlugin.dll
+ 2010-06-15 20:32 . 2010-05-21 05:06 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20716_none_1d4fe313930c8cd3\jsproxy.dll
+ 2010-06-15 20:32 . 2010-05-21 05:18 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16596_none_1c6fc5027a2fcf6a\WininetPlugin.dll
+ 2010-06-15 20:32 . 2010-05-21 05:14 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16596_none_1c6fc5027a2fcf6a\jsproxy.dll
+ 2009-11-22 14:38 . 2010-06-15 21:22 26092 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2010-06-16 16:27 23232 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2010-04-22 20:56 . 2010-02-23 07:55 64512 c:\windows\System32\msfeedsbs.dll
+ 2010-06-15 20:32 . 2010-05-06 12:41 64512 c:\windows\System32\msfeedsbs.dll
+ 2010-06-15 20:32 . 2010-05-21 05:18 68608 c:\windows\System32\migration\WininetPlugin.dll
- 2009-07-13 23:43 . 2009-07-14 01:16 68608 c:\windows\System32\migration\WininetPlugin.dll
- 2009-07-13 23:43 . 2009-07-14 01:15 48128 c:\windows\System32\jsproxy.dll
+ 2010-06-15 20:32 . 2010-05-21 05:14 48128 c:\windows\System32\jsproxy.dll
- 2009-07-14 04:50 . 2010-06-09 19:09 86016 c:\windows\System32\DriverStore\infpub.dat
+ 2009-07-14 04:50 . 2010-06-15 18:08 86016 c:\windows\System32\DriverStore\infpub.dat
+ 2010-05-05 01:34 . 2010-05-05 01:34 50176 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\coinst.dll
+ 2010-05-05 01:22 . 2010-05-05 01:22 28160 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atiuxpag.dll
+ 2010-05-05 01:22 . 2010-05-05 01:22 20480 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atiu9pag.dll
+ 2009-02-03 20:52 . 2009-02-03 20:52 45056 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\ATIODCLI.exe
+ 2010-05-05 02:12 . 2010-05-05 02:12 11776 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atimuixx.dll
+ 2010-05-05 01:08 . 2010-05-05 01:08 52224 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atimpc32.dll
+ 2010-05-05 01:23 . 2010-05-05 01:23 12800 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atiglpxx.dll
+ 2010-05-05 01:23 . 2010-05-05 01:23 15360 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atigktxx.dll
+ 2010-05-05 01:41 . 2010-05-05 01:41 53248 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\aticalrt.dll
+ 2010-05-05 01:41 . 2010-05-05 01:41 53248 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\aticalcl.dll
+ 2010-05-05 01:21 . 2010-05-05 01:21 53248 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\ati2erec.dll
+ 2010-05-05 02:12 . 2010-05-05 02:12 43520 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\ati2edxx.dll
+ 2009-11-22 14:11 . 2010-06-16 16:25 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-22 14:11 . 2010-06-15 17:03 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-22 14:11 . 2010-06-16 16:25 65536 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-22 14:11 . 2010-06-15 17:03 65536 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:41 . 2010-06-15 17:03 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:41 . 2010-06-16 16:25 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-03 19:52 . 2009-02-03 19:52 45056 c:\windows\System32\ATIODCLI.exe
+ 2009-02-03 20:52 . 2009-02-03 20:52 45056 c:\windows\System32\ATIODCLI.exe
+ 2009-07-14 04:34 . 2010-06-15 20:58 71944 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-11-22 14:41 . 2010-06-15 17:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-22 14:41 . 2010-06-16 16:32 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-22 19:01 . 2010-06-15 19:05 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-22 19:01 . 2010-06-14 18:00 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-22 19:01 . 2010-06-14 18:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2009-11-22 19:01 . 2010-06-15 19:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2009-11-22 19:01 . 2010-06-15 19:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
- 2009-11-22 19:01 . 2010-06-14 18:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
- 2009-11-22 14:41 . 2010-06-15 17:01 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-22 14:41 . 2010-06-16 16:32 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-22 14:41 . 2010-06-15 17:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-22 14:41 . 2010-06-16 16:32 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{F5796AEB-D38E-A4C0-F02F-B14A04945143}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{E9AF8687-6055-C82B-00A0-9B1B93BF0DCA}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 44758 c:\windows\Installer\{E8F857C4-E153-6B03-909E-0006D803F865}\NewShortcut11_EAB9635D261D49BE88DDE71A7C809B2D.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{E8F857C4-E153-6B03-909E-0006D803F865}\ARPPRODUCTICON.exe
+ 2010-06-15 18:07 . 2010-06-15 18:07 10134 c:\windows\Installer\{D893FFAF-5DEE-6EDA-5153-2925E0B5FAFF}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{C976F327-2337-17E7-CAD3-133607CD321B}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{C8E73595-C7C1-F1A4-ECD1-7EA8F7DBD3A8}\ARPPRODUCTICON.exe
+ 2010-06-15 18:07 . 2010-06-15 18:07 77542 c:\windows\Installer\{BF19FE33-C168-04D1-9E58-17E7248B9EF7}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-06-15 18:07 . 2010-06-15 18:07 77542 c:\windows\Installer\{BF19FE33-C168-04D1-9E58-17E7248B9EF7}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-06-15 18:07 . 2010-06-15 18:07 77542 c:\windows\Installer\{BF19FE33-C168-04D1-9E58-17E7248B9EF7}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-06-15 18:07 . 2010-06-15 18:07 77542 c:\windows\Installer\{BF19FE33-C168-04D1-9E58-17E7248B9EF7}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-06-15 18:07 . 2010-06-15 18:07 77542 c:\windows\Installer\{BF19FE33-C168-04D1-9E58-17E7248B9EF7}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{9BDB07A4-22C8-AE44-29C5-CA5B46E0E58D}\ARPPRODUCTICON.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-11-22 14:30 . 2010-06-15 20:36 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-11-22 14:30 . 2010-06-15 20:36 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-11-22 14:30 . 2010-06-15 20:36 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{87323561-58BA-4D5B-BADA-A791B69D1705}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{6C7DAF94-0520-19F0-7666-8A7334714E81}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{566D674E-819E-75E0-ADBE-685613F73627}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{4C00B132-7446-9C4D-F0D5-FC00F965B7CA}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 10134 c:\windows\Installer\{102CDCAA-A884-6DC5-9FA8-DDFF77023FF8}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 19968 c:\windows\assembly\GAC_MSIL\PCKGHLP.Foundation.Implementation\2.0.3776.37519__90ba9c70f846762e\PCKGHLP.Foundation.Implementation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 15360 c:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3776.37392__90ba9c70f846762e\NEWAEM.Foundation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 65536 c:\windows\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e\MOM.EXE
+ 2010-06-15 18:08 . 2010-06-15 18:08 86016 c:\windows\assembly\GAC_MSIL\LOG\2.0.3776.37502__90ba9c70f846762e\LOG.EXE
+ 2010-06-15 18:08 . 2010-06-15 18:08 32768 c:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3776.37390__90ba9c70f846762e\LOG.Foundation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 36864 c:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3776.37394__90ba9c70f846762e\LOG.Foundation.Private.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 65536 c:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3776.37502__90ba9c70f846762e\LOG.Foundation.Implementation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3776.37395__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 16384 c:\windows\assembly\GAC_MSIL\DEM.OS\2.0.3337.29364__90ba9c70f846762e\DEM.OS.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3337.29328__90ba9c70f846762e\DEM.OS.I0602.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 16384 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 16384 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 45056 c:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 16384 c:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 65536 c:\windows\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e\CLI.EXE
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\CLI.Implementation\2.0.3776.37396__90ba9c70f846762e\CLI.Implementation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 98304 c:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3776.37391__90ba9c70f846762e\CLI.Foundation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 28672 c:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3776.37504__90ba9c70f846762e\CLI.Foundation.XManifest.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 40960 c:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3776.37396__90ba9c70f846762e\CLI.Foundation.Private.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3776.37394__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 11776 c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3776.37419__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 57344 c:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3776.37401__90ba9c70f846762e\CLI.Component.SkinFactory.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 61440 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3776.37400__90ba9c70f846762e\CLI.Component.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 49152 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3776.37397__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 81920 c:\windows\assembly\GAC_MSIL\CLI.Component.PowerXpressHybrid\2.0.3776.37537__90ba9c70f846762e\CLI.Component.PowerXpressHybrid.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Load\2.0.3776.37502__90ba9c70f846762e\CLI.Component.Load.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Icomponent\2.0.3776.37427__90ba9c70f846762e\CLI.Component.Icomponent.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\CLI.Component.Help\2.0.3776.37501__90ba9c70f846762e\CLI.Component.Help.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 61440 c:\windows\assembly\GAC_MSIL\CLI.Component.Erecord\2.0.3776.37437__90ba9c70f846762e\CLI.Component.Erecord.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 24576 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3776.37393__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 10240 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3776.37407__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 65536 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager.Resources\2.0.3776.37443__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.Resources.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 65536 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager.Resources\2.0.3776.37442__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.Resources.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 40960 c:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3776.37406__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 24576 c:\windows\assembly\GAC_MSIL\CLI.Component.AutoRemoval\2.0.3776.37488__90ba9c70f846762e\CLI.Component.Autoremoval.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 11776 c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3776.37526__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 40960 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3776.37421__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 16384 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3776.37420__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 73728 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3776.37412__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 16384 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3776.37412__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Shared\2.0.3776.37531__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Runtime\2.0.3776.37532__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 90112 c:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard\2.0.3776.37532__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 13312 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3776.37553__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 65536 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3776.37512__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3776.37425__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3776.37426__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 61440 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3776.37426__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Shared\2.0.3776.37461__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime\2.0.3776.37461__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3776.37510__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 13824 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Runtime\2.0.3776.37556__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Shared\2.0.3776.37435__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Runtime\2.0.3776.37436__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Settings.HydraVision.Shared\2.0.3776.37554__90ba9c70f846762e\CLI.Aspect.Settings.HydraVision.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Settings.HydraVision.Runtime\2.0.3776.37554__90ba9c70f846762e\CLI.Aspect.Settings.HydraVision.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 94208 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3776.37472__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 57344 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3776.37470__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 65536 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3776.37470__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 12800 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3776.37482__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3776.37523__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3776.37482__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3776.37509__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Shared\2.0.3776.37482__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 49152 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Runtime\2.0.3776.37513__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Shared\2.0.3776.37463__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 49152 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Runtime\2.0.3776.37464__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 61440 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3776.37523__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 77824 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3776.37524__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3776.37437__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 69632 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3776.37438__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Shared\2.0.3776.37497__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Runtime\2.0.3776.37529__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 12800 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Shared\2.0.3776.37483__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Runtime\2.0.3776.37505__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Shared\2.0.3776.37455__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Shared.DLL

Deel3

+ 2010-06-15 18:08 . 2010-06-15 18:08 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Runtime\2.0.3776.37456__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3776.37536__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 65536 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3776.37444__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 10240 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3776.37534__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3776.37534__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3776.37402__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3776.37413__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 10240 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3776.37527__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3776.37527__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 69632 c:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Shared\2.0.3776.37542__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 77824 c:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Runtime\2.0.3776.37542__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 24576 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3776.37459__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3776.37460__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 94208 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3776.37460__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3776.37413__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3776.37432__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 65536 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3776.37489__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 77824 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3776.37489__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 49152 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3776.37412__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 53248 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3776.37451__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 32768 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3776.37413__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3776.37462__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 53248 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3776.37423__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 65536 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3776.37452__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 40960 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3776.37464__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 69632 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3776.37465__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 53248 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3776.37452__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 45056 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3776.37453__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 12800 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3776.37533__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3776.37533__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 98304 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard\2.0.3776.37444__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private\2.0.3776.37443__90ba9c70f846762e\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 28672 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3776.37423__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 57344 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossFireX.Graphics.Dashboard\2.0.3776.37546__90ba9c70f846762e\CLI.Aspect.CrossFireX.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 15360 c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Shared\2.0.3776.37497__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 36864 c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Runtime\2.0.3776.37540__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 57344 c:\windows\assembly\GAC_MSIL\CLI.Aspect.ALICrossfire.Graphics.Dashboard\2.0.3776.37541__90ba9c70f846762e\CLI.Aspect.ALICrossfire.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 12288 c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Runtime\2.0.3776.37518__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 61440 c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Dashboard\2.0.3776.37518__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 65536 c:\windows\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e\CCC.EXE
+ 2010-06-15 18:08 . 2010-06-15 18:08 19456 c:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3776.37504__90ba9c70f846762e\CCC.Implementation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 14848 c:\windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 45056 c:\windows\assembly\GAC_MSIL\AxInterop.SHDocVw\1.1.0.0__90ba9c70f846762e\AxInterop.SHDocVw.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 32768 c:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 61440 c:\windows\assembly\GAC_MSIL\APM.Server\2.0.3776.37399__90ba9c70f846762e\APM.Server.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 20480 c:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3776.37393__90ba9c70f846762e\APM.Foundation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 61440 c:\windows\assembly\GAC_MSIL\AEM.UI\2.0.3776.37504__90ba9c70f846762e\AEM.UI.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 45056 c:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3776.37398__90ba9c70f846762e\AEM.Server.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 45056 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3776.37519__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 13312 c:\windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 49152 c:\windows\assembly\GAC\Interop.NewIWshRuntimeLibrary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRuntimeLibrary.DLL
+ 2009-11-22 14:15 . 2010-06-16 16:27 1644 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2719664305-267413302-3151576748-1000_UserData.bin
+ 2010-04-28 21:17 . 2010-04-28 21:17 2110 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atipblag.dat
- 2010-06-15 16:52 . 2010-06-15 17:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-06-16 16:25 . 2010-06-16 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-06-15 16:52 . 2010-06-15 17:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-06-16 16:25 . 2010-06-16 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-06-15 18:08 . 2010-06-15 18:08 9158 c:\windows\Installer\{3DB2107E-82FE-3167-6E71-B9D44EA4FD26}\ARPPRODUCTICON.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 7168 c:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3776.37400__90ba9c70f846762e\ResourceManagement.Foundation.Private.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 6656 c:\windows\assembly\GAC_MSIL\PCKGHLP.Foundation.Private\2.0.3776.37407__90ba9c70f846762e\PCKGHLP.Foundation.Private.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 5632 c:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3776.37395__90ba9c70f846762e\MOM.Foundation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 6656 c:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3776.37401__90ba9c70f846762e\DEM.Graphics.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 5632 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3776.37396__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 7168 c:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3776.37398__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 7680 c:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3776.37393__90ba9c70f846762e\CLI.Component.Client.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 7680 c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3776.37530__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 8704 c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3776.37526__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 7680 c:\windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3776.37527__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 8704 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3776.37425__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 9728 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3776.37511__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 9728 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3776.37535__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 7680 c:\windows\assembly\GAC_MSIL\CLI.Aspect.AForce.Graphics.Shared\2.0.3776.37482__90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 7168 c:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 7168 c:\windows\assembly\GAC_MSIL\AEM.UI.Shared\2.0.3776.37503__90ba9c70f846762e\AEM.UI.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 6144 c:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3776.37398__90ba9c70f846762e\AEM.Server.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 6144 c:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3776.37397__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 5632 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.GD.Shared\2.0.3776.37517__90ba9c70f846762e\AEM.Plugin.Source.GD.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 5632 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.EEU.Shared\2.0.3776.37516__90ba9c70f846762e\AEM.Plugin.Source.EEU.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 5632 c:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3776.37518__90ba9c70f846762e\AEM.Plugin.REG.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 7168 c:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3776.37392__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 5632 c:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3776.37402__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 5632 c:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3776.37398__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 6656 c:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3776.37509__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 8192 c:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3776.37397__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 653120 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
+ 2010-06-15 18:07 . 2010-06-15 18:07 569664 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
+ 2010-06-15 18:07 . 2010-06-15 18:07 225280 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcm90.dll
+ 2010-06-15 18:07 . 2010-06-15 18:07 159032 c:\windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll
+ 2010-06-15 20:32 . 2010-05-06 12:47 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7600.20708_none_aba2a4753bc02e0f\ieproxy.dll
+ 2010-06-15 20:32 . 2010-05-06 12:41 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7600.16588_none_aac2866422e370a6\ieproxy.dll
+ 2010-06-15 20:32 . 2010-05-06 12:47 859648 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7600.20708_none_5718cce63105efd1\iedvtool.dll
+ 2010-06-15 20:32 . 2010-05-06 12:41 859648 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7600.16588_none_5638aed518293268\iedvtool.dll
+ 2010-06-15 20:32 . 2010-05-06 12:47 381440 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.7600.20708_none_8fc42c8f48acc457\iedkcs32.dll
+ 2010-06-15 20:32 . 2010-05-06 12:41 381440 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.7600.16588_none_8ee40e7e2fd006ee\iedkcs32.dll
+ 2010-06-15 20:32 . 2010-05-21 05:09 980480 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20716_none_1d4fe313930c8cd3\wininet.dll
+ 2010-06-15 20:32 . 2010-05-21 05:18 977920 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16596_none_1c6fc5027a2fcf6a\wininet.dll
+ 2010-06-15 20:32 . 2010-05-06 12:47 606208 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.7600.20708_none_fc3966ba6da23c6c\mstime.dll
+ 2010-06-15 20:32 . 2010-05-06 12:41 606208 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.7600.16588_none_fb5948a954c57f03\mstime.dll
+ 2009-07-14 02:05 . 2010-06-16 16:33 610434 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2010-06-15 16:58 610434 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2010-06-15 16:58 104752 c:\windows\System32\perfc009.dat
+ 2009-07-14 02:05 . 2010-06-16 16:33 104752 c:\windows\System32\perfc009.dat
- 2010-04-22 20:56 . 2010-02-23 07:55 606208 c:\windows\System32\mstime.dll
+ 2010-06-15 20:32 . 2010-05-06 12:41 606208 c:\windows\System32\mstime.dll
- 2010-04-22 20:56 . 2010-02-23 07:30 381440 c:\windows\System32\iedkcs32.dll
+ 2010-06-15 20:32 . 2010-05-06 12:47 381440 c:\windows\System32\iedkcs32.dll
+ 2009-07-14 04:50 . 2010-06-15 18:08 143360 c:\windows\System32\DriverStore\infstrng.dat
- 2009-07-14 04:50 . 2010-06-09 19:09 143360 c:\windows\System32\DriverStore\infstrng.dat
+ 2009-07-14 04:50 . 2010-06-15 18:08 143360 c:\windows\System32\DriverStore\infstor.dat
- 2009-07-14 04:50 . 2010-04-27 18:46 143360 c:\windows\System32\DriverStore\infstor.dat
+ 2010-05-05 02:12 . 2010-05-05 02:12 278528 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\Oemdspif.dll
+ 2010-05-05 02:13 . 2010-05-05 02:13 159744 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atitmmxx.dll
+ 2010-05-05 02:13 . 2010-05-05 02:13 356352 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atipdlxx.dll
+ 2009-02-18 17:55 . 2009-02-18 17:55 294912 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\ATIODE.exe
+ 2010-05-05 01:23 . 2010-05-05 01:23 176128 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atikmpag.sys
+ 2010-03-25 15:56 . 2010-03-25 15:56 203331 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atiicdxx.dat
+ 2010-05-05 02:14 . 2010-05-05 02:14 172032 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atiesrxx.exe
+ 2010-05-05 02:15 . 2010-05-05 02:15 372736 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atieclxx.exe
+ 2010-05-05 02:16 . 2010-05-05 02:16 446464 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\ATIDEMGX.dll

Deel4

+ 2010-05-05 02:19 . 2010-05-05 02:19 506880 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\aticfx32.dll
+ 2009-05-11 21:35 . 2009-05-11 21:35 118784 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atibtmon.exe
+ 2010-05-05 02:19 . 2010-05-05 02:19 143360 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atiapfxx.exe
+ 2010-05-05 01:23 . 2010-05-05 01:23 237568 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atiadlxx.dll
+ 2010-03-09 10:21 . 2010-03-09 10:21 107024 c:\windows\System32\DriverStore\FileRepository\atihdaud.inf_x86_neutral_efbabca9f7204ffd\AtiHdmi.sys
+ 2010-03-09 10:21 . 2010-03-09 10:21 107024 c:\windows\System32\drivers\AtiHdmi.sys
+ 2009-02-18 17:55 . 2009-02-18 17:55 294912 c:\windows\System32\ATIODE.exe
- 2009-02-18 16:55 . 2009-02-18 16:55 294912 c:\windows\System32\ATIODE.exe
+ 2009-05-11 21:35 . 2009-05-11 21:35 118784 c:\windows\System32\atibtmon.exe
- 2009-05-11 20:35 . 2009-05-11 20:35 118784 c:\windows\System32\atibtmon.exe
+ 2009-12-16 15:47 . 2009-12-16 15:47 719872 c:\windows\Installer\1a2beb.msi
+ 2010-05-12 19:39 . 2010-05-12 19:39 200192 c:\windows\Installer\1a2bce.msi
+ 2010-05-12 19:40 . 2010-05-12 19:40 637952 c:\windows\Installer\1a2bc7.msi
+ 2010-05-12 19:39 . 2010-05-12 19:39 754176 c:\windows\Installer\1a2bc0.msi
+ 2010-05-12 19:39 . 2010-05-12 19:39 995328 c:\windows\Installer\1a2bab.msi
+ 2010-05-12 19:38 . 2010-05-12 19:38 410112 c:\windows\Installer\1a2ba4.msi
+ 2010-04-16 18:22 . 2010-04-16 18:22 549888 c:\windows\Installer\1a2b8f.msi
+ 2010-05-12 19:39 . 2010-05-12 19:39 448512 c:\windows\Installer\1a2b80.msi
+ 2009-07-12 17:16 . 2009-07-12 17:16 223232 c:\windows\Installer\1a2b79.msi
+ 2009-11-22 14:30 . 2010-06-15 20:36 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-11-22 14:30 . 2010-06-15 20:36 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-11-22 14:30 . 2010-06-15 20:36 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-11-22 14:30 . 2010-06-15 20:36 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2009-11-22 14:30 . 2010-06-15 20:36 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-11-22 14:30 . 2010-06-15 20:36 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-11-22 14:30 . 2010-06-15 20:36 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2010-06-15 18:08 . 2010-06-15 18:08 238223 c:\windows\Installer\{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}\ARPPRODUCTICON.exe
+ 2009-03-06 03:26 . 2009-03-06 03:26 770464 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\REGFORM.EXE
+ 2008-10-25 08:27 . 2008-10-25 08:27 177040 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IPOLK.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 741376 c:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3776.37546__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 106496 c:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3776.37505__90ba9c70f846762e\MOM.Implementation.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 131072 c:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__90ba9c70f846762e\Interop.SHDocVw.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 405504 c:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3776.37420__90ba9c70f846762e\CLI.Component.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 577536 c:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3776.37499__90ba9c70f846762e\CLI.Component.Systemtray.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 348160 c:\windows\assembly\GAC_MSIL\CLI.Component.SingleTaskWizard\2.0.3776.37557__90ba9c70f846762e\CLI.Component.SingleTaskWizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 278528 c:\windows\assembly\GAC_MSIL\CLI.Component.Launchpad\2.0.3776.37523__90ba9c70f846762e\CLI.Component.Launchpad.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 147456 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.ProfileManager\2.0.3776.37442__90ba9c70f846762e\CLI.Component.Dashboard.ProfileManager.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 155648 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.HotKeyManager\2.0.3776.37442__90ba9c70f846762e\CLI.Component.Dashboard.HotKeyManager.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 151552 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3776.37395__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 380928 c:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3776.37403__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 139264 c:\windows\assembly\GAC_MSIL\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard\2.0.3776.37462__90ba9c70f846762e\CLI.Aspect.VeryLargeDesktop.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 151552 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TutorialInfoCentre.Graphics.Dashboard\2.0.3776.37555__90ba9c70f846762e\CLI.Aspect.TutorialInfoCentre.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 491520 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3776.37511__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 184320 c:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Dashboard\2.0.3776.37556__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 241664 c:\windows\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Dashboard\2.0.3776.37436__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 151552 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Settings.HydraVision.Dashboard\2.0.3776.37555__90ba9c70f846762e\CLI.Aspect.Settings.HydraVision.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 356352 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3776.37471__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 102400 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3776.37522__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 118784 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3776.37510__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 118784 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Dashboard\2.0.3776.37513__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 139264 c:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Dashboard\2.0.3776.37464__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 655360 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3776.37525__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 118784 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Dashboard\2.0.3776.37531__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 167936 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU3.Graphics.Dashboard\2.0.3776.37506__90ba9c70f846762e\CLI.Aspect.MultiVPU3.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 163840 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Dashboard\2.0.3776.37457__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 241664 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3776.37536__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 409600 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3776.37481__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 102400 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3776.37454__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 856064 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3776.37455__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 212992 c:\windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3776.37535__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 204800 c:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3776.37427__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 196608 c:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3776.37428__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 311296 c:\windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3776.37538__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 147456 c:\windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3776.37528__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 335872 c:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Dashboard\2.0.3776.37543__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 409600 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3776.37416__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 573440 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3776.37429__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 364544 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3776.37494__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 749568 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3776.37491__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 507904 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared\2.0.3776.37445__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 307200 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3776.37433__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 323584 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3776.37463__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 376832 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3776.37448__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 692224 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3776.37478__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 630784 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3776.37467__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 397312 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3776.37453__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 163840 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3776.37534__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 270336 c:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 262144 c:\windows\assembly\GAC_MSIL\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard\1.2.2600.29179__90ba9c70f846762e\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 360448 c:\windows\assembly\GAC\Interop.MSForms\2.0.0.0__90ba9c70f846762e\Interop.MSForms.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 225280 c:\windows\assembly\GAC\Interop.MSComctlLib\2.0.0.0__90ba9c70f846762e\Interop.MSComctlLib.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 143360 c:\windows\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 212992 c:\windows\assembly\GAC\AxInterop.MSForms\2.0.0.0__90ba9c70f846762e\AxInterop.MSForms.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 135168 c:\windows\assembly\GAC\AxInterop.MSComctlLib\2.0.0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
+ 2010-06-15 18:07 . 2010-06-15 18:07 3780424 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll
+ 2010-06-15 18:07 . 2010-06-15 18:07 3765048 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90.dll
+ 2010-06-15 20:32 . 2010-05-01 14:38 2327040 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20704_none_b9a8f17114b7fd91\win32k.sys
+ 2010-06-15 20:32 . 2010-05-01 14:49 2326528 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16585_none_b8c9d3a9fbda597f\win32k.sys
+ 2010-06-15 20:32 . 2010-05-06 12:47 5972992 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20708_none_2eb6d2b213590cc6\mshtml.dll
+ 2010-06-15 20:32 . 2010-05-06 12:41 5970944 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16588_none_2dd6b4a0fa7c4f5d\mshtml.dll
+ 2010-06-15 20:32 . 2010-05-06 12:48 1225728 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7600.20708_none_d056d7f1c7f97cfd\urlmon.dll
+ 2010-06-15 20:32 . 2010-05-06 12:42 1225216 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7600.16588_none_cf76b9e0af1cbf94\urlmon.dll
+ 2010-06-15 20:32 . 2010-05-06 12:42 1225216 c:\windows\System32\urlmon.dll
- 2010-04-22 20:56 . 2010-02-23 07:55 1225216 c:\windows\System32\urlmon.dll
- 2009-07-14 02:03 . 2010-06-15 16:40 7077888 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:03 . 2010-06-16 16:38 7077888 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2010-06-15 20:32 . 2010-05-06 12:47 5972992 c:\windows\System32\mshtml.dll
- 2009-07-14 04:33 . 2010-04-17 19:23 2355736 c:\windows\System32\FNTCACHE.DAT
+ 2009-07-14 04:33 . 2010-06-15 20:43 2355736 c:\windows\System32\FNTCACHE.DAT
+ 2010-05-05 01:19 . 2010-05-05 01:19 3015680 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atiumdva.dll
+ 2010-05-05 01:41 . 2010-05-05 01:41 3788288 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atiumdag.dll
+ 2010-05-05 02:46 . 2010-05-05 02:46 5550592 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atikmdag.sys
+ 2010-05-05 02:08 . 2010-05-05 02:08 3611648 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atidxx32.dll
+ 2010-05-05 01:38 . 2010-05-05 01:38 4022272 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\aticaldd.dll
+ 2009-07-14 04:34 . 2010-06-15 20:45 3606621 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:34 . 2010-06-11 15:55 3606621 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-04-24 15:08 . 2010-04-24 15:08 9129984 c:\windows\Installer\c5f00.msp
+ 2010-03-24 16:54 . 2010-03-24 16:54 3126272 c:\windows\Installer\c5ee7.msp
+ 2010-03-24 16:54 . 2010-03-24 16:54 2516992 c:\windows\Installer\c5ee6.msp
+ 2010-04-24 15:05 . 2010-04-24 15:05 4199424 c:\windows\Installer\c5ebb.msp
+ 2010-05-18 21:35 . 2010-05-18 21:35 5023744 c:\windows\Installer\c5ea3.msp
+ 2010-05-12 19:43 . 2010-05-12 19:43 1472512 c:\windows\Installer\1a2be4.msi
+ 2010-03-04 19:50 . 2010-03-04 19:50 1061376 c:\windows\Installer\1a2bdd.msi
+ 2010-05-12 19:38 . 2010-05-12 19:38 2444800 c:\windows\Installer\1a2bd6.msi
+ 2010-05-12 19:36 . 2010-05-12 19:36 5749760 c:\windows\Installer\1a2bb9.msi
+ 2010-05-12 19:36 . 2010-05-12 19:36 1889280 c:\windows\Installer\1a2bb2.msi
+ 2010-05-12 19:38 . 2010-05-12 19:38 7533568 c:\windows\Installer\1a2b9d.msi
+ 2010-05-12 19:36 . 2010-05-12 19:36 2938368 c:\windows\Installer\1a2b96.msi
+ 2010-05-12 19:34 . 2010-05-12 19:34 5531136 c:\windows\Installer\1a2b88.msi
+ 2009-11-22 14:30 . 2010-06-15 20:36 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-11-22 14:30 . 2010-05-30 11:01 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-11-22 14:30 . 2010-06-15 20:36 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-03-06 03:26 . 2009-03-06 03:26 5466488 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IPDESIGN.DLL
+ 2008-11-03 23:40 . 2008-11-03 23:40 1442160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\INFOPATH.EXE
+ 2010-06-15 18:08 . 2010-06-15 18:08 1048576 c:\windows\assembly\GAC_MSIL\CLI.Component.Eeu\2.0.3776.37485__90ba9c70f846762e\CLI.Component.Eeu.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 1220608 c:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3776.37409__90ba9c70f846762e\CLI.Component.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 1007616 c:\windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3776.37439__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 1708032 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3776.37553__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 1298432 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3776.37549__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.DLL
+ 2010-06-15 18:08 . 2010-06-15 18:08 1736704 c:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3776.37425__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.DLL
+ 2010-06-15 20:32 . 2010-05-06 12:47 10985984 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.20708_none_80162cb59f4e9af3\ieframe.dll
+ 2010-06-15 20:32 . 2010-05-06 12:41 10984448 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.16588_none_7f360ea48671dd8a\ieframe.dll
+ 2009-11-22 14:04 . 2010-06-15 20:36 30688753 c:\windows\winsxs\ManifestCache\5e6635d15edac146_blobs.bin
+ 2009-09-30 11:55 . 2010-05-28 19:37 32472008 c:\windows\System32\MRT.exe
+ 2010-06-15 20:32 . 2010-05-06 12:41 10984448 c:\windows\System32\ieframe.dll
+ 2010-05-05 02:14 . 2010-05-05 02:14 15024128 c:\windows\System32\DriverStore\FileRepository\cw_99995.inf_x86_neutral_fbac6209cc3b56f4\B_99645\atioglxx.dll
+ 2010-04-24 15:07 . 2010-04-24 15:07 10118144 c:\windows\Installer\c5e8b.msp
.
-- Snapshot teruggezet naar huidige datum --
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-04-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-04-15 10:33 2515552 ----a-w- c:\program files\Vuze_Remote\tbVuze.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-04-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-04-15 2515552]

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2009-07-24 118640]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2010-06-15 949376]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-04 102400]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]

c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-8 503808]
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-4-15 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2009-07-24 30560]
R3 oflpydin;oflpydin;c:\users\GEBRUI~1\AppData\Local\Temp\oflpydin.sys [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-11-22 722416]
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2010-06-15 15424]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 172032]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 176128]
S3 RTL8167;Realtek 8167 NT-stuurprogramma;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]

.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uInternet Settings,ProxyServer = http=127.0.0.1:1054
uInternet Settings,ProxyOverride = <local>
IE: &D&ownload &met BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload alle video met BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload alles met BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ln9o2ej1.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.search.selectedengine - Google
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 1054
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\users\Gebruiker\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - ORPHANS VERWIJDERD - - - -

SafeBoot-klmdb.sys


.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2010-06-16 18:42:25
ComboFix-quarantined-files.txt 2010-06-16 16:42

Pre-Run: 101.307.056.128 bytes beschikbaar
Post-Run: 101.028.122.624 bytes beschikbaar

- - End Of File - - E2C075DB58CF8ABE9FC156F561EA84A2

En hoe gaat het nu ?

Pc werkt terug prima ,geen popups meer en geen meldingen van blocked ips via nod32
van win32/agent.ref trojan.

Ik zal mijn broer eens goed uitleggen dat hij niet zomaar op alles moet klikken en instaleren...

Mag dit nu terug enabled ? :

CD-emulator software kan je weer inschakelen met behulp van Defogger door de tool te starten en op de knop "Re-enable" te klikken.
Dit doe je pas wanneer we volledig klaar zijn met de analyse van de computer.

Download OTC.exe (by OldTimer)

• Plaats het bestand op je bureaublad.
• Zorg dat er een internetverbinding is.
• Klik vervolgens met je rechtermuisknop op OTCleanIt.exe en kies voor Run as Administrator (Nederlands: Uitvoeren als Administrator) om het programma te starten.
• Klik nu op de knop "CleanUp!"
• Als je firewall, of een ander beveiligingsprogramma, een waarschuwing geeft dat OTC.exe internettoegang wil, mag je dit toestaan, het programma heeft die connectie nodig.
• OTC zal als laatste vragen of je de computer herstarten wilt, dit mag je toestaan, hiermee verwijdert het zichzelf ook.

Nota: Het gebruik van OTC.exe zal alle gebruikte tools(inclusief bijbehorende logs en backupmappen) van je computer doen verwijderen.