Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013 Ran by Stefan (administrator) on STEFAN-PC on 24-10-2013 17:28:51 Running from C:\Users\Stefan\Downloads Microsoft Windows 7 Ultimate (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Eastman Kodak Company) C:\Windows\System32\spool\drivers\w32x86\3\EKAiO2MUI.exe (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe (Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Amonetizé Ltd) C:\Users\Stefan\AppData\Local\SwvUpdater\Updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [74752 2012-06-20] (Nullsoft, Inc.) HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation) HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [Conime] - %windir%\system32\conime.exe HKLM\...\Run: [EKAiO2StatusMonitor] - C:\Windows\system32\spool\DRIVERS\W32X86\3\EKAiO2MUI.exe [2421760 2011-03-01] (Eastman Kodak Company) HKLM\...\Run: [MobileBroadband] - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [408576 2011-04-19] (Vodafone) HKLM\...\Run: [Registry Helper] - "C:\Program Files\Registry Helper\RegistryHelper.Exe" /boot HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation) MountPoints2: I - I:\autorun.exe MountPoints2: {031d204d-7e61-11e2-85f8-02c0ee6543d1} - F:\setup_vmb_lite.exe /checkApplicationPresence MountPoints2: {031d210d-7e61-11e2-85f8-02c0ee6543d1} - F:\setup_vmb_lite.exe /checkApplicationPresence MountPoints2: {031d2165-7e61-11e2-85f8-02c0ee6543d1} - I:\autorun.exe MountPoints2: {16f87916-03ea-11e3-abb3-002618c91d6b} - F:\setup_vmb_lite.exe /checkApplicationPresence MountPoints2: {16fba005-1aa2-11e3-a79d-002618c91d6b} - F:\setup_vmb_lite.exe /checkApplicationPresence MountPoints2: {3a9f90e5-86e5-11e2-b64c-002618c91d6b} - F:\setup_vmb_lite.exe /checkApplicationPresence MountPoints2: {65538eaf-8c71-11e2-a1e4-02c0ee6562cf} - F:\setup_vmc_lite.exe /checkApplicationPresence MountPoints2: {65538eb4-8c71-11e2-a1e4-02c0ee6562cf} - F:\setup_vmc_lite.exe /checkApplicationPresence MountPoints2: {7127b1f2-1af4-11e3-ac9b-002618c91d6b} - F:\setup_vmb_lite.exe /checkApplicationPresence MountPoints2: {7127b204-1af4-11e3-ac9b-002618c91d6b} - F:\setup_vmb_lite.exe /checkApplicationPresence MountPoints2: {8f396b0a-ebb6-11e2-a859-002618c91d6b} - F:\setup_vmb_lite.exe /checkApplicationPresence MountPoints2: {ca4bcc16-1c3b-11e3-9400-002618c91d6b} - F:\setup_vmb_lite.exe /checkApplicationPresence MountPoints2: {f06774a7-b30b-11e2-8f64-002618c91d6b} - F:\setup_vmb_lite.exe /checkApplicationPresence MountPoints2: {f70ec47d-b898-11e2-a843-002618c91d6b} - F:\setup_vmb_lite.exe /checkApplicationPresence AppInit_DLLs: [ ] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.search.us.com/v/2/?guid={5CD6CB79-8ADD-4852-82CF-00ED47F6214E}&serpv=5 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.youwillfind.info/?pid=658&r=2013/05/02&hid=763785938&lg=EN&cc=ZA SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.youwillfind.info/?l=1&q={searchTerms}&pid=658&r=2013/05/02&hid=763785938&lg=EN&cc=ZA SearchScopes: HKCU - {5C49C060-6DEE-4BE9-8C91-B03DBFF55B81} URL = http://search.us.com/serp?guid={5CD6CB79-8ADD-4852-82CF-00ED47F6214E}&action=default_search&serpv=5&k={searchTerms} SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.youwillfind.info/?l=1&q={searchTerms}&pid=658&r=2013/05/02&hid=763785938&lg=EN&cc=ZA SearchScopes: HKCU - {D735BCC8-CE8F-4074-A6F9-39F6424517E8} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10547 BHO: ElectroLyrics-1 - {11111111-1111-1111-1111-110411181144} - C:\Program Files\ElectroLyrics-1\ElectroLyrics-1-bho.dll (Lyrics) BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Stefan\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Winsock: Catalog9 01 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 02 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 03 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 04 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 05 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 06 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 07 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 08 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 09 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 10 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 11 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 12 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 13 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 14 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 15 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 16 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 17 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 18 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 19 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 20 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 21 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 22 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 23 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 24 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 25 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 26 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 27 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 28 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 29 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 30 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 31 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 32 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 33 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 34 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 35 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 36 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 37 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 38 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 39 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 40 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 41 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 42 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 43 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 44 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 45 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 46 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 47 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 48 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 49 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 50 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 51 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 52 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 53 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 54 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 55 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 56 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 57 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 58 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 59 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 60 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 61 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 62 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 63 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 64 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 65 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 66 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 67 mswsock.dll File Not found (Microsoft Corporation) Winsock: Catalog9 68 mswsock.dll File Not found (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{131B5047-1B2C-449F-9AAC-DC252D82C1E1}: [NameServer]196.207.36.251 196.207.36.254 Tcpip\..\Interfaces\{17F7B7DA-3406-4F8D-9541-EA905EED8D4A}: [NameServer]196.207.36.251 196.207.36.254 Tcpip\..\Interfaces\{C775872A-FCC3-42EA-AAFA-AD8B5396A367}: [NameServer]196.207.36.251 196.207.36.254 Tcpip\..\Interfaces\{CB318F49-15F3-407F-9EBE-BBA23BBCC213}: [NameServer]196.207.36.251 196.207.36.254 FireFox: ======== FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\ltu82yf4.default FF Homepage: hxxp://start.search.us.com/v/2/?guid={5CD6CB79-8ADD-4852-82CF-00ED47F6214E}&serpv=5 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tightropeinteractive.com/Plugin - C:\Users\Stefan\AppData\Local\TNT2\2.0.0.1599\npTNT2.dll (Search.Us.com) FF Plugin HKCU: @tnt2ghost.com/Plugin - C:\Users\Stefan\AppData\Local\TNT2\2.0.0.1599\npTNT2ghost.dll (Search.Us.com) FF Extension: No Name - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\ltu82yf4.default\Extensions\bbf8c9b4-8e92-4864-a738-39b4d9d297ba@c61f16d8-dec3-4ab4-a153-723bd1d0f742.com ========================== Services (Whitelisted) ================= S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [87336 2010-10-05] (Dassault Systèmes SolidWorks Corp.) S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2013-07-18] (Flexera Software, Inc.) R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [366000 2011-03-09] (Eastman Kodak Company) S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2006-10-26] (Microsoft Corporation) S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2013-07-18] (SolidWorks) R2 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2011-04-19] (Vodafone) S2 Registry Helper Service; C:\Program Files\Registry Helper\RegistryHelperService.exe [x] ==================== Drivers (Whitelisted) ==================== R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-24] (DT Soft Ltd) S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [85760 2011-04-18] (Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26496 2011-04-18] (Huawei Technologies Co., Ltd.) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [168448 2011-04-18] (Huawei Technologies Co., Ltd.) S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2011-01-04] (CACE Technologies) R3 RTL85n86; C:\Windows\System32\DRIVERS\RTL85n86.sys [311808 2009-07-14] (Realtek) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-24 17:23 - 2013-10-24 17:23 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Stefan\Downloads\tdsskiller.exe 2013-10-24 17:20 - 2013-10-24 17:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Stefan\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-24 17:12 - 2013-10-24 17:13 - 05136677 _____ (Swearware) C:\Users\Stefan\Downloads\ComboFix.exe 2013-10-24 17:12 - 2013-10-24 17:13 - 01906472 _____ (Express Install ) C:\Users\Stefan\Downloads\setup.exe 2013-10-23 19:06 - 2013-10-23 21:06 - 00000000 ____D C:\Users\Stefan\Desktop\cd's musiek 2013-10-22 19:48 - 2013-10-22 21:19 - 00000000 ____D C:\Users\Stefan\Desktop\linds bday cd 2013-10-22 19:25 - 2013-10-22 19:25 - 00001336 _____ C:\Users\Stefan\Desktop\Free Video to MP3 Converter.lnk 2013-10-22 19:25 - 2013-10-22 19:25 - 00001201 _____ C:\Users\Stefan\Desktop\DVDVideoSoft Free Studio.lnk 2013-10-22 19:25 - 2013-10-22 19:25 - 00000000 ____D C:\Users\Stefan\Documents\DVDVideoSoft 2013-10-22 19:25 - 2013-10-22 19:25 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\DVDVideoSoft 2013-10-22 19:25 - 2013-10-22 19:25 - 00000000 ____D C:\Program Files\DVDVideoSoft 2013-10-22 19:25 - 2013-10-22 19:25 - 00000000 ____D C:\Program Files\Common Files\Plasmoo 2013-10-22 19:25 - 2013-10-22 19:25 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft 2013-10-08 08:18 - 2013-10-24 17:28 - 00001348 _____ C:\Windows\Tasks\ElectroLyrics-1-updater.job 2013-10-08 08:18 - 2013-10-24 17:28 - 00001254 _____ C:\Windows\Tasks\ElectroLyrics-1-codedownloader.job 2013-10-08 08:18 - 2013-10-24 17:28 - 00001154 _____ C:\Windows\Tasks\ElectroLyrics-1-enabler.job 2013-10-08 08:18 - 2013-10-08 08:18 - 00000985 _____ C:\Users\Stefan\Desktop\SevenZip.lnk 2013-10-08 08:18 - 2013-10-08 08:18 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SevenZip 9.20 2013-10-08 08:18 - 2013-10-08 08:18 - 00000000 ____D C:\Program Files\SevenZip 2013-10-08 08:17 - 2013-10-24 17:28 - 00001882 _____ C:\Windows\Tasks\ElectroLyrics-1-firefoxinstaller.job 2013-10-08 08:17 - 2013-10-08 08:18 - 00000000 ____D C:\Program Files\ElectroLyrics-1 2013-10-08 08:15 - 2013-10-24 17:28 - 00000360 _____ C:\Windows\Tasks\AmiUpdXp.job 2013-10-08 08:15 - 2013-10-08 08:15 - 00000000 ____D C:\Users\Stefan\AppData\Local\SwvUpdater 2013-10-08 06:50 - 2013-10-24 17:28 - 00000000 ____D C:\FRST 2013-10-08 06:47 - 2013-10-08 06:47 - 01087213 _____ (Farbar) C:\Users\Stefan\Downloads\FRST.exe 2013-10-07 16:22 - 2013-10-07 16:23 - 00000000 ____D C:\ProgramData\MFAData 2013-10-07 16:22 - 2013-10-07 16:22 - 00000000 ____D C:\Users\Stefan\AppData\Local\MFAData 2013-10-07 16:22 - 2013-10-07 16:22 - 00000000 ____D C:\Users\Stefan\AppData\Local\Avg2014 2013-10-07 16:11 - 2013-10-07 16:12 - 04433128 _____ (AVG Technologies) C:\Users\Stefan\Downloads\avg_isct_stb_all_2014_4142_free.exe 2013-10-07 14:55 - 2013-10-07 14:54 - 00006396 _____ C:\Users\Stefan\Downloads\0677.mpssvc.reg 2013-10-07 14:54 - 2013-10-07 14:54 - 00229548 _____ C:\Users\Stefan\Downloads\1055.BFE.reg 2013-10-07 14:42 - 2013-10-23 05:26 - 00007632 _____ C:\Users\Stefan\AppData\Local\Resmon.ResmonCfg 2013-10-07 14:29 - 2013-10-24 17:28 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\NetSpeedMonitor 2013-10-07 14:29 - 2013-10-07 14:29 - 00000000 ____D C:\Program Files\NetSpeedMonitor 2013-10-04 04:26 - 2013-10-04 04:26 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-10-01 17:08 - 2013-10-01 17:08 - 00002153 _____ C:\Users\Public\Desktop\Sid Meier's Pirates!.lnk 2013-10-01 17:08 - 2013-10-01 17:08 - 00000000 ____D C:\Users\Stefan\Documents\My Games 2013-10-01 17:08 - 2013-10-01 17:08 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firaxis Games 2013-10-01 17:07 - 2013-10-01 17:07 - 00000000 ____D C:\Program Files\Firaxis Games ==================== One Month Modified Files and Folders ======= 2013-10-24 17:28 - 2013-10-08 08:18 - 00001348 _____ C:\Windows\Tasks\ElectroLyrics-1-updater.job 2013-10-24 17:28 - 2013-10-08 08:18 - 00001254 _____ C:\Windows\Tasks\ElectroLyrics-1-codedownloader.job 2013-10-24 17:28 - 2013-10-08 08:18 - 00001154 _____ C:\Windows\Tasks\ElectroLyrics-1-enabler.job 2013-10-24 17:28 - 2013-10-08 08:17 - 00001882 _____ C:\Windows\Tasks\ElectroLyrics-1-firefoxinstaller.job 2013-10-24 17:28 - 2013-10-08 08:15 - 00000360 _____ C:\Windows\Tasks\AmiUpdXp.job 2013-10-24 17:28 - 2013-10-08 06:50 - 00000000 ____D C:\FRST 2013-10-24 17:28 - 2013-10-07 14:29 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\NetSpeedMonitor 2013-10-24 17:28 - 2013-05-18 14:17 - 00000000 ____D C:\ProgramData\Kodak 2013-10-24 17:28 - 2013-02-24 13:13 - 00000000 ____D C:\ProgramData\NVIDIA 2013-10-24 17:28 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-24 17:28 - 2009-07-14 06:39 - 00162568 _____ C:\Windows\setupact.log 2013-10-24 17:27 - 2013-02-25 18:47 - 00019674 _____ C:\Windows\PFRO.log 2013-10-24 17:26 - 2013-02-24 10:55 - 00000000 ____D C:\Users\Stefan 2013-10-24 17:23 - 2013-10-24 17:23 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Stefan\Downloads\tdsskiller.exe 2013-10-24 17:20 - 2013-10-24 17:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Stefan\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-24 17:13 - 2013-10-24 17:12 - 05136677 _____ (Swearware) C:\Users\Stefan\Downloads\ComboFix.exe 2013-10-24 17:13 - 2013-10-24 17:12 - 01906472 _____ (Express Install ) C:\Users\Stefan\Downloads\setup.exe 2013-10-24 17:00 - 2013-02-24 10:59 - 00795074 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-24 16:59 - 2013-03-01 08:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-24 06:32 - 2013-03-08 03:05 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\vlc 2013-10-23 21:06 - 2013-10-23 19:06 - 00000000 ____D C:\Users\Stefan\Desktop\cd's musiek 2013-10-23 18:44 - 2013-02-24 11:55 - 00000000 ____D C:\Users\Stefan\Desktop\Start-up CD 2013-10-23 05:26 - 2013-10-07 14:42 - 00007632 _____ C:\Users\Stefan\AppData\Local\Resmon.ResmonCfg 2013-10-22 21:19 - 2013-10-22 19:48 - 00000000 ____D C:\Users\Stefan\Desktop\linds bday cd 2013-10-22 19:25 - 2013-10-22 19:25 - 00001336 _____ C:\Users\Stefan\Desktop\Free Video to MP3 Converter.lnk 2013-10-22 19:25 - 2013-10-22 19:25 - 00001201 _____ C:\Users\Stefan\Desktop\DVDVideoSoft Free Studio.lnk 2013-10-22 19:25 - 2013-10-22 19:25 - 00000000 ____D C:\Users\Stefan\Documents\DVDVideoSoft 2013-10-22 19:25 - 2013-10-22 19:25 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\DVDVideoSoft 2013-10-22 19:25 - 2013-10-22 19:25 - 00000000 ____D C:\Program Files\DVDVideoSoft 2013-10-22 19:25 - 2013-10-22 19:25 - 00000000 ____D C:\Program Files\Common Files\Plasmoo 2013-10-22 19:25 - 2013-10-22 19:25 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft 2013-10-17 03:41 - 2013-08-31 15:27 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\dvdcss 2013-10-17 03:03 - 2013-08-31 15:29 - 00000000 ____D C:\Users\Stefan\.dvdcss 2013-10-10 13:46 - 2013-07-19 00:59 - 00000000 ____D C:\Program Files\Industry Giant 2 2013-10-08 08:18 - 2013-10-08 08:18 - 00000985 _____ C:\Users\Stefan\Desktop\SevenZip.lnk 2013-10-08 08:18 - 2013-10-08 08:18 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SevenZip 9.20 2013-10-08 08:18 - 2013-10-08 08:18 - 00000000 ____D C:\Program Files\SevenZip 2013-10-08 08:18 - 2013-10-08 08:17 - 00000000 ____D C:\Program Files\ElectroLyrics-1 2013-10-08 08:15 - 2013-10-08 08:15 - 00000000 ____D C:\Users\Stefan\AppData\Local\SwvUpdater 2013-10-08 08:09 - 2013-07-03 17:21 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\BitTorrent 2013-10-08 06:47 - 2013-10-08 06:47 - 01087213 _____ (Farbar) C:\Users\Stefan\Downloads\FRST.exe 2013-10-07 16:23 - 2013-10-07 16:22 - 00000000 ____D C:\ProgramData\MFAData 2013-10-07 16:22 - 2013-10-07 16:22 - 00000000 ____D C:\Users\Stefan\AppData\Local\MFAData 2013-10-07 16:22 - 2013-10-07 16:22 - 00000000 ____D C:\Users\Stefan\AppData\Local\Avg2014 2013-10-07 16:12 - 2013-10-07 16:11 - 04433128 _____ (AVG Technologies) C:\Users\Stefan\Downloads\avg_isct_stb_all_2014_4142_free.exe 2013-10-07 16:09 - 2013-03-10 18:56 - 00000000 ____D C:\Users\Stefan\Desktop\Torrents 2013-10-07 14:54 - 2013-10-07 14:55 - 00006396 _____ C:\Users\Stefan\Downloads\0677.mpssvc.reg 2013-10-07 14:54 - 2013-10-07 14:54 - 00229548 _____ C:\Users\Stefan\Downloads\1055.BFE.reg 2013-10-07 14:29 - 2013-10-07 14:29 - 00000000 ____D C:\Program Files\NetSpeedMonitor 2013-10-07 13:31 - 2013-09-12 14:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-10-04 09:20 - 2013-02-24 12:10 - 00000000 ____D C:\Users\Stefan\AppData\Local\Mozilla 2013-10-04 04:26 - 2013-10-04 04:26 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-10-01 17:09 - 2013-03-11 06:33 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-10-01 17:09 - 2013-02-24 11:02 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-10-01 17:08 - 2013-10-01 17:08 - 00002153 _____ C:\Users\Public\Desktop\Sid Meier's Pirates!.lnk 2013-10-01 17:08 - 2013-10-01 17:08 - 00000000 ____D C:\Users\Stefan\Documents\My Games 2013-10-01 17:08 - 2013-10-01 17:08 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firaxis Games 2013-10-01 17:07 - 2013-10-01 17:07 - 00000000 ____D C:\Program Files\Firaxis Games 2013-10-01 17:06 - 2013-03-11 06:30 - 00000000 ____D C:\Program Files\Common Files\InstallShield 2013-09-29 17:16 - 2013-08-23 11:17 - 00000000 ____D C:\Program Files\DefaultTab 2013-09-27 22:00 - 2013-02-24 12:07 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-09-27 22:00 - 2013-02-24 12:07 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl Files to move or delete: ==================== C:\Users\Stefan\dxagvi.exe C:\Users\Stefan\dxaleyl.exe C:\Users\Stefan\dxayxcs.exe C:\Users\Stefan\dxeccpws.exe C:\Users\Stefan\dxemys.exe C:\Users\Stefan\dxeriuw.exe C:\Users\Stefan\dxfjnn.exe C:\Users\Stefan\dxhbewgfq.exe C:\Users\Stefan\dxhgyx.exe C:\Users\Stefan\dxijldymn.exe C:\Users\Stefan\dxivie.exe C:\Users\Stefan\dxmfdot.exe C:\Users\Stefan\dxnaku.exe C:\Users\Stefan\dxnsqb.exe C:\Users\Stefan\dxoaua.exe C:\Users\Stefan\dxokxybd.exe C:\Users\Stefan\dxqeuiurj.exe C:\Users\Stefan\dxqzso.exe C:\Users\Stefan\dxrkosal.exe C:\Users\Stefan\dxuhweann.exe C:\Users\Stefan\dxujed.exe C:\Users\Stefan\dxupon.exe C:\Users\Stefan\dxveae.exe C:\Users\Stefan\dxxdag.exe Some content of TEMP: ==================== C:\Users\Stefan\AppData\Local\Temp\0_Offer_1.exe C:\Users\Stefan\AppData\Local\Temp\1_Offer_2.exe C:\Users\Stefan\AppData\Local\Temp\20131008081028.14.exe C:\Users\Stefan\AppData\Local\Temp\DownloadManager.exe C:\Users\Stefan\AppData\Local\Temp\UpdateCheckerSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-21 00:45 ==================== End Of Log ============================