Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

trojan.sirefef.ty and trojan.generic [Solved]

Started by eman yalpid a esoohc , Jul 10 2012 01:50 PM

  • This topic is locked This topic is locked

#31
eman yalpid a esoohc
Posted 15 July 2012 - 04:40 AM

eman yalpid a esoohc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
First I need to say that after today I on vacation untill the 28th of July. So I won't respond till then.
Now that you know that, we can continue.

Scan is done, 6 suspicious objects were found.

Attached Files


Edited by eman yalpid a esoohc, 15 July 2012 - 04:40 AM.

  • 0

Advertisements

#32
eman yalpid a esoohc
Posted 15 July 2012 - 04:47 AM

eman yalpid a esoohc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Also, tonight something strange happened.

A program showed up: live security platinum
and blocking all applications
I deleted the program in the programs list and after rebooting I was able to run other programs again.
But Live security Platinum isn't really gone, it's still in the starting menu and has a folder in 'all programs'
  • 0

#33
Essexboy
Posted 15 July 2012 - 04:53 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you now run a fresh OTL scan please selecting all users, it appears to be a totally different infection this

If I should forget and inadvertantly close this then PM me and I will re-open
  • 0

#34
eman yalpid a esoohc
Posted 15 July 2012 - 05:07 AM

eman yalpid a esoohc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
OK, no problem

OTL logfile created on: 7/15/2012 12:56:05 PM - Run 3
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Tom\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: België | Language: NLB | Date Format: d/MM/yyyy

3.86 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 57.04% Memory free
7.73 Gb Paging File | 5.68 Gb Available in Paging File | 73.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.38 Gb Total Space | 295.74 Gb Free Space | 50.69% Space Free | Partition Type: NTFS
Drive F: | 608.76 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOM-PC | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/13 01:00:15 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
PRC - [2012/07/11 18:00:11 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
PRC - [2012/06/22 18:03:01 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/05/23 06:33:08 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\real\realplayer\Update\realsched.exe
PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/05/03 11:18:01 | 000,487,424 | ---- | M] (Gadwin Systems, Inc) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
PRC - [2011/05/02 19:44:35 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/12/08 00:43:55 | 001,044,816 | ---- | M] (Flexera Software, Inc.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010/06/30 04:20:00 | 006,871,440 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
PRC - [2010/06/30 04:20:00 | 002,067,344 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2010/02/11 15:21:42 | 002,203,648 | ---- | M] (Nemetschek SCIA) -- C:\Program Files (x86)\SCIA\FlexNET\SCIA.exe
PRC - [2010/01/18 16:05:36 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2010/01/06 22:18:19 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009/11/21 02:50:30 | 001,334,096 | ---- | M] (Flexera Software, Inc.) -- C:\Program Files (x86)\SCIA\FlexNET\lmgrd.exe
PRC - [2009/11/02 01:39:48 | 001,094,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009/10/29 13:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009/10/01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/25 01:42:32 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/09/25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/09/13 00:09:48 | 000,783,704 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\pnamain.exe
PRC - [2009/09/13 00:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2009/09/13 00:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2009/09/13 00:08:00 | 000,071,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
PRC - [2009/09/11 07:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009/08/04 23:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/05 05:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/02/23 20:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
PRC - [2009/02/03 22:39:09 | 000,427,192 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/13 01:00:15 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
MOD - [2012/06/22 18:03:00 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/07/29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/01/06 22:18:19 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/02/03 03:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/07/12 23:54:21 | 000,409,672 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV:64bit: - [2010/12/07 19:41:09 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/03/24 12:43:38 | 002,299,656 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
SRV:64bit: - [2010/03/12 16:42:40 | 000,393,728 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV:64bit: - [2009/12/10 11:15:06 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/11/02 22:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/10/19 20:04:58 | 000,278,224 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV:64bit: - [2009/10/01 00:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/03/28 04:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/07/13 01:00:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/11 15:48:05 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/06/22 18:03:00 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/23 11:36:26 | 000,000,000 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\UTSCSI.EXE -- (UTSCSI)
SRV - [2011/05/02 19:44:35 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/12/08 00:43:55 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/30 04:20:00 | 002,067,344 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/21 02:50:30 | 001,334,096 | ---- | M] (Flexera Software, Inc.) [Auto | Running] -- C:\Program Files (x86)\SCIA\FlexNET\lmgrd.exe -- (FlexNET SCIA)
SRV - [2009/10/01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/10/01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/09/25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/09/11 07:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/02/03 22:39:09 | 000,427,192 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/12 23:54:23 | 000,089,680 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2012/07/12 23:54:23 | 000,088,144 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BdfNdisf6.sys -- (BdfNdisf)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/09 08:06:36 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/02 17:14:50 | 000,066,680 | --S- | M] (GetData Pty Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MIPv464.sys -- (MIPv464)
DRV:64bit: - [2010/09/20 19:22:08 | 000,190,504 | ---- | M] (GetData Pty Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MIPFSv364.sys -- (MIPFSv364)
DRV:64bit: - [2010/02/22 14:57:54 | 000,347,336 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2010/01/29 14:47:04 | 000,163,936 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfm.sys -- (BDFM)
DRV:64bit: - [2010/01/19 19:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2009/12/10 13:40:30 | 006,179,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/11/06 22:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/02 22:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/26 22:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/18 06:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/09/17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/09/08 19:13:16 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/08/13 21:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/08/06 14:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2009/07/23 00:06:26 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/25 04:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/06/20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 04:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2009/02/03 22:23:46 | 000,019,456 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2005/11/21 08:18:50 | 000,033,792 | ---- | M] (Eutron) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\eusk2par-amd64.sys -- (eusk2par)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2004/01/26 17:36:35 | 000,095,552 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/01/26 17:01:28 | 000,052,224 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/12/01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/09/06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prosync1.sys -- (prosync1)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...28z155t54j1d53n
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-03-07 16:03:32&v=10.0.0.7&sap=hp
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...AW_nlBE364BE364
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{8E996B6D-96AD-4EA4-B820-E0976FA7EB54}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-03-07 16:03:32&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{F48DA960-0FD9-4BB5-9826-C0C271C6C74D}: "URL" = http://www.qword.com...earchTerms}&s=2
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://by159w.bay159...m/default.aspx"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..keyword.URL: "http://search.sweeti...0000.10005&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweeti...h.asp?src=2&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2012/07/13 00:13:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/11 21:05:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/23 06:33:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/22 18:03:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/23 06:33:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/22 18:03:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/23 06:33:40 | 000,000,000 | ---D | M]

[2011/04/30 18:54:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\Extensions
[2010/03/04 17:56:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\Extensions\[email protected]
[2012/06/22 18:03:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions
[2012/06/22 18:03:19 | 000,000,000 | ---D | M] (Freecorder) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2010/09/07 23:06:56 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/03/30 15:10:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/05/06 10:31:16 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\[email protected]
[2012/04/26 22:21:39 | 000,003,915 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\sd9czh3v.default\searchplugins\sweetim.xml
[2012/01/24 23:02:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/11 21:05:37 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/01/23 17:03:33 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES (X86)\PDFFORGE TOOLBAR\FF
[2012/04/26 22:21:42 | 000,162,686 | ---- | M] () (No name found) -- C:\USERS\TOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SD9CZH3V.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2012/06/22 18:03:01 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/09/13 00:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009/09/13 00:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009/09/13 00:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009/09/13 00:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/09/13 00:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2012/05/23 06:33:16 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2009/09/13 00:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012/03/07 17:03:29 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2010/09/14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2012/06/22 18:02:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/22 18:02:58 | 000,001,892 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
[2012/06/22 18:02:58 | 000,004,558 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
[2012/06/22 18:02:58 | 000,001,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml

========== Chrome ==========


O1 HOSTS File: ([2012/07/13 01:57:18 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (InternetDownloadToolBar) - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (InternetDownloadToolBar) - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll ()
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper 32] C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run File not found
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [YouTubeDownloader_upgrade] C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\YouTubeDownloader.exe (Internet Downloader)
O4 - HKU\S-1-5-21-761200818-1682720771-1100777243-1001..\Run: [cmdkling] C:\Windows\Machmsra.dll (FRISK Software International)
O4 - HKU\S-1-5-21-761200818-1682720771-1100777243-1001..\Run: [cttuywiz] C:\Windows\Machmsra64.dll (FRISK Software International)
O4 - HKU\S-1-5-21-761200818-1682720771-1100777243-1001..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)
O4 - Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Prince of Persia Warrior Within.LNK = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5F95BA3-C920-4670-A7D5-5EDF198BFA6B}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/07 18:36:53 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2003/08/11 15:57:38 | 000,000,209 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/15 12:31:35 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tom\Desktop\tdsskiller.exe
[2012/07/15 00:04:55 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
[2012/07/15 00:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\7531CC7700011628005484B8F875F002
[2012/07/15 00:01:03 | 000,062,976 | -H-- | C] (FRISK Software International) -- C:\Windows\Machmsra64.dll
[2012/07/15 00:01:03 | 000,056,320 | -H-- | C] (FRISK Software International) -- C:\Windows\Machmsra.dll
[2012/07/14 14:20:10 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/07/14 14:20:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/07/14 14:20:10 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/07/14 14:20:10 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/07/14 14:20:10 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/07/14 14:20:10 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/07/14 14:20:10 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/07/14 14:20:10 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/07/14 14:20:10 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/07/14 14:20:10 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/07/14 14:20:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/07/14 14:20:10 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/07/14 14:20:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/07/14 14:20:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/07/14 14:20:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/07/14 14:20:10 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/07/14 14:20:10 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/07/14 14:20:10 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/07/14 14:20:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/07/14 14:20:10 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/07/14 14:20:10 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/07/14 14:20:10 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/07/14 14:20:10 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/07/14 14:20:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/07/14 14:20:10 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/07/14 14:20:10 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/07/14 14:20:10 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/07/14 14:20:10 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/07/14 14:20:10 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/07/14 14:20:10 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/07/14 14:20:10 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/07/14 14:20:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/07/14 14:20:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/07/14 14:20:10 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/07/14 14:20:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/07/14 14:20:10 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/07/14 14:20:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/07/14 14:20:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/07/14 14:20:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/07/14 14:20:10 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/07/14 14:20:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/07/14 14:20:10 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/07/14 14:20:09 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/07/14 14:20:09 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/07/14 14:20:09 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/07/14 14:20:09 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/07/14 14:20:09 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/07/14 14:20:09 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/07/14 14:20:09 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/07/14 14:20:09 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/07/14 14:20:09 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/07/14 14:20:09 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/07/14 14:20:09 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/07/14 14:20:09 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/07/14 14:20:09 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/07/14 14:20:09 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/07/14 14:20:09 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/07/14 14:20:09 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/07/14 14:20:09 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/07/14 14:20:09 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/07/14 14:20:09 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/07/14 14:20:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/07/14 14:20:09 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/07/14 14:20:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/07/14 14:20:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/07/14 14:20:09 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/07/14 14:20:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/07/14 14:20:09 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/07/14 14:20:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/07/14 14:20:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/07/14 14:20:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/07/14 14:20:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/07/13 02:09:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/12 23:43:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/12 23:43:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/07/12 23:43:25 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/12 23:42:55 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/12 23:42:54 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/07/12 23:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDefender 2010
[2012/07/12 23:31:41 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\BitDefender
[2012/07/12 23:30:53 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2012/07/12 23:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2012/07/12 23:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2012/07/12 23:26:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BitDefender
[2012/07/12 20:55:00 | 000,347,440 | ---- | C] (Microsoft Corporation) -- C:\Users\Tom\Desktop\MicrosoftFixit-portable.exe
[2012/07/12 16:37:31 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\Complete Internet Repair
[2012/07/11 23:26:35 | 000,688,663 | ---- | C] (Farbar) -- C:\Users\Tom\Desktop\FSS.exe
[2012/07/11 22:01:51 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/11 21:30:52 | 004,576,941 | R--- | C] (Swearware) -- C:\Users\Tom\Desktop\ComboFix.exe
[2012/07/11 21:06:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/11 18:31:02 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Tom\Desktop\aswMBR.exe
[2012/07/11 18:00:11 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2012/07/05 16:15:12 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012/07/05 16:15:12 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/07/05 15:26:44 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\SpeedyPC Software
[2012/07/05 15:26:44 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\DriverCure
[2012/07/05 15:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012/07/05 15:26:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeedyPC Software
[2012/07/05 14:31:28 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/07/05 00:12:33 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\Macromedia
[2012/07/04 23:59:27 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/04 23:59:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/06/29 13:06:35 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\test 29 juni
[2012/06/21 08:15:16 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/21 08:15:16 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/21 08:15:15 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/21 08:14:50 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/21 08:14:50 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/21 08:14:50 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/21 08:14:34 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/21 08:14:34 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/18 23:28:10 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\Kalibratie 1 juni
[2012/06/18 14:17:45 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\test 18 juni
[2009/11/05 05:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

========== Files - Modified Within 30 Days ==========

[2012/07/15 13:00:03 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/15 12:41:15 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/15 12:31:03 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tom\Desktop\tdsskiller.exe
[2012/07/15 12:26:17 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/15 12:26:17 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/15 12:22:48 | 001,189,320 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012/07/15 12:22:48 | 000,761,808 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/15 12:22:48 | 000,293,556 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012/07/15 12:22:48 | 000,245,852 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/15 12:22:48 | 000,005,210 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/15 12:18:27 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/15 12:17:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/15 12:17:35 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/15 00:01:03 | 000,062,976 | -H-- | M] (FRISK Software International) -- C:\Windows\Machmsra64.dll
[2012/07/15 00:01:03 | 000,056,320 | -H-- | M] (FRISK Software International) -- C:\Windows\Machmsra.dll
[2012/07/14 14:21:21 | 000,000,052 | ---- | M] () -- C:\Windows\SysNative\ashttpstats.csv
[2012/07/14 14:20:10 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/07/14 14:20:10 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/07/14 14:20:10 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/07/14 14:20:10 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/07/14 14:20:10 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/07/14 14:20:10 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/07/14 14:20:10 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/07/14 14:20:10 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/07/14 14:20:10 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/07/14 14:20:10 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/07/14 14:20:10 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/07/14 14:20:10 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/07/14 14:20:10 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/07/14 14:20:10 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/07/14 14:20:10 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/07/14 14:20:10 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/07/14 14:20:10 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/07/14 14:20:10 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/07/14 14:20:10 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/07/14 14:20:10 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/07/14 14:20:10 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/07/14 14:20:10 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/07/14 14:20:10 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/07/14 14:20:10 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/07/14 14:20:10 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/07/14 14:20:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/07/14 14:20:10 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/07/14 14:20:10 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/07/14 14:20:10 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/07/14 14:20:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/07/14 14:20:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/07/14 14:20:10 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/07/14 14:20:10 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/07/14 14:20:10 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/07/14 14:20:10 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/07/14 14:20:10 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/07/14 14:20:10 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/07/14 14:20:10 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/07/14 14:20:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/07/14 14:20:10 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/07/14 14:20:10 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/07/14 14:20:10 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/07/14 14:20:10 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/07/14 14:20:09 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/07/14 14:20:09 | 002,311,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/07/14 14:20:09 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/07/14 14:20:09 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/07/14 14:20:09 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/07/14 14:20:09 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/07/14 14:20:09 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/07/14 14:20:09 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/07/14 14:20:09 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/07/14 14:20:09 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/07/14 14:20:09 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/07/14 14:20:09 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/07/14 14:20:09 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/07/14 14:20:09 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/07/14 14:20:09 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/07/14 14:20:09 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/07/14 14:20:09 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/07/14 14:20:09 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/07/14 14:20:09 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/07/14 14:20:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/07/14 14:20:09 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/07/14 14:20:09 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/07/14 14:20:09 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/07/14 14:20:09 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/07/14 14:20:09 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/07/14 14:20:09 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/07/14 14:20:09 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/07/14 14:20:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/07/14 14:20:09 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/07/14 14:20:09 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/07/14 14:20:09 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/07/13 01:57:18 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/07/13 01:28:55 | 004,576,941 | R--- | M] (Swearware) -- C:\Users\Tom\Desktop\ComboFix.exe
[2012/07/13 01:16:58 | 000,000,121 | ---- | M] () -- C:\Windows\bdagent.INI
[2012/07/13 01:00:15 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/13 01:00:15 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/13 00:14:41 | 000,500,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/12 23:54:23 | 000,088,144 | ---- | M] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2012/07/12 23:35:29 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2012/07/12 23:31:59 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Total Security 2010.lnk
[2012/07/12 23:20:36 | 000,074,195 | ---- | M] () -- C:\BdUninstallTool2012.07.12-11.19.15.reg
[2012/07/12 20:54:08 | 000,347,440 | ---- | M] (Microsoft Corporation) -- C:\Users\Tom\Desktop\MicrosoftFixit-portable.exe
[2012/07/12 18:00:00 | 000,000,488 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2012/07/12 16:36:14 | 000,650,870 | ---- | M] () -- C:\Users\Tom\Desktop\comintrep.exe
[2012/07/12 00:40:13 | 000,000,460 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2012/07/11 23:25:10 | 000,688,663 | ---- | M] (Farbar) -- C:\Users\Tom\Desktop\FSS.exe
[2012/07/11 20:32:47 | 461,218,670 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/07/11 18:30:32 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Tom\Desktop\aswMBR.exe
[2012/07/11 18:00:11 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2012/06/25 09:47:18 | 000,539,304 | ---- | M] () -- C:\Users\Tom\Desktop\UiTPAS informatiebundel_Jeugd_Aalst.pdf

========== Files Created - No Company Name ==========

[2012/07/14 14:20:10 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/07/14 14:20:09 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/07/12 23:56:53 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2012/07/12 23:35:29 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2012/07/12 23:31:59 | 000,002,100 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Total Security 2010.lnk
[2012/07/12 23:19:15 | 000,074,195 | ---- | C] () -- C:\BdUninstallTool2012.07.12-11.19.15.reg
[2012/07/12 16:36:59 | 000,650,870 | ---- | C] () -- C:\Users\Tom\Desktop\comintrep.exe
[2012/07/12 00:14:12 | 000,003,364 | ---- | C] () -- C:\Users\Tom\Desktop\mpssvc.reg
[2012/07/12 00:14:12 | 000,000,880 | ---- | C] () -- C:\Users\Tom\Desktop\legacy_mpssvc.reg
[2012/07/05 15:26:48 | 000,000,488 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2012/07/05 15:26:39 | 000,000,460 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2012/07/04 23:59:27 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/25 09:47:18 | 000,539,304 | ---- | C] () -- C:\Users\Tom\Desktop\UiTPAS informatiebundel_Jeugd_Aalst.pdf
[2012/05/17 01:22:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/17 01:22:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/17 01:22:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/17 01:22:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/17 01:22:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/23 21:11:11 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2011/11/23 21:11:11 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2011/10/05 17:12:30 | 000,000,128 | ---- | C] () -- C:\Windows\wininit.ini
[2011/08/23 11:35:10 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\UTSCSI.EXE
[2011/08/09 21:36:55 | 000,000,360 | ---- | C] () -- C:\Users\Tom\AppData\Local\Images.fl
[2011/05/13 17:55:29 | 000,033,043 | ---- | C] () -- C:\Users\Tom\32767-3934982913.WibuCmRaC
[2011/05/13 15:44:54 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\PROTOCOL.INI
[2011/05/02 18:41:00 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/05/02 18:40:40 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/05/02 18:40:36 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/01/06 02:22:14 | 000,008,704 | ---- | C] () -- C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/08 00:44:18 | 000,000,044 | ---- | C] () -- C:\Windows\Esa.INI
[2010/11/05 02:10:37 | 000,000,035 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/11/01 00:23:33 | 000,000,110 | ---- | C] () -- C:\Windows\PPRASTA.INI
[2010/08/16 23:11:28 | 000,000,409 | ---- | C] () -- C:\Windows\CoDUO.INI
[2010/05/26 22:52:10 | 000,000,025 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\bdfvconp.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:117E206F
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:4F96D8E6

< End of report >

Attached Files

  • Attached File  OTL.Txt   151.1KB   69 downloads

  • 0

#35
Essexboy
Posted 15 July 2012 - 05:33 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
This should kill the remnants

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    O4 - HKU\S-1-5-21-761200818-1682720771-1100777243-1001..\Run: [cmdkling] C:\Windows\Machmsra.dll (FRISK Software International)
    O4 - HKU\S-1-5-21-761200818-1682720771-1100777243-1001..\Run: [cttuywiz] C:\Windows\Machmsra64.dll (FRISK Software International)
    [2012/07/15 00:04:55 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
    [2012/07/15 00:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\7531CC7700011628005484B8F875F002
    [2012/07/15 00:01:03 | 000,062,976 | -H-- | C] (FRISK Software International) -- C:\Windows\Machmsra64.dll
    [2012/07/15 00:01:03 | 000,056,320 | -H-- | C] (FRISK Software International) -- C:\Windows\Machmsra.dll

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#36
eman yalpid a esoohc
Posted 15 July 2012 - 06:08 AM

eman yalpid a esoohc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
fix and scan are performed

OTL logfile created on: 7/15/2012 1:51:46 PM - Run 4
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Tom\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: België | Language: NLB | Date Format: d/MM/yyyy

3.86 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 56.72% Memory free
7.73 Gb Paging File | 5.94 Gb Available in Paging File | 76.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.38 Gb Total Space | 295.87 Gb Free Space | 50.72% Space Free | Partition Type: NTFS
Drive F: | 608.76 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOM-PC | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/11 18:00:11 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
PRC - [2012/06/22 18:03:01 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/05/23 06:33:08 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\real\realplayer\Update\realsched.exe
PRC - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/05/03 11:18:01 | 000,487,424 | ---- | M] (Gadwin Systems, Inc) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
PRC - [2011/05/02 19:44:35 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/12/08 00:43:55 | 001,044,816 | ---- | M] (Flexera Software, Inc.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010/06/30 04:20:00 | 006,871,440 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
PRC - [2010/06/30 04:20:00 | 002,067,344 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2010/02/11 15:21:42 | 002,203,648 | ---- | M] (Nemetschek SCIA) -- C:\Program Files (x86)\SCIA\FlexNET\SCIA.exe
PRC - [2010/01/18 16:05:36 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2010/01/06 22:18:19 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009/11/21 02:50:30 | 001,334,096 | ---- | M] (Flexera Software, Inc.) -- C:\Program Files (x86)\SCIA\FlexNET\lmgrd.exe
PRC - [2009/11/02 01:39:48 | 001,094,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009/10/29 13:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009/10/01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/25 01:42:32 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/09/25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/09/13 00:09:48 | 000,783,704 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\pnamain.exe
PRC - [2009/09/13 00:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2009/09/13 00:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2009/09/13 00:08:00 | 000,071,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
PRC - [2009/09/11 07:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009/08/04 23:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/05 05:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/02/23 20:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
PRC - [2009/02/03 22:39:09 | 000,427,192 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/22 18:03:00 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/07/29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/01/06 22:18:19 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/02/03 03:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/07/12 23:54:21 | 000,409,672 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV:64bit: - [2010/12/07 19:41:09 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/03/24 12:43:38 | 002,299,656 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
SRV:64bit: - [2010/03/12 16:42:40 | 000,393,728 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV:64bit: - [2009/12/10 11:15:06 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/11/02 22:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/10/19 20:04:58 | 000,278,224 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV:64bit: - [2009/10/01 00:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/03/28 04:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/07/13 01:00:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/11 15:48:05 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/06/22 18:03:00 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/23 11:36:26 | 000,000,000 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\UTSCSI.EXE -- (UTSCSI)
SRV - [2011/05/02 19:44:35 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/12/08 00:43:55 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/30 04:20:00 | 002,067,344 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/21 02:50:30 | 001,334,096 | ---- | M] (Flexera Software, Inc.) [Auto | Running] -- C:\Program Files (x86)\SCIA\FlexNET\lmgrd.exe -- (FlexNET SCIA)
SRV - [2009/10/01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/10/01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/09/25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/09/11 07:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/02/03 22:39:09 | 000,427,192 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/12 23:54:23 | 000,089,680 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2012/07/12 23:54:23 | 000,088,144 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BdfNdisf6.sys -- (BdfNdisf)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/09 08:06:36 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/02 17:14:50 | 000,066,680 | --S- | M] (GetData Pty Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MIPv464.sys -- (MIPv464)
DRV:64bit: - [2010/09/20 19:22:08 | 000,190,504 | ---- | M] (GetData Pty Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MIPFSv364.sys -- (MIPFSv364)
DRV:64bit: - [2010/02/22 14:57:54 | 000,347,336 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2010/01/29 14:47:04 | 000,163,936 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfm.sys -- (BDFM)
DRV:64bit: - [2010/01/19 19:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2009/12/10 13:40:30 | 006,179,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/11/06 22:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/02 22:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/26 22:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/18 06:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/09/17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/09/08 19:13:16 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/08/13 21:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/08/06 14:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2009/07/23 00:06:26 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/25 04:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/06/20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 04:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2009/02/03 22:23:46 | 000,019,456 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2005/11/21 08:18:50 | 000,033,792 | ---- | M] (Eutron) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\eusk2par-amd64.sys -- (eusk2par)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2004/01/26 17:36:35 | 000,095,552 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/01/26 17:01:28 | 000,052,224 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/12/01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/09/06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prosync1.sys -- (prosync1)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...28z155t54j1d53n
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-03-07 16:03:32&v=10.0.0.7&sap=hp
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...AW_nlBE364BE364
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{8E996B6D-96AD-4EA4-B820-E0976FA7EB54}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-03-07 16:03:32&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\SearchScopes\{F48DA960-0FD9-4BB5-9826-C0C271C6C74D}: "URL" = http://www.qword.com...earchTerms}&s=2
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://by159w.bay159...m/default.aspx"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..keyword.URL: "http://search.sweeti...0000.10005&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweeti...h.asp?src=2&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2012/07/13 00:13:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/11 21:05:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/23 06:33:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/22 18:03:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/23 06:33:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/22 18:03:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/23 06:33:40 | 000,000,000 | ---D | M]

[2011/04/30 18:54:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\Extensions
[2010/03/04 17:56:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\Extensions\[email protected]
[2012/06/22 18:03:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions
[2012/06/22 18:03:19 | 000,000,000 | ---D | M] (Freecorder) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2010/09/07 23:06:56 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/03/30 15:10:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/05/06 10:31:16 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\[email protected]
[2012/04/26 22:21:39 | 000,003,915 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\sd9czh3v.default\searchplugins\sweetim.xml
[2012/01/24 23:02:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/11 21:05:37 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/01/23 17:03:33 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES (X86)\PDFFORGE TOOLBAR\FF
[2012/04/26 22:21:42 | 000,162,686 | ---- | M] () (No name found) -- C:\USERS\TOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SD9CZH3V.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2012/06/22 18:03:01 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/09/13 00:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009/09/13 00:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009/09/13 00:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009/09/13 00:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/09/13 00:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2012/05/23 06:33:16 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2009/09/13 00:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012/03/07 17:03:29 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2010/09/14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2012/06/22 18:02:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/22 18:02:58 | 000,001,892 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
[2012/06/22 18:02:58 | 000,004,558 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
[2012/06/22 18:02:58 | 000,001,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml

========== Chrome ==========


O1 HOSTS File: ([2012/07/15 13:39:34 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (InternetDownloadToolBar) - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (InternetDownloadToolBar) - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll ()
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper 32] C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run File not found
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [YouTubeDownloader_upgrade] C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\YouTubeDownloader.exe (Internet Downloader)
O4 - HKU\S-1-5-21-761200818-1682720771-1100777243-1001..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)
O4 - Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Prince of Persia Warrior Within.LNK = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-761200818-1682720771-1100777243-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5F95BA3-C920-4670-A7D5-5EDF198BFA6B}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/07 18:36:53 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2003/08/11 15:57:38 | 000,000,209 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/15 12:31:35 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tom\Desktop\tdsskiller.exe
[2012/07/15 00:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\7531CC7700011628005484B8F875F002
[2012/07/13 02:09:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/12 23:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDefender 2010
[2012/07/12 23:31:41 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\BitDefender
[2012/07/12 23:30:53 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2012/07/12 23:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2012/07/12 23:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2012/07/12 23:26:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BitDefender
[2012/07/12 16:37:31 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\Complete Internet Repair
[2012/07/11 23:26:35 | 000,688,663 | ---- | C] (Farbar) -- C:\Users\Tom\Desktop\FSS.exe
[2012/07/11 22:01:51 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/11 21:30:52 | 004,576,941 | R--- | C] (Swearware) -- C:\Users\Tom\Desktop\ComboFix.exe
[2012/07/11 21:06:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/11 18:31:02 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Tom\Desktop\aswMBR.exe
[2012/07/11 18:00:11 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2012/07/05 16:15:12 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012/07/05 16:15:12 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/07/05 15:26:44 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\SpeedyPC Software
[2012/07/05 15:26:44 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\DriverCure
[2012/07/05 15:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012/07/05 15:26:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeedyPC Software
[2012/07/05 14:31:28 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/07/05 00:12:33 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\Macromedia
[2012/07/04 23:59:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/06/29 13:06:35 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\test 29 juni
[2012/06/18 23:28:10 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\Kalibratie 1 juni
[2012/06/18 14:17:45 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\test 18 juni
[2009/11/05 05:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

========== Files - Modified Within 30 Days ==========

[2012/07/15 14:00:19 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/15 13:55:41 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/15 13:55:41 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/15 13:55:38 | 001,204,154 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012/07/15 13:55:38 | 000,766,270 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/15 13:55:38 | 000,298,450 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012/07/15 13:55:38 | 000,250,122 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/15 13:55:38 | 000,005,210 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/15 13:48:21 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/15 13:47:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/15 13:47:47 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/15 13:41:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/15 13:39:34 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/07/15 12:31:03 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tom\Desktop\tdsskiller.exe
[2012/07/14 14:21:21 | 000,000,052 | ---- | M] () -- C:\Windows\SysNative\ashttpstats.csv
[2012/07/14 14:20:10 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/07/14 14:20:09 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/07/13 01:28:55 | 004,576,941 | R--- | M] (Swearware) -- C:\Users\Tom\Desktop\ComboFix.exe
[2012/07/13 01:16:58 | 000,000,121 | ---- | M] () -- C:\Windows\bdagent.INI
[2012/07/13 00:14:41 | 000,500,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/12 23:54:23 | 000,088,144 | ---- | M] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2012/07/12 23:35:29 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2012/07/12 23:31:59 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Total Security 2010.lnk
[2012/07/12 23:20:36 | 000,074,195 | ---- | M] () -- C:\BdUninstallTool2012.07.12-11.19.15.reg
[2012/07/12 18:00:00 | 000,000,488 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2012/07/12 16:36:14 | 000,650,870 | ---- | M] () -- C:\Users\Tom\Desktop\comintrep.exe
[2012/07/12 00:40:13 | 000,000,460 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2012/07/11 23:25:10 | 000,688,663 | ---- | M] (Farbar) -- C:\Users\Tom\Desktop\FSS.exe
[2012/07/11 20:32:47 | 461,218,670 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/07/11 18:30:32 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Tom\Desktop\aswMBR.exe
[2012/07/11 18:00:11 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2012/06/25 09:47:18 | 000,539,304 | ---- | M] () -- C:\Users\Tom\Desktop\UiTPAS informatiebundel_Jeugd_Aalst.pdf

========== Files Created - No Company Name ==========

[2012/07/14 14:20:10 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/07/14 14:20:09 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/07/12 23:56:53 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2012/07/12 23:35:29 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2012/07/12 23:31:59 | 000,002,100 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Total Security 2010.lnk
[2012/07/12 23:19:15 | 000,074,195 | ---- | C] () -- C:\BdUninstallTool2012.07.12-11.19.15.reg
[2012/07/12 16:36:59 | 000,650,870 | ---- | C] () -- C:\Users\Tom\Desktop\comintrep.exe
[2012/07/12 00:14:12 | 000,003,364 | ---- | C] () -- C:\Users\Tom\Desktop\mpssvc.reg
[2012/07/12 00:14:12 | 000,000,880 | ---- | C] () -- C:\Users\Tom\Desktop\legacy_mpssvc.reg
[2012/07/05 15:26:48 | 000,000,488 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2012/07/05 15:26:39 | 000,000,460 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2012/07/04 23:59:27 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/25 09:47:18 | 000,539,304 | ---- | C] () -- C:\Users\Tom\Desktop\UiTPAS informatiebundel_Jeugd_Aalst.pdf
[2012/05/17 01:22:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/17 01:22:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/17 01:22:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/17 01:22:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/17 01:22:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/23 21:11:11 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2011/11/23 21:11:11 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2011/10/05 17:12:30 | 000,000,128 | ---- | C] () -- C:\Windows\wininit.ini
[2011/08/23 11:35:10 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\UTSCSI.EXE
[2011/08/09 21:36:55 | 000,000,360 | ---- | C] () -- C:\Users\Tom\AppData\Local\Images.fl
[2011/05/13 17:55:29 | 000,033,043 | ---- | C] () -- C:\Users\Tom\32767-3934982913.WibuCmRaC
[2011/05/13 15:44:54 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\PROTOCOL.INI
[2011/05/02 18:41:00 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/05/02 18:40:40 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/05/02 18:40:36 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/01/06 02:22:14 | 000,008,704 | ---- | C] () -- C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/08 00:44:18 | 000,000,044 | ---- | C] () -- C:\Windows\Esa.INI
[2010/11/05 02:10:37 | 000,000,035 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/11/01 00:23:33 | 000,000,110 | ---- | C] () -- C:\Windows\PPRASTA.INI
[2010/08/16 23:11:28 | 000,000,409 | ---- | C] () -- C:\Windows\CoDUO.INI
[2010/05/26 22:52:10 | 000,000,025 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\bdfvconp.ini

========== LOP Check ==========

[2010/10/05 19:02:39 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\.minecraft
[2012/04/19 15:49:31 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Audacity
[2010/12/13 23:42:02 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Autodesk
[2011/08/09 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\BeSpotted
[2012/07/12 23:31:41 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\BitDefender
[2010/09/07 21:53:59 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\BSplayer
[2010/01/30 18:18:12 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\BSplayer Pro
[2010/03/04 17:05:53 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Cisco
[2010/03/22 00:21:15 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Citrix
[2012/07/05 15:26:44 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DriverCure
[2012/07/02 10:43:54 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Dropbox
[2012/01/08 14:29:28 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DVDVideoSoft
[2011/04/30 19:25:52 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/05/13 15:44:58 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\FileMaker
[2012/05/20 20:32:33 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\FileZilla
[2010/01/30 17:14:14 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\GameConsole
[2010/03/04 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ICAClient
[2012/03/28 11:36:50 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ObviousIdea
[2012/04/26 22:21:14 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\pdfforge
[2010/04/29 17:48:18 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\PlayFirst
[2011/01/07 01:41:39 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\PowerCinema
[2011/10/29 23:32:55 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\SoftDMA
[2012/07/05 15:26:44 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\SpeedyPC Software
[2012/03/20 17:38:55 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Unity
[2012/07/13 02:41:51 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\uTorrent
[2011/01/17 02:09:14 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ViquaSoft
[2010/10/21 19:00:54 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Windows Live Writer
[2012/06/05 09:51:35 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/07/12 18:00:00 | 000,000,488 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC Registration3.job
[2012/07/12 00:40:13 | 000,000,460 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC Update Version3.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:117E206F
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:4F96D8E6

< End of report >

Attached Files


  • 0

#37
Essexboy
Posted 15 July 2012 - 06:17 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
They have started posing as Fsecure now

Could you run a quick Malwarebytes scan please and let me know what problems remain

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#38
eman yalpid a esoohc
Posted 15 July 2012 - 07:19 AM

eman yalpid a esoohc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
2 infected files were found

Attached Files


  • 0

#39
Essexboy
Posted 15 July 2012 - 07:35 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets take out the folder that MBAM missed, then could you check the system to ensure that everything works

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    [2012/07/15 00:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\7531CC7700011628005484B8F875F002


    :Files
    ipconfig /flushdns /c

    :Commands
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#40
eman yalpid a esoohc
Posted 15 July 2012 - 08:26 AM

eman yalpid a esoohc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
another OTL scan... :)

OTL logfile created on: 7/15/2012 3:51:30 PM - Run 5
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Tom\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: België | Language: NLB | Date Format: d/MM/yyyy

3.86 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 52.48% Memory free
7.73 Gb Paging File | 5.69 Gb Available in Paging File | 73.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.38 Gb Total Space | 295.37 Gb Free Space | 50.63% Space Free | Partition Type: NTFS
Drive F: | 608.76 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOM-PC | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/11 18:00:11 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
PRC - [2012/06/22 18:03:01 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/05/23 06:33:08 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\real\realplayer\Update\realsched.exe
PRC - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/05/03 11:18:01 | 000,487,424 | ---- | M] (Gadwin Systems, Inc) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
PRC - [2011/05/02 19:44:35 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/12/08 00:43:55 | 001,044,816 | ---- | M] (Flexera Software, Inc.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010/06/30 04:20:00 | 006,871,440 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
PRC - [2010/06/30 04:20:00 | 002,067,344 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2010/02/11 15:21:42 | 002,203,648 | ---- | M] (Nemetschek SCIA) -- C:\Program Files (x86)\SCIA\FlexNET\SCIA.exe
PRC - [2010/01/18 16:05:36 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2010/01/06 22:18:19 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009/11/21 02:50:30 | 001,334,096 | ---- | M] (Flexera Software, Inc.) -- C:\Program Files (x86)\SCIA\FlexNET\lmgrd.exe
PRC - [2009/11/02 01:39:48 | 001,094,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009/10/29 13:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009/10/01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/25 01:42:32 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/09/25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/09/13 00:09:48 | 000,783,704 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\pnamain.exe
PRC - [2009/09/13 00:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2009/09/13 00:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2009/09/13 00:08:00 | 000,071,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
PRC - [2009/09/11 07:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009/08/04 23:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/05 05:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/02/23 20:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
PRC - [2009/02/03 22:39:09 | 000,427,192 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/22 18:03:00 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/07/29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/01/06 22:18:19 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/02/03 03:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/07/12 23:54:21 | 000,409,672 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV:64bit: - [2010/12/07 19:41:09 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/03/24 12:43:38 | 002,299,656 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
SRV:64bit: - [2010/03/12 16:42:40 | 000,393,728 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV:64bit: - [2009/12/10 11:15:06 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/11/02 22:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/10/19 20:04:58 | 000,278,224 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV:64bit: - [2009/10/01 00:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/03/28 04:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/07/13 01:00:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/11 15:48:05 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/06/22 18:03:00 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/23 11:36:26 | 000,000,000 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\UTSCSI.EXE -- (UTSCSI)
SRV - [2011/05/02 19:44:35 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/12/08 00:43:55 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/30 04:20:00 | 002,067,344 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/21 02:50:30 | 001,334,096 | ---- | M] (Flexera Software, Inc.) [Auto | Running] -- C:\Program Files (x86)\SCIA\FlexNET\lmgrd.exe -- (FlexNET SCIA)
SRV - [2009/10/01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/10/01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/09/25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/09/11 07:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/02/03 22:39:09 | 000,427,192 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/12 23:54:23 | 000,089,680 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2012/07/12 23:54:23 | 000,088,144 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BdfNdisf6.sys -- (BdfNdisf)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/09 08:06:36 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/02 17:14:50 | 000,066,680 | --S- | M] (GetData Pty Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MIPv464.sys -- (MIPv464)
DRV:64bit: - [2010/09/20 19:22:08 | 000,190,504 | ---- | M] (GetData Pty Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MIPFSv364.sys -- (MIPFSv364)
DRV:64bit: - [2010/02/22 14:57:54 | 000,347,336 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2010/01/29 14:47:04 | 000,163,936 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfm.sys -- (BDFM)
DRV:64bit: - [2010/01/19 19:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2009/12/10 13:40:30 | 006,179,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/11/06 22:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/02 22:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/26 22:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/18 06:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/09/17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/09/08 19:13:16 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/08/13 21:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/08/06 14:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2009/07/23 00:06:26 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/25 04:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/06/20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 04:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2009/02/03 22:23:46 | 000,019,456 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2005/11/21 08:18:50 | 000,033,792 | ---- | M] (Eutron) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\eusk2par-amd64.sys -- (eusk2par)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2004/01/26 17:36:35 | 000,095,552 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/01/26 17:01:28 | 000,052,224 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/12/01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/09/06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prosync1.sys -- (prosync1)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...28z155t54j1d53n
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-03-07 16:03:32&v=10.0.0.7&sap=hp
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...AW_nlBE364BE364
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{8E996B6D-96AD-4EA4-B820-E0976FA7EB54}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-03-07 16:03:32&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}
IE - HKCU\..\SearchScopes\{F48DA960-0FD9-4BB5-9826-C0C271C6C74D}: "URL" = http://www.qword.com...earchTerms}&s=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://by159w.bay159...m/default.aspx"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..keyword.URL: "http://search.sweeti...0000.10005&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweeti...h.asp?src=2&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2012/07/13 00:13:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/11 21:05:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/23 06:33:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/22 18:03:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/23 06:33:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/22 18:03:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/23 06:33:40 | 000,000,000 | ---D | M]

[2011/04/30 18:54:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\Extensions
[2010/03/04 17:56:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\Extensions\[email protected]
[2012/07/15 15:12:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions
[2012/07/15 15:12:18 | 000,000,000 | ---D | M] (Freecorder) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2010/09/07 23:06:56 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/03/30 15:10:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/05/06 10:31:16 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Tom\AppData\Roaming\mozilla\Firefox\Profiles\sd9czh3v.default\extensions\[email protected]
[2012/04/26 22:21:39 | 000,003,915 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\sd9czh3v.default\searchplugins\sweetim.xml
[2012/01/24 23:02:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/11 21:05:37 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/01/23 17:03:33 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES (X86)\PDFFORGE TOOLBAR\FF
[2012/04/26 22:21:42 | 000,162,686 | ---- | M] () (No name found) -- C:\USERS\TOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SD9CZH3V.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2012/06/22 18:03:01 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/09/13 00:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009/09/13 00:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009/09/13 00:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009/09/13 00:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/09/13 00:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2012/05/23 06:33:16 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2009/09/13 00:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012/03/07 17:03:29 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2010/09/14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2012/06/22 18:02:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/22 18:02:58 | 000,001,892 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
[2012/06/22 18:02:58 | 000,004,558 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
[2012/06/22 18:02:58 | 000,001,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml

========== Chrome ==========


O1 HOSTS File: ([2012/07/15 13:39:34 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (InternetDownloadToolBar) - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (InternetDownloadToolBar) - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll ()
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper 32] C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run File not found
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [YouTubeDownloader_upgrade] C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\YouTubeDownloader.exe (Internet Downloader)
O4 - HKCU..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)
O4 - Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Prince of Persia Warrior Within.LNK = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5F95BA3-C920-4670-A7D5-5EDF198BFA6B}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/07 18:36:53 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2003/08/11 15:57:38 | 000,000,209 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/15 14:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/15 14:23:39 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/15 14:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/15 14:22:45 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Tom\Desktop\mbam-setup-1.62.0.1300.exe
[2012/07/15 12:31:35 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tom\Desktop\tdsskiller.exe
[2012/07/15 00:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\7531CC7700011628005484B8F875F002
[2012/07/13 02:09:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/12 23:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDefender 2010
[2012/07/12 23:31:41 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\BitDefender
[2012/07/12 23:30:53 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2012/07/12 23:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2012/07/12 23:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2012/07/12 23:26:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BitDefender
[2012/07/12 16:37:31 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\Complete Internet Repair
[2012/07/11 23:26:35 | 000,688,663 | ---- | C] (Farbar) -- C:\Users\Tom\Desktop\FSS.exe
[2012/07/11 22:01:51 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/11 21:30:52 | 004,576,941 | R--- | C] (Swearware) -- C:\Users\Tom\Desktop\ComboFix.exe
[2012/07/11 21:06:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/11 18:31:02 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Tom\Desktop\aswMBR.exe
[2012/07/11 18:00:11 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2012/07/05 16:15:12 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012/07/05 16:15:12 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/07/05 15:26:44 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\SpeedyPC Software
[2012/07/05 15:26:44 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\DriverCure
[2012/07/05 15:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012/07/05 15:26:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeedyPC Software
[2012/07/05 14:31:28 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/07/05 00:12:33 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\Macromedia
[2012/07/04 23:59:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/06/29 13:06:35 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\test 29 juni
[2012/06/18 23:28:10 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\Kalibratie 1 juni
[2012/06/18 14:17:45 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\test 18 juni
[2009/11/05 05:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

========== Files - Modified Within 30 Days ==========

[2012/07/15 16:00:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/15 15:52:31 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/15 15:52:31 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/15 15:49:37 | 001,233,822 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012/07/15 15:49:37 | 000,775,194 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/15 15:49:37 | 000,308,238 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012/07/15 15:49:37 | 000,258,662 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/15 15:49:37 | 000,005,210 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/15 15:45:12 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/15 15:44:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/15 15:44:42 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/15 15:43:59 | 000,000,052 | ---- | M] () -- C:\Windows\SysNative\ashttpstats.csv
[2012/07/15 15:41:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/15 14:23:40 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/15 14:22:45 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Tom\Desktop\mbam-setup-1.62.0.1300.exe
[2012/07/15 13:39:34 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/07/15 12:31:03 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tom\Desktop\tdsskiller.exe
[2012/07/14 14:20:10 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/07/14 14:20:09 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/07/13 01:28:55 | 004,576,941 | R--- | M] (Swearware) -- C:\Users\Tom\Desktop\ComboFix.exe
[2012/07/13 01:16:58 | 000,000,121 | ---- | M] () -- C:\Windows\bdagent.INI
[2012/07/13 00:14:41 | 000,500,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/12 23:54:23 | 000,088,144 | ---- | M] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2012/07/12 23:35:29 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2012/07/12 23:31:59 | 000,002,100 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Total Security 2010.lnk
[2012/07/12 23:20:36 | 000,074,195 | ---- | M] () -- C:\BdUninstallTool2012.07.12-11.19.15.reg
[2012/07/12 18:00:00 | 000,000,488 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2012/07/12 16:36:14 | 000,650,870 | ---- | M] () -- C:\Users\Tom\Desktop\comintrep.exe
[2012/07/12 00:40:13 | 000,000,460 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2012/07/11 23:25:10 | 000,688,663 | ---- | M] (Farbar) -- C:\Users\Tom\Desktop\FSS.exe
[2012/07/11 20:32:47 | 461,218,670 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/07/11 18:30:32 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Tom\Desktop\aswMBR.exe
[2012/07/11 18:00:11 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Tom\Desktop\OTL.exe
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/25 09:47:18 | 000,539,304 | ---- | M] () -- C:\Users\Tom\Desktop\UiTPAS informatiebundel_Jeugd_Aalst.pdf

========== Files Created - No Company Name ==========

[2012/07/15 14:23:40 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 14:20:10 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/07/14 14:20:09 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/07/12 23:56:53 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2012/07/12 23:35:29 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2012/07/12 23:31:59 | 000,002,100 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Total Security 2010.lnk
[2012/07/12 23:19:15 | 000,074,195 | ---- | C] () -- C:\BdUninstallTool2012.07.12-11.19.15.reg
[2012/07/12 16:36:59 | 000,650,870 | ---- | C] () -- C:\Users\Tom\Desktop\comintrep.exe
[2012/07/12 00:14:12 | 000,003,364 | ---- | C] () -- C:\Users\Tom\Desktop\mpssvc.reg
[2012/07/12 00:14:12 | 000,000,880 | ---- | C] () -- C:\Users\Tom\Desktop\legacy_mpssvc.reg
[2012/07/05 15:26:48 | 000,000,488 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2012/07/05 15:26:39 | 000,000,460 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2012/07/04 23:59:27 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/25 09:47:18 | 000,539,304 | ---- | C] () -- C:\Users\Tom\Desktop\UiTPAS informatiebundel_Jeugd_Aalst.pdf
[2012/05/17 01:22:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/17 01:22:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/17 01:22:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/17 01:22:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/17 01:22:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/23 21:11:11 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2011/11/23 21:11:11 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2011/10/05 17:12:30 | 000,000,128 | ---- | C] () -- C:\Windows\wininit.ini
[2011/08/23 11:35:10 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\UTSCSI.EXE
[2011/08/09 21:36:55 | 000,000,360 | ---- | C] () -- C:\Users\Tom\AppData\Local\Images.fl
[2011/05/13 17:55:29 | 000,033,043 | ---- | C] () -- C:\Users\Tom\32767-3934982913.WibuCmRaC
[2011/05/13 15:44:54 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\PROTOCOL.INI
[2011/05/02 18:41:00 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/05/02 18:40:40 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/05/02 18:40:36 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/01/06 02:22:14 | 000,008,704 | ---- | C] () -- C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/08 00:44:18 | 000,000,044 | ---- | C] () -- C:\Windows\Esa.INI
[2010/11/05 02:10:37 | 000,000,035 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/11/01 00:23:33 | 000,000,110 | ---- | C] () -- C:\Windows\PPRASTA.INI
[2010/08/16 23:11:28 | 000,000,409 | ---- | C] () -- C:\Windows\CoDUO.INI
[2010/05/26 22:52:10 | 000,000,025 | ---- | C] () -- C:\Users\Tom\AppData\Roaming\bdfvconp.ini

========== LOP Check ==========

[2010/10/05 19:02:39 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\.minecraft
[2012/04/19 15:49:31 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Audacity
[2010/12/13 23:42:02 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Autodesk
[2011/08/09 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\BeSpotted
[2012/07/12 23:31:41 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\BitDefender
[2010/09/07 21:53:59 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\BSplayer
[2010/01/30 18:18:12 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\BSplayer Pro
[2010/03/04 17:05:53 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Cisco
[2010/03/22 00:21:15 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Citrix
[2012/07/05 15:26:44 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DriverCure
[2012/07/02 10:43:54 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Dropbox
[2012/01/08 14:29:28 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DVDVideoSoft
[2011/04/30 19:25:52 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/05/13 15:44:58 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\FileMaker
[2012/05/20 20:32:33 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\FileZilla
[2010/01/30 17:14:14 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\GameConsole
[2010/03/04 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ICAClient
[2012/03/28 11:36:50 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ObviousIdea
[2012/04/26 22:21:14 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\pdfforge
[2010/04/29 17:48:18 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\PlayFirst
[2011/01/07 01:41:39 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\PowerCinema
[2011/10/29 23:32:55 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\SoftDMA
[2012/07/05 15:26:44 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\SpeedyPC Software
[2012/03/20 17:38:55 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Unity
[2012/07/13 02:41:51 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\uTorrent
[2011/01/17 02:09:14 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ViquaSoft
[2010/10/21 19:00:54 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Windows Live Writer
[2012/06/05 09:51:35 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/07/12 18:00:00 | 000,000,488 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC Registration3.job
[2012/07/12 00:40:13 | 000,000,460 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC Update Version3.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:117E206F
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:4F96D8E6

< End of report >

Attached Files


  • 0

Advertisements

#41
Essexboy
Posted 15 July 2012 - 09:39 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is it behaving now ?
  • 0

#42
eman yalpid a esoohc
Posted 15 July 2012 - 04:06 PM

eman yalpid a esoohc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
good I guess...

It doens't seem like there are more problems
  • 0

#43
Essexboy
Posted 15 July 2012 - 04:09 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix

  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Go to control panel
  • Select folder options (Appearance > Folder options in category view)
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#44
Essexboy
Posted 17 July 2012 - 01:34 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP