Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Site icons missing and false dates of first visit


  • Please log in to reply

#1
Zichzich

Zichzich

    New Member

  • Member
  • Pip
  • 1 posts
Hello there friendly geeks.

I use Google Chrome, and lately I've noticed that on the left of the URL, where a site icon should be, there is only an icon of a white page. Also, when I click on it, it says the first time I visited the site was on June 11th, for every site that I visited long before that day.

Can you please help me with this? Thank you kindly in advance!

Here's my OTL Log.


OTL logfile created on: 8/6/2012 11:06:50 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Norbert\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

3.68 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 60.70% Memory free
7.35 Gb Paging File | 5.56 Gb Available in Paging File | 75.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.66 Gb Total Space | 98.26 Gb Free Space | 21.80% Space Free | Partition Type: NTFS

Computer Name: NORBERT-PC | User Name: Norbert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/06 23:06:09 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Norbert\Downloads\OTL.exe
PRC - [2012/06/28 11:05:00 | 002,160,024 | ---- | M] (ManyCam LLC) -- C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
PRC - [2012/05/26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Norbert\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/05/24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Norbert\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/05/13 19:36:30 | 000,932,528 | ---- | M] () -- C:\Users\Norbert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/05/08 16:27:57 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/08 16:27:56 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/08 16:27:56 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/22 16:52:42 | 000,453,240 | ---- | M] (http://www.express-files.com/) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
PRC - [2012/03/22 16:52:42 | 000,172,664 | ---- | M] (http://www.express-files.com/) -- C:\Program Files (x86)\ExpressFiles\EFupdater.exe
PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/07/01 04:51:12 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011/07/01 04:51:12 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011/07/01 04:51:10 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011/07/01 04:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011/06/22 16:37:48 | 000,418,672 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2011/06/22 16:37:32 | 000,202,608 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2011/05/26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2011/04/24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/04/24 03:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011/04/22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/09/16 03:13:16 | 002,538,520 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/09/16 03:13:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/06 22:47:42 | 000,085,504 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM93C6.tmp
MOD - [2012/08/06 22:47:42 | 000,085,504 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM92AB.tmp
MOD - [2012/08/06 22:47:41 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM8F0C.tmp
MOD - [2012/08/06 22:47:41 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM8E4F.tmp
MOD - [2012/08/06 22:47:41 | 000,085,504 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM91B0.tmp
MOD - [2012/08/06 22:47:41 | 000,085,504 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM8F9B.tmp
MOD - [2012/08/06 22:47:40 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM8D72.tmp
MOD - [2012/08/06 22:47:40 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM8C38.tmp
MOD - [2012/08/06 22:47:40 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM89E6.tmp
MOD - [2012/08/06 22:47:39 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM8793.tmp
MOD - [2012/08/06 22:47:38 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM85DC.tmp
MOD - [2012/08/06 22:47:38 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM83A8.tmp
MOD - [2012/08/06 22:47:37 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM8136.tmp
MOD - [2012/08/06 22:47:37 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM806A.tmp
MOD - [2012/08/06 22:47:37 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM7EC2.tmp
MOD - [2012/08/06 22:47:36 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM7CEC.tmp
MOD - [2012/08/06 22:47:36 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM7A9A.tmp
MOD - [2012/08/06 22:47:35 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM7885.tmp
MOD - [2012/08/06 22:47:35 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM7799.tmp
MOD - [2012/08/06 22:47:34 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM7315.tmp
MOD - [2012/08/06 22:47:33 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM7238.tmp
MOD - [2012/08/06 22:47:33 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM70D0.tmp
MOD - [2012/08/06 22:47:33 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM6F19.tmp
MOD - [2012/08/06 22:47:32 | 000,120,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM6A65.tmp
MOD - [2012/08/06 22:47:31 | 000,072,192 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM6938.tmp
MOD - [2012/08/06 22:47:31 | 000,033,792 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\YTMP7MC8AA\TAA69A7.tmp
MOD - [2012/08/06 22:47:29 | 000,072,704 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM6000.tmp
MOD - [2012/08/06 22:47:29 | 000,072,192 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM607F.tmp
MOD - [2012/08/06 22:47:28 | 000,072,192 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM5DAE.tmp
MOD - [2012/08/06 22:47:28 | 000,064,000 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM5ADA.tmp
MOD - [2012/08/06 22:47:28 | 000,057,344 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM5CC2.tmp
MOD - [2012/08/06 22:47:28 | 000,053,760 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM5BD6.tmp
MOD - [2012/08/06 22:47:26 | 000,053,760 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM53F5.tmp
MOD - [2012/08/06 22:47:24 | 000,075,776 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM4F42.tmp
MOD - [2012/08/06 22:47:24 | 000,075,776 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM4CEF.tmp
MOD - [2012/08/06 22:47:23 | 000,075,776 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM4943.tmp
MOD - [2012/08/06 22:47:23 | 000,056,320 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM49B2.tmp
MOD - [2012/08/06 22:47:22 | 000,075,776 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM471F.tmp
MOD - [2012/08/06 22:47:22 | 000,075,776 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM4681.tmp
MOD - [2012/08/06 22:47:21 | 000,056,832 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM3FCB.tmp
MOD - [2012/08/06 22:47:20 | 000,075,776 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM3F0E.tmp
MOD - [2012/08/06 22:47:20 | 000,075,776 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM3EAE.tmp
MOD - [2012/08/06 22:47:20 | 000,075,776 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM3E30.tmp
MOD - [2012/08/06 22:47:19 | 000,068,608 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM39EA.tmp
MOD - [2012/08/06 22:47:18 | 000,056,320 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM33FC.tmp
MOD - [2012/08/06 22:47:18 | 000,055,296 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM36CC.tmp
MOD - [2012/08/06 22:47:14 | 000,075,776 | ---- | M] () -- C:\Users\Norbert\AppData\Local\Temp\XTMP1MC3VE\DEM274E.tmp
MOD - [2012/06/28 11:05:02 | 000,124,312 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\CrashRpt.dll
MOD - [2012/05/13 19:36:30 | 000,932,528 | ---- | M] () -- C:\Users\Norbert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/24 03:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2010/12/05 04:38:12 | 000,241,152 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_objdetect220.dll
MOD - [2010/12/05 04:38:06 | 000,776,192 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_highgui220.dll
MOD - [2010/12/05 04:38:06 | 000,201,216 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_video220.dll
MOD - [2010/12/05 04:38:04 | 001,242,112 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2010/12/05 04:38:02 | 002,010,624 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/10 23:01:08 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2011/05/02 23:27:50 | 001,517,328 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/05/02 23:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/05/02 23:10:26 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/04/22 18:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/02 16:25:08 | 000,067,448 | R--- | M] (iS3, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\STOPzilla!\SZServer.exe -- (szserver)
SRV - [2012/07/10 20:01:57 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/05/08 16:27:57 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/08 16:27:56 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/11 07:45:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/07/01 04:51:10 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011/05/26 08:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2011/04/24 03:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/09/16 03:13:16 | 002,538,520 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/09/16 03:13:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2012/05/17 19:09:03 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/05/08 16:27:57 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/05/08 16:27:57 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 12:34:36 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2012/01/12 09:28:48 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2012/01/11 08:11:20 | 000,034,304 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/16 17:09:16 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/05/01 08:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/04/15 05:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/28 05:44:46 | 001,417,776 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/23 04:20:58 | 000,077,936 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/03/10 06:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011/03/10 06:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/12/01 10:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/14 19:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/02/26 10:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/25 18:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009/09/17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchya.com/...BtDtCtBtDyCtDtA
IE - HKCU\..\SearchScopes,DefaultScope = {AC7A2951-37EF-43B2-AFED-DB00229FE336}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babyl...00000ff29e2e659
IE - HKCU\..\SearchScopes\{129A8FC7-C1C3-4301-94B5-0461125C73BB}: "URL" = http://searchya.com/...q={searchTerms}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws...q={searchTerms}
IE - HKCU\..\SearchScopes\{AC7A2951-37EF-43B2-AFED-DB00229FE336}: "URL" = http://fr.search.yah...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..browser.search.order.1: "Blekko"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://fr.search.yah...type=937811&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Norbert\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Norbert\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/03 22:26:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/03/25 17:12:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Norbert\AppData\Roaming\mozilla\Extensions
[2012/08/01 12:50:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Norbert\AppData\Roaming\mozilla\Firefox\Profiles\mrsj2kqj.default\extensions
[2012/06/03 21:32:39 | 000,001,465 | ---- | M] () -- C:\Users\Norbert\AppData\Roaming\Mozilla\Firefox\Profiles\mrsj2kqj.default\searchplugins\searchya.xml
[2012/03/25 17:11:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/17 23:03:17 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAM FILES (X86)\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION
File not found (No name found) -- C:\USERS\NORBERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MRSJ2KQJ.DEFAULT\EXTENSIONS\[email protected]
[2012/03/13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/13 06:46:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 06:55:45 | 000,001,892 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
[2012/03/13 06:55:45 | 000,004,558 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
[2012/06/03 21:26:32 | 000,002,134 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
[2012/03/13 06:55:45 | 000,001,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml

========== Chrome ==========

CHR - homepage: http://searchya.com/...BtDtCtBtDyCtDtA
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://searchya.com/...BtDtCtBtDyCtDtA
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Norbert\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Norbert\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Norbert\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Set Wallpaper Plugin (Enabled) = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkmiidlgnkhnfhigdpadkaamogngkin\3.0.2_0\setwallpaper_plugin.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.5.14.1_0\plugin/blackfishietab.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Java™ Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Norbert\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Back to Top = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\alpoeaffjpfnidlkiidponkainlnfhnl\1.1_0\
CHR - Extension: YouTube = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Zoeken = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Set image as wallpaper (Windows) = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkmiidlgnkhnfhigdpadkaamogngkin\3.0.2_0\
CHR - Extension: Dislike It! = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpopaadgfkgmgkklbcifkhikgcajfebn\3.4.10_0\
CHR - Extension: Fluttershy Theme = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgelnegaoomfhnibimaakehaiemfhbhk\1_0\
CHR - Extension: AdBlock = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.38_0\
CHR - Extension: IE Tab = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.6.30.1_0\
CHR - Extension: 9GAG Mini = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml\0.5_0\
CHR - Extension: 9GAG Extended = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjndakdbficlclbpmiijndipamoodlmb\1.4.4_0\
CHR - Extension: Facebook Notifications = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: Picky Wallpapers = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj\1.0.0_0\
CHR - Extension: Gmail = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Writer = C:\Users\Norbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnengefjfhgcceajaepbjhanoojifmog\1.0.0.0_0\

O1 HOSTS File: ([2012/08/06 22:44:15 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [ExpressFiles] C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (http://www.express-files.com/)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Norbert\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Norbert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - Startup: C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktopComic.exe ()
O4 - Startup: C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Norbert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hott notes 4.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B4AE0F2-D63F-49F1-9093-CDAB8C83FE81}: DhcpNameServer = 172.26.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BD6F1C0-63E7-4421-B974-99895A3DEA67}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/04/17 16:44:55 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/06 22:46:29 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/08/06 22:26:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/06 22:26:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/06 22:26:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/06 22:25:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/06 22:25:28 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/08/06 22:21:42 | 004,725,168 | R--- | C] (Swearware) -- C:\Users\Norbert\Desktop\ComboFix.exe
[2012/08/06 21:51:52 | 000,000,000 | ---D | C] -- C:\_OTS
[2012/08/06 18:52:59 | 000,074,872 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbapifs.sys
[2012/08/06 18:52:59 | 000,045,936 | ---- | C] (GFI Software) -- C:\Windows\SysNative\SBBD.EXE
[2012/08/06 18:52:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
[2012/08/06 18:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2012/08/06 18:52:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STOPzilla!
[2012/08/02 16:25:28 | 000,023,416 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
[2012/08/02 16:25:16 | 000,546,680 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
[2012/08/02 16:25:12 | 000,497,528 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
[2012/08/01 12:50:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTD Toolbar
[2012/08/01 12:50:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2012/08/01 12:50:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2012/07/26 23:10:12 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2012/07/26 23:10:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2012/07/26 23:10:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GreenTree Applications
[2012/07/26 16:18:39 | 000,000,000 | ---D | C] -- C:\Users\Norbert\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/07/25 22:27:25 | 000,000,000 | ---D | C] -- C:\Users\Norbert\Desktop\Mari0
[2012/07/24 19:58:06 | 000,000,000 | ---D | C] -- C:\Users\Norbert\Desktop\DragonBall-Z-Budokai-3-CE.part001
[2012/07/22 22:35:25 | 000,000,000 | ---D | C] -- C:\Users\Norbert\Desktop\eth
[2012/07/19 15:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2012/07/17 23:10:05 | 000,000,000 | ---D | C] -- C:\Downloads
[2012/07/17 23:03:18 | 000,000,000 | ---D | C] -- C:\Users\Norbert\AppData\Roaming\Free Download Manager
[2012/07/17 23:03:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
[2012/07/17 23:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager
[2012/07/17 08:36:16 | 000,231,288 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Win325.dll
[2012/07/17 08:36:16 | 000,029,048 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3XDat5.dll
[2012/07/17 08:36:14 | 000,391,032 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3UI5.dll
[2012/07/17 08:36:12 | 000,100,216 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Svc5.dll
[2012/07/17 08:36:06 | 000,132,984 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3HTUI5.dll
[2012/07/17 08:36:06 | 000,104,312 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Inet5.dll
[2012/07/17 08:36:04 | 000,456,568 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3DBA5.dll
[2012/07/17 08:36:04 | 000,067,448 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Hks5.dll
[2012/07/17 08:36:02 | 000,812,920 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Base5.dll
[2012/07/16 21:09:05 | 000,000,000 | ---D | C] -- C:\Users\Norbert\AppData\Roaming\RealNetworks
[2012/05/09 13:59:09 | 000,201,728 | ---- | C] (Freebyte.com) -- C:\Program Files\hjsplit.exe

========== Files - Modified Within 30 Days ==========

[2012/08/06 23:16:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4179889698-1861791420-1329387874-1000UA.job
[2012/08/06 23:10:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4179889698-1861791420-1329387874-1003UA.job
[2012/08/06 22:53:50 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/06 22:53:50 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/06 22:50:19 | 000,744,014 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012/08/06 22:50:19 | 000,152,840 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012/08/06 22:50:18 | 001,665,488 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/06 22:50:18 | 000,652,820 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/06 22:50:18 | 000,121,494 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/06 22:45:07 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat
[2012/08/06 22:45:02 | 2960,805,888 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/06 22:44:15 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/06 22:21:53 | 004,725,168 | R--- | M] (Swearware) -- C:\Users\Norbert\Desktop\ComboFix.exe
[2012/08/06 22:16:01 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4179889698-1861791420-1329387874-1000Core.job
[2012/08/06 18:10:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4179889698-1861791420-1329387874-1003Core.job
[2012/08/02 16:25:28 | 000,023,416 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
[2012/08/02 16:25:16 | 000,546,680 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
[2012/08/02 16:25:12 | 000,497,528 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
[2012/07/26 23:10:08 | 000,001,257 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012/07/26 16:28:07 | 000,000,132 | ---- | M] () -- C:\Users\Norbert\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/07/22 13:11:42 | 004,980,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/17 23:03:18 | 000,001,035 | ---- | M] () -- C:\Users\Norbert\Desktop\Free Download Manager.lnk
[2012/07/17 08:36:16 | 000,231,288 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Win325.dll
[2012/07/17 08:36:16 | 000,029,048 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3XDat5.dll
[2012/07/17 08:36:14 | 000,391,032 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3UI5.dll
[2012/07/17 08:36:12 | 000,100,216 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Svc5.dll
[2012/07/17 08:36:06 | 000,132,984 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3HTUI5.dll
[2012/07/17 08:36:06 | 000,104,312 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Inet5.dll
[2012/07/17 08:36:04 | 000,456,568 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3DBA5.dll
[2012/07/17 08:36:04 | 000,067,448 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Hks5.dll
[2012/07/17 08:36:02 | 000,812,920 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Base5.dll
[2012/07/11 12:20:11 | 000,119,628 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat

========== Files Created - No Company Name ==========

[2012/08/06 22:26:08 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/06 22:26:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/06 22:26:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/06 22:26:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/06 22:26:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/01 18:05:36 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4179889698-1861791420-1329387874-1003UA.job
[2012/08/01 18:05:36 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4179889698-1861791420-1329387874-1003Core.job
[2012/07/26 23:10:08 | 000,001,257 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012/07/17 23:03:18 | 000,001,035 | ---- | C] () -- C:\Users\Norbert\Desktop\Free Download Manager.lnk
[2012/07/11 12:20:11 | 000,119,628 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/06/30 11:08:13 | 000,000,132 | ---- | C] () -- C:\Users\Norbert\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/04/17 02:02:32 | 000,000,647 | ---- | C] () -- C:\Users\Norbert\AppData\Roaming\result.db
[2012/02/29 16:08:54 | 000,000,132 | ---- | C] () -- C:\Users\Norbert\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/12/26 19:05:48 | 000,751,778 | ---- | C] () -- C:\Users\Norbert\IMG_0965.PNG
[2011/12/26 19:05:48 | 000,684,424 | ---- | C] () -- C:\Users\Norbert\IMG_0964.PNG
[2011/12/26 19:05:48 | 000,560,144 | ---- | C] () -- C:\Users\Norbert\IMG_0966.PNG
[2011/12/26 18:52:41 | 000,314,354 | ---- | C] () -- C:\Users\Norbert\IMG_0963.PNG
[2011/12/26 18:52:41 | 000,313,497 | ---- | C] () -- C:\Users\Norbert\IMG_0959.PNG
[2011/12/26 18:52:41 | 000,306,847 | ---- | C] () -- C:\Users\Norbert\IMG_0961.PNG
[2011/12/26 18:52:41 | 000,306,156 | ---- | C] () -- C:\Users\Norbert\IMG_0962.PNG
[2011/12/26 18:52:41 | 000,303,194 | ---- | C] () -- C:\Users\Norbert\IMG_0960.PNG
[2011/12/26 18:52:40 | 000,308,028 | ---- | C] () -- C:\Users\Norbert\IMG_0952.PNG
[2011/12/26 18:52:40 | 000,306,578 | ---- | C] () -- C:\Users\Norbert\IMG_0942.PNG
[2011/12/26 18:52:40 | 000,295,266 | ---- | C] () -- C:\Users\Norbert\IMG_0946.PNG
[2011/12/26 18:52:40 | 000,291,989 | ---- | C] () -- C:\Users\Norbert\IMG_0958.PNG
[2011/12/26 18:52:40 | 000,251,781 | ---- | C] () -- C:\Users\Norbert\IMG_0951.JPG
[2011/12/26 18:52:40 | 000,236,884 | ---- | C] () -- C:\Users\Norbert\IMG_0950.JPG
[2011/12/26 18:52:40 | 000,235,195 | ---- | C] () -- C:\Users\Norbert\IMG_0957.JPG
[2011/12/26 18:52:40 | 000,230,970 | ---- | C] () -- C:\Users\Norbert\IMG_0954.JPG
[2011/12/26 18:52:40 | 000,220,419 | ---- | C] () -- C:\Users\Norbert\IMG_0955.JPG
[2011/12/26 18:52:40 | 000,218,193 | ---- | C] () -- C:\Users\Norbert\IMG_0953.JPG
[2011/12/26 18:52:40 | 000,200,651 | ---- | C] () -- C:\Users\Norbert\IMG_0956.JPG
[2011/12/26 18:52:40 | 000,196,542 | ---- | C] () -- C:\Users\Norbert\IMG_0944.PNG
[2011/12/26 18:52:40 | 000,193,391 | ---- | C] () -- C:\Users\Norbert\IMG_0948.JPG
[2011/12/26 18:52:40 | 000,184,745 | ---- | C] () -- C:\Users\Norbert\IMG_0947.JPG
[2011/12/26 18:52:40 | 000,092,649 | ---- | C] () -- C:\Users\Norbert\IMG_0949.JPG
[2011/12/26 18:52:40 | 000,047,186 | ---- | C] () -- C:\Users\Norbert\IMG_0943.JPG
[2011/12/26 18:52:40 | 000,039,463 | ---- | C] () -- C:\Users\Norbert\IMG_0945.PNG
[2011/12/26 18:52:39 | 000,329,773 | ---- | C] () -- C:\Users\Norbert\IMG_0935.PNG
[2011/12/26 18:52:39 | 000,329,320 | ---- | C] () -- C:\Users\Norbert\IMG_0933.PNG
[2011/12/26 18:52:39 | 000,329,097 | ---- | C] () -- C:\Users\Norbert\IMG_0934.PNG
[2011/12/26 18:52:39 | 000,328,835 | ---- | C] () -- C:\Users\Norbert\IMG_0931.PNG
[2011/12/26 18:52:39 | 000,328,234 | ---- | C] () -- C:\Users\Norbert\IMG_0932.PNG
[2011/12/26 18:52:39 | 000,325,158 | ---- | C] () -- C:\Users\Norbert\IMG_0939.PNG
[2011/12/26 18:52:39 | 000,324,738 | ---- | C] () -- C:\Users\Norbert\IMG_0937.PNG
[2011/12/26 18:52:39 | 000,318,076 | ---- | C] () -- C:\Users\Norbert\IMG_0930.PNG
[2011/12/26 18:52:39 | 000,305,323 | ---- | C] () -- C:\Users\Norbert\IMG_0941.PNG
[2011/12/26 18:52:39 | 000,299,883 | ---- | C] () -- C:\Users\Norbert\IMG_0940.PNG
[2011/12/26 18:52:39 | 000,293,839 | ---- | C] () -- C:\Users\Norbert\IMG_0936.PNG
[2011/12/26 18:52:39 | 000,281,743 | ---- | C] () -- C:\Users\Norbert\IMG_0938.PNG
[2011/12/26 18:52:38 | 000,308,534 | ---- | C] () -- C:\Users\Norbert\IMG_0918.PNG
[2011/12/26 18:52:38 | 000,304,725 | ---- | C] () -- C:\Users\Norbert\IMG_0922.PNG
[2011/12/26 18:52:38 | 000,299,277 | ---- | C] () -- C:\Users\Norbert\IMG_0921.PNG
[2011/12/26 18:52:38 | 000,294,732 | ---- | C] () -- C:\Users\Norbert\IMG_0919.PNG
[2011/12/26 18:52:38 | 000,293,869 | ---- | C] () -- C:\Users\Norbert\IMG_0920.PNG
[2011/12/26 18:52:38 | 000,284,717 | ---- | C] () -- C:\Users\Norbert\IMG_0917.PNG
[2011/12/26 18:52:38 | 000,209,338 | ---- | C] () -- C:\Users\Norbert\IMG_0924.PNG
[2011/12/26 18:52:38 | 000,209,192 | ---- | C] () -- C:\Users\Norbert\IMG_0923.PNG
[2011/12/26 18:52:38 | 000,180,631 | ---- | C] () -- C:\Users\Norbert\IMG_0927.PNG
[2011/12/26 18:52:38 | 000,179,330 | ---- | C] () -- C:\Users\Norbert\IMG_0926.PNG
[2011/12/26 18:52:38 | 000,174,893 | ---- | C] () -- C:\Users\Norbert\IMG_0925.PNG
[2011/12/26 18:52:38 | 000,144,896 | ---- | C] () -- C:\Users\Norbert\IMG_0916.JPG
[2011/12/26 18:52:38 | 000,012,642 | ---- | C] () -- C:\Users\Norbert\IMG_0915.PNG
[2011/12/26 18:52:37 | 000,334,006 | ---- | C] () -- C:\Users\Norbert\IMG_0907.PNG
[2011/12/26 18:52:37 | 000,334,005 | ---- | C] () -- C:\Users\Norbert\IMG_0908.PNG
[2011/12/26 18:52:37 | 000,330,981 | ---- | C] () -- C:\Users\Norbert\IMG_0909.PNG
[2011/12/26 18:52:37 | 000,330,672 | ---- | C] () -- C:\Users\Norbert\IMG_0900.PNG
[2011/12/26 18:52:37 | 000,328,159 | ---- | C] () -- C:\Users\Norbert\IMG_0903.PNG
[2011/12/26 18:52:37 | 000,325,394 | ---- | C] () -- C:\Users\Norbert\IMG_0912.PNG
[2011/12/26 18:52:37 | 000,318,206 | ---- | C] () -- C:\Users\Norbert\IMG_0899.PNG
[2011/12/26 18:52:37 | 000,283,526 | ---- | C] () -- C:\Users\Norbert\IMG_0911.PNG
[2011/12/26 18:52:37 | 000,058,334 | ---- | C] () -- C:\Users\Norbert\IMG_0913.PNG
[2011/12/26 18:52:37 | 000,046,345 | ---- | C] () -- C:\Users\Norbert\IMG_0867.PNG
[2011/12/26 18:52:37 | 000,033,227 | ---- | C] () -- C:\Users\Norbert\IMG_0902.JPG
[2011/12/26 18:52:37 | 000,026,959 | ---- | C] () -- C:\Users\Norbert\IMG_0901.JPG
[2011/12/26 18:52:36 | 000,290,294 | ---- | C] () -- C:\Users\Norbert\IMG_0854.JPG
[2011/12/26 18:52:36 | 000,276,550 | ---- | C] () -- C:\Users\Norbert\IMG_0856.JPG
[2011/12/26 18:52:36 | 000,273,774 | ---- | C] () -- C:\Users\Norbert\IMG_0853.JPG
[2011/12/26 18:52:36 | 000,257,960 | ---- | C] () -- C:\Users\Norbert\IMG_0855.JPG
[2011/12/26 18:52:36 | 000,064,593 | ---- | C] () -- C:\Users\Norbert\IMG_0851.JPG
[2011/12/26 18:52:36 | 000,064,506 | ---- | C] () -- C:\Users\Norbert\IMG_0852.JPG
[2011/12/26 18:52:36 | 000,038,411 | ---- | C] () -- C:\Users\Norbert\IMG_0850.JPG
[2011/12/26 18:52:36 | 000,037,990 | ---- | C] () -- C:\Users\Norbert\IMG_0847.JPG
[2011/12/26 18:52:36 | 000,035,153 | ---- | C] () -- C:\Users\Norbert\IMG_0849.JPG
[2011/12/26 18:52:36 | 000,032,266 | ---- | C] () -- C:\Users\Norbert\IMG_0848.JPG
[2011/12/26 18:52:36 | 000,015,867 | ---- | C] () -- C:\Users\Norbert\IMG_0846.JPG
[2011/12/26 18:52:35 | 000,802,408 | ---- | C] () -- C:\Users\Norbert\IMG_0837.PNG
[2011/12/26 18:52:35 | 000,704,743 | ---- | C] () -- C:\Users\Norbert\IMG_0835.PNG
[2011/12/26 18:52:35 | 000,517,517 | ---- | C] () -- C:\Users\Norbert\IMG_0845.PNG
[2011/12/26 18:52:35 | 000,329,533 | ---- | C] () -- C:\Users\Norbert\IMG_0840.PNG
[2011/12/26 18:52:35 | 000,286,345 | ---- | C] () -- C:\Users\Norbert\IMG_0838.PNG
[2011/12/26 18:52:35 | 000,059,897 | ---- | C] () -- C:\Users\Norbert\IMG_0834.JPG
[2011/12/26 18:52:35 | 000,054,549 | ---- | C] () -- C:\Users\Norbert\IMG_0844.JPG
[2011/12/26 18:52:35 | 000,052,942 | ---- | C] () -- C:\Users\Norbert\IMG_0843.JPG
[2011/12/26 18:52:35 | 000,051,607 | ---- | C] () -- C:\Users\Norbert\IMG_0833.JPG
[2011/12/26 18:52:35 | 000,040,751 | ---- | C] () -- C:\Users\Norbert\IMG_0841.JPG
[2011/12/26 18:52:35 | 000,039,066 | ---- | C] () -- C:\Users\Norbert\IMG_0836.JPG
[2011/12/26 18:52:35 | 000,036,516 | ---- | C] () -- C:\Users\Norbert\IMG_0839.JPG
[2011/12/26 18:52:32 | 001,865,306 | ---- | C] () -- C:\Users\Norbert\IMG_0810.PNG
[2011/12/26 18:52:32 | 001,031,911 | ---- | C] () -- C:\Users\Norbert\IMG_0809.PNG
[2011/12/26 18:52:32 | 000,531,900 | ---- | C] () -- C:\Users\Norbert\IMG_0808.PNG
[2011/12/26 18:52:31 | 000,924,183 | ---- | C] () -- C:\Users\Norbert\IMG_0806.PNG
[2011/12/26 18:52:31 | 000,888,195 | ---- | C] () -- C:\Users\Norbert\IMG_0805.PNG
[2011/12/26 18:52:31 | 000,848,259 | ---- | C] () -- C:\Users\Norbert\IMG_0807.PNG
[2011/12/26 18:52:30 | 000,406,870 | ---- | C] () -- C:\Users\Norbert\IMG_0794.PNG
[2011/12/26 18:52:30 | 000,342,591 | ---- | C] () -- C:\Users\Norbert\IMG_0795.PNG
[2011/12/26 18:52:30 | 000,067,361 | ---- | C] () -- C:\Users\Norbert\IMG_0793.JPG
[2011/12/26 18:52:30 | 000,064,329 | ---- | C] () -- C:\Users\Norbert\IMG_0798.JPG
[2011/12/26 18:52:30 | 000,034,612 | ---- | C] () -- C:\Users\Norbert\IMG_0797.JPG
[2011/12/26 18:52:30 | 000,028,583 | ---- | C] () -- C:\Users\Norbert\IMG_0799.JPG
[2011/12/26 18:52:25 | 000,684,064 | ---- | C] () -- C:\Users\Norbert\IMG_0748.PNG
[2011/12/26 18:52:24 | 002,331,985 | ---- | C] () -- C:\Users\Norbert\IMG_0747.JPG
[2011/12/26 18:52:24 | 002,306,692 | ---- | C] () -- C:\Users\Norbert\IMG_0745.JPG
[2011/12/26 18:52:24 | 001,926,905 | ---- | C] () -- C:\Users\Norbert\IMG_0746.JPG
[2011/12/26 18:52:23 | 002,617,066 | ---- | C] () -- C:\Users\Norbert\IMG_0743.JPG
[2011/12/26 18:52:23 | 002,425,151 | ---- | C] () -- C:\Users\Norbert\IMG_0744.JPG
[2011/12/26 18:52:22 | 000,260,968 | ---- | C] () -- C:\Users\Norbert\IMG_0729.JPG
[2011/12/26 18:52:22 | 000,245,685 | ---- | C] () -- C:\Users\Norbert\IMG_0730.JPG
[2011/12/26 18:52:22 | 000,237,967 | ---- | C] () -- C:\Users\Norbert\IMG_0726.JPG
[2011/12/26 18:52:22 | 000,235,523 | ---- | C] () -- C:\Users\Norbert\IMG_0727.JPG
[2011/12/26 18:52:22 | 000,228,570 | ---- | C] () -- C:\Users\Norbert\IMG_0725.JPG
[2011/12/26 18:52:22 | 000,223,353 | ---- | C] () -- C:\Users\Norbert\IMG_0728.JPG
[2011/12/26 18:52:21 | 000,231,151 | ---- | C] () -- C:\Users\Norbert\IMG_0720.JPG
[2011/12/26 18:52:21 | 000,209,758 | ---- | C] () -- C:\Users\Norbert\IMG_0718.JPG
[2011/12/26 18:52:21 | 000,209,030 | ---- | C] () -- C:\Users\Norbert\IMG_0719.JPG
[2011/12/26 18:52:21 | 000,202,017 | ---- | C] () -- C:\Users\Norbert\IMG_0717.JPG
[2011/12/26 18:52:20 | 000,222,080 | ---- | C] () -- C:\Users\Norbert\IMG_0705.JPG
[2011/12/26 18:52:20 | 000,218,731 | ---- | C] () -- C:\Users\Norbert\IMG_0704.JPG
[2011/12/26 18:52:20 | 000,218,206 | ---- | C] () -- C:\Users\Norbert\IMG_0703.JPG
[2011/12/26 18:52:20 | 000,168,410 | ---- | C] () -- C:\Users\Norbert\IMG_0702.JPG
[2011/12/26 18:52:20 | 000,159,787 | ---- | C] () -- C:\Users\Norbert\IMG_0701.JPG
[2011/12/26 18:52:20 | 000,156,234 | ---- | C] () -- C:\Users\Norbert\IMG_0700.JPG
[2011/12/26 18:52:19 | 000,143,574 | ---- | C] () -- C:\Users\Norbert\IMG_0683.JPG
[2011/12/26 18:52:12 | 000,206,083 | ---- | C] () -- C:\Users\Norbert\IMG_0595.JPG
[2011/12/26 18:52:12 | 000,205,520 | ---- | C] () -- C:\Users\Norbert\IMG_0594.JPG
[2011/12/26 18:52:11 | 000,259,153 | ---- | C] () -- C:\Users\Norbert\IMG_0564.JPG
[2011/12/26 18:52:11 | 000,255,848 | ---- | C] () -- C:\Users\Norbert\IMG_0565.JPG
[2011/12/26 18:52:11 | 000,159,600 | ---- | C] () -- C:\Users\Norbert\IMG_0591.JPG
[2011/12/26 18:52:11 | 000,159,200 | ---- | C] () -- C:\Users\Norbert\IMG_0585.JPG
[2011/12/26 18:52:11 | 000,150,575 | ---- | C] () -- C:\Users\Norbert\IMG_0588.JPG
[2011/12/26 18:52:11 | 000,144,770 | ---- | C] () -- C:\Users\Norbert\IMG_0589.JPG
[2011/12/26 18:52:11 | 000,132,934 | ---- | C] () -- C:\Users\Norbert\IMG_0587.JPG
[2011/12/26 18:52:11 | 000,042,487 | ---- | C] () -- C:\Users\Norbert\IMG_0566.JPG
[2011/12/26 18:52:10 | 004,889,941 | ---- | C] () -- C:\Users\Norbert\IMG_0563.MOV
[2011/12/26 18:52:10 | 001,292,036 | ---- | C] () -- C:\Users\Norbert\IMG_0560.PNG
[2011/12/26 18:52:10 | 000,092,010 | ---- | C] () -- C:\Users\Norbert\IMG_0493.PNG
[2011/12/26 18:52:09 | 000,242,857 | ---- | C] () -- C:\Users\Norbert\IMG_0475.JPG
[2011/12/26 18:52:09 | 000,231,486 | ---- | C] () -- C:\Users\Norbert\IMG_0476.JPG
[2011/12/26 18:52:09 | 000,194,052 | ---- | C] () -- C:\Users\Norbert\IMG_0477.JPG
[2011/12/26 18:52:09 | 000,192,296 | ---- | C] () -- C:\Users\Norbert\IMG_0479.JPG
[2011/12/26 18:52:09 | 000,191,169 | ---- | C] () -- C:\Users\Norbert\IMG_0478.JPG
[2011/12/26 18:52:09 | 000,187,431 | ---- | C] () -- C:\Users\Norbert\IMG_0481.PNG
[2011/12/26 18:52:09 | 000,180,550 | ---- | C] () -- C:\Users\Norbert\IMG_0480.PNG
[2011/12/26 18:52:09 | 000,064,823 | ---- | C] () -- C:\Users\Norbert\IMG_0482.JPG
[2011/12/26 18:52:09 | 000,061,927 | ---- | C] () -- C:\Users\Norbert\IMG_0483.JPG
[2011/12/26 18:52:08 | 001,902,970 | ---- | C] () -- C:\Users\Norbert\IMG_0469.JPG
[2011/12/26 18:52:08 | 000,419,175 | ---- | C] () -- C:\Users\Norbert\IMG_0467.JPG
[2011/12/26 18:52:08 | 000,365,106 | ---- | C] () -- C:\Users\Norbert\IMG_0468.JPG
[2011/12/26 18:52:08 | 000,310,372 | ---- | C] () -- C:\Users\Norbert\IMG_0472.JPG
[2011/12/26 18:52:08 | 000,262,868 | ---- | C] () -- C:\Users\Norbert\IMG_0473.PNG
[2011/12/26 18:52:08 | 000,253,408 | ---- | C] () -- C:\Users\Norbert\IMG_0466.JPG
[2011/12/26 18:52:08 | 000,207,276 | ---- | C] () -- C:\Users\Norbert\IMG_0474.JPG
[2011/12/26 18:52:08 | 000,092,189 | ---- | C] () -- C:\Users\Norbert\IMG_0471.JPG
[2011/12/26 18:52:08 | 000,048,431 | ---- | C] () -- C:\Users\Norbert\IMG_0470.JPG
[2011/12/26 18:52:07 | 001,021,073 | ---- | C] () -- C:\Users\Norbert\IMG_0460.PNG
[2011/12/26 18:52:07 | 000,693,529 | ---- | C] () -- C:\Users\Norbert\IMG_0459.JPG
[2011/12/26 18:52:07 | 000,241,303 | ---- | C] () -- C:\Users\Norbert\IMG_0465.JPG
[2011/12/26 18:52:06 | 000,299,805 | ---- | C] () -- C:\Users\Norbert\IMG_0428.JPG
[2011/12/26 18:52:06 | 000,208,483 | ---- | C] () -- C:\Users\Norbert\IMG_0435.JPG
[2011/12/26 18:52:06 | 000,206,379 | ---- | C] () -- C:\Users\Norbert\IMG_0434.JPG
[2011/12/26 18:52:06 | 000,185,064 | ---- | C] () -- C:\Users\Norbert\IMG_0440.JPG
[2011/12/26 18:52:06 | 000,169,112 | ---- | C] () -- C:\Users\Norbert\IMG_0436.JPG
[2011/12/26 18:52:06 | 000,161,941 | ---- | C] () -- C:\Users\Norbert\IMG_0431.JPG
[2011/12/26 18:52:06 | 000,135,632 | ---- | C] () -- C:\Users\Norbert\IMG_0432.JPG
[2011/12/26 18:52:06 | 000,129,211 | ---- | C] () -- C:\Users\Norbert\IMG_0439.JPG
[2011/12/26 18:52:06 | 000,108,813 | ---- | C] () -- C:\Users\Norbert\IMG_0438.JPG
[2011/12/26 18:52:06 | 000,108,081 | ---- | C] () -- C:\Users\Norbert\IMG_0437.JPG
[2011/12/26 18:52:06 | 000,099,298 | ---- | C] () -- C:\Users\Norbert\IMG_0441.JPG
[2011/12/26 18:52:06 | 000,094,775 | ---- | C] () -- C:\Users\Norbert\IMG_0429.JPG
[2011/12/26 18:52:06 | 000,091,733 | ---- | C] () -- C:\Users\Norbert\IMG_0443.JPG
[2011/12/26 18:52:06 | 000,086,909 | ---- | C] () -- C:\Users\Norbert\IMG_0442.JPG
[2011/12/26 18:52:06 | 000,077,267 | ---- | C] () -- C:\Users\Norbert\IMG_0426.JPG
[2011/12/26 18:52:06 | 000,064,403 | ---- | C] () -- C:\Users\Norbert\IMG_0430.JPG
[2011/12/26 18:52:06 | 000,047,234 | ---- | C] () -- C:\Users\Norbert\IMG_0447.JPG
[2011/12/26 18:52:06 | 000,041,799 | ---- | C] () -- C:\Users\Norbert\IMG_0456.JPG
[2011/12/26 18:52:06 | 000,034,714 | ---- | C] () -- C:\Users\Norbert\IMG_0427.JPG
[2011/12/26 18:52:05 | 002,859,908 | ---- | C] () -- C:\Users\Norbert\IMG_0425.JPG
[2011/12/26 18:52:05 | 000,463,016 | ---- | C] () -- C:\Users\Norbert\IMG_0414.JPG
[2011/12/26 18:52:05 | 000,389,549 | ---- | C] () -- C:\Users\Norbert\IMG_0415.JPG
[2011/12/26 18:52:02 | 002,359,350 | ---- | C] () -- C:\Users\Norbert\IMG_0309.BMP
[2011/12/26 18:52:02 | 000,241,655 | ---- | C] () -- C:\Users\Norbert\IMG_0290.JPG
[2011/12/26 18:52:02 | 000,209,963 | ---- | C] () -- C:\Users\Norbert\IMG_0289.JPG
[2011/12/26 18:52:02 | 000,177,633 | ---- | C] () -- C:\Users\Norbert\IMG_0339.JPG
[2011/12/26 18:52:02 | 000,170,172 | ---- | C] () -- C:\Users\Norbert\IMG_0291.JPG
[2011/12/26 18:52:02 | 000,062,469 | ---- | C] () -- C:\Users\Norbert\IMG_0328.JPG
[2011/12/26 18:52:02 | 000,034,746 | ---- | C] () -- C:\Users\Norbert\IMG_0327.JPG
[2011/12/26 18:52:02 | 000,014,296 | ---- | C] () -- C:\Users\Norbert\IMG_0310.JPG
[2011/12/26 18:52:01 | 002,449,568 | ---- | C] () -- C:\Users\Norbert\IMG_0275.JPG
[2011/12/26 18:52:01 | 000,453,913 | ---- | C] () -- C:\Users\Norbert\IMG_0287.JPG
[2011/12/26 18:52:01 | 000,364,425 | ---- | C] () -- C:\Users\Norbert\IMG_0274.PNG
[2011/12/26 18:52:01 | 000,331,047 | ---- | C] () -- C:\Users\Norbert\IMG_0269.PNG
[2011/12/26 18:52:01 | 000,185,349 | ---- | C] () -- C:\Users\Norbert\IMG_0285.PNG
[2011/12/26 18:52:01 | 000,174,853 | ---- | C] () -- C:\Users\Norbert\IMG_0288.JPG
[2011/12/26 18:52:01 | 000,102,804 | ---- | C] () -- C:\Users\Norbert\IMG_0286.JPG
[2011/12/26 18:52:01 | 000,026,386 | ---- | C] () -- C:\Users\Norbert\IMG_0270.PNG
[2011/12/26 18:52:00 | 000,856,082 | ---- | C] () -- C:\Users\Norbert\IMG_0252.PNG
[2011/12/26 18:52:00 | 000,613,790 | ---- | C] () -- C:\Users\Norbert\IMG_0253.PNG
[2011/12/26 18:52:00 | 000,461,819 | ---- | C] () -- C:\Users\Norbert\IMG_0254.PNG
[2011/12/26 18:52:00 | 000,332,080 | ---- | C] () -- C:\Users\Norbert\IMG_0219.PNG
[2011/12/26 18:52:00 | 000,258,914 | ---- | C] () -- C:\Users\Norbert\IMG_0126.JPG
[2011/12/26 18:52:00 | 000,168,494 | ---- | C] () -- C:\Users\Norbert\IMG_0161.JPG
[2011/12/26 18:52:00 | 000,150,269 | ---- | C] () -- C:\Users\Norbert\IMG_0218.JPG
[2011/12/26 18:52:00 | 000,131,086 | ---- | C] () -- C:\Users\Norbert\IMG_0221.JPG
[2011/12/26 18:52:00 | 000,129,779 | ---- | C] () -- C:\Users\Norbert\IMG_0216.JPG
[2011/12/26 18:52:00 | 000,129,779 | ---- | C] () -- C:\Users\Norbert\IMG_0215.JPG
[2011/12/26 18:52:00 | 000,094,530 | ---- | C] () -- C:\Users\Norbert\IMG_0257.JPG
[2011/12/26 18:52:00 | 000,084,139 | ---- | C] () -- C:\Users\Norbert\IMG_0220.JPG
[2011/12/26 18:52:00 | 000,057,383 | ---- | C] () -- C:\Users\Norbert\IMG_0255.JPG
[2011/12/26 18:51:59 | 000,294,928 | ---- | C] () -- C:\Users\Norbert\IMG_0123.JPG
[2011/12/26 18:51:59 | 000,267,688 | ---- | C] () -- C:\Users\Norbert\IMG_0122.JPG
[2011/12/26 18:51:59 | 000,251,465 | ---- | C] () -- C:\Users\Norbert\IMG_0096.JPG
[2011/12/26 18:51:59 | 000,249,658 | ---- | C] () -- C:\Users\Norbert\IMG_0099.JPG
[2011/12/26 18:51:59 | 000,248,382 | ---- | C] () -- C:\Users\Norbert\IMG_0095.JPG
[2011/12/26 18:51:59 | 000,242,037 | ---- | C] () -- C:\Users\Norbert\IMG_0100.JPG
[2011/12/26 18:51:59 | 000,240,707 | ---- | C] () -- C:\Users\Norbert\IMG_0097.JPG
[2011/12/26 18:51:59 | 000,238,543 | ---- | C] () -- C:\Users\Norbert\IMG_0098.JPG
[2011/12/26 18:51:59 | 000,200,670 | ---- | C] () -- C:\Users\Norbert\IMG_0102.JPG
[2011/12/26 18:51:59 | 000,200,418 | ---- | C] () -- C:\Users\Norbert\IMG_0101.JPG
[2011/12/26 18:51:59 | 000,200,016 | ---- | C] () -- C:\Users\Norbert\IMG_0120.JPG
[2011/12/26 18:51:59 | 000,162,808 | ---- | C] () -- C:\Users\Norbert\IMG_0108.JPG
[2011/12/26 18:51:59 | 000,162,273 | ---- | C] () -- C:\Users\Norbert\IMG_0105.JPG
[2011/12/26 18:51:59 | 000,161,434 | ---- | C] () -- C:\Users\Norbert\IMG_0103.JPG
[2011/12/26 18:51:59 | 000,160,991 | ---- | C] () -- C:\Users\Norbert\IMG_0109.JPG
[2011/12/26 18:51:59 | 000,151,832 | ---- | C] () -- C:\Users\Norbert\IMG_0107.JPG
[2011/12/26 18:51:59 | 000,147,251 | ---- | C] () -- C:\Users\Norbert\IMG_0106.JPG
[2011/12/26 18:51:59 | 000,139,157 | ---- | C] () -- C:\Users\Norbert\IMG_0104.JPG
[2011/12/26 18:51:58 | 000,253,247 | ---- | C] () -- C:\Users\Norbert\IMG_0094.JPG
[2011/12/26 18:51:58 | 000,239,906 | ---- | C] () -- C:\Users\Norbert\IMG_0093.JPG
[2011/12/26 18:51:54 | 022,326,928 | ---- | C] () -- C:\Users\Norbert\IMG_0092.MOV
[2011/12/26 18:51:54 | 003,014,163 | ---- | C] () -- C:\Users\Norbert\IMG_0091.MOV
[2011/12/26 18:51:50 | 020,514,696 | ---- | C] () -- C:\Users\Norbert\IMG_0090.MOV
[2011/12/26 18:51:49 | 004,338,264 | ---- | C] () -- C:\Users\Norbert\IMG_0089.MOV
[2011/12/26 18:51:49 | 003,534,912 | ---- | C] () -- C:\Users\Norbert\IMG_0088.MOV
[2011/12/26 18:51:48 | 002,443,940 | ---- | C] () -- C:\Users\Norbert\IMG_0087.MOV
[2011/12/26 18:51:48 | 001,741,749 | ---- | C] () -- C:\Users\Norbert\IMG_0086.MOV
[2011/12/26 18:51:47 | 001,744,367 | ---- | C] () -- C:\Users\Norbert\IMG_0084.MOV
[2011/12/26 18:51:47 | 001,725,144 | ---- | C] () -- C:\Users\Norbert\IMG_0082.MOV
[2011/12/26 18:51:46 | 007,586,373 | ---- | C] () -- C:\Users\Norbert\IMG_0081.MOV
[2011/12/26 18:51:45 | 004,218,214 | ---- | C] () -- C:\Users\Norbert\IMG_0080.MOV
[2011/12/26 18:51:45 | 001,655,030 | ---- | C] () -- C:\Users\Norbert\IMG_0079.MOV
[2011/12/26 18:51:44 | 002,473,792 | ---- | C] () -- C:\Users\Norbert\IMG_0078.MOV
[2011/12/26 18:51:43 | 004,178,528 | ---- | C] () -- C:\Users\Norbert\IMG_0077.MOV
[2011/12/26 18:51:43 | 003,438,658 | ---- | C] () -- C:\Users\Norbert\IMG_0076.MOV
[2011/12/26 18:51:42 | 001,869,287 | ---- | C] () -- C:\Users\Norbert\IMG_0074.MOV
[2011/12/26 18:51:42 | 001,733,080 | ---- | C] () -- C:\Users\Norbert\IMG_0075.MOV
[2011/12/26 18:51:42 | 000,293,027 | ---- | C] () -- C:\Users\Norbert\IMG_0066.JPG
[2011/12/26 18:51:42 | 000,282,697 | ---- | C] () -- C:\Users\Norbert\IMG_0067.JPG
[2011/12/26 18:51:42 | 000,263,288 | ---- | C] () -- C:\Users\Norbert\IMG_0068.JPG
[2011/12/26 18:51:42 | 000,256,959 | ---- | C] () -- C:\Users\Norbert\IMG_0069.JPG
[2011/12/26 18:51:41 | 001,266,362 | ---- | C] () -- C:\Users\Norbert\IMG_0049.PNG
[2011/12/26 18:51:41 | 001,214,252 | ---- | C] () -- C:\Users\Norbert\IMG_0048.PNG
[2011/12/26 18:51:41 | 000,281,962 | ---- | C] () -- C:\Users\Norbert\IMG_0063.JPG
[2011/12/26 18:51:41 | 000,272,933 | ---- | C] () -- C:\Users\Norbert\IMG_0064.JPG
[2011/12/26 18:51:41 | 000,257,678 | ---- | C] () -- C:\Users\Norbert\IMG_0065.JPG
[2011/12/26 18:51:41 | 000,056,344 | ---- | C] () -- C:\Users\Norbert\IMG_0058.JPG
[2011/12/26 18:51:41 | 000,054,622 | ---- | C] () -- C:\Users\Norbert\IMG_0061.JPG
[2011/12/26 18:51:40 | 003,084,198 | ---- | C] () -- C:\Users\Norbert\IMG_0047.MOV
[2011/12/26 18:51:40 | 000,264,541 | ---- | C] () -- C:\Users\Norbert\IMG_0041.JPG
[2011/12/26 18:51:40 | 000,250,944 | ---- | C] () -- C:\Users\Norbert\IMG_0034.JPG
[2011/12/26 18:51:40 | 000,246,331 | ---- | C] () -- C:\Users\Norbert\IMG_0032.JPG
[2011/12/26 18:51:40 | 000,219,832 | ---- | C] () -- C:\Users\Norbert\IMG_0033.JPG
[2011/12/26 18:51:40 | 000,214,027 | ---- | C] () -- C:\Users\Norbert\IMG_0046.JPG
[2011/12/26 18:51:40 | 000,209,329 | ---- | C] () -- C:\Users\Norbert\IMG_0035.JPG
[2011/12/26 18:51:40 | 000,207,227 | ---- | C] () -- C:\Users\Norbert\IMG_0044.JPG
[2011/12/26 18:51:40 | 000,193,932 | ---- | C] () -- C:\Users\Norbert\IMG_0045.JPG
[2011/12/26 18:51:40 | 000,188,453 | ---- | C] () -- C:\Users\Norbert\IMG_0043.JPG
[2011/12/26 18:51:40 | 000,185,285 | ---- | C] () -- C:\Users\Norbert\IMG_0042.JPG
[2011/12/26 18:51:40 | 000,106,440 | ---- | C] () -- C:\Users\Norbert\IMG_0036.JPG
[2011/12/26 18:51:39 | 000,246,743 | ---- | C] () -- C:\Users\Norbert\IMG_0031.JPG
[2011/12/26 18:51:39 | 000,243,777 | ---- | C] () -- C:\Users\Norbert\IMG_0030.JPG
[2011/12/26 18:51:37 | 011,120,180 | ---- | C] () -- C:\Users\Norbert\IMG_0029.MOV
[2011/12/26 18:51:37 | 000,260,248 | ---- | C] () -- C:\Users\Norbert\IMG_0010.JPG
[2011/12/26 18:51:37 | 000,197,104 | ---- | C] () -- C:\Users\Norbert\IMG_0007.JPG
[2011/12/26 18:51:37 | 000,196,002 | ---- | C] () -- C:\Users\Norbert\IMG_0006.JPG
[2011/12/26 18:51:37 | 000,191,042 | ---- | C] () -- C:\Users\Norbert\IMG_0005.JPG
[2011/12/26 18:51:37 | 000,119,770 | ---- | C] () -- C:\Users\Norbert\IMG_0008.JPG
[2011/12/26 18:51:37 | 000,100,053 | ---- | C] () -- C:\Users\Norbert\IMG_0011.JPG
[2011/12/09 13:57:16 | 000,000,370 | ---- | C] () -- C:\Windows\wininit.ini
[2011/11/03 21:53:41 | 001,643,648 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/27 05:12:57 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/07/27 05:12:05 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/07/27 05:12:04 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/07/27 05:12:02 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011/07/27 05:12:01 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

========== LOP Check ==========

[2012/06/03 18:48:13 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\.minecraft
[2012/01/07 22:11:06 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Babylon
[2012/01/20 00:11:29 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/05/17 19:10:36 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\DAEMON Tools Lite
[2012/04/17 15:57:18 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\DriverCure
[2012/08/06 22:47:05 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Dropbox
[2012/08/06 22:46:52 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\ExpressFiles
[2012/04/27 18:19:58 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Free Audio Editor
[2012/07/21 00:17:15 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Free Download Manager
[2012/04/10 19:58:35 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Hepa
[2012/05/09 15:17:10 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\hott notes 4
[2012/06/14 18:34:06 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\ManyCam
[2012/04/06 01:44:07 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Mokyeb
[2012/06/15 22:51:08 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\OxelonMC
[2012/06/05 10:17:07 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\PC Cleaners
[2012/06/05 15:49:08 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\PCPro
[2011/12/31 02:14:29 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\redsn0w
[2011/11/03 22:20:27 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\SoftGrid Client
[2012/04/17 15:57:17 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\SpeedyPC Software
[2012/06/17 21:41:58 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Spotify
[2012/07/26 16:18:39 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/07/03 00:55:35 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\TeamViewer
[2012/04/17 13:51:09 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\TestApp
[2011/11/03 21:54:27 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\TP
[2012/08/06 21:47:04 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\uTorrent
[2011/11/27 23:50:26 | 000,000,000 | ---D | M] -- C:\Users\Norbert\AppData\Roaming\Windows Live Writer
[2012/07/13 18:33:23 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >
  • 0

Advertisements


#2
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP