Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Security risk detected: Trojan.Gen [Solved]

Started by musikepple , Aug 23 2012 11:29 AM

  • This topic is locked This topic is locked

#1
musikepple
Posted 23 August 2012 - 11:29 AM

musikepple

    Member

  • Member
  • PipPip
  • 12 posts
Hi,

I recieved an security risk.
Now the Trojan seem to have removed everthing on my desktop and also all my files.

I´ve tried to run a lot of different programs erasing this, Essential, trojan remover, fighters but none suceeds. I´ve just disabled symantex endpoint protection and I am running SuperAntispyware on a full scan.

Would love to gets some assitance on this....

Im doing the steps in the Malware and Spyware Cleaning Guide rigth now. I had problems starting the OTL because it seems like my account on the computer is running as a temp user..... which makes it understandable that all my files and desktop is missing.

OTL logfile created on: 2012-08-23 19:32:51 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: | Country: | Language: | Date Format:

3,86 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 26,82% Memory free
7,72 Gb Paging File | 5,03 Gb Available in Paging File | 65,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 118,94 Gb Total Space | 26,62 Gb Free Space | 22,38% Space Free | Partition Type: NTFS

Computer Name: PC18 | User Name: jessjo01 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-08-23 19:30:59 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
PRC - [2012-08-15 12:46:11 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
PRC - [2012-08-06 09:16:28 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-07-27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-07-19 14:41:52 | 001,200,752 | ---- | M] (SPAMfighter) -- C:\Program Files (x86)\Fighters\SPYWAREfighter\swproTray.exe
PRC - [2012-07-19 13:59:12 | 000,815,680 | ---- | M] (Preventon Technologies Limited) -- C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
PRC - [2012-07-19 13:59:12 | 000,236,320 | ---- | M] (Preventon Technologies Limited) -- C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
PRC - [2012-07-14 02:13:42 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-07-04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012-07-03 14:40:34 | 001,454,184 | ---- | M] (SPAMfighter ApS) -- C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-07-03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-06-28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-06-11 21:01:32 | 012,099,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Lync\communicator.exe
PRC - [2012-04-05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012-01-23 13:40:12 | 001,324,680 | ---- | M] (SPAMfighter ApS) -- C:\Program Files (x86)\Fighters\FighterSuiteService.exe
PRC - [2011-10-07 14:29:22 | 002,629,632 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2011-04-29 16:44:14 | 001,687,360 | ---- | M] (QUALCOMM, Inc.) -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
PRC - [2011-04-20 17:58:02 | 001,204,224 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2011-04-20 17:53:10 | 000,335,872 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2010-11-20 05:17:56 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysWOW64\wbem\wmiprvse.exe
PRC - [2010-03-09 09:26:56 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
PRC - [2010-03-09 09:26:56 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2010-03-09 09:26:54 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2010-03-09 09:26:54 | 000,181,616 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SavUI.exe
PRC - [2010-03-09 09:26:52 | 000,050,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
PRC - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2009-09-18 04:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\CCM\CcmExec.exe


========== Modules (No Company Name) ==========

MOD - [2012-08-15 12:46:10 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2012-07-14 02:14:07 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-06-28 17:44:16 | 000,373,608 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012-01-13 15:33:12 | 000,070,424 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2011-03-17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010-10-20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009-02-27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012-03-26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012-03-26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011-08-12 01:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011-08-09 04:32:39 | 008,329,576 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2011-05-13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2010-09-08 00:05:34 | 000,271,360 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:64bit: - [2010-04-08 20:44:38 | 004,263,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Data Protection Manager\DPM\bin\DPMRA.exe -- (DPMRA)
SRV:64bit: - [2010-04-08 20:39:52 | 000,483,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Data Protection Manager\DPM\bin\DPMClientService.exe -- (DPMClientService)
SRV:64bit: - [2010-02-18 14:52:30 | 002,045,232 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009-03-02 00:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012-08-15 12:46:11 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-19 13:59:12 | 000,815,680 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe -- (AV Engine Scanning Service)
SRV - [2012-07-19 13:59:12 | 000,236,320 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe -- (AV Watch Service)
SRV - [2012-07-14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-07-04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-06-28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012-01-23 13:40:12 | 001,324,680 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Program Files (x86)\Fighters\FighterSuiteService.exe -- (Suite Service)
SRV - [2011-12-15 19:29:42 | 000,014,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2011-04-29 16:44:14 | 001,687,360 | ---- | M] (QUALCOMM, Inc.) [Auto | Running] -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe -- (QDLService2kHP)
SRV - [2010-03-18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-09 09:26:56 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010-03-09 09:26:56 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010-03-09 09:26:54 | 003,197,256 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010-03-09 09:26:54 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010-03-09 09:26:54 | 000,411,976 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE -- (SNAC)
SRV - [2010-02-18 14:26:46 | 001,664,304 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWow64\vcsFPService.exe -- (vcsFPService)
SRV - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009-09-18 04:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CCM\CcmExec.exe -- (CcmExec)
SRV - [2009-09-18 04:00:00 | 000,246,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\CCM\TSManager.exe -- (smstsmgr)
SRV - [2009-07-13 12:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE -- (LiveUpdate)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-08-23 10:55:42 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-08-13 21:58:18 | 000,038,768 | ---- | M] (GN Netcom A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\JabraMobileCsrDfuX64.sys -- (JabraDFU)
DRV:64bit: - [2012-07-19 13:59:12 | 000,013,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avfsfilter.sys -- (AVFSFilter)
DRV:64bit: - [2012-07-03 15:33:28 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012-07-03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012-06-26 21:38:30 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012-06-24 22:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012-06-04 09:59:20 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012-06-04 09:59:20 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012-05-21 15:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012-04-19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012-03-20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012-03-19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012-01-31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011-12-23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011-12-23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011-12-23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011-12-15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011-08-03 18:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011-07-22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011-07-12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011-05-13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011-05-13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011-04-29 15:18:08 | 000,444,416 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcusbnethp2k.sys -- (qcusbnethp2k)
DRV:64bit: - [2011-04-29 15:18:08 | 000,230,784 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcusbserhp2k.sys -- (qcusbserhp2k)
DRV:64bit: - [2011-04-29 15:18:08 | 000,160,328 | ---- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcombushp.sys -- (qcombushp)
DRV:64bit: - [2011-04-29 15:18:08 | 000,006,400 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcfilterhp2k.sys -- (qcfilterhp2k)
DRV:64bit: - [2011-03-25 19:21:06 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011-03-25 19:21:06 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-01-12 18:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010-11-20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 04:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-11-20 02:57:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-20 02:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010-09-08 00:05:34 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010-04-06 00:37:42 | 000,301,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2010-03-09 09:26:56 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\srtspl64.sys -- (SRTSPL)
DRV:64bit: - [2010-03-09 09:26:56 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010-03-09 09:26:56 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2010-02-26 17:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009-09-17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-07-20 15:05:50 | 000,059,008 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rismcx64.sys -- (rismcx64)
DRV:64bit: - [2009-07-20 15:05:50 | 000,059,008 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rismcx64.sys -- (RICOH SmartCard Reader)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009-07-14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009-06-25 17:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009-06-10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012-08-20 10:00:00 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120822.034\ex64.sys -- (NAVEX15)
DRV - [2012-08-20 10:00:00 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120822.034\eng64.sys -- (NAVENG)
DRV - [2012-08-08 10:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012-08-08 10:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010-03-09 09:26:56 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\srtspl64.sys -- (SRTSPL)
DRV - [2010-03-09 09:26:56 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\srtsp64.sys -- (SRTSP)
DRV - [2010-03-09 09:26:56 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\srtspx64.sys -- (SRTSPX)
DRV - [2009-09-18 04:00:00 | 000,026,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = *****
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = *****

========== FireFox ==========

FF - prefs.js..CT2790392.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultthis.engineName: "BitTorrentControl_v12 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "BitTorrentControl_v12 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "www.google.se"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012-08-23 13:54:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-07-31 21:19:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-08-23 13:26:08 | 000,000,000 | ---D | M]

[2012-08-07 01:10:04 | 000,000,945 | ---- | M] () -- \Users\jessjo01\AppData\Roaming\Mozilla\Firefox\Profiles\dvuy0okk.default\searchplugins\conduit.xml
[2012-07-31 21:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-07-14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-06-11 20:59:16 | 000,031,848 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
[2012-07-14 03:16:10 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
[2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml
[2012-07-14 03:16:10 | 000,001,174 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
[2012-07-14 03:16:10 | 000,000,951 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml

========== Chrome ==========

CHR - homepage: http://search.condui...SearchSource=48
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.condui...SearchSource=48
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\jessjo01\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\jessjo01\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\jessjo01\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Users\jessjo01\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = \Users\jessjo01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: S\u00F6k p\u00E5 Google = \Users\jessjo01\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Do Not Track = \Users\jessjo01\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = \Users\jessjo01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-07-03 16:43:36 | 000,000,823 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [DPMClientUI] C:\Program Files\Microsoft Data Protection Manager\DPM\bin\DPMClient.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [Communicator] C:\Program Files (x86)\Microsoft Lync\communicator.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SWPROguard] C:\Program Files (x86)\Fighters\SPYWAREfighter\swprotray.exe (SPAMfighter)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5....DataManager.CAB (Hewlett-Packard Online Support Services)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = ***.***.**.*
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = **.*****
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E50CC82-4F6A-462C-AEDD-8B3CF3935BE3}: DhcpNameServer = ***.***.**.** ***.***.**.**
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73F70B9B-D9B4-4BD4-B5B5-DA73D27CD184}: DhcpNameServer = ***.***.**.** ***.***.**.**
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3EE0C98-CA21-4877-96CC-EEBB32903001}: DhcpNameServer = ***.***.**.*
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-08-23 19:30:53 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2012-08-23 19:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012-08-23 19:22:14 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012-08-23 19:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012-08-23 19:03:49 | 000,000,000 | ---D | C] -- C:\Windows\system32\config\systemprofile\Tracing
[2012-08-23 19:03:22 | 000,000,000 | ---D | C] -- C:\AVG2012
[2012-08-23 19:03:22 | 000,000,000 | ---D | C] -- \AVG2012
[2012-08-23 16:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-08-23 16:53:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-08-23 16:53:57 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-08-23 16:53:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-08-23 16:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\clp
[2012-08-23 16:35:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters
[2012-08-23 16:35:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Common Toolkit Suite
[2012-08-23 16:35:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fighters
[2012-08-23 16:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite
[2012-08-23 16:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
[2012-08-23 16:30:39 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012-08-23 16:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2012-08-23 16:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2012-08-23 16:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2012-08-23 16:10:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012-08-23 13:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012-08-23 13:54:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012-08-23 13:54:42 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012-08-23 13:54:42 | 000,000,000 | -H-D | C] -- \$AVG
[2012-08-23 13:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012-08-23 13:54:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012-08-23 13:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012-08-23 13:51:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012-08-23 13:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012-08-23 11:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ATRIL
[2012-08-23 11:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2012-08-23 11:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2012-08-23 11:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012-08-23 11:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012-08-23 10:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-08-23 10:55:42 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-08-23 10:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012-08-23 10:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-08-23 10:51:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012-08-23 10:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012-08-21 11:20:58 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71u.dll
[2012-08-21 11:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge
[2012-08-21 11:20:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinMerge
[2012-08-20 12:41:36 | 000,930,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ccmcore.dll
[2012-08-20 12:41:36 | 000,026,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xprslib.dll
[2012-08-20 12:41:20 | 000,000,000 | ---D | C] -- C:\Windows\ms
[2012-08-20 12:41:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\CCM
[2012-08-20 11:59:21 | 000,000,000 | ---D | C] -- C:\Windows\ccmsetup
[2012-08-17 10:23:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Identifier
[2012-08-16 13:39:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2012-08-16 08:17:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Combine
[2012-08-16 08:17:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Combine
[2012-08-15 11:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF Writer
[2012-08-15 11:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
[2012-08-15 11:00:49 | 000,227,840 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzFlRdr.dll
[2012-08-15 11:00:49 | 000,135,168 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzpdfc.dll
[2012-08-15 11:00:49 | 000,103,424 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzDCT.dll
[2012-08-15 11:00:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bullzip
[2012-08-15 11:00:47 | 000,216,064 | ---- | C] (Bullzip) -- C:\Windows\SysNative\bzpdf.dll
[2012-08-15 11:00:44 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.OCX
[2012-08-15 11:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bullzip
[2012-08-13 21:58:18 | 000,038,768 | ---- | C] (GN Netcom A/S) -- C:\Windows\SysNative\drivers\JabraMobileCsrDfuX64.sys
[2012-08-12 01:23:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CoffeeCup Software
[2012-08-12 01:23:48 | 000,000,000 | ---D | C] -- C:\ProgramData\CoffeeCup Software
[2012-08-12 01:23:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoffeeCup Software
[2012-08-12 01:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012-08-08 11:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-08-08 11:50:23 | 001,468,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2012-08-08 11:50:23 | 000,188,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012-08-08 11:50:23 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012-08-08 11:50:22 | 026,226,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-08-08 11:50:22 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-08-08 11:50:22 | 019,828,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-08-08 11:50:22 | 018,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-08-08 11:50:22 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-08-08 11:50:22 | 009,164,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-08-08 11:50:22 | 007,699,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012-08-08 11:50:22 | 002,744,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-08-08 11:50:22 | 002,573,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-08-08 11:50:22 | 002,422,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012-08-08 11:50:22 | 002,216,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-08-08 11:50:22 | 001,865,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-08-08 11:50:22 | 001,758,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012-08-08 11:50:22 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012-08-08 11:30:17 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012-08-08 11:30:17 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012-08-08 00:50:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012-08-08 00:49:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012-08-06 16:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2012-08-06 16:28:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-08-06 16:27:28 | 001,466,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012-08-06 15:58:13 | 000,000,000 | ---D | C] -- C:\Temp
[2012-08-06 15:58:13 | 000,000,000 | ---D | C] -- \Temp
[2012-08-06 13:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonitorDriver
[2012-08-06 13:27:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subversion
[2012-08-06 13:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\SlikSvn
[2012-08-06 13:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2012-08-06 13:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Device Center
[2012-08-06 12:23:33 | 000,012,800 | ---- | C] (Hewlett packard) -- C:\Windows\HPun2420Version.dll
[2012-08-06 12:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\QUALCOMM
[2012-08-06 12:23:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QUALCOMM
[2012-08-06 12:23:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2012-08-06 12:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2012-08-06 12:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\Validity Sensors
[2012-08-06 12:22:44 | 000,114,688 | ---- | C] (RICOH) -- C:\Windows\SysWow64\RicohMediadriverVer.dll
[2012-08-06 12:22:44 | 000,067,584 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimmpx64.sys
[2012-08-06 12:22:44 | 000,059,008 | ---- | C] (RICOH Company, Ltd.) -- C:\Windows\SysNative\drivers\rismcx64.sys
[2012-08-06 10:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft System Center Data Protection Manager 2010
[2012-08-06 10:44:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Data Protection Manager
[2012-08-06 10:39:50 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-08-06 10:39:50 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-08-06 10:39:50 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-08-06 10:39:50 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-08-06 10:39:49 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-08-06 10:39:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-08-06 10:39:48 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-08-06 10:39:48 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-08-06 10:39:47 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-08-06 10:39:47 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-08-06 10:39:47 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-08-06 10:39:47 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-08-06 10:39:47 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-08-06 10:38:34 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012-08-06 10:38:34 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012-08-06 10:38:26 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012-08-06 10:38:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012-08-06 10:38:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012-08-06 10:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\HP USB Docking Video
[2012-08-06 10:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\DisplayLink Core Software
[2012-08-05 11:27:39 | 000,442,368 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTEC64.dll
[2012-08-05 11:27:39 | 000,162,816 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAC64.dll
[2012-08-05 11:27:39 | 000,068,608 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAR64.dll
[2012-08-05 11:27:38 | 012,861,952 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2012-08-05 11:27:38 | 001,952,256 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2012-08-05 11:27:38 | 000,489,472 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2012-08-05 11:27:38 | 000,090,624 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTCo64.dll
[2012-08-05 11:27:17 | 001,484,288 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2012-08-05 11:27:17 | 000,651,264 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2012-08-05 11:27:17 | 000,515,584 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2012-08-05 11:27:17 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2012-08-05 11:27:17 | 000,219,648 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\staco64.dll
[2012-08-05 07:42:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-08-04 23:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012-08-04 23:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-08-04 23:35:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012-08-04 23:33:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2012-08-02 14:38:40 | 000,203,320 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2012-08-02 14:38:40 | 000,099,384 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2012-08-02 14:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2012-08-02 14:31:50 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2012-08-02 14:31:44 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2012-08-02 14:31:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2012-08-02 14:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2012-08-02 14:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012-08-02 14:27:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-08-02 14:27:07 | 000,000,000 | -HSD | C] -- \Config.Msi
[2012-08-01 11:16:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
[2012-08-01 11:16:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sonos
[2012-08-01 11:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonos,_Inc
[2012-07-31 22:02:56 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-07-31 22:02:56 | 000,000,000 | ---D | C] -- \NVIDIA
[2012-07-31 22:02:33 | 001,452,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420102.dll
[2012-07-31 22:02:32 | 014,806,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012-07-31 22:02:32 | 001,683,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420155.dll
[2012-07-31 22:02:32 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco6420103.dll
[2012-07-31 21:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-07-31 21:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-07-31 20:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012-07-31 20:34:58 | 000,000,000 | ---D | C] -- C:\SWSetup
[2012-07-31 20:34:58 | 000,000,000 | ---D | C] -- \SWSetup
[2012-07-31 18:35:11 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-07-31 18:35:11 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-07-31 18:35:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012-07-31 18:35:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012-07-31 16:07:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2012-07-31 16:06:20 | 000,000,000 | ---D | C] -- C:\Brother
[2012-07-31 16:06:20 | 000,000,000 | ---D | C] -- \Brother
[2012-07-31 16:06:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BrFaxRx
[2012-07-31 16:06:19 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\Windows\SysWow64\BRCrypt.dll
[2012-07-31 16:06:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browny02
[2012-07-31 16:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ControlCenter4
[2012-07-31 16:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ControlCenter4
[2012-07-31 16:06:11 | 000,290,304 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrfxDA5c.dll
[2012-07-31 16:06:11 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BrMuSNMP.dll
[2012-07-31 16:06:11 | 000,118,784 | ---- | C] (Brother Industries,LTD.) -- C:\Windows\SysWow64\BrMfNt.dll
[2012-07-31 16:06:10 | 001,439,744 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrWi209d.dll
[2012-07-31 16:06:10 | 000,278,528 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrJDec.dll
[2012-07-31 16:06:10 | 000,255,488 | ---- | C] (brother) -- C:\Windows\SysNative\NSSRH64.dll
[2012-07-31 16:06:10 | 000,083,968 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrNetSti.dll
[2012-07-31 16:06:10 | 000,058,880 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\SysNative\BrWiaNCp.dll
[2012-07-31 16:06:10 | 000,051,200 | ---- | C] (Brother Industries,Ltd) -- C:\Windows\SysNative\Brnsplg.dll
[2012-07-31 16:06:09 | 000,103,736 | ---- | C] (Brother Industries Ltd) -- C:\Windows\SysWow64\BRRBTOOL.EXE
[2012-07-31 16:06:09 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BRLMW03A.DLL
[2012-07-31 16:06:09 | 000,025,299 | ---- | C] (Brother Industries, Ltd) -- C:\Windows\SysWow64\BRLM03A.DLL
[2012-07-31 16:06:08 | 000,217,088 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll
[2012-07-31 16:06:08 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll
[2012-07-31 16:06:08 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll
[2012-07-31 16:06:08 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll
[2012-07-31 16:06:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother
[2012-07-31 16:06:07 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BroSNMP.dll
[2012-07-31 16:06:04 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012-07-31 16:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother

========== Files - Modified Within 30 Days ==========

[2012-08-23 19:30:59 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2012-08-23 19:29:00 | 000,000,560 | ---- | M] () -- C:\Windows\tasks\ScheduledDPMClientBackup.job
[2012-08-23 19:22:24 | 000,000,516 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 8022c51a-0202-405f-a1d7-7e77c82d85f4.job
[2012-08-23 19:22:24 | 000,000,516 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 7b4953b4-d7e0-4e79-8385-3d6e819b7e55.job
[2012-08-23 19:22:19 | 000,789,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-08-23 19:22:19 | 000,659,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-08-23 19:22:19 | 000,123,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-08-23 19:22:17 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012-08-23 19:21:28 | 000,000,475 | ---- | M] () -- C:\Windows\SMSCFG.ini
[2012-08-23 19:18:56 | 000,016,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-23 19:18:56 | 000,016,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-23 19:17:00 | 000,001,016 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-1843UA.job
[2012-08-23 19:11:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-08-23 19:11:30 | 3107,487,744 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-23 18:48:03 | 000,001,016 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-3931UA.job
[2012-08-23 18:48:01 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-3931Core.job
[2012-08-23 17:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-08-23 16:54:06 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-08-23 16:35:32 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\SPYWAREfighter.lnk
[2012-08-23 16:01:06 | 000,002,198 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012-08-23 13:59:59 | 000,000,252 | ---- | M] () -- C:\Windows\tasks\SymprexSignature.job
[2012-08-23 13:56:41 | 065,893,198 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012-08-23 13:54:57 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012-08-23 13:54:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012-08-23 13:54:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012-08-23 13:00:01 | 000,107,995 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012-08-23 12:12:48 | 000,417,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-08-23 11:32:08 | 000,795,292 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-08-23 11:02:50 | 000,070,348 | ---- | M] () -- C:\bar.emf
[2012-08-23 10:56:15 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-08-23 10:55:42 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-08-23 10:48:41 | 000,000,162 | ---- | M] () -- C:\Windows\ODBC.INI
[2012-08-23 10:17:00 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-1843Core.job
[2012-08-21 14:56:58 | 000,000,336 | ---- | M] () -- C:\Windows\BRCALIB.INI
[2012-08-20 12:41:36 | 000,004,764 | ---- | M] () -- C:\Windows\SysWow64\CcmFramework.ini
[2012-08-20 12:41:36 | 000,000,621 | ---- | M] () -- C:\Windows\SysWow64\CcmFramework.h
[2012-08-15 12:46:11 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-08-15 12:46:11 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-08-13 21:58:18 | 000,038,768 | ---- | M] (GN Netcom A/S) -- C:\Windows\SysNative\drivers\JabraMobileCsrDfuX64.sys
[2012-08-12 02:29:56 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2012-08-06 13:52:26 | 000,001,642 | ---- | M] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2012-08-06 13:06:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-08-06 13:02:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2012-08-06 13:00:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64k_01009.Wdf
[2012-08-06 12:59:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012-08-06 12:23:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_QCLocationSensorhp_01_09_00.Wdf
[2012-08-06 12:23:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\dlumd9.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\dlumd9.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\dlumd11.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\dlumd11.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\dlumd10.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\dlumd10.dll
[2012-08-05 07:42:27 | 610,735,064 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-08-02 14:34:02 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012-08-01 11:16:52 | 000,001,951 | ---- | M] () -- C:\Users\Public\Desktop\Sonos.lnk
[2012-07-31 21:19:35 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-07-31 20:53:17 | 000,000,304 | ---- | M] () -- C:\user.js
[2012-07-31 16:07:21 | 000,002,150 | ---- | M] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk
[2012-07-31 16:07:00 | 000,000,260 | ---- | M] () -- C:\Windows\Brpfx04a.ini
[2012-07-31 16:07:00 | 000,000,093 | ---- | M] () -- C:\Windows\brpcfx.ini
[2012-07-31 16:06:20 | 000,000,066 | ---- | M] () -- C:\Windows\Brfaxrx.ini

========== Files Created - No Company Name ==========

[2012-08-23 19:30:53 | 000,596,480 | ---- | C] () -- \OTL.exe
[2012-08-23 19:22:24 | 000,000,516 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 8022c51a-0202-405f-a1d7-7e77c82d85f4.job
[2012-08-23 19:22:24 | 000,000,516 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 7b4953b4-d7e0-4e79-8385-3d6e819b7e55.job
[2012-08-23 19:22:17 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012-08-23 16:54:06 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-08-23 16:35:32 | 000,002,004 | ---- | C] () -- C:\Users\Public\Desktop\SPYWAREfighter.lnk
[2012-08-23 13:56:41 | 065,893,198 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012-08-23 13:54:57 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012-08-23 13:54:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012-08-23 13:54:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012-08-23 11:32:14 | 000,002,198 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012-08-23 11:32:10 | 000,001,921 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012-08-23 11:02:50 | 000,070,348 | ---- | C] () -- C:\bar.emf
[2012-08-23 11:02:50 | 000,070,348 | ---- | C] () -- \bar.emf
[2012-08-23 10:56:15 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-08-23 10:48:41 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-08-20 12:41:36 | 000,004,764 | ---- | C] () -- C:\Windows\SysWow64\CcmFramework.ini
[2012-08-20 12:41:36 | 000,000,621 | ---- | C] () -- C:\Windows\SysWow64\CcmFramework.h
[2012-08-20 12:02:42 | 000,000,475 | ---- | C] () -- C:\Windows\SMSCFG.ini
[2012-08-12 01:14:00 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012-08-08 00:50:51 | 000,002,492 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012-08-06 13:52:26 | 000,001,642 | ---- | C] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2012-08-06 13:06:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-08-06 13:02:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2012-08-06 13:00:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64k_01009.Wdf
[2012-08-06 12:59:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012-08-06 12:23:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_QCLocationSensorhp_01_09_00.Wdf
[2012-08-06 12:23:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2012-08-06 10:44:51 | 000,000,560 | ---- | C] () -- C:\Windows\tasks\ScheduledDPMClientBackup.job
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\dlumd9.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\dlumd11.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\dlumd10.dll
[2012-08-05 11:27:38 | 000,001,659 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
[2012-08-05 07:42:27 | 610,735,064 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-08-02 14:34:02 | 000,001,963 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012-08-01 11:16:52 | 000,001,951 | ---- | C] () -- C:\Users\Public\Desktop\Sonos.lnk
[2012-07-31 21:19:35 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-07-31 21:19:35 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-07-31 20:53:17 | 000,000,304 | ---- | C] () -- C:\user.js
[2012-07-31 20:53:17 | 000,000,304 | ---- | C] () -- \user.js
[2012-07-31 18:38:18 | 000,001,016 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-3931UA.job
[2012-07-31 18:38:18 | 000,000,964 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-3931Core.job
[2012-07-31 18:35:11 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-31 16:07:21 | 000,002,150 | ---- | C] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk
[2012-07-31 16:07:00 | 000,000,260 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012-07-31 16:07:00 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012-07-31 16:06:53 | 000,000,336 | ---- | C] () -- C:\Windows\BRCALIB.INI
[2012-07-31 16:06:11 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012-07-31 16:06:11 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012-07-31 16:06:10 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\BrSNMP64.dll
[2012-07-31 16:06:09 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012-07-31 16:06:09 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012-07-31 16:06:08 | 000,000,050 | ---- | C] () -- C:\Windows\SysNative\BRADC10A.DAT
[2012-07-04 00:17:42 | 3107,487,744 | -HS- | C] () -- \hiberfil.sys
[2012-06-28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012-06-26 16:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012-06-26 16:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012-06-26 16:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012-06-26 16:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012-06-26 16:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012-01-17 18:43:35 | 000,795,292 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-01-17 17:32:46 | 000,107,995 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011-02-07 12:25:42 | 000,383,786 | RHS- | C] () -- \bootmgr
[2011-02-04 16:31:00 | 000,000,051 | ---- | C] () -- C:\Windows\smsts.ini

< End of report >

Edited by musikepple, 24 August 2012 - 12:58 AM.

  • 0

Advertisements

#2
Essexboy
Posted 23 August 2012 - 11:31 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi first do not run any temporary file cleaners

  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image
  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
    Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

THEN

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    qmgr.dll
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#3
musikepple
Posted 23 August 2012 - 12:44 PM

musikepple

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: jessjo01 [Admin rights]
Mode: Scan -- Date: 08/23/2012 20:18:18

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 4 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: OCZ-VERTEX4 +++++
--- User ---
[MBR] f348521eb87145bd573fa1d5c66e08ba
[BSP] c5cc0826fcdc87ece6fa3f8e961965f9 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 121793 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 249434112 | Size: 300 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: jessjo01 [Admin rights]
Mode: Remove -- Date: 08/23/2012 20:19:06

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 4 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: OCZ-VERTEX4 +++++
--- User ---
[MBR] f348521eb87145bd573fa1d5c66e08ba
[BSP] c5cc0826fcdc87ece6fa3f8e961965f9 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 121793 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 249434112 | Size: 300 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt



RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: jessjo01 [Admin rights]
Mode: Shortcuts HJfix -- Date: 08/23/2012 20:27:01

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 1 / Fail 0
Quick launch: Success 1 / Fail 0
Programs: Success 4 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 15 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 273 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped
[E:] \Device\CdRom1 -- 0x5 --> Skipped

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
  • 0

#4
Essexboy
Posted 23 August 2012 - 01:07 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi you appear to be running threee antivirus programmes, this is the one time when more is not better. Which one do you intend to keep, if you let me know I will supply the removal tools for the other two

Could you confirm that the desktop and icons are back. Also what problems are you experiencing at the moment ?
  • 0

#5
musikepple
Posted 23 August 2012 - 01:24 PM

musikepple

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
My computer restarted and I cant login to it.

I can login in safe mode,
I ran the OTL in safe mode but it doesent populate the otl.txt.

Not all the folders got back on the desktop. But perhaps that because im running the computer in safe mode right now.

"The user profile Service service failed the logon.
User profile cannot be loaded"

I can keep malware bytes

Edited by musikepple, 23 August 2012 - 01:30 PM.

  • 0

#6
musikepple
Posted 23 August 2012 - 01:25 PM

musikepple

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I can see that all the folders and files are restored on the desktop on my account,
when looking in the user folder in the "explorer"
  • 0

#7
Essexboy
Posted 23 August 2012 - 01:37 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
At what stage did you get this error ?

It appears that the profile is corrupt, there is a work around for this but it will entail you going in to the registry

Full details are here for you to look at
  • 0

#8
musikepple
Posted 23 August 2012 - 01:45 PM

musikepple

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I got it after the Roguekiller step, I restarted the computer because the desktop was still as a temp directory and the otl cannot start from a temp file.

So I thought a restart and a login would make me get in to my user account so that I wouldent be in a user/temp.

But then I couldn´t log in, so I restarted the computer. And then in Safe mode to be able to log in.

I gonna look at the work around now.
  • 0

#9
musikepple
Posted 23 August 2012 - 02:25 PM

musikepple

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I did a system restore on a time earlier today when I only had Symantec endpoint protection.

It seems like this restore point is just before I got the trojan.
The login and everythin works fine as well

Edited by musikepple, 23 August 2012 - 02:25 PM.

  • 0

#10
Essexboy
Posted 23 August 2012 - 02:47 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK could you run a fresh OTL log for me please to ensure that nothing is left
  • 0

Advertisements

#11
musikepple
Posted 23 August 2012 - 11:38 PM

musikepple

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
The Trojan is still there,
Recieved 20 allerts during the night.

Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Gen
File: C:\ProgramData\Symantec\SRTSP\Quarantine\APQF17F.tmp
Location: C:\ProgramData\Symantec\SRTSP\Quarantine
Computer: PC18
User: SYSTEM
Action taken: Pending Side Effects Analysis : Access denied
Date found: den 23 augusti 2012 22:59:33

OTL logfile created on: 2012-08-24 07:30:33 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\jessjo01\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041D | Country: Sweden | Language: SVE | Date Format: yyyy-MM-dd

3,86 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 31,69% Memory free
7,72 Gb Paging File | 5,17 Gb Available in Paging File | 66,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 118,94 Gb Total Space | 27,55 Gb Free Space | 23,17% Space Free | Partition Type: NTFS

Computer Name: PC18 | User Name: jessjo01 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-08-23 22:27:03 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\jessjo01\Desktop\OTL.exe
PRC - [2012-08-20 12:39:39 | 005,576,408 | ---- | M] (Spotify Ltd) -- C:\Users\jessjo01\AppData\Roaming\Spotify\spotify.exe
PRC - [2012-08-20 12:39:39 | 001,193,176 | ---- | M] () -- C:\Users\jessjo01\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012-08-16 13:39:53 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mstart.exe
PRC - [2012-08-16 13:39:53 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mlauncher.exe
PRC - [2012-08-16 13:39:53 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mcomm.exe
PRC - [2012-08-06 09:16:28 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-08-06 09:16:26 | 000,960,440 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012-07-27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-07-25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\jessjo01\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012-06-28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-06-11 21:01:32 | 012,099,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Lync\communicator.exe
PRC - [2011-12-10 12:35:32 | 000,139,264 | ---- | M] (Simon Tatham) -- C:\Program Files (x86)\PuTTY\pageant.exe
PRC - [2011-10-07 14:29:22 | 002,629,632 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2011-04-29 16:44:14 | 001,687,360 | ---- | M] (QUALCOMM, Inc.) -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
PRC - [2011-04-20 17:58:02 | 001,204,224 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2011-04-20 17:53:10 | 000,335,872 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2010-11-20 05:17:56 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010-03-09 09:26:56 | 000,644,464 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SymCorpUI.exe
PRC - [2010-03-09 09:26:56 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
PRC - [2010-03-09 09:26:56 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2010-03-09 09:26:54 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2010-03-09 09:26:54 | 000,181,616 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SavUI.exe
PRC - [2010-03-09 09:26:52 | 000,050,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
PRC - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2009-09-18 04:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\CCM\CcmExec.exe


========== Modules (No Company Name) ==========

MOD - [2012-08-20 12:39:39 | 020,219,096 | ---- | M] () -- C:\Users\jessjo01\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2012-08-20 12:39:39 | 001,193,176 | ---- | M] () -- C:\Users\jessjo01\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012-08-18 00:28:55 | 000,442,392 | ---- | M] () -- C:\Users\jessjo01\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
MOD - [2012-08-18 00:28:52 | 003,997,720 | ---- | M] () -- C:\Users\jessjo01\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
MOD - [2012-08-18 00:27:23 | 000,144,424 | ---- | M] () -- C:\Users\jessjo01\AppData\Local\Google\Chrome\Application\21.0.1180.83\avutil-51.dll
MOD - [2012-08-18 00:27:22 | 000,266,792 | ---- | M] () -- C:\Users\jessjo01\AppData\Local\Google\Chrome\Application\21.0.1180.83\avformat-54.dll
MOD - [2012-08-18 00:27:21 | 002,480,680 | ---- | M] () -- C:\Users\jessjo01\AppData\Local\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll
MOD - [2012-08-02 14:52:07 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\0e56badd6e20e2dc81c45cdff2326f6b\System.ServiceProcess.ni.dll
MOD - [2012-08-02 14:52:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\1a7c90bf70e6fef2970dd02ca5def39a\System.Runtime.Remoting.ni.dll
MOD - [2012-08-02 14:51:36 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f91c92735c4a913143a0914c8cb531f2\System.Xaml.ni.dll
MOD - [2012-08-02 14:29:48 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\063174e87d258ef1db040cbfbdd4cd31\PresentationFramework.ni.dll
MOD - [2012-08-02 14:29:33 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\984f8802a334d2ae862b66bf71332c10\PresentationCore.ni.dll
MOD - [2012-08-02 14:29:24 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\500ffaf6258746eaf0bfc333ab534a51\System.Core.ni.dll
MOD - [2012-08-02 14:29:21 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b54a85f8f8f5ac297357c80b95834a90\System.Xml.ni.dll
MOD - [2012-08-02 14:29:20 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\697786bb51408d41d980263d90a56d03\WindowsBase.ni.dll
MOD - [2012-08-02 14:29:17 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\d131eefaea0ca120aaf11568d8e44cad\System.Configuration.ni.dll
MOD - [2012-08-02 14:29:16 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\360d70391adff56f1d029b1a538d2431\System.ni.dll
MOD - [2012-08-02 14:29:10 | 014,415,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\97d737762adec957a2d7c80fafb4703a\mscorlib.ni.dll
MOD - [2012-01-13 15:33:12 | 000,070,424 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2009-02-27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012-03-26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012-03-26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011-08-09 04:32:39 | 008,329,576 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2011-05-13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010-09-08 00:05:34 | 000,271,360 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010-04-08 20:44:38 | 004,263,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Data Protection Manager\DPM\bin\DPMRA.exe -- (DPMRA)
SRV:64bit: - [2010-04-08 20:39:52 | 000,483,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Data Protection Manager\DPM\bin\DPMClientService.exe -- (DPMClientService)
SRV:64bit: - [2010-02-18 14:52:30 | 002,045,232 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009-03-02 00:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012-08-15 12:46:11 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-06-28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-12-15 19:29:42 | 000,014,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2011-04-29 16:44:14 | 001,687,360 | ---- | M] (QUALCOMM, Inc.) [Auto | Running] -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe -- (QDLService2kHP)
SRV - [2010-03-18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-09 09:26:56 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010-03-09 09:26:56 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010-03-09 09:26:54 | 003,197,256 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010-03-09 09:26:54 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010-03-09 09:26:54 | 000,411,976 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE -- (SNAC)
SRV - [2010-02-18 14:26:46 | 001,664,304 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009-09-18 04:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CCM\CcmExec.exe -- (CcmExec)
SRV - [2009-09-18 04:00:00 | 000,246,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\CCM\TSManager.exe -- (smstsmgr)
SRV - [2009-07-13 12:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-08-23 10:55:42 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-08-13 21:58:18 | 000,038,768 | ---- | M] (GN Netcom A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\JabraMobileCsrDfuX64.sys -- (JabraDFU)
DRV:64bit: - [2012-07-03 15:33:28 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012-06-26 21:38:30 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012-06-24 22:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012-06-04 09:59:20 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012-06-04 09:59:20 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012-05-21 15:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012-03-20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-12-15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011-08-03 18:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011-05-13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011-05-13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011-04-29 15:18:08 | 000,444,416 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcusbnethp2k.sys -- (qcusbnethp2k)
DRV:64bit: - [2011-04-29 15:18:08 | 000,230,784 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcusbserhp2k.sys -- (qcusbserhp2k)
DRV:64bit: - [2011-04-29 15:18:08 | 000,160,328 | ---- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcombushp.sys -- (qcombushp)
DRV:64bit: - [2011-04-29 15:18:08 | 000,006,400 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcfilterhp2k.sys -- (qcfilterhp2k)
DRV:64bit: - [2011-03-25 19:21:06 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011-03-25 19:21:06 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-01-12 18:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010-11-20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 04:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-11-20 02:57:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-20 02:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010-09-08 00:05:34 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010-04-06 00:37:42 | 000,301,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2010-03-09 09:26:56 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\srtspl64.sys -- (SRTSPL)
DRV:64bit: - [2010-03-09 09:26:56 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010-03-09 09:26:56 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2010-02-26 17:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009-09-17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-07-20 15:05:50 | 000,059,008 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rismcx64.sys -- (rismcx64)
DRV:64bit: - [2009-07-20 15:05:50 | 000,059,008 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rismcx64.sys -- (RICOH SmartCard Reader)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009-07-14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009-06-25 17:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009-06-10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012-08-20 10:00:00 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120823.017\ex64.sys -- (NAVEX15)
DRV - [2012-08-20 10:00:00 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120823.017\eng64.sys -- (NAVENG)
DRV - [2012-08-08 10:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012-08-08 10:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010-03-09 09:26:56 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\srtspl64.sys -- (SRTSPL)
DRV - [2010-03-09 09:26:56 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\srtsp64.sys -- (SRTSP)
DRV - [2010-03-09 09:26:56 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\srtspx64.sys -- (SRTSPX)
DRV - [2009-09-18 04:00:00 | 000,026,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = atlas
IE - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/
IE - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\..\URLSearchHook: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No CLSID value found
IE - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\..\SearchScopes,DefaultScope = {6A87EE8B-4A74-4127-BF12-A1DFA5F18CFA}
IE - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\..\SearchScopes\{498B67E7-2F51-49BA-A1B7-F76B0CFE2F87}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\..\SearchScopes\{6A87EE8B-4A74-4127-BF12-A1DFA5F18CFA}: "URL" = http://www.google.co...q={searchTerms}
IE - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\..\SearchScopes\{D5043253-0441-41A3-B877-140DF4C958B0}: "URL" = http://search.condui...&ctid=CT3225826
IE - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT2790392.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultthis.engineName: "BitTorrentControl_v12 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "BitTorrentControl_v12 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "www.google.se"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\jessjo01\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\jessjo01\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-07-31 21:19:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-08-24 07:56:31 | 000,000,000 | ---D | M]

[2012-07-31 21:20:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jessjo01\AppData\Roaming\mozilla\Extensions
[2012-08-24 07:56:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jessjo01\AppData\Roaming\mozilla\Firefox\Profiles\dvuy0okk.default\extensions
[2012-08-07 01:10:04 | 000,000,945 | ---- | M] () -- C:\Users\jessjo01\AppData\Roaming\Mozilla\Firefox\Profiles\dvuy0okk.default\searchplugins\conduit.xml
[2012-07-31 21:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-07-14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-06-11 20:59:16 | 000,031,848 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
[2012-07-14 03:16:10 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
[2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml
[2012-07-14 03:16:10 | 000,001,174 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
[2012-07-14 03:16:10 | 000,000,951 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml

========== Chrome ==========

CHR - homepage: http://search.condui...SearchSource=48
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.condui...SearchSource=48
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\jessjo01\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\jessjo01\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\jessjo01\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Users\jessjo01\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\jessjo01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: S\u00F6k p\u00E5 Google = C:\Users\jessjo01\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\jessjo01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-07-03 16:43:36 | 000,000,823 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\..\Toolbar\WebBrowser: (no name) - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - No CLSID value found.
O4:64bit: - HKLM..\Run: [DPMClientUI] C:\Program Files\Microsoft Data Protection Manager\DPM\bin\DPMClient.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Communicator] C:\Program Files (x86)\Microsoft Lync\communicator.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED File not found
O4 - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931..\Run: [GoToMeeting] C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931..\Run: [Spotify] C:\Users\jessjo01\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931..\Run: [Spotify Web Helper] C:\Users\jessjo01\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\jessjo01\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pageant.lnk = C:\Program Files (x86)\PuTTY\pageant.exe (Simon Tatham)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1875694159-2650994643-2538900688-3931\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5....DataManager.CAB (Hewlett-Packard Online Support Services)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.**.*
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = **.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E50CC82-4F6A-462C-AEDD-8B3CF3935BE3}: DhcpNameServer = 192.168.**.** 192.168.**.**
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73F70B9B-D9B4-4BD4-B5B5-DA73D27CD184}: DhcpNameServer = 192.168.**.** 192.168.**.**
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3EE0C98-CA21-4877-96CC-EEBB32903001}: DhcpNameServer = 192.168.10.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e4b14755-c55c-11e1-bbe8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e4b14755-c55c-11e1-bbe8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-08-23 22:27:01 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\jessjo01\Desktop\OTL.exe
[2012-08-23 22:06:46 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{307EDEF3-AFBD-4E22-B85E-209029E29BB2}
[2012-08-23 20:02:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-08-23 19:22:14 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012-08-23 19:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012-08-23 16:54:38 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Malwarebytes
[2012-08-23 16:53:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-08-23 16:53:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-08-23 16:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\clp
[2012-08-23 16:35:33 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Fighters
[2012-08-23 16:35:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fighters
[2012-08-23 16:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite
[2012-08-23 16:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
[2012-08-23 16:30:39 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012-08-23 16:30:05 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Documents\Simply Super Software
[2012-08-23 16:30:05 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Simply Super Software
[2012-08-23 16:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2012-08-23 16:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2012-08-23 16:10:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012-08-23 13:54:42 | 000,000,000 | ---D | C] -- C:\$AVG
[2012-08-23 13:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012-08-23 13:54:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012-08-23 13:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012-08-23 13:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Files
[2012-08-23 13:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012-08-23 11:54:26 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Desktop\testar
[2012-08-23 11:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ATRIL
[2012-08-23 11:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2012-08-23 11:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2012-08-23 11:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012-08-23 11:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012-08-23 10:58:55 | 000,000,000 | --SD | C] -- C:\Users\jessjo01\Documents\My Shapes
[2012-08-23 10:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-08-23 10:55:42 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-08-23 10:55:39 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\DAEMON Tools Lite
[2012-08-23 10:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012-08-23 10:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-08-23 10:51:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012-08-23 10:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012-08-23 09:09:02 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{41E7D2FD-B952-40D8-94E9-66BD9061B35E}
[2012-08-22 21:08:47 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{291DFD71-997F-40AD-B64F-B8BFD7F05199}
[2012-08-22 09:08:33 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{3C007A5C-D4E3-49A6-9154-DA12EFBC8CD1}
[2012-08-21 21:08:19 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{DEC1EC4B-6445-4A11-91E4-41DA6045F588}
[2012-08-21 11:20:58 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71u.dll
[2012-08-21 11:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge
[2012-08-21 11:20:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinMerge
[2012-08-21 08:29:30 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{74FC5683-C0C0-492A-B3C5-D142D8707643}
[2012-08-20 13:54:46 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Desktop\telento
[2012-08-20 12:41:36 | 000,930,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ccmcore.dll
[2012-08-20 12:41:36 | 000,026,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xprslib.dll
[2012-08-20 12:41:20 | 000,000,000 | ---D | C] -- C:\Windows\ms
[2012-08-20 12:41:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\CCM
[2012-08-20 11:59:21 | 000,000,000 | ---D | C] -- C:\Windows\ccmsetup
[2012-08-20 11:56:15 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Desktop\vpn
[2012-08-20 08:46:07 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{AD5E0CA2-408C-47DE-AC51-192808626ABF}
[2012-08-17 10:24:00 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\driveridentifier
[2012-08-17 10:23:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Identifier
[2012-08-17 09:34:46 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{9B7DC0BC-12DC-4BC9-A5E9-FCF68B34F1C1}
[2012-08-17 09:34:45 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{56B6CB69-B759-4C92-A850-4F09C22817F5}
[2012-08-16 14:22:46 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{E95780EB-B554-4511-8D5F-62B13A5BEAED}
[2012-08-16 13:40:00 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix
[2012-08-16 13:39:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2012-08-16 08:17:29 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Softplicity
[2012-08-16 08:17:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Combine
[2012-08-16 08:17:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Combine
[2012-08-16 08:11:08 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Desktop\*****
[2012-08-16 02:22:49 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{8DDCD794-4AE2-4D7E-B85D-920665A5E07D}
[2012-08-15 11:01:45 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\PDF Writer
[2012-08-15 11:01:45 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\PDF Writer
[2012-08-15 11:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF Writer
[2012-08-15 11:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
[2012-08-15 11:00:49 | 000,227,840 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzFlRdr.dll
[2012-08-15 11:00:49 | 000,135,168 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzpdfc.dll
[2012-08-15 11:00:49 | 000,103,424 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzDCT.dll
[2012-08-15 11:00:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bullzip
[2012-08-15 11:00:47 | 000,216,064 | ---- | C] (Bullzip) -- C:\Windows\SysNative\bzpdf.dll
[2012-08-15 11:00:44 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.OCX
[2012-08-15 11:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bullzip
[2012-08-15 10:56:47 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Desktop\kvitton
[2012-08-15 10:03:20 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{019B9E98-B4FB-4EC6-A97B-E036A6C611D7}
[2012-08-15 10:03:19 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{FC272EA8-FDC8-45DA-87D9-57E4251C33F3}
[2012-08-14 08:55:52 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{BF85A171-2F01-4A3A-9F95-BDA4787C68A2}
[2012-08-14 08:55:51 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{A4A6DEDC-A0E8-4CD7-95BA-3860780DD10C}
[2012-08-13 21:58:18 | 000,038,768 | ---- | C] (GN Netcom A/S) -- C:\Windows\SysNative\drivers\JabraMobileCsrDfuX64.sys
[2012-08-13 20:50:49 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{A1F58AF8-01C0-4BB4-B775-D147ACB7565D}
[2012-08-13 20:50:48 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{119C4A97-3A8A-458C-AE41-0EA684817411}
[2012-08-13 09:32:03 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Documents\Outlook Files
[2012-08-13 08:50:34 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{D77A6DE1-D244-474F-9F33-448BF7770F48}
[2012-08-12 14:04:23 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{FAD74EB4-EC43-47FB-9B7D-ED0FCD1FF99B}
[2012-08-12 14:04:22 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{FAE2EC52-939B-4E2A-9E15-C280F32C118E}
[2012-08-12 02:04:08 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{844BAA92-7BB9-4972-B537-026C09AF9E48}
[2012-08-12 02:04:07 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{CC5AF35F-9F67-4601-8A1C-2A33179217FD}
[2012-08-12 01:23:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CoffeeCup Software
[2012-08-12 01:23:48 | 000,000,000 | ---D | C] -- C:\ProgramData\CoffeeCup Software
[2012-08-12 01:23:41 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
[2012-08-12 01:23:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoffeeCup Software
[2012-08-12 01:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012-08-11 10:40:34 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{89945264-3A18-400F-8ED2-E99AA64114F7}
[2012-08-11 10:40:33 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{EDB8AF0A-B76D-4DB1-A6AD-C1409E6DE7C0}
[2012-08-10 21:28:08 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{ECEE929C-AE46-4EEA-9A4B-C8B5E8850114}
[2012-08-10 21:28:07 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{C5C81D41-2986-453F-85C3-1A3EDC56F4DC}
[2012-08-10 20:08:54 | 000,000,000 | R--D | C] -- C:\Users\jessjo01\Dropbox
[2012-08-10 20:08:09 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012-08-10 20:07:55 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Dropbox
[2012-08-10 12:42:54 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Desktop\Just nu
[2012-08-10 09:27:52 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{68D34F30-10EB-4B07-82D4-A9934A0A865B}
[2012-08-10 09:27:51 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{9AAFFADE-D2ED-48DC-BD1A-EB99199C04FD}
[2012-08-10 09:27:51 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{520B1FC3-DC87-4266-961C-6D0DD52FA8A1}
[2012-08-09 21:17:13 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{76365799-40A0-47B1-9541-CA2FA11CA331}
[2012-08-09 21:17:09 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{29E4D694-FD04-42D6-BB4C-366C0E1FD08C}
[2012-08-09 17:10:54 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Desktop\******
[2012-08-09 08:59:28 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{BD335741-5B8F-4E6F-8364-9A1ABD4A3776}
[2012-08-09 08:59:27 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{8EF4CFF4-CF82-431E-AFE6-248A884ED0A9}
[2012-08-08 15:34:44 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\Spotify
[2012-08-08 15:34:20 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Spotify
[2012-08-08 12:52:39 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{9D584AA7-4AB7-401C-BAAA-D00B19BC24A4}
[2012-08-08 12:52:38 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{BAFFE098-7191-4075-8A54-0946C3BDBE6B}
[2012-08-08 11:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-08-08 11:50:23 | 001,468,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2012-08-08 11:50:23 | 000,188,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012-08-08 11:50:23 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012-08-08 11:50:22 | 026,226,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-08-08 11:50:22 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-08-08 11:50:22 | 019,828,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-08-08 11:50:22 | 018,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-08-08 11:50:22 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-08-08 11:50:22 | 009,164,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-08-08 11:50:22 | 007,699,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012-08-08 11:50:22 | 002,744,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-08-08 11:50:22 | 002,573,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-08-08 11:50:22 | 002,422,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012-08-08 11:50:22 | 002,216,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-08-08 11:50:22 | 001,865,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-08-08 11:50:22 | 001,758,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012-08-08 11:50:22 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012-08-08 11:30:17 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012-08-08 11:30:17 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012-08-08 02:28:03 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Documents\Mina mottagna filer
[2012-08-08 00:52:19 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{4DA5FEED-5F6E-4258-AEED-9A4FF4A70C31}
[2012-08-08 00:52:18 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\{9ED0CC65-E3A9-4C68-AAB7-8952317CD1B7}
[2012-08-08 00:50:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012-08-08 00:49:42 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\Windows Live
[2012-08-08 00:49:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012-08-06 16:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2012-08-06 16:28:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-08-06 16:27:28 | 001,466,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012-08-06 15:58:13 | 000,000,000 | ---D | C] -- C:\Temp
[2012-08-06 13:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonitorDriver
[2012-08-06 13:38:18 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\********
[2012-08-06 13:27:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subversion
[2012-08-06 13:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\SlikSvn
[2012-08-06 13:22:33 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\TeamViewer
[2012-08-06 13:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2012-08-06 13:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Device Center
[2012-08-06 12:23:33 | 000,012,800 | ---- | C] (Hewlett packard) -- C:\Windows\HPun2420Version.dll
[2012-08-06 12:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\QUALCOMM
[2012-08-06 12:23:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QUALCOMM
[2012-08-06 12:23:16 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Hewlett-Packard
[2012-08-06 12:23:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2012-08-06 12:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2012-08-06 12:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\Validity Sensors
[2012-08-06 12:22:48 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\hpqLog
[2012-08-06 12:22:44 | 000,114,688 | ---- | C] (RICOH) -- C:\Windows\SysWow64\RicohMediadriverVer.dll
[2012-08-06 12:22:44 | 000,067,584 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimmpx64.sys
[2012-08-06 12:22:44 | 000,059,008 | ---- | C] (RICOH Company, Ltd.) -- C:\Windows\SysNative\drivers\rismcx64.sys
[2012-08-06 10:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft System Center Data Protection Manager 2010
[2012-08-06 10:44:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Data Protection Manager
[2012-08-06 10:39:50 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-08-06 10:39:50 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-08-06 10:39:50 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-08-06 10:39:50 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-08-06 10:39:49 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-08-06 10:39:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-08-06 10:39:48 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-08-06 10:39:48 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-08-06 10:39:47 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-08-06 10:39:47 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-08-06 10:39:47 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-08-06 10:39:47 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-08-06 10:39:47 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-08-06 10:38:34 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012-08-06 10:38:34 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012-08-06 10:38:26 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012-08-06 10:38:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012-08-06 10:38:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012-08-06 10:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\HP USB Docking Video
[2012-08-06 10:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\DisplayLink Core Software
[2012-08-05 11:27:39 | 000,442,368 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTEC64.dll
[2012-08-05 11:27:39 | 000,162,816 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAC64.dll
[2012-08-05 11:27:39 | 000,068,608 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAR64.dll
[2012-08-05 11:27:38 | 012,861,952 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2012-08-05 11:27:38 | 001,952,256 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2012-08-05 11:27:38 | 000,489,472 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2012-08-05 11:27:38 | 000,090,624 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTCo64.dll
[2012-08-05 11:27:17 | 001,484,288 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2012-08-05 11:27:17 | 000,651,264 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2012-08-05 11:27:17 | 000,515,584 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2012-08-05 11:27:17 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2012-08-05 11:27:17 | 000,219,648 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\staco64.dll
[2012-08-05 07:42:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-08-04 23:54:01 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\CRE
[2012-08-04 23:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012-08-04 23:53:55 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\Conduit
[2012-08-04 23:36:14 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\WinRAR
[2012-08-04 23:36:01 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-08-04 23:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-08-04 23:35:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012-08-04 23:33:49 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\FileZilla
[2012-08-04 23:33:45 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2012-08-04 23:33:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2012-08-02 14:38:40 | 000,203,320 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2012-08-02 14:38:40 | 000,099,384 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2012-08-02 14:34:11 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\Samsung
[2012-08-02 14:34:04 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Samsung
[2012-08-02 14:34:03 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Documents\samsung
[2012-08-02 14:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2012-08-02 14:31:50 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2012-08-02 14:31:44 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2012-08-02 14:31:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2012-08-02 14:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2012-08-02 14:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012-08-02 14:27:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-08-01 11:20:29 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\Sonos,_Inc
[2012-08-01 11:16:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
[2012-08-01 11:16:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sonos
[2012-08-01 11:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonos,_Inc
[2012-08-01 11:16:32 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\Downloaded Installations
[2012-08-01 11:15:07 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\Desktop\Jesper
[2012-07-31 22:02:56 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-07-31 22:02:33 | 001,452,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420102.dll
[2012-07-31 22:02:32 | 014,806,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012-07-31 22:02:32 | 001,683,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420155.dll
[2012-07-31 22:02:32 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco6420103.dll
[2012-07-31 21:23:13 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\Macromedia
[2012-07-31 21:20:02 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Mozilla
[2012-07-31 21:20:02 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\Mozilla
[2012-07-31 21:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-07-31 21:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-07-31 20:53:06 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Babylon
[2012-07-31 20:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012-07-31 20:41:05 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\ElevatedDiagnostics
[2012-07-31 20:34:58 | 000,000,000 | ---D | C] -- C:\SWSetup
[2012-07-31 18:38:42 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-07-31 18:38:18 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\Google
[2012-07-31 18:38:09 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\Deployment
[2012-07-31 18:38:09 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Local\Apps
[2012-07-31 18:36:03 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\Macromedia
[2012-07-31 18:35:11 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-07-31 18:35:11 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-07-31 18:35:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012-07-31 18:35:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012-07-31 18:19:33 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\ControlCenter4
[2012-07-31 16:07:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2012-07-31 16:06:20 | 000,000,000 | ---D | C] -- C:\Brother
[2012-07-31 16:06:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BrFaxRx
[2012-07-31 16:06:19 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\Windows\SysWow64\BRCrypt.dll
[2012-07-31 16:06:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browny02
[2012-07-31 16:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ControlCenter4
[2012-07-31 16:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ControlCenter4
[2012-07-31 16:06:11 | 000,290,304 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrfxDA5c.dll
[2012-07-31 16:06:11 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BrMuSNMP.dll
[2012-07-31 16:06:11 | 000,118,784 | ---- | C] (Brother Industries,LTD.) -- C:\Windows\SysWow64\BrMfNt.dll
[2012-07-31 16:06:10 | 001,439,744 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrWi209d.dll
[2012-07-31 16:06:10 | 000,278,528 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrJDec.dll
[2012-07-31 16:06:10 | 000,255,488 | ---- | C] (brother) -- C:\Windows\SysNative\NSSRH64.dll
[2012-07-31 16:06:10 | 000,083,968 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrNetSti.dll
[2012-07-31 16:06:10 | 000,058,880 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\SysNative\BrWiaNCp.dll
[2012-07-31 16:06:10 | 000,051,200 | ---- | C] (Brother Industries,Ltd) -- C:\Windows\SysNative\Brnsplg.dll
[2012-07-31 16:06:09 | 000,103,736 | ---- | C] (Brother Industries Ltd) -- C:\Windows\SysWow64\BRRBTOOL.EXE
[2012-07-31 16:06:09 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BRLMW03A.DLL
[2012-07-31 16:06:09 | 000,025,299 | ---- | C] (Brother Industries, Ltd) -- C:\Windows\SysWow64\BRLM03A.DLL
[2012-07-31 16:06:08 | 000,217,088 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll
[2012-07-31 16:06:08 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll
[2012-07-31 16:06:08 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll
[2012-07-31 16:06:08 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll
[2012-07-31 16:06:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother
[2012-07-31 16:06:07 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BroSNMP.dll
[2012-07-31 16:06:04 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012-07-31 16:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2012-07-31 16:05:31 | 000,000,000 | ---D | C] -- C:\Users\jessjo01\AppData\Roaming\InstallShield

========== Files - Modified Within 30 Days ==========

[2012-08-24 07:29:00 | 000,000,560 | ---- | M] () -- C:\Windows\tasks\ScheduledDPMClientBackup.job
[2012-08-24 07:17:00 | 000,001,016 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-1843UA.job
[2012-08-24 07:00:00 | 000,000,252 | ---- | M] () -- C:\Windows\tasks\SymprexSignature.job
[2012-08-24 06:48:00 | 000,001,016 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-3931UA.job
[2012-08-24 06:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-08-23 22:27:03 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\jessjo01\Desktop\OTL.exe
[2012-08-23 22:14:09 | 000,789,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-08-23 22:14:09 | 000,659,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-08-23 22:14:09 | 000,123,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-08-23 22:13:00 | 000,016,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-23 22:13:00 | 000,016,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-23 22:06:21 | 000,000,475 | ---- | M] () -- C:\Windows\SMSCFG.ini
[2012-08-23 22:05:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-08-23 22:05:38 | 3107,487,744 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-23 13:00:01 | 000,107,995 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012-08-23 12:12:48 | 000,417,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-08-23 11:32:14 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012-08-23 11:32:08 | 000,795,292 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-08-23 11:02:50 | 000,070,348 | ---- | M] () -- C:\bar.emf
[2012-08-23 10:56:15 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-08-23 10:55:42 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-08-23 10:48:41 | 000,000,162 | ---- | M] () -- C:\Windows\ODBC.INI
[2012-08-23 10:17:00 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-1843Core.job
[2012-08-23 09:09:59 | 000,000,600 | ---- | M] () -- C:\Users\jessjo01\AppData\Local\PUTTY.RND
[2012-08-21 14:56:58 | 000,000,336 | ---- | M] () -- C:\Windows\BRCALIB.INI
[2012-08-21 14:56:26 | 000,027,220 | ---- | M] () -- C:\Users\jessjo01\Desktop\*****.pdf
[2012-08-21 14:56:12 | 000,088,828 | ---- | M] () -- C:\Users\jessjo01\Desktop\*******.pdf
[2012-08-21 11:20:58 | 000,000,982 | ---- | M] () -- C:\Users\jessjo01\Application Data\Microsoft\Internet Explorer\Quick Launch\WinMerge.lnk
[2012-08-20 15:18:29 | 003,813,319 | ---- | M] () -- C:\Users\jessjo01\Desktop\SKMBT_C45112082015130.pdf
[2012-08-20 12:41:36 | 000,004,764 | ---- | M] () -- C:\Windows\SysWow64\CcmFramework.ini
[2012-08-20 12:41:36 | 000,000,621 | ---- | M] () -- C:\Windows\SysWow64\CcmFramework.h
[2012-08-20 10:56:39 | 000,482,982 | ---- | M] () -- C:\Users\jessjo01\Desktop\************.pdf
[2012-08-16 13:40:00 | 000,001,375 | ---- | M] () -- C:\Users\jessjo01\Desktop\GoToMeeting.lnk
[2012-08-16 13:39:34 | 000,060,304 | ---- | M] () -- C:\Users\jessjo01\g2mdlhlpx.exe
[2012-08-16 08:17:28 | 000,001,048 | ---- | M] () -- C:\Users\jessjo01\Desktop\PDFCombine.lnk
[2012-08-15 12:46:11 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-08-15 12:46:11 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-08-14 14:07:20 | 001,162,399 | ---- | M] () -- C:\Users\jessjo01\Desktop\***********.pdf
[2012-08-14 14:07:20 | 001,148,807 | ---- | M] () -- C:\Users\jessjo01\Desktop\***********.pdf
[2012-08-13 21:58:18 | 000,038,768 | ---- | M] (GN Netcom A/S) -- C:\Windows\SysNative\drivers\JabraMobileCsrDfuX64.sys
[2012-08-13 16:44:12 | 000,483,199 | ---- | M] () -- C:\Users\jessjo01\Desktop\**************.pdf
[2012-08-13 08:58:20 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-3931Core.job
[2012-08-13 08:51:31 | 000,008,589 | RHS- | M] () -- C:\Users\jessjo01\ntuser.pol
[2012-08-12 02:29:56 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2012-08-12 02:07:16 | 000,557,056 | ---- | M] () -- C:\Users\jessjo01\AppData\Roaming\SharedSettings.ccs
[2012-08-12 02:00:19 | 000,000,259 | ---- | M] () -- C:\Users\jessjo01\Documents\.htaccess
[2012-08-11 10:41:09 | 000,001,111 | ---- | M] () -- C:\Users\jessjo01\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012-08-10 20:08:54 | 000,001,010 | ---- | M] () -- C:\Users\jessjo01\Desktop\Dropbox.lnk
[2012-08-10 20:08:13 | 000,001,020 | ---- | M] () -- C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012-08-08 15:34:43 | 000,001,788 | ---- | M] () -- C:\Users\jessjo01\Desktop\Spotify.lnk
[2012-08-06 13:52:26 | 000,001,642 | ---- | M] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2012-08-06 13:34:05 | 000,001,486 | ---- | M] () -- C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pageant.lnk
[2012-08-06 13:06:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-08-06 13:02:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2012-08-06 13:00:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64k_01009.Wdf
[2012-08-06 12:59:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012-08-06 12:23:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_QCLocationSensorhp_01_09_00.Wdf
[2012-08-06 12:23:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\dlumd9.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\dlumd9.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\dlumd11.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\dlumd11.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\dlumd10.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\dlumd10.dll
[2012-08-05 07:42:27 | 610,735,064 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-08-02 14:34:02 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012-08-02 14:31:52 | 000,001,987 | ---- | M] () -- C:\Users\jessjo01\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012-08-01 11:16:52 | 000,001,951 | ---- | M] () -- C:\Users\Public\Desktop\Sonos.lnk
[2012-07-31 21:19:35 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-07-31 20:58:30 | 000,000,000 | ---- | M] () -- C:\Users\jessjo01\Documents\Default.rdp
[2012-07-31 20:53:17 | 000,000,304 | ---- | M] () -- C:\user.js
[2012-07-31 16:07:21 | 000,002,150 | ---- | M] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk
[2012-07-31 16:07:00 | 000,000,260 | ---- | M] () -- C:\Windows\Brpfx04a.ini
[2012-07-31 16:07:00 | 000,000,093 | ---- | M] () -- C:\Windows\brpcfx.ini
[2012-07-31 16:06:20 | 000,000,066 | ---- | M] () -- C:\Windows\Brfaxrx.ini

========== Files Created - No Company Name ==========

[2012-08-23 11:32:14 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012-08-23 11:32:10 | 000,001,921 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012-08-23 11:02:50 | 000,070,348 | ---- | C] () -- C:\bar.emf
[2012-08-23 10:56:15 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-08-23 10:48:41 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2012-08-21 14:56:26 | 000,027,220 | ---- | C] () -- C:\Users\jessjo01\Desktop\*****.pdf
[2012-08-21 14:56:12 | 000,088,828 | ---- | C] () -- C:\Users\jessjo01\Desktop\*********.pdf
[2012-08-21 11:20:58 | 000,000,982 | ---- | C] () -- C:\Users\jessjo01\Application Data\Microsoft\Internet Explorer\Quick Launch\WinMerge.lnk
[2012-08-20 15:18:29 | 003,813,319 | ---- | C] () -- C:\Users\jessjo01\Desktop\SKMBT_C45112082015130.pdf
[2012-08-20 12:41:36 | 000,004,764 | ---- | C] () -- C:\Windows\SysWow64\CcmFramework.ini
[2012-08-20 12:41:36 | 000,000,621 | ---- | C] () -- C:\Windows\SysWow64\CcmFramework.h
[2012-08-20 12:02:42 | 000,000,475 | ---- | C] () -- C:\Windows\SMSCFG.ini
[2012-08-20 10:56:38 | 000,482,982 | ---- | C] () -- C:\Users\jessjo01\Desktop\************.pdf
[2012-08-16 13:40:00 | 000,001,375 | ---- | C] () -- C:\Users\jessjo01\Desktop\GoToMeeting.lnk
[2012-08-16 13:39:33 | 000,060,304 | ---- | C] () -- C:\Users\jessjo01\g2mdlhlpx.exe
[2012-08-16 08:17:28 | 000,001,048 | ---- | C] () -- C:\Users\jessjo01\Desktop\PDFCombine.lnk
[2012-08-14 14:07:20 | 001,162,399 | ---- | C] () -- C:\Users\jessjo01\Desktop\**********.pdf
[2012-08-14 14:07:20 | 001,148,807 | ---- | C] () -- C:\Users\jessjo01\Desktop\**********.pdf
[2012-08-13 16:40:47 | 000,483,199 | ---- | C] () -- C:\Users\jessjo01\Desktop\***********.pdf
[2012-08-12 01:23:48 | 000,557,056 | ---- | C] () -- C:\Users\jessjo01\AppData\Roaming\SharedSettings.ccs
[2012-08-12 01:14:00 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012-08-11 17:38:12 | 000,000,259 | ---- | C] () -- C:\Users\jessjo01\Documents\.htaccess
[2012-08-11 10:41:09 | 000,001,111 | ---- | C] () -- C:\Users\jessjo01\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012-08-10 20:08:54 | 000,001,010 | ---- | C] () -- C:\Users\jessjo01\Desktop\Dropbox.lnk
[2012-08-10 20:08:13 | 000,001,020 | ---- | C] () -- C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012-08-08 15:34:43 | 000,001,788 | ---- | C] () -- C:\Users\jessjo01\Desktop\Spotify.lnk
[2012-08-08 15:34:43 | 000,001,774 | ---- | C] () -- C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012-08-08 00:50:51 | 000,002,492 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012-08-06 13:52:26 | 000,001,642 | ---- | C] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2012-08-06 13:35:35 | 000,000,600 | ---- | C] () -- C:\Users\jessjo01\AppData\Local\PUTTY.RND
[2012-08-06 13:30:07 | 000,001,486 | ---- | C] () -- C:\Users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pageant.lnk
[2012-08-06 13:06:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-08-06 13:02:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2012-08-06 13:00:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64k_01009.Wdf
[2012-08-06 12:59:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012-08-06 12:23:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_QCLocationSensorhp_01_09_00.Wdf
[2012-08-06 12:23:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2012-08-06 10:44:51 | 000,000,560 | ---- | C] () -- C:\Windows\tasks\ScheduledDPMClientBackup.job
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\dlumd9.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\dlumd11.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2012-08-06 10:24:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\dlumd10.dll
[2012-08-05 11:27:38 | 000,001,659 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
[2012-08-05 07:42:27 | 610,735,064 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-08-02 14:34:02 | 000,001,963 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012-08-02 14:31:52 | 000,001,987 | ---- | C] () -- C:\Users\jessjo01\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012-08-01 11:16:52 | 000,001,951 | ---- | C] () -- C:\Users\Public\Desktop\Sonos.lnk
[2012-07-31 21:19:35 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-07-31 21:19:35 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-07-31 20:58:30 | 000,000,000 | ---- | C] () -- C:\Users\jessjo01\Documents\Default.rdp
[2012-07-31 20:53:17 | 000,000,304 | ---- | C] () -- C:\user.js
[2012-07-31 18:38:18 | 000,001,016 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-3931UA.job
[2012-07-31 18:38:18 | 000,000,964 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-3931Core.job
[2012-07-31 18:35:11 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-31 16:07:21 | 000,002,150 | ---- | C] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk
[2012-07-31 16:07:00 | 000,000,260 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012-07-31 16:07:00 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012-07-31 16:06:53 | 000,000,336 | ---- | C] () -- C:\Windows\BRCALIB.INI
[2012-07-31 16:06:11 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012-07-31 16:06:11 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012-07-31 16:06:10 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\BrSNMP64.dll
[2012-07-31 16:06:09 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012-07-31 16:06:09 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012-07-31 16:06:08 | 000,000,050 | ---- | C] () -- C:\Windows\SysNative\BRADC10A.DAT
[2012-07-03 16:15:17 | 000,008,589 | RHS- | C] () -- C:\Users\jessjo01\ntuser.pol
[2012-06-28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012-06-26 16:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012-06-26 16:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012-06-26 16:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012-06-26 16:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012-06-26 16:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012-01-17 18:43:35 | 000,795,292 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-01-17 17:32:46 | 000,107,995 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011-02-04 16:31:00 | 000,000,051 | ---- | C] () -- C:\Windows\smsts.ini

< End of report >

FYI - File names changed to ***** is classified information that had to remove the names on.

Edited by musikepple, 24 August 2012 - 12:52 AM.

  • 0

#12
Essexboy
Posted 24 August 2012 - 05:50 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a problem there as they are not the type of file that I am interested in

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#13
musikepple
Posted 24 August 2012 - 06:35 AM

musikepple

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
ComboFix 12-08-22.03 - jessjo01 2012-08-24 14:23:07.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.46.1033.18.3951.1831 [GMT 2:00]
Körs från: c:\users\jessjo01\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\jessjo01\AppData\Local\Temp\d6ebea43-a7f6-428d-ab33-ddb1ea1983ec\CliSecureRT.dll
c:\users\jessjo01\g2mdlhlpx.exe
c:\users\TEMP\prf30C.tmp
c:\windows\SysWow64\dlumd10.dll
c:\windows\SysWow64\dlumd11.dll
c:\windows\SysWow64\dlumd9.dll
c:\windows\SysWow64\muzapp.exe
.
.
(((((((((((((((((((((((( Filer skapade från 2012-07-24 till 2012-08-24 ))))))))))))))))))))))))))))))
.
.
2012-08-23 18:02 . 2012-08-23 18:02 -------- d-----w- C:\_OTL
2012-08-23 17:22 . 2012-08-24 05:56 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-08-23 17:22 . 2012-08-23 17:22 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-08-23 17:03 . 2012-08-23 19:52 -------- d-----w- c:\windows\SysWow64\config\systemprofile\Tracing
2012-08-23 16:59 . 2012-08-24 12:25 -------- d-----w- c:\users\TEMP
2012-08-23 14:54 . 2012-08-23 14:54 -------- d-----w- c:\users\jessjo01\AppData\Roaming\Malwarebytes
2012-08-23 14:53 . 2012-08-23 14:53 -------- d-----w- c:\programdata\Malwarebytes
2012-08-23 14:53 . 2012-08-23 19:52 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-23 14:35 . 2012-08-23 19:52 -------- d-----w- c:\programdata\clp
2012-08-23 14:35 . 2012-08-23 14:35 -------- d-----w- c:\users\jessjo01\AppData\Roaming\Fighters
2012-08-23 14:35 . 2012-08-23 19:52 -------- d-----w- c:\program files (x86)\Fighters
2012-08-23 14:35 . 2012-08-23 14:35 -------- d-----w- c:\programdata\Common Toolkit Suite
2012-08-23 14:33 . 2012-08-23 14:35 -------- d-----w- c:\programdata\Fighters
2012-08-23 14:30 . 2012-08-23 14:30 -------- d-----w- c:\users\jessjo01\AppData\Roaming\Simply Super Software
2012-08-23 14:29 . 2012-08-23 14:29 -------- d-----w- c:\programdata\Simply Super Software
2012-08-23 14:29 . 2012-08-23 19:52 -------- d-----w- c:\program files (x86)\Trojan Remover
2012-08-23 14:10 . 2012-08-23 14:10 -------- d-----w- c:\program files (x86)\ESET
2012-08-23 11:54 . 2012-08-23 11:54 -------- d-----w- C:\$AVG
2012-08-23 11:54 . 2012-08-23 19:52 -------- d-----w- c:\programdata\AVG2012
2012-08-23 11:54 . 2012-08-23 19:52 -------- d-----w- c:\windows\system32\drivers\AVG
2012-08-23 11:54 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\AVG
2012-08-23 11:51 . 2012-08-23 11:51 -------- d-----w- c:\programdata\Common Files
2012-08-23 11:51 . 2012-08-24 05:56 -------- d-----w- c:\programdata\MFAData
2012-08-23 09:51 . 2012-08-23 09:59 -------- d-----w- c:\programdata\ATRIL
2012-08-23 09:51 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-08-23 09:51 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2012-08-23 08:55 . 2012-08-23 08:55 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-08-23 08:55 . 2012-08-23 08:56 -------- d-----w- c:\users\jessjo01\AppData\Roaming\DAEMON Tools Lite
2012-08-23 08:55 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-08-23 08:54 . 2012-08-23 08:56 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-08-23 08:51 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\Microsoft Works
2012-08-21 09:20 . 2008-12-21 21:22 1047552 ----a-w- c:\windows\SysWow64\mfc71u.dll
2012-08-21 09:20 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\WinMerge
2012-08-20 10:41 . 2009-09-18 02:00 930160 ----a-w- c:\windows\system32\ccmcore.dll
2012-08-20 10:41 . 2009-09-18 02:00 26464 ----a-w- c:\windows\system32\xprslib.dll
2012-08-20 10:41 . 2012-08-24 05:56 -------- d-----w- c:\windows\SysWow64\CCM
2012-08-20 10:41 . 2012-08-20 10:41 -------- d-----w- c:\windows\ms
2012-08-20 09:59 . 2012-08-24 05:55 -------- d-----w- c:\windows\ccmsetup
2012-08-17 08:24 . 2012-08-17 08:24 -------- d-----w- c:\users\jessjo01\AppData\Roaming\driveridentifier
2012-08-17 08:23 . 2012-08-17 08:26 -------- d-----w- c:\program files (x86)\Driver Identifier
2012-08-16 11:39 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\Citrix
2012-08-16 06:17 . 2012-08-16 06:17 -------- d-----w- c:\users\jessjo01\AppData\Roaming\Softplicity
2012-08-16 06:17 . 2012-08-16 06:17 -------- d-----w- c:\program files (x86)\PDF Combine
2012-08-15 09:01 . 2012-08-24 05:55 -------- d-----w- c:\users\jessjo01\AppData\Roaming\PDF Writer
2012-08-15 09:01 . 2012-08-15 09:01 -------- d-----w- c:\users\jessjo01\AppData\Local\PDF Writer
2012-08-15 09:01 . 2012-08-15 09:01 -------- d-----w- c:\programdata\PDF Writer
2012-08-15 09:01 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL
2012-08-15 09:00 . 2012-08-24 05:55 -------- d-----w- c:\program files\Common Files\Bullzip
2012-08-15 09:00 . 2010-09-27 13:29 135168 ----a-w- c:\windows\SysWow64\bzpdfc.dll
2012-08-15 09:00 . 2008-10-30 13:29 227840 ----a-w- c:\windows\SysWow64\bzFlRdr.dll
2012-08-15 09:00 . 2008-07-09 13:29 103424 ----a-w- c:\windows\SysWow64\bzDCT.dll
2012-08-15 09:00 . 2012-03-27 13:29 216064 ----a-w- c:\windows\system32\bzpdf.dll
2012-08-15 09:00 . 2012-08-24 05:55 -------- d-----w- c:\program files\Bullzip
2012-08-15 09:00 . 1999-05-06 22:00 140288 ----a-w- c:\windows\SysWow64\comdlg32.OCX
2012-08-13 19:58 . 2012-08-13 19:58 38768 ----a-w- c:\windows\system32\drivers\JabraMobileCsrDfuX64.sys
2012-08-11 23:23 . 2012-08-11 23:23 -------- d-----w- c:\programdata\CoffeeCup Software
2012-08-11 23:23 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\CoffeeCup Software
2012-08-11 23:23 . 2012-08-11 23:23 715776 ----a-r- c:\users\jessjo01\AppData\Roaming\Microsoft\Installer\{66F43DBE-6D46-4BCE-831D-0D4C13639BE8}\Icon66F43DBE.exe
2012-08-11 23:23 . 2012-08-11 23:23 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-08-10 18:08 . 2012-08-24 10:49 -------- d-----r- c:\users\jessjo01\Dropbox
2012-08-10 18:07 . 2012-08-24 12:28 -------- d-----w- c:\users\jessjo01\AppData\Roaming\Dropbox
2012-08-08 13:34 . 2012-08-24 12:17 -------- d-----w- c:\users\jessjo01\AppData\Local\Spotify
2012-08-08 13:34 . 2012-08-24 10:54 -------- d-----w- c:\users\jessjo01\AppData\Roaming\Spotify
2012-08-08 09:52 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-08-08 09:30 . 2012-06-29 03:37 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-08-08 09:30 . 2012-06-29 03:37 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-08-07 22:50 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\Windows Live
2012-08-07 22:49 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2012-08-07 22:49 . 2012-08-17 07:34 -------- d-----w- c:\users\jessjo01\AppData\Local\Windows Live
2012-08-06 14:54 . 2012-08-24 05:55 -------- d-----w- c:\program files\IDT
2012-08-06 14:27 . 2012-05-31 20:18 1466216 ----a-w- c:\windows\system32\nvgenco64.dll
2012-08-06 13:58 . 2012-08-06 13:58 -------- d-----w- C:\Temp
2012-08-06 11:52 . 2012-08-06 11:52 -------- d-----w- c:\program files (x86)\MonitorDriver
2012-08-06 11:38 . 2012-08-07 07:47 -------- d-----w- c:\users\jessjo01\AppData\Local\********
2012-08-06 11:27 . 2012-08-24 05:55 -------- d-----w- c:\program files\SlikSvn
2012-08-06 11:22 . 2012-08-06 11:22 -------- d-----w- c:\users\jessjo01\AppData\Roaming\TeamViewer
2012-08-06 11:01 . 2012-08-24 05:56 -------- d-----w- c:\program files\Microsoft Device Center
2012-08-06 10:23 . 2011-05-03 08:30 12800 ------w- c:\windows\HPun2420Version.dll
2012-08-06 10:23 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\QUALCOMM
2012-08-06 10:23 . 2012-08-06 10:23 -------- d-----w- c:\programdata\QUALCOMM
2012-08-06 10:23 . 2012-08-06 10:23 -------- d-----w- c:\users\jessjo01\AppData\Roaming\Hewlett-Packard
2012-08-06 10:23 . 2012-08-06 10:23 -------- d-----w- c:\program files (x86)\Hewlett-Packard
2012-08-06 10:23 . 2012-08-06 10:23 -------- d-----w- c:\programdata\Hewlett-Packard
2012-08-06 10:23 . 2012-08-24 05:55 -------- d-----w- c:\program files\Validity Sensors
2012-08-06 10:22 . 2012-08-06 10:23 -------- d-----w- c:\users\jessjo01\AppData\Roaming\hpqLog
2012-08-06 10:22 . 2009-11-02 08:12 114688 ----a-w- c:\windows\SysWow64\RicohMediadriverVer.dll
2012-08-06 10:22 . 2009-07-20 13:05 59008 ----a-w- c:\windows\system32\drivers\rismcx64.sys
2012-08-06 10:22 . 2009-06-25 15:04 67584 ----a-w- c:\windows\system32\drivers\rimmpx64.sys
2012-08-06 08:44 . 2012-08-24 05:55 -------- d-----w- c:\program files\Microsoft Data Protection Manager
2012-08-06 08:42 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-06 08:38 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2012-08-06 08:24 . 2012-08-06 08:24 -------- d-----w- c:\program files\HP USB Docking Video
2012-08-06 08:24 . 2012-08-24 05:55 -------- d-----w- c:\program files\DisplayLink Core Software
2012-08-06 08:24 . 2012-08-06 08:24 0 ----a-w- c:\windows\system32\dlumd9.dll
2012-08-06 08:24 . 2012-08-06 08:24 0 ----a-w- c:\windows\system32\dlumd11.dll
2012-08-06 08:24 . 2012-08-06 08:24 0 ----a-w- c:\windows\system32\dlumd10.dll
2012-08-05 09:27 . 2010-01-25 22:30 162816 ----a-w- c:\windows\system32\AESTAC64.dll
2012-08-05 09:27 . 2009-10-08 20:45 442368 ----a-w- c:\windows\system32\AESTEC64.dll
2012-08-05 09:27 . 2009-03-01 21:58 68608 ----a-w- c:\windows\system32\AESTAR64.dll
2012-08-05 09:27 . 2010-09-07 22:05 489472 ----a-w- c:\windows\sttray64.exe
2012-08-05 09:27 . 2010-09-07 22:05 1952256 ----a-w- c:\windows\system32\stlang64.dll
2012-08-05 09:27 . 2010-09-07 22:05 12861952 ----a-w- c:\windows\system32\idtcpl64.cpl
2012-08-05 09:27 . 2009-03-01 21:47 90624 ----a-w- c:\windows\system32\AESTCo64.dll
2012-08-05 09:27 . 2010-09-07 22:05 651264 ----a-w- c:\windows\system32\stapi64.dll
2012-08-05 09:27 . 2010-09-07 22:05 515584 ----a-w- c:\windows\system32\drivers\stwrt64.sys
2012-08-05 09:27 . 2010-09-07 22:05 431616 ----a-w- c:\windows\system32\stcplx64.dll
2012-08-05 09:27 . 2010-09-07 22:05 219648 ----a-w- c:\windows\system32\staco64.dll
2012-08-05 09:27 . 2010-09-07 22:05 1484288 ----a-w- c:\windows\system32\stapo64.dll
2012-08-04 21:54 . 2012-08-23 09:26 -------- d-----w- c:\users\jessjo01\AppData\Local\CRE
2012-08-04 21:53 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\Conduit
2012-08-04 21:53 . 2012-08-24 05:56 -------- d-----w- c:\users\jessjo01\AppData\Local\Conduit
2012-08-04 21:33 . 2012-08-23 09:06 -------- d-----w- c:\users\jessjo01\AppData\Roaming\FileZilla
2012-08-04 21:33 . 2012-08-24 05:56 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
2012-08-02 12:38 . 2012-06-04 07:59 99384 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-08-02 12:38 . 2012-06-04 07:59 203320 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-08-02 12:34 . 2012-08-24 05:55 -------- d-----w- c:\users\jessjo01\AppData\Local\Samsung
2012-08-02 12:34 . 2012-08-24 05:55 -------- d-----w- c:\users\jessjo01\AppData\Roaming\Samsung
2012-08-02 12:31 . 2012-06-26 14:03 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-08-02 12:31 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\MarkAny
2012-08-02 12:31 . 2012-06-26 14:02 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-08-02 12:31 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\Samsung
2012-08-02 12:31 . 2012-08-02 12:32 -------- d-----w- c:\programdata\Samsung
2012-08-01 09:20 . 2012-08-24 05:55 -------- d-----w- c:\users\jessjo01\AppData\Local\Sonos,_Inc
2012-08-01 09:16 . 2012-08-24 05:55 -------- d-----w- c:\program files (x86)\Sonos
2012-08-01 09:16 . 2012-08-12 10:34 -------- d-----w- c:\programdata\Sonos,_Inc
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-07 22:50 . 2011-03-28 16:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-08-06 08:40 . 2011-02-04 15:16 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 13:33 . 2012-07-03 13:33 172592 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-06-29 03:37 . 2012-05-18 22:53 2723688 ----a-w- c:\windows\system32\nvapi64.dll
2012-06-29 03:37 . 2012-05-18 22:53 15290216 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-06-29 03:37 . 2012-05-18 22:53 12388712 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-06-28 23:55 . 2012-07-03 14:05 3266408 ----a-w- c:\windows\system32\nvsvc64.dll
2012-06-28 23:55 . 2012-07-03 14:05 6193000 ----a-w- c:\windows\system32\nvcpl.dll
2012-06-28 23:55 . 2012-07-03 14:05 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-06-28 23:55 . 2012-07-03 14:05 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-06-28 23:55 . 2012-07-03 14:05 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-06-28 23:55 . 2012-07-03 14:05 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-06-28 15:44 . 2012-06-28 15:44 428904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-06-26 19:38 . 2012-06-26 19:38 46176 ----a-w- c:\windows\system32\drivers\point64.sys
2012-06-26 14:02 . 2012-06-26 14:02 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-06-26 14:02 . 2012-06-26 14:02 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-06-26 14:02 . 2012-06-26 14:02 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-06-26 14:02 . 2012-06-26 14:02 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2012-06-26 14:02 . 2012-06-26 14:02 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2012-06-26 14:02 . 2012-06-26 14:02 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2012-06-26 14:02 . 2012-06-26 14:02 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2012-06-26 14:02 . 2012-06-26 14:02 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2012-06-26 14:02 . 2012-06-26 14:02 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2012-06-26 14:02 . 2012-06-26 14:02 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2012-06-26 14:02 . 2012-06-26 14:02 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2012-06-26 14:02 . 2012-06-26 14:02 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2012-06-26 14:02 . 2012-06-26 14:02 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-06-26 14:02 . 2012-06-26 14:02 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2012-06-26 14:02 . 2012-06-26 14:02 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2012-06-26 14:02 . 2012-06-26 14:02 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2012-06-26 14:02 . 2012-06-26 14:02 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2012-06-26 14:02 . 2012-06-26 14:02 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2012-06-26 14:02 . 2012-06-26 14:02 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2012-06-26 14:02 . 2012-06-26 14:02 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2012-06-26 14:02 . 2012-06-26 14:02 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2012-06-26 14:02 . 2012-06-26 14:02 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2012-06-26 14:02 . 2012-06-26 14:02 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2012-06-26 14:02 . 2012-06-26 14:02 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2012-06-26 14:02 . 2012-06-26 14:02 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2012-06-26 14:02 . 2012-06-26 14:02 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2012-06-26 14:02 . 2012-06-26 14:02 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2012-06-26 14:02 . 2012-06-26 14:02 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2012-06-24 20:24 . 2012-06-24 20:24 52320 ----a-w- c:\windows\system32\drivers\dc3d.sys
2012-06-02 22:19 . 2012-07-03 13:35 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-07-03 13:35 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-07-03 13:35 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-07-03 13:35 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-07-03 13:35 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-07-03 13:35 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-07-03 13:35 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-07-03 13:35 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-07-03 13:35 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-28 05:09 . 2012-05-28 05:09 2168416 ----a-w- c:\windows\system32\coin91.dll
.
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* tomma poster & legitima standardposter visas inte.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\jessjo01\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\jessjo01\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\jessjo01\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\jessjo01\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-08-06 960440]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-06 21432]
"Spotify"="c:\users\jessjo01\AppData\Roaming\Spotify\Spotify.exe" [2012-08-20 5576408]
"Spotify Web Helper"="c:\users\jessjo01\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-20 1193176]
"GoToMeeting"="c:\program files (x86)\Citrix\GoToMeeting\880\g2mstart.exe" [2012-08-16 39816]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-03-09 115560]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2012-06-11 12099672]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2011-10-07 2629632]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-08-06 3524536]
.
c:\users\jessjo01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\jessjo01\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-25 26909544]
pageant.lnk - c:\program files (x86)\PuTTY\pageant.exe [2011-2-4 139264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableInstallerDetection"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-06-04 99384]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 71168]
R3 DPMRA;DPMRA;c:\program files\Microsoft Data Protection Manager\DPM\bin\DPMRA.exe [2010-04-08 4263816]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-26 158976]
R3 JabraDFU;Jabra Bluecore headset DFU driver;c:\windows\system32\Drivers\JabraMobileCsrDfuX64.sys [2012-08-13 38768]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RICOH SmartCard Reader;RICOH SmartCard Reader;c:\windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-06-04 203320]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-05 1255736]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-23 283200]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-01 89600]
S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2011-08-09 8329576]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 QDLService2kHP;Qualcomm Gobi 2000 Download Service (HP);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe [2011-04-29 1687360]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-06-28 382312]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-18 2045232]
S3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-06-24 52320]
S3 DPMClientService;DPM Client Service;c:\program files\Microsoft Data Protection Manager\DPM\bin\DPMClientService.exe [2010-04-08 483720]
S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2010-04-05 301232]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-08 138912]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-08-03 8604672]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-05-21 188776]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-06-26 46176]
S3 qcfilterhp2k;HP un2420 Mobile Broadband Module USB Device Filter;c:\windows\system32\DRIVERS\qcfilterhp2k.sys [2011-04-29 6400]
S3 qcombushp;Gobi 2000 USB Composite Device Driver(03F0-251D);c:\windows\system32\DRIVERS\qcombushp.sys [2011-04-29 160328]
S3 qcusbnethp2k;Gobi 2000 USB-NDIS miniport(03F0-251D);c:\windows\system32\DRIVERS\qcusbnethp2k.sys [2011-04-29 444416]
S3 qcusbserhp2k;Gobi 2000 USB Device for Legacy Serial Communication(03F0-251D);c:\windows\system32\DRIVERS\qcusbserhp2k.sys [2011-04-29 230784]
S3 rismcx64;RICOH Smart Card Reader;c:\windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Övriga tjänster/drivrutiner i minnet ---
.
*NewlyCreated* - WS2IFSL
.
Innehåll i mappen 'Schemalagda aktiviteter':
.
2012-08-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-31 10:46]
.
2012-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-1843Core.job
- c:\users\patand01\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-18 09:12]
.
2012-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-1843UA.job
- c:\users\patand01\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-18 09:12]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-3931Core.job
- c:\users\jessjo01\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31 16:38]
.
2012-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1875694159-2650994643-2538900688-3931UA.job
- c:\users\jessjo01\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31 16:38]
.
2012-08-24 c:\windows\Tasks\ScheduledDPMClientBackup.job
- c:\windows\SYSTEM32\rundll32.exe [2009-07-13 01:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\jessjo01\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\jessjo01\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\jessjo01\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\jessjo01\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"DPMClientUI"="c:\program files\Microsoft Data Protection Manager\DPM\bin\DPMClient.exe" [2010-04-08 29576]
"IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-26 1464928]
"IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-26 2004584]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-07 489472]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-06-29 1694016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Extra genomsökning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.se/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 8.8.8.8 87.96.222.67
FF - ProfilePath - c:\users\jessjo01\AppData\Roaming\Mozilla\Firefox\Profiles\dvuy0okk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225826&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - BitTorrentControl_v12 Customized Web Search
FF - prefs.js: browser.startup.homepage - www.google.se
.
- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
URLSearchHooks-{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
Wow6432Node-HKCU-Run-BitTorrent - c:\program files (x86)\BitTorrent\BitTorrent.exe
SafeBoot-Symantec Antvirus
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - (no file)
.
.
.
--------------------- LÅSTA REGISTERNYCKLAR ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andra processer som körs ------------------------
.
c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
c:\windows\SysWOW64\CCM\CcmExec.exe
c:\program files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
c:\program files (x86)\ControlCenter4\BrCtrlCntr.exe
c:\program files (x86)\Citrix\GoToMeeting\880\g2mcomm.exe
c:\program files (x86)\Citrix\GoToMeeting\880\g2mlauncher.exe
c:\program files (x86)\ControlCenter4\BrCcUxSys.exe
.
**************************************************************************
.
Sluttid: 2012-08-24 14:30:02 - datorn startades om.
ComboFix-quarantined-files.txt 2012-08-24 12:30
.
Före genomsökningen: 29 981 573 120 bytes free
Efter genomsökningen: 30 092 152 832 bytes free
.
- - End Of File - - 3BA8DDF0E790E891E8E4EE3B8CAFFCF3

Im gonna do a restart now and check how it´s running...
  • 0

#14
Essexboy
Posted 24 August 2012 - 06:39 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK it looked as though Norton is detecting its own quarantine area
  • 0

#15
musikepple
Posted 24 August 2012 - 08:29 AM

musikepple

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Whaqt does that mean?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP