Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

windows update will not install/download updates suspect mallware [Sol


  • This topic is locked This topic is locked

#1
dennisK16

dennisK16

    Member

  • Member
  • PipPipPip
  • 155 posts
i'm having a windows update installation/download issues it will not download any issues i tried to do the windows hotfix that was suggested by windows but this didn't solve the problem so now i'm starting to think its a mallware issues.
this is the windows error code i'm getting: 80070005 a unknow error has occurred


Any help is appriciated
i posted the OTL log below.

OTL logfile created on: 4-11-2012 21:15:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pieter\Documents\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

15,75 Gb Total Physical Memory | 12,87 Gb Available Physical Memory | 81,75% Memory free
31,49 Gb Paging File | 28,43 Gb Available in Paging File | 90,28% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,46 Gb Total Space | 830,34 Gb Free Space | 89,14% Space Free | Partition Type: NTFS
Drive D: | 2,63 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 931,46 Gb Total Space | 366,90 Gb Free Space | 39,39% Space Free | Partition Type: NTFS
Drive H: | 353,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 930,85 Gb Total Space | 481,06 Gb Free Space | 51,68% Space Free | Partition Type: NTFS
Drive J: | 292,97 Gb Total Space | 254,54 Gb Free Space | 86,88% Space Free | Partition Type: NTFS
Drive K: | 698,63 Gb Total Space | 527,96 Gb Free Space | 75,57% Space Free | Partition Type: NTFS
Drive L: | 254,53 Gb Total Space | 130,16 Gb Free Space | 51,14% Space Free | Partition Type: NTFS
Drive M: | 14,82 Gb Total Space | 14,13 Gb Free Space | 95,37% Space Free | Partition Type: FAT32

Computer Name: PIETER-NIEUW-PC | User Name: Pieter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-11-04 21:14:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pieter\Documents\Downloads\OTL.exe
PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-10-25 15:45:50 | 016,052,192 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012-10-14 14:29:46 | 029,378,432 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
PRC - [2012-10-10 11:06:17 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011-12-12 08:01:32 | 001,531,272 | ---- | M] (ashampoo GmbH & Co. KG) -- C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe
PRC - [2011-10-21 10:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011-05-24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2010-02-03 15:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2010-01-22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009-09-08 13:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009-09-02 12:35:30 | 001,972,224 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe


========== Modules (No Company Name) ==========

MOD - [2012-11-04 21:03:04 | 000,086,016 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\_elementtree.pyd
MOD - [2012-11-04 21:03:04 | 000,040,448 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\_socket.pyd
MOD - [2012-11-04 21:03:03 | 000,571,392 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\pysqlite2._sqlite.pyd
MOD - [2012-11-04 21:03:03 | 000,263,168 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32com.shell.shell.pyd
MOD - [2012-11-04 21:03:03 | 000,096,256 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32api.pyd
MOD - [2012-11-04 21:03:03 | 000,070,656 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._html2.pyd
MOD - [2012-11-04 21:03:03 | 000,023,040 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32ts.pyd
MOD - [2012-11-04 21:03:02 | 001,024,024 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\windows._cacheinvalidation.pyd
MOD - [2012-11-04 21:03:02 | 000,792,576 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._gdi_.pyd
MOD - [2012-11-04 21:03:02 | 000,017,920 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32profile.pyd
MOD - [2012-11-04 21:03:02 | 000,011,776 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32crypt.pyd
MOD - [2012-11-04 21:03:01 | 000,731,136 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._misc_.pyd
MOD - [2012-11-04 21:03:01 | 000,354,304 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\pythoncom26.dll
MOD - [2012-11-04 21:03:01 | 000,073,728 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\_ctypes.pyd
MOD - [2012-11-04 21:03:00 | 000,110,592 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32security.pyd
MOD - [2012-11-04 21:03:00 | 000,110,592 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\pywintypes26.dll
MOD - [2012-11-04 21:02:59 | 000,645,120 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\_ssl.pyd
MOD - [2012-11-04 21:02:58 | 001,169,408 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._core_.pyd
MOD - [2012-11-04 21:02:58 | 000,036,352 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32process.pyd
MOD - [2012-11-04 21:02:58 | 000,022,528 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32pdh.pyd
MOD - [2012-11-04 21:02:57 | 000,807,424 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._windows_.pyd
MOD - [2012-11-04 21:02:57 | 000,311,808 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\_hashlib.pyd
MOD - [2012-11-04 21:02:57 | 000,121,856 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._wizard.pyd
MOD - [2012-11-04 21:02:56 | 000,111,104 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32file.pyd
MOD - [2012-11-04 21:02:56 | 000,039,424 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32inet.pyd
MOD - [2012-11-04 21:02:54 | 001,056,256 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._controls_.pyd
MOD - [2012-11-04 21:02:54 | 000,585,728 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\unicodedata.pyd
MOD - [2012-11-04 21:02:54 | 000,153,088 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\pyexpat.pyd
MOD - [2012-11-04 21:02:54 | 000,017,920 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32event.pyd
MOD - [2012-11-04 21:02:54 | 000,011,776 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\select.pyd
MOD - [2012-10-10 11:06:15 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012-10-10 11:06:13 | 012,435,992 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012-10-10 11:06:12 | 004,005,912 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012-10-10 11:04:57 | 000,578,072 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012-10-10 11:04:55 | 000,123,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012-10-10 11:04:44 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012-10-10 11:04:43 | 000,275,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012-10-10 11:04:42 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2011-12-12 08:01:28 | 000,065,416 | ---- | M] () -- C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\MouseHook.dll
MOD - [2009-09-30 04:33:08 | 000,024,576 | RH-- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009-09-02 12:35:30 | 001,972,224 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe
MOD - [2009-07-30 16:07:14 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MFL_u_VC8.dll
MOD - [2009-03-25 15:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009-03-19 21:35:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009-03-19 21:35:50 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
MOD - [2009-01-15 13:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
MOD - [2007-09-05 16:42:10 | 000,638,976 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\PlayRIpl.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012-09-13 01:26:20 | 000,229,392 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:64bit: - [2012-08-06 11:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012-05-04 19:33:20 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2010-02-11 04:05:44 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-11-02 12:53:31 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-10-19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-07-23 15:35:06 | 000,171,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe -- (PACSPTISVR-Sound_Organizer)
SRV - [2012-07-05 17:10:14 | 000,147,368 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012-07-05 17:10:08 | 000,375,208 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012-06-08 11:06:24 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011-05-24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011-04-26 12:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010-03-18 12:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-10-01 20:32:04 | 004,584,288 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2009-09-21 19:25:34 | 001,571,336 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service)
SRV - [2009-09-21 19:19:22 | 002,963,960 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe -- (SymSnapService)
SRV - [2009-09-08 13:12:51 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-10-21 14:50:00 | 000,548,864 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-11-04 21:04:01 | 000,015,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012-08-21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012-07-28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012-07-05 17:11:18 | 000,087,488 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012-06-26 20:38:30 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012-06-24 21:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012-06-18 12:34:44 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012-06-18 12:34:42 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012-06-08 11:06:24 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012-06-08 11:05:56 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012-05-04 19:33:12 | 002,196,592 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012-04-12 00:30:00 | 000,708,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012-03-07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012-03-05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012-03-05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011-11-29 03:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011-06-10 16:00:38 | 000,208,896 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011-06-10 16:00:36 | 000,091,648 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011-06-02 06:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011-06-02 06:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011-06-02 06:47:22 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011-06-02 06:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011-04-26 10:26:00 | 000,353,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | -H-- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | -H-- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-16 17:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011-01-15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010-12-21 06:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010-12-16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010-11-20 14:33:35 | 000,078,720 | -H-- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-08-20 02:45:28 | 000,654,720 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2010-08-20 02:44:48 | 000,943,872 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2010-06-30 17:01:04 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV:64bit: - [2010-02-18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010-02-11 04:24:04 | 006,368,256 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-02-11 03:11:12 | 000,188,416 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-02-06 14:49:24 | 000,690,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2009-10-01 21:03:40 | 000,154,168 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2009-09-30 22:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009-09-21 19:40:14 | 000,020,528 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV:64bit: - [2009-09-21 19:26:10 | 000,054,320 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2009-09-21 19:20:42 | 000,170,032 | -H-- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\symsnap.sys -- (symsnap)
DRV:64bit: - [2009-07-16 04:38:40 | 000,015,416 | -H-- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | -H-- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | -H-- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | -H-- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | -H-- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-02-29 10:15:18 | 000,041,488 | ---- | M] (Logicool, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2000-01-01 01:00:00 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2000-01-01 01:00:00 | 000,016,552 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV - [2012-06-08 11:06:24 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2011-08-01 17:27:09 | 000,096,320 | ---- | M] (Acronis) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\snapman.sys -- (snapman)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-01-20 05:42:00 | 000,014,208 | ---- | M] (MAGIX) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\disksec.sys -- (DiskSec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect...mrud=10-05-2012

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.softon...chSource=10&cc=
IE - HKCU\..\URLSearchHook: {0734d757-fea6-4637-a7e4-2bd40a7fd8da} - No CLSID value found
IE - HKCU\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0BD4D1DC-D7D6-4D17-882E-E0D343CEAE92}: "URL" = http://websearch.ask...79-C4EB9971482D
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{307C2D13-5611-4B35-87A8-C27B7D7FC264}: "URL" = http://search.softon...rce=4&cc=&r=987
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.search...q={searchTerms}
IE - HKCU\..\SearchScopes\{56DDD002-DF69-4F1B-977D-2E434C4618A7}: "URL" = http://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerms}&lng={moz:locale}&iy=&ychte=nl
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect...mrud=10-05-2012
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-21 14:01:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-02 12:51:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-21 14:01:00 | 000,000,000 | ---D | M]

[2011-10-21 18:30:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\Extensions
[2011-10-21 18:30:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\Extensions\[email protected]
[2011-09-02 13:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\SeaMonkey\Profiles\bu614np4.default\extensions
[2012-07-10 15:33:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-04-23 11:28:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask...q={searchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch....q={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: YouTube = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Facebook = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Google Zoeken = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: ComplitlyEngine plugin for chrome = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\
CHR - Extension: Megavideo Playerplus = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\efpoolkicbnlkaibhppihnfehghajfeg\1.7.3_0\
CHR - Extension: LastPass = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: TV Netherlands - Television Netherlands = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcfidfojebalmpcconceiiolchimckba\2.2_0\
CHR - Extension: Skype Click to Call = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\
CHR - Extension: FileConverter 1.4 = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf\10.13.1.89_0\
CHR - Extension: Gmail = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O2:64bit: - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Pieter\AppData\Roaming\ComplitlyEngine\64\ComplitlyEngine64.dll (SimplyGen)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Pieter\AppData\Roaming\ComplitlyEngine\ComplitlyEngine.dll (SimplyGen)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll (Softonic.com)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKCU..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe (ashampoo GmbH & Co. KG)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [OTButtonManager-00] D:\SATA-225-OTB\StorageButtonManager-12.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2289CDEB-23FE-423F-9920-8274E629ECCB}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68D74764-2204-4D4D-B6EB-F27A1D3500EC}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70D10440-B4B9-42CB-8892-8AE0262DA58D}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C5D766C-F131-48E1-88A2-AACC8D0D51A4}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D102F77-5F2F-4458-9F63-9A926ADC6B33}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9AC07305-28FA-42BE-918A-ADD8C27A7D76}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A74B2BE6-9033-48AE-914A-4E15DCF74B24}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1E20059-C879-4546-B732-831CA27320EB}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBFB8148-2495-4350-946D-592D7C822096}: DhcpNameServer = 192.168.2.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-01-28 21:00:27 | 000,000,088 | ---- | M] () - H:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010-05-06 03:53:10 | 000,000,000 | RH-D | M] - L:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002-10-16 18:56:50 | 000,000,036 | RH-- | M] () - L:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{34e80f11-bc55-11e0-86cc-bcaec56dc1a0}\Shell - "" = AutoRun
O33 - MountPoints2\{534c5357-bf4e-11e0-88b8-bcaec56dc1a0}\Shell - "" = AutoRun
O33 - MountPoints2\{534c5357-bf4e-11e0-88b8-bcaec56dc1a0}\Shell\AutoRun\command - "" = O:\EasySuite.exe
O33 - MountPoints2\{fca5d7cb-2fa2-11e1-9bde-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fca5d7cb-2fa2-11e1-9bde-806e6f6e6963}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-11-04 20:55:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-11-04 20:55:43 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\ElevatedDiagnostics
[2012-11-04 20:38:43 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012-11-02 22:30:50 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\MAGIX_MxTray
[2012-11-02 20:47:18 | 000,000,000 | RH-D | C] -- C:\ESD
[2012-11-02 13:08:13 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012-11-02 13:07:52 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2012-11-02 13:02:43 | 000,000,000 | R--D | C] -- C:\Users\Pieter\SkyDrive
[2012-11-02 13:00:31 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012-11-02 12:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-11-02 12:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-11-02 12:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-11-02 12:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-10-27 16:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012-10-27 16:44:52 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2012-10-27 16:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2012-10-27 16:44:43 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Winamp
[2012-10-27 16:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2012-10-27 16:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2012-10-27 16:19:00 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\GlarySoft
[2012-10-27 16:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2012-10-26 15:49:04 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\My Weblog Posts
[2012-10-23 15:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Wave MP3 Cutter Joiner
[2012-10-23 15:41:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\X-Wave MP3 Cutter Joiner
[2012-10-22 14:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2012-10-22 14:44:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2012-10-22 14:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softonic
[2012-10-22 14:44:13 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\SlimWare Utilities Inc
[2012-10-22 14:44:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
[2012-10-20 16:42:32 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\DJMixPro
[2012-10-13 14:46:22 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\3delite
[2012-10-13 14:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MP3 Stream Editor
[2012-10-13 14:25:59 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicBee
[2012-10-11 18:22:08 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\gtk-2.0
[2012-10-11 18:18:40 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Participatory Culture Foundation
[2012-10-07 19:25:37 | 000,248,944 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2012-10-07 19:25:37 | 000,085,504 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2012-10-07 19:25:37 | 000,083,968 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2012-10-07 11:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fastest Free YouTube Downloader
[2012-10-07 11:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fastest Free YouTube Downloader
[2012-10-06 13:35:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2012-10-06 10:23:44 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
[2012-10-06 10:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
[2012-10-06 10:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MP3Gain
[2 C:\Windows\SysWow64\drivers\*.tmp files -> C:\Windows\SysWow64\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-11-04 21:10:38 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-04 21:10:38 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-04 21:06:42 | 000,001,363 | ---- | M] () -- C:\Users\Pieter\Desktop\Windows installeren.lnk
[2012-11-04 21:04:22 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012-11-04 21:04:01 | 000,015,712 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012-11-04 21:04:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-04 21:02:40 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012-11-04 21:02:34 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-04 21:02:32 | 000,000,484 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012-11-04 21:02:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-04 21:02:17 | 4092,108,798 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-04 20:42:31 | 000,096,678 | ---- | M] () -- C:\Users\Pieter\Desktop\ccleaner backup register 4-11.reg
[2012-11-04 20:39:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-04 16:49:00 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\COMODO System Cleaner Update.job
[2012-11-03 02:42:11 | 000,095,253 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012-11-03 02:42:11 | 000,095,253 | ---- | M] () -- C:\Windows\diagerr.xml
[2012-11-02 21:46:16 | 2822,373,376 | ---- | M] () -- C:\Users\Pieter\Desktop\Windows.iso
[2012-11-02 20:35:31 | 000,001,204 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Photo Commander 10.lnk
[2012-11-02 16:45:16 | 000,102,880 | ---- | M] () -- C:\Users\Pieter\Documents\Spilt_Milk.wsz
[2012-11-02 12:51:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-10-31 19:34:30 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Sound Organizer.lnk
[2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-10-30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-10-30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-10-30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-10-27 16:44:53 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012-10-27 16:19:03 | 000,001,030 | ---- | M] () -- C:\Users\Pieter\Desktop\Glary Utilities.lnk
[2012-10-22 14:45:00 | 000,002,467 | ---- | M] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012-10-22 14:44:16 | 000,000,109 | ---- | M] () -- C:\user.js
[2012-10-21 11:46:58 | 000,029,846 | ---- | M] () -- C:\Users\Pieter\Documents\cc_20121021_124654.reg
[2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012-10-13 14:22:07 | 000,000,218 | ---- | M] () -- C:\Users\Pieter\AppData\Local\recently-used.xbel
[2012-10-11 18:22:06 | 000,000,280 | ---- | M] () -- C:\Users\Pieter\.gtk-bookmarks
[2012-10-07 11:07:15 | 000,001,256 | ---- | M] () -- C:\Users\Pieter\Application Data\Microsoft\Internet Explorer\Quick Launch\Fastest YouTube Downloader to MP3 Converter.lnk
[2 C:\Windows\SysWow64\drivers\*.tmp files -> C:\Windows\SysWow64\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-11-04 20:42:27 | 000,096,678 | ---- | C] () -- C:\Users\Pieter\Desktop\ccleaner backup register 4-11.reg
[2012-11-02 22:35:51 | 000,095,253 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012-11-02 22:35:51 | 000,095,253 | ---- | C] () -- C:\Windows\diagerr.xml
[2012-11-02 21:45:38 | 2822,373,376 | ---- | C] () -- C:\Users\Pieter\Desktop\Windows.iso
[2012-11-02 21:00:42 | 000,001,363 | ---- | C] () -- C:\Users\Pieter\Desktop\Windows installeren.lnk
[2012-11-02 20:35:31 | 000,001,204 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Photo Commander 10.lnk
[2012-11-02 16:41:07 | 000,102,880 | ---- | C] () -- C:\Users\Pieter\Documents\Spilt_Milk.wsz
[2012-11-02 13:07:49 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2012-10-31 19:34:30 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Sound Organizer.lnk
[2012-10-27 16:44:53 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012-10-27 16:19:03 | 000,001,030 | ---- | C] () -- C:\Users\Pieter\Desktop\Glary Utilities.lnk
[2012-10-27 16:19:03 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2012-10-22 14:44:16 | 000,000,412 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012-10-22 14:44:16 | 000,000,109 | ---- | C] () -- C:\user.js
[2012-10-22 14:44:14 | 000,015,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012-10-22 14:44:11 | 000,002,467 | ---- | C] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012-10-21 11:46:56 | 000,029,846 | ---- | C] () -- C:\Users\Pieter\Documents\cc_20121021_124654.reg
[2012-10-13 14:22:07 | 000,000,218 | ---- | C] () -- C:\Users\Pieter\AppData\Local\recently-used.xbel
[2012-10-11 18:22:06 | 000,000,280 | ---- | C] () -- C:\Users\Pieter\.gtk-bookmarks
[2012-10-07 11:07:15 | 000,001,256 | ---- | C] () -- C:\Users\Pieter\Application Data\Microsoft\Internet Explorer\Quick Launch\Fastest YouTube Downloader to MP3 Converter.lnk
[2012-03-09 05:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-03-09 05:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-01-31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011-11-11 11:59:27 | 000,001,442 | ---- | C] () -- C:\Windows\crhzp-t32.ini
[2011-11-09 17:46:01 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011-11-06 13:48:46 | 000,211,432 | ---- | C] () -- C:\Windows\hpoins18.dat
[2011-11-06 13:48:46 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-10-09 13:39:42 | 000,000,046 | ---- | C] () -- C:\Windows\PCCT.INI
[2011-10-07 12:28:10 | 000,000,111 | ---- | C] () -- C:\Windows\installation.ini
[2011-10-01 22:46:27 | 000,000,000 | -H-- | C] () -- C:\Users\Pieter\AppData\Roaming\tGlt1fFyD6G1
[2011-09-09 17:06:00 | 000,000,000 | ---- | C] () -- C:\Users\Pieter\AppData\Local\{60EE572B-9A87-4B2B-9524-AE878826B46D}
[2011-09-06 13:43:12 | 000,007,605 | ---- | C] () -- C:\Users\Pieter\AppData\Local\Resmon.ResmonCfg
[2011-09-03 15:58:30 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011-09-03 15:57:26 | 000,006,289 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011-08-29 15:59:50 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011-08-29 15:59:50 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011-08-01 17:54:26 | 000,014,336 | ---- | C] () -- C:\Users\Pieter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-24 09:48:40 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin
[2011-07-24 09:44:20 | 000,024,576 | RH-- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011-07-24 09:44:20 | 000,013,440 | RH-- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011-07-24 09:44:19 | 000,011,832 | -H-- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011-07-24 09:44:19 | 000,010,216 | -H-- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011-07-24 09:42:14 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-07-24 09:35:22 | 000,001,769 | -H-- | C] () -- C:\Windows\Language_trs.ini
[2011-07-24 09:35:17 | 000,040,619 | -H-- | C] () -- C:\Windows\Ascd_tmp.ini
[2011-06-07 10:13:38 | 000,974,848 | -H-- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011-06-07 10:13:38 | 000,081,920 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011-06-07 10:13:38 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011-06-07 10:13:38 | 000,057,344 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011-06-07 10:13:38 | 000,030,568 | -H-- | C] () -- C:\Windows\MusiccityDownload.exe

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-01-04 11:44:25 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-01-04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012-07-31 19:29:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\AC1
[2012-05-13 16:50:24 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Ad-Aware Antivirus
[2012-07-20 13:09:09 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Ashampoo
[2012-10-07 19:15:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Audacity
[2012-10-21 11:46:05 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Azureus
[2012-02-20 17:04:09 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Belastingdienst
[2011-12-08 20:06:59 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Broad Intelligence
[2011-12-29 20:07:11 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\calibre
[2012-10-28 17:11:11 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Canon
[2012-09-21 15:31:20 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ComplitlyEngine
[2011-08-09 19:04:47 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DeviceDoctorSoftware
[2012-10-27 16:38:39 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DeviceVm
[2012-09-17 13:02:47 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Downloaded Installations
[2012-03-04 13:26:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DriverCure
[2011-11-23 17:50:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVD Catalyst 4
[2012-09-02 12:15:31 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVDVideoSoft
[2012-03-20 13:38:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers
[2011-08-05 13:50:01 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\EasySuite
[2012-10-05 13:26:49 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\eType
[2011-09-02 08:42:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\FDRLab
[2011-08-09 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Foxit Software
[2011-10-13 16:24:35 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\FreeCommander
[2012-10-27 16:40:53 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\GlarySoft
[2011-09-29 18:16:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\GrabIt
[2012-08-03 13:17:08 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Hardcoded Software
[2011-07-29 16:25:31 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ImgBurn
[2012-08-26 16:17:22 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\JAM Software
[2012-09-30 16:09:08 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MAGIX
[2012-08-18 15:24:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MediaMonkey
[2012-10-26 15:37:17 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Mp3tag
[2012-10-13 18:43:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MusicBee
[2012-06-02 10:44:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\NewsLeecher
[2012-10-28 17:07:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Nitro PDF
[2012-09-16 11:58:18 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ObviousIdea
[2011-07-28 17:55:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ODIN
[2012-09-02 12:15:25 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\OpenCandy
[2011-08-01 18:25:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\OpenOffice.org
[2012-10-11 18:18:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Participatory Culture Foundation
[2012-03-04 13:26:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\PC Unleashed Online
[2012-08-12 12:38:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Pegasus Mail
[2012-10-23 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Philipp Winterberg
[2012-10-07 12:38:23 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Power MP3 Cutter
[2012-09-21 15:34:28 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Power Mp3 Recorder
[2011-07-26 17:37:45 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Samsung
[2012-03-22 11:33:23 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\shrink_pic
[2012-08-12 21:09:24 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\simplitec
[2011-10-21 18:30:14 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Songbird2
[2011-11-23 15:07:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\spotmau
[2012-04-06 10:48:20 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Temp
[2012-02-28 22:54:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TeraCopy
[2011-11-01 10:24:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TestApp
[2011-11-06 10:19:50 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Thinstall
[2011-07-24 20:13:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Thunderbird
[2012-08-10 14:28:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Transcend Elite
[2012-10-05 13:42:42 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TuneUpMedia
[2012-01-08 09:09:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Western Digital
[2012-08-31 15:14:03 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Windows Live Writer
[2012-08-31 15:12:53 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Winsplit Revolution
[2012-10-23 15:41:12 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\X-Wave MP3 Cutter Joiner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:664E4171
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >


OTL logfile created on: 4-11-2012 21:15:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pieter\Documents\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

15,75 Gb Total Physical Memory | 12,87 Gb Available Physical Memory | 81,75% Memory free
31,49 Gb Paging File | 28,43 Gb Available in Paging File | 90,28% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,46 Gb Total Space | 830,34 Gb Free Space | 89,14% Space Free | Partition Type: NTFS
Drive D: | 2,63 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 931,46 Gb Total Space | 366,90 Gb Free Space | 39,39% Space Free | Partition Type: NTFS
Drive H: | 353,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 930,85 Gb Total Space | 481,06 Gb Free Space | 51,68% Space Free | Partition Type: NTFS
Drive J: | 292,97 Gb Total Space | 254,54 Gb Free Space | 86,88% Space Free | Partition Type: NTFS
Drive K: | 698,63 Gb Total Space | 527,96 Gb Free Space | 75,57% Space Free | Partition Type: NTFS
Drive L: | 254,53 Gb Total Space | 130,16 Gb Free Space | 51,14% Space Free | Partition Type: NTFS
Drive M: | 14,82 Gb Total Space | 14,13 Gb Free Space | 95,37% Space Free | Partition Type: FAT32

Computer Name: PIETER-NIEUW-PC | User Name: Pieter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-11-04 21:14:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pieter\Documents\Downloads\OTL.exe
PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-10-25 15:45:50 | 016,052,192 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012-10-14 14:29:46 | 029,378,432 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
PRC - [2012-10-10 11:06:17 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011-12-12 08:01:32 | 001,531,272 | ---- | M] (ashampoo GmbH & Co. KG) -- C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe
PRC - [2011-10-21 10:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011-05-24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2010-02-03 15:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2010-01-22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009-09-08 13:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009-09-02 12:35:30 | 001,972,224 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe


========== Modules (No Company Name) ==========

MOD - [2012-11-04 21:03:04 | 000,086,016 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\_elementtree.pyd
MOD - [2012-11-04 21:03:04 | 000,040,448 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\_socket.pyd
MOD - [2012-11-04 21:03:03 | 000,571,392 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\pysqlite2._sqlite.pyd
MOD - [2012-11-04 21:03:03 | 000,263,168 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32com.shell.shell.pyd
MOD - [2012-11-04 21:03:03 | 000,096,256 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32api.pyd
MOD - [2012-11-04 21:03:03 | 000,070,656 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._html2.pyd
MOD - [2012-11-04 21:03:03 | 000,023,040 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32ts.pyd
MOD - [2012-11-04 21:03:02 | 001,024,024 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\windows._cacheinvalidation.pyd
MOD - [2012-11-04 21:03:02 | 000,792,576 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._gdi_.pyd
MOD - [2012-11-04 21:03:02 | 000,017,920 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32profile.pyd
MOD - [2012-11-04 21:03:02 | 000,011,776 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32crypt.pyd
MOD - [2012-11-04 21:03:01 | 000,731,136 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._misc_.pyd
MOD - [2012-11-04 21:03:01 | 000,354,304 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\pythoncom26.dll
MOD - [2012-11-04 21:03:01 | 000,073,728 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\_ctypes.pyd
MOD - [2012-11-04 21:03:00 | 000,110,592 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32security.pyd
MOD - [2012-11-04 21:03:00 | 000,110,592 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\pywintypes26.dll
MOD - [2012-11-04 21:02:59 | 000,645,120 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\_ssl.pyd
MOD - [2012-11-04 21:02:58 | 001,169,408 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._core_.pyd
MOD - [2012-11-04 21:02:58 | 000,036,352 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32process.pyd
MOD - [2012-11-04 21:02:58 | 000,022,528 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32pdh.pyd
MOD - [2012-11-04 21:02:57 | 000,807,424 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._windows_.pyd
MOD - [2012-11-04 21:02:57 | 000,311,808 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\_hashlib.pyd
MOD - [2012-11-04 21:02:57 | 000,121,856 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._wizard.pyd
MOD - [2012-11-04 21:02:56 | 000,111,104 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32file.pyd
MOD - [2012-11-04 21:02:56 | 000,039,424 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32inet.pyd
MOD - [2012-11-04 21:02:54 | 001,056,256 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\wx._controls_.pyd
MOD - [2012-11-04 21:02:54 | 000,585,728 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\unicodedata.pyd
MOD - [2012-11-04 21:02:54 | 000,153,088 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\pyexpat.pyd
MOD - [2012-11-04 21:02:54 | 000,017,920 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\win32event.pyd
MOD - [2012-11-04 21:02:54 | 000,011,776 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI20642\select.pyd
MOD - [2012-10-10 11:06:15 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012-10-10 11:06:13 | 012,435,992 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012-10-10 11:06:12 | 004,005,912 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012-10-10 11:04:57 | 000,578,072 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012-10-10 11:04:55 | 000,123,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012-10-10 11:04:44 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012-10-10 11:04:43 | 000,275,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012-10-10 11:04:42 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2011-12-12 08:01:28 | 000,065,416 | ---- | M] () -- C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\MouseHook.dll
MOD - [2009-09-30 04:33:08 | 000,024,576 | RH-- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009-09-02 12:35:30 | 001,972,224 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe
MOD - [2009-07-30 16:07:14 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MFL_u_VC8.dll
MOD - [2009-03-25 15:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009-03-19 21:35:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009-03-19 21:35:50 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
MOD - [2009-01-15 13:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
MOD - [2007-09-05 16:42:10 | 000,638,976 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\PlayRIpl.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012-09-13 01:26:20 | 000,229,392 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:64bit: - [2012-08-06 11:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012-05-04 19:33:20 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2010-02-11 04:05:44 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-11-02 12:53:31 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-10-19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-07-23 15:35:06 | 000,171,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe -- (PACSPTISVR-Sound_Organizer)
SRV - [2012-07-05 17:10:14 | 000,147,368 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012-07-05 17:10:08 | 000,375,208 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012-06-08 11:06:24 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011-05-24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011-04-26 12:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010-03-18 12:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-10-01 20:32:04 | 004,584,288 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2009-09-21 19:25:34 | 001,571,336 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service)
SRV - [2009-09-21 19:19:22 | 002,963,960 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe -- (SymSnapService)
SRV - [2009-09-08 13:12:51 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-10-21 14:50:00 | 000,548,864 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-11-04 21:04:01 | 000,015,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012-08-21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012-07-28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012-07-05 17:11:18 | 000,087,488 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012-06-26 20:38:30 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012-06-24 21:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012-06-18 12:34:44 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012-06-18 12:34:42 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012-06-08 11:06:24 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012-06-08 11:05:56 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012-05-04 19:33:12 | 002,196,592 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012-04-12 00:30:00 | 000,708,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012-03-07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012-03-05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012-03-05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011-11-29 03:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011-06-10 16:00:38 | 000,208,896 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011-06-10 16:00:36 | 000,091,648 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011-06-02 06:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011-06-02 06:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011-06-02 06:47:22 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011-06-02 06:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011-04-26 10:26:00 | 000,353,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | -H-- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | -H-- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-16 17:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011-01-15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010-12-21 06:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010-12-16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010-11-20 14:33:35 | 000,078,720 | -H-- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-08-20 02:45:28 | 000,654,720 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2010-08-20 02:44:48 | 000,943,872 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2010-06-30 17:01:04 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV:64bit: - [2010-02-18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010-02-11 04:24:04 | 006,368,256 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-02-11 03:11:12 | 000,188,416 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-02-06 14:49:24 | 000,690,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2009-10-01 21:03:40 | 000,154,168 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2009-09-30 22:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009-09-21 19:40:14 | 000,020,528 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV:64bit: - [2009-09-21 19:26:10 | 000,054,320 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2009-09-21 19:20:42 | 000,170,032 | -H-- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\symsnap.sys -- (symsnap)
DRV:64bit: - [2009-07-16 04:38:40 | 000,015,416 | -H-- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | -H-- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | -H-- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | -H-- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | -H-- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-02-29 10:15:18 | 000,041,488 | ---- | M] (Logicool, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2000-01-01 01:00:00 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2000-01-01 01:00:00 | 000,016,552 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV - [2012-06-08 11:06:24 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2011-08-01 17:27:09 | 000,096,320 | ---- | M] (Acronis) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\snapman.sys -- (snapman)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-01-20 05:42:00 | 000,014,208 | ---- | M] (MAGIX) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\disksec.sys -- (DiskSec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect...mrud=10-05-2012

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.softon...chSource=10&cc=
IE - HKCU\..\URLSearchHook: {0734d757-fea6-4637-a7e4-2bd40a7fd8da} - No CLSID value found
IE - HKCU\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0BD4D1DC-D7D6-4D17-882E-E0D343CEAE92}: "URL" = http://websearch.ask...79-C4EB9971482D
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{307C2D13-5611-4B35-87A8-C27B7D7FC264}: "URL" = http://search.softon...rce=4&cc=&r=987
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.search...q={searchTerms}
IE - HKCU\..\SearchScopes\{56DDD002-DF69-4F1B-977D-2E434C4618A7}: "URL" = http://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerms}&lng={moz:locale}&iy=&ychte=nl
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect...mrud=10-05-2012
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-21 14:01:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-02 12:51:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-21 14:01:00 | 000,000,000 | ---D | M]

[2011-10-21 18:30:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\Extensions
[2011-10-21 18:30:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\Extensions\[email protected]
[2011-09-02 13:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\SeaMonkey\Profiles\bu614np4.default\extensions
[2012-07-10 15:33:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-04-23 11:28:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask...q={searchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch....q={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: YouTube = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Facebook = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Google Zoeken = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: ComplitlyEngine plugin for chrome = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\
CHR - Extension: Megavideo Playerplus = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\efpoolkicbnlkaibhppihnfehghajfeg\1.7.3_0\
CHR - Extension: LastPass = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: TV Netherlands - Television Netherlands = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcfidfojebalmpcconceiiolchimckba\2.2_0\
CHR - Extension: Skype Click to Call = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\
CHR - Extension: FileConverter 1.4 = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf\10.13.1.89_0\
CHR - Extension: Gmail = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O2:64bit: - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Pieter\AppData\Roaming\ComplitlyEngine\64\ComplitlyEngine64.dll (SimplyGen)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Pieter\AppData\Roaming\ComplitlyEngine\ComplitlyEngine.dll (SimplyGen)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll (Softonic.com)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKCU..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe (ashampoo GmbH & Co. KG)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [OTButtonManager-00] D:\SATA-225-OTB\StorageButtonManager-12.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2289CDEB-23FE-423F-9920-8274E629ECCB}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68D74764-2204-4D4D-B6EB-F27A1D3500EC}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70D10440-B4B9-42CB-8892-8AE0262DA58D}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C5D766C-F131-48E1-88A2-AACC8D0D51A4}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D102F77-5F2F-4458-9F63-9A926ADC6B33}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9AC07305-28FA-42BE-918A-ADD8C27A7D76}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A74B2BE6-9033-48AE-914A-4E15DCF74B24}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1E20059-C879-4546-B732-831CA27320EB}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBFB8148-2495-4350-946D-592D7C822096}: DhcpNameServer = 192.168.2.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-01-28 21:00:27 | 000,000,088 | ---- | M] () - H:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010-05-06 03:53:10 | 000,000,000 | RH-D | M] - L:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002-10-16 18:56:50 | 000,000,036 | RH-- | M] () - L:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{34e80f11-bc55-11e0-86cc-bcaec56dc1a0}\Shell - "" = AutoRun
O33 - MountPoints2\{534c5357-bf4e-11e0-88b8-bcaec56dc1a0}\Shell - "" = AutoRun
O33 - MountPoints2\{534c5357-bf4e-11e0-88b8-bcaec56dc1a0}\Shell\AutoRun\command - "" = O:\EasySuite.exe
O33 - MountPoints2\{fca5d7cb-2fa2-11e1-9bde-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fca5d7cb-2fa2-11e1-9bde-806e6f6e6963}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-11-04 20:55:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-11-04 20:55:43 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\ElevatedDiagnostics
[2012-11-04 20:38:43 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012-11-02 22:30:50 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\MAGIX_MxTray
[2012-11-02 20:47:18 | 000,000,000 | RH-D | C] -- C:\ESD
[2012-11-02 13:08:13 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012-11-02 13:07:52 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2012-11-02 13:02:43 | 000,000,000 | R--D | C] -- C:\Users\Pieter\SkyDrive
[2012-11-02 13:00:31 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012-11-02 12:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-11-02 12:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-11-02 12:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-11-02 12:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-10-27 16:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012-10-27 16:44:52 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2012-10-27 16:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2012-10-27 16:44:43 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Winamp
[2012-10-27 16:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2012-10-27 16:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2012-10-27 16:19:00 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\GlarySoft
[2012-10-27 16:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2012-10-26 15:49:04 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\My Weblog Posts
[2012-10-23 15:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Wave MP3 Cutter Joiner
[2012-10-23 15:41:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\X-Wave MP3 Cutter Joiner
[2012-10-22 14:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2012-10-22 14:44:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2012-10-22 14:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softonic
[2012-10-22 14:44:13 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\SlimWare Utilities Inc
[2012-10-22 14:44:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
[2012-10-20 16:42:32 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\DJMixPro
[2012-10-13 14:46:22 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\3delite
[2012-10-13 14:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MP3 Stream Editor
[2012-10-13 14:25:59 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicBee
[2012-10-11 18:22:08 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\gtk-2.0
[2012-10-11 18:18:40 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Participatory Culture Foundation
[2012-10-07 19:25:37 | 000,248,944 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2012-10-07 19:25:37 | 000,085,504 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2012-10-07 19:25:37 | 000,083,968 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2012-10-07 11:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fastest Free YouTube Downloader
[2012-10-07 11:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fastest Free YouTube Downloader
[2012-10-06 13:35:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2012-10-06 10:23:44 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
[2012-10-06 10:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
[2012-10-06 10:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MP3Gain
[2 C:\Windows\SysWow64\drivers\*.tmp files -> C:\Windows\SysWow64\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-11-04 21:10:38 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-04 21:10:38 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-04 21:06:42 | 000,001,363 | ---- | M] () -- C:\Users\Pieter\Desktop\Windows installeren.lnk
[2012-11-04 21:04:22 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012-11-04 21:04:01 | 000,015,712 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012-11-04 21:04:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-04 21:02:40 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012-11-04 21:02:34 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-04 21:02:32 | 000,000,484 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012-11-04 21:02:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-04 21:02:17 | 4092,108,798 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-04 20:42:31 | 000,096,678 | ---- | M] () -- C:\Users\Pieter\Desktop\ccleaner backup register 4-11.reg
[2012-11-04 20:39:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-04 16:49:00 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\COMODO System Cleaner Update.job
[2012-11-03 02:42:11 | 000,095,253 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012-11-03 02:42:11 | 000,095,253 | ---- | M] () -- C:\Windows\diagerr.xml
[2012-11-02 21:46:16 | 2822,373,376 | ---- | M] () -- C:\Users\Pieter\Desktop\Windows.iso
[2012-11-02 20:35:31 | 000,001,204 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Photo Commander 10.lnk
[2012-11-02 16:45:16 | 000,102,880 | ---- | M] () -- C:\Users\Pieter\Documents\Spilt_Milk.wsz
[2012-11-02 12:51:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-10-31 19:34:30 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Sound Organizer.lnk
[2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-10-30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-10-30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-10-30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-10-27 16:44:53 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012-10-27 16:19:03 | 000,001,030 | ---- | M] () -- C:\Users\Pieter\Desktop\Glary Utilities.lnk
[2012-10-22 14:45:00 | 000,002,467 | ---- | M] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012-10-22 14:44:16 | 000,000,109 | ---- | M] () -- C:\user.js
[2012-10-21 11:46:58 | 000,029,846 | ---- | M] () -- C:\Users\Pieter\Documents\cc_20121021_124654.reg
[2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012-10-13 14:22:07 | 000,000,218 | ---- | M] () -- C:\Users\Pieter\AppData\Local\recently-used.xbel
[2012-10-11 18:22:06 | 000,000,280 | ---- | M] () -- C:\Users\Pieter\.gtk-bookmarks
[2012-10-07 11:07:15 | 000,001,256 | ---- | M] () -- C:\Users\Pieter\Application Data\Microsoft\Internet Explorer\Quick Launch\Fastest YouTube Downloader to MP3 Converter.lnk
[2 C:\Windows\SysWow64\drivers\*.tmp files -> C:\Windows\SysWow64\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-11-04 20:42:27 | 000,096,678 | ---- | C] () -- C:\Users\Pieter\Desktop\ccleaner backup register 4-11.reg
[2012-11-02 22:35:51 | 000,095,253 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012-11-02 22:35:51 | 000,095,253 | ---- | C] () -- C:\Windows\diagerr.xml
[2012-11-02 21:45:38 | 2822,373,376 | ---- | C] () -- C:\Users\Pieter\Desktop\Windows.iso
[2012-11-02 21:00:42 | 000,001,363 | ---- | C] () -- C:\Users\Pieter\Desktop\Windows installeren.lnk
[2012-11-02 20:35:31 | 000,001,204 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Photo Commander 10.lnk
[2012-11-02 16:41:07 | 000,102,880 | ---- | C] () -- C:\Users\Pieter\Documents\Spilt_Milk.wsz
[2012-11-02 13:07:49 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2012-10-31 19:34:30 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Sound Organizer.lnk
[2012-10-27 16:44:53 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012-10-27 16:19:03 | 000,001,030 | ---- | C] () -- C:\Users\Pieter\Desktop\Glary Utilities.lnk
[2012-10-27 16:19:03 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2012-10-22 14:44:16 | 000,000,412 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012-10-22 14:44:16 | 000,000,109 | ---- | C] () -- C:\user.js
[2012-10-22 14:44:14 | 000,015,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012-10-22 14:44:11 | 000,002,467 | ---- | C] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012-10-21 11:46:56 | 000,029,846 | ---- | C] () -- C:\Users\Pieter\Documents\cc_20121021_124654.reg
[2012-10-13 14:22:07 | 000,000,218 | ---- | C] () -- C:\Users\Pieter\AppData\Local\recently-used.xbel
[2012-10-11 18:22:06 | 000,000,280 | ---- | C] () -- C:\Users\Pieter\.gtk-bookmarks
[2012-10-07 11:07:15 | 000,001,256 | ---- | C] () -- C:\Users\Pieter\Application Data\Microsoft\Internet Explorer\Quick Launch\Fastest YouTube Downloader to MP3 Converter.lnk
[2012-03-09 05:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-03-09 05:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-01-31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011-11-11 11:59:27 | 000,001,442 | ---- | C] () -- C:\Windows\crhzp-t32.ini
[2011-11-09 17:46:01 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011-11-06 13:48:46 | 000,211,432 | ---- | C] () -- C:\Windows\hpoins18.dat
[2011-11-06 13:48:46 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-10-09 13:39:42 | 000,000,046 | ---- | C] () -- C:\Windows\PCCT.INI
[2011-10-07 12:28:10 | 000,000,111 | ---- | C] () -- C:\Windows\installation.ini
[2011-10-01 22:46:27 | 000,000,000 | -H-- | C] () -- C:\Users\Pieter\AppData\Roaming\tGlt1fFyD6G1
[2011-09-09 17:06:00 | 000,000,000 | ---- | C] () -- C:\Users\Pieter\AppData\Local\{60EE572B-9A87-4B2B-9524-AE878826B46D}
[2011-09-06 13:43:12 | 000,007,605 | ---- | C] () -- C:\Users\Pieter\AppData\Local\Resmon.ResmonCfg
[2011-09-03 15:58:30 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011-09-03 15:57:26 | 000,006,289 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011-08-29 15:59:50 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011-08-29 15:59:50 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011-08-01 17:54:26 | 000,014,336 | ---- | C] () -- C:\Users\Pieter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-24 09:48:40 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin
[2011-07-24 09:44:20 | 000,024,576 | RH-- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011-07-24 09:44:20 | 000,013,440 | RH-- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011-07-24 09:44:19 | 000,011,832 | -H-- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011-07-24 09:44:19 | 000,010,216 | -H-- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011-07-24 09:42:14 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-07-24 09:35:22 | 000,001,769 | -H-- | C] () -- C:\Windows\Language_trs.ini
[2011-07-24 09:35:17 | 000,040,619 | -H-- | C] () -- C:\Windows\Ascd_tmp.ini
[2011-06-07 10:13:38 | 000,974,848 | -H-- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011-06-07 10:13:38 | 000,081,920 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011-06-07 10:13:38 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011-06-07 10:13:38 | 000,057,344 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011-06-07 10:13:38 | 000,030,568 | -H-- | C] () -- C:\Windows\MusiccityDownload.exe

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-01-04 11:44:25 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-01-04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012-07-31 19:29:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\AC1
[2012-05-13 16:50:24 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Ad-Aware Antivirus
[2012-07-20 13:09:09 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Ashampoo
[2012-10-07 19:15:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Audacity
[2012-10-21 11:46:05 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Azureus
[2012-02-20 17:04:09 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Belastingdienst
[2011-12-08 20:06:59 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Broad Intelligence
[2011-12-29 20:07:11 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\calibre
[2012-10-28 17:11:11 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Canon
[2012-09-21 15:31:20 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ComplitlyEngine
[2011-08-09 19:04:47 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DeviceDoctorSoftware
[2012-10-27 16:38:39 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DeviceVm
[2012-09-17 13:02:47 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Downloaded Installations
[2012-03-04 13:26:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DriverCure
[2011-11-23 17:50:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVD Catalyst 4
[2012-09-02 12:15:31 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVDVideoSoft
[2012-03-20 13:38:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers
[2011-08-05 13:50:01 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\EasySuite
[2012-10-05 13:26:49 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\eType
[2011-09-02 08:42:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\FDRLab
[2011-08-09 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Foxit Software
[2011-10-13 16:24:35 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\FreeCommander
[2012-10-27 16:40:53 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\GlarySoft
[2011-09-29 18:16:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\GrabIt
[2012-08-03 13:17:08 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Hardcoded Software
[2011-07-29 16:25:31 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ImgBurn
[2012-08-26 16:17:22 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\JAM Software
[2012-09-30 16:09:08 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MAGIX
[2012-08-18 15:24:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MediaMonkey
[2012-10-26 15:37:17 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Mp3tag
[2012-10-13 18:43:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MusicBee
[2012-06-02 10:44:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\NewsLeecher
[2012-10-28 17:07:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Nitro PDF
[2012-09-16 11:58:18 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ObviousIdea
[2011-07-28 17:55:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ODIN
[2012-09-02 12:15:25 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\OpenCandy
[2011-08-01 18:25:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\OpenOffice.org
[2012-10-11 18:18:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Participatory Culture Foundation
[2012-03-04 13:26:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\PC Unleashed Online
[2012-08-12 12:38:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Pegasus Mail
[2012-10-23 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Philipp Winterberg
[2012-10-07 12:38:23 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Power MP3 Cutter
[2012-09-21 15:34:28 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Power Mp3 Recorder
[2011-07-26 17:37:45 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Samsung
[2012-03-22 11:33:23 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\shrink_pic
[2012-08-12 21:09:24 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\simplitec
[2011-10-21 18:30:14 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Songbird2
[2011-11-23 15:07:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\spotmau
[2012-04-06 10:48:20 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Temp
[2012-02-28 22:54:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TeraCopy
[2011-11-01 10:24:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TestApp
[2011-11-06 10:19:50 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Thinstall
[2011-07-24 20:13:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Thunderbird
[2012-08-10 14:28:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Transcend Elite
[2012-10-05 13:42:42 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TuneUpMedia
[2012-01-08 09:09:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Western Digital
[2012-08-31 15:14:03 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Windows Live Writer
[2012-08-31 15:12:53 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Winsplit Revolution
[2012-10-23 15:41:12 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\X-Wave MP3 Cutter Joiner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:664E4171
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there a few programmes for you to run, they will clear some bad stuff and let me look at the registry

  • Download RogueKiller and save it on your desktop.

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
    Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

THEN

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
[2011-10-01 22:46:27 | 000,000,000 | -H-- | C] () -- C:\Users\Pieter\AppData\Roaming\tGlt1fFyD6G1

:Files
C:\Users\Pieter\AppData\Local\Temp\_MEI20642

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

FINALLY

Download and run farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.
  • 0

#3
dennisK16

dennisK16

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 155 posts
sorry for the delay its my dads pc and he lives in the netherlands and i'm in CA so its kinda hard to catch his pc when its on but we should be good for a day or to since he said he was going to leave it on :)

thank for you help here are the reports
the RKreport

RogueKiller V8.2.3 [11/07/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

besturingssysteem: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestart vanuit : Normale modus
Gebruiker : Pieter [Administrator rechten]
Modus : Scan -- Datum : 11/07/2012 20:40:55

¤¤¤ Kwaadaardige processen : 1 ¤¤¤
[RESIDUE] adawarebp.exe -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe -> BEEINDIGD [TermProc]

¤¤¤ Register verwijzingen : 4 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\Run : Ad-Aware Browsing Protection ("C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe") -> gevonden
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\Run : Anti-phishing Domain Advisor ("C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe") -> gevonden
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> gevonden
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden

¤¤¤ Speciale Files / Folders: ¤¤¤

¤¤¤ Driver : [Niet geladen] ¤¤¤

¤¤¤ HOSTS Bestand: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Controle: ¤¤¤

+++++ PhysicalDrive0: ST2000DL003-9VT166 ATA Device +++++
--- User ---
[MBR] eb9bc664f6b7e0d731bdc1a39f0f0b52
[BSP] 910c5a9afafb6986af8a63b9572f5c67 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953815 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1953619968 | Size: 953812 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Corsair Accelerator SSD ATA Device +++++
--- User ---
[MBR] NOT VALID
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: StoreJet Transcend USB Device +++++
--- User ---
[MBR] 18607e82cb8784769e1c03f863b96e65
[BSP] 85aae7009c40d6170f327f70944ee8be : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 715402 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: SanDisk SDDR-113 USB Device +++++
--- User ---
[MBR] 2dd27a2bd9b0b305e974b4defc45b985
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8192 | Size: 15189 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive4: +++++
--- User ---
[MBR] 02bd6b6ce6dc53e88405ba0fc6577e04
[BSP] f215be3cde9056390164f4ad4e0509ff : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953192 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Gereed : << RKreport[1]_S_11072012_02d2040.txt >>
RKreport[1]_S_11072012_02d2040.txt



the OTL report


OTL logfile created on: 7-11-2012 21:05:49 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pieter\Documents\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

15,75 Gb Total Physical Memory | 13,17 Gb Available Physical Memory | 83,63% Memory free
31,49 Gb Paging File | 28,78 Gb Available in Paging File | 91,39% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,46 Gb Total Space | 830,37 Gb Free Space | 89,15% Space Free | Partition Type: NTFS
Drive D: | 2,63 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 931,46 Gb Total Space | 366,90 Gb Free Space | 39,39% Space Free | Partition Type: NTFS
Drive H: | 353,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 930,85 Gb Total Space | 481,06 Gb Free Space | 51,68% Space Free | Partition Type: NTFS
Drive J: | 292,97 Gb Total Space | 254,54 Gb Free Space | 86,88% Space Free | Partition Type: NTFS
Drive K: | 698,63 Gb Total Space | 506,08 Gb Free Space | 72,44% Space Free | Partition Type: NTFS
Drive L: | 254,53 Gb Total Space | 130,16 Gb Free Space | 51,14% Space Free | Partition Type: NTFS
Drive M: | 14,82 Gb Total Space | 14,13 Gb Free Space | 95,37% Space Free | Partition Type: FAT32

Computer Name: PIETER-NIEUW-PC | User Name: Pieter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-11-07 20:43:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pieter\Documents\Downloads\OTL (2).exe
PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-10-25 15:45:50 | 016,052,192 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012-10-14 14:29:46 | 029,378,432 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
PRC - [2012-10-10 11:06:17 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011-12-12 08:01:32 | 001,531,272 | ---- | M] (ashampoo GmbH & Co. KG) -- C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe
PRC - [2011-05-24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2010-02-03 15:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2010-01-22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009-09-08 13:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009-09-02 12:35:30 | 001,972,224 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe


========== Modules (No Company Name) ==========

MOD - [2012-11-07 21:03:23 | 000,096,256 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\win32api.pyd
MOD - [2012-11-07 21:03:23 | 000,086,016 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\_elementtree.pyd
MOD - [2012-11-07 21:03:23 | 000,040,448 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\_socket.pyd
MOD - [2012-11-07 21:03:22 | 000,571,392 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\pysqlite2._sqlite.pyd
MOD - [2012-11-07 21:03:22 | 000,263,168 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\win32com.shell.shell.pyd
MOD - [2012-11-07 21:03:22 | 000,023,040 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\win32ts.pyd
MOD - [2012-11-07 21:03:21 | 000,792,576 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\wx._gdi_.pyd
MOD - [2012-11-07 21:03:21 | 000,070,656 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\wx._html2.pyd
MOD - [2012-11-07 21:03:21 | 000,011,776 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\win32crypt.pyd
MOD - [2012-11-07 21:03:20 | 001,024,024 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\windows._cacheinvalidation.pyd
MOD - [2012-11-07 21:03:19 | 000,354,304 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\pythoncom26.dll
MOD - [2012-11-07 21:03:19 | 000,073,728 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\_ctypes.pyd
MOD - [2012-11-07 21:03:19 | 000,017,920 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\win32profile.pyd
MOD - [2012-11-07 21:03:17 | 000,731,136 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\wx._misc_.pyd
MOD - [2012-11-07 21:03:17 | 000,110,592 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\pywintypes26.dll
MOD - [2012-11-07 21:03:16 | 000,110,592 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\win32security.pyd
MOD - [2012-11-07 21:03:15 | 000,645,120 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\_ssl.pyd
MOD - [2012-11-07 21:03:14 | 001,169,408 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\wx._core_.pyd
MOD - [2012-11-07 21:03:14 | 000,036,352 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\win32process.pyd
MOD - [2012-11-07 21:03:14 | 000,022,528 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\win32pdh.pyd
MOD - [2012-11-07 21:03:13 | 000,807,424 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\wx._windows_.pyd
MOD - [2012-11-07 21:03:13 | 000,311,808 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\_hashlib.pyd
MOD - [2012-11-07 21:03:12 | 000,121,856 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\wx._wizard.pyd
MOD - [2012-11-07 21:03:11 | 000,111,104 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\win32file.pyd
MOD - [2012-11-07 21:03:10 | 000,039,424 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\win32inet.pyd
MOD - [2012-11-07 21:03:08 | 001,056,256 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\wx._controls_.pyd
MOD - [2012-11-07 21:03:08 | 000,017,920 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\win32event.pyd
MOD - [2012-11-07 21:03:07 | 000,585,728 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\unicodedata.pyd
MOD - [2012-11-07 21:03:07 | 000,153,088 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\pyexpat.pyd
MOD - [2012-11-07 21:03:07 | 000,011,776 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI18522\select.pyd
MOD - [2012-10-10 11:06:15 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012-10-10 11:06:12 | 004,005,912 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012-10-10 11:04:57 | 000,578,072 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012-10-10 11:04:55 | 000,123,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012-10-10 11:04:44 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012-10-10 11:04:43 | 000,275,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012-10-10 11:04:42 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2011-12-12 08:01:28 | 000,065,416 | ---- | M] () -- C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\MouseHook.dll
MOD - [2009-09-30 04:33:08 | 000,024,576 | RH-- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009-09-02 12:35:30 | 001,972,224 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe
MOD - [2009-07-30 16:07:14 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MFL_u_VC8.dll
MOD - [2009-03-19 21:35:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009-03-19 21:35:50 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
MOD - [2009-01-15 13:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
MOD - [2007-09-05 16:42:10 | 000,638,976 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\PlayRIpl.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012-09-13 01:26:20 | 000,229,392 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:64bit: - [2012-08-06 11:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012-05-04 19:33:20 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2010-02-11 04:05:44 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-11-07 20:25:11 | 000,147,888 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012-11-07 20:24:53 | 000,375,728 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012-11-02 12:53:31 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-10-19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-07-23 15:35:06 | 000,171,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe -- (PACSPTISVR-Sound_Organizer)
SRV - [2012-06-08 11:06:24 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011-05-24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011-04-26 12:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010-03-18 12:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-10-01 20:32:04 | 004,584,288 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2009-09-21 19:25:34 | 001,571,336 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service)
SRV - [2009-09-21 19:19:22 | 002,963,960 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe -- (SymSnapService)
SRV - [2009-09-08 13:12:51 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-10-21 14:50:00 | 000,548,864 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-11-07 21:02:33 | 000,015,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012-11-07 20:24:53 | 000,088,008 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012-08-21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012-07-28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012-06-26 20:38:30 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012-06-24 21:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012-06-18 12:34:44 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012-06-18 12:34:42 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012-06-08 11:06:24 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012-06-08 11:05:56 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012-05-04 19:33:12 | 002,196,592 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012-04-12 00:30:00 | 000,708,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012-03-07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012-03-05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012-03-05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011-11-29 03:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011-06-10 16:00:38 | 000,208,896 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011-06-10 16:00:36 | 000,091,648 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011-06-02 06:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011-06-02 06:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011-06-02 06:47:22 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011-06-02 06:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011-04-26 10:26:00 | 000,353,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | -H-- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | -H-- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-16 17:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011-01-15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010-12-21 06:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010-12-16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010-11-20 14:33:35 | 000,078,720 | -H-- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-08-20 02:45:28 | 000,654,720 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2010-08-20 02:44:48 | 000,943,872 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2010-06-30 17:01:04 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV:64bit: - [2010-02-18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010-02-11 04:24:04 | 006,368,256 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-02-11 03:11:12 | 000,188,416 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-02-06 14:49:24 | 000,690,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2009-10-01 21:03:40 | 000,154,168 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2009-09-30 22:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009-09-21 19:40:14 | 000,020,528 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV:64bit: - [2009-09-21 19:26:10 | 000,054,320 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2009-09-21 19:20:42 | 000,170,032 | -H-- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\symsnap.sys -- (symsnap)
DRV:64bit: - [2009-07-16 04:38:40 | 000,015,416 | -H-- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | -H-- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | -H-- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | -H-- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | -H-- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-02-29 10:15:18 | 000,041,488 | ---- | M] (Logicool, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2000-01-01 01:00:00 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2000-01-01 01:00:00 | 000,016,552 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV - [2012-06-08 11:06:24 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2011-08-01 17:27:09 | 000,096,320 | ---- | M] (Acronis) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\snapman.sys -- (snapman)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-01-20 05:42:00 | 000,014,208 | ---- | M] (MAGIX) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\disksec.sys -- (DiskSec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect...mrud=10-05-2012

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.softon...chSource=10&cc=
IE - HKCU\..\URLSearchHook: {0734d757-fea6-4637-a7e4-2bd40a7fd8da} - No CLSID value found
IE - HKCU\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0BD4D1DC-D7D6-4D17-882E-E0D343CEAE92}: "URL" = http://websearch.ask...79-C4EB9971482D
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{307C2D13-5611-4B35-87A8-C27B7D7FC264}: "URL" = http://search.softon...rce=4&cc=&r=987
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.search...q={searchTerms}
IE - HKCU\..\SearchScopes\{56DDD002-DF69-4F1B-977D-2E434C4618A7}: "URL" = http://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerms}&lng={moz:locale}&iy=&ychte=nl
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect...mrud=10-05-2012
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-21 14:01:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-02 12:51:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-21 14:01:00 | 000,000,000 | ---D | M]

[2011-10-21 18:30:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\Extensions
[2011-10-21 18:30:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\Extensions\[email protected]
[2011-09-02 13:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\SeaMonkey\Profiles\bu614np4.default\extensions
[2012-07-10 15:33:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-04-23 11:28:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask...q={searchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch....q={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: YouTube = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Facebook = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Google Zoeken = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: ComplitlyEngine plugin for chrome = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\
CHR - Extension: Megavideo Playerplus = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\efpoolkicbnlkaibhppihnfehghajfeg\1.7.3_0\
CHR - Extension: LastPass = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: TV Netherlands - Television Netherlands = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcfidfojebalmpcconceiiolchimckba\2.2_0\
CHR - Extension: Skype Click to Call = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\
CHR - Extension: FileConverter 1.4 = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf\10.13.1.89_0\
CHR - Extension: Gmail = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-11-07 20:57:18 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O2:64bit: - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Pieter\AppData\Roaming\ComplitlyEngine\64\ComplitlyEngine64.dll (SimplyGen)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Pieter\AppData\Roaming\ComplitlyEngine\ComplitlyEngine.dll (SimplyGen)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll (Softonic.com)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKCU..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe (ashampoo GmbH & Co. KG)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [OTButtonManager-00] D:\SATA-225-OTB\StorageButtonManager-12.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2289CDEB-23FE-423F-9920-8274E629ECCB}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68D74764-2204-4D4D-B6EB-F27A1D3500EC}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70D10440-B4B9-42CB-8892-8AE0262DA58D}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C5D766C-F131-48E1-88A2-AACC8D0D51A4}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D102F77-5F2F-4458-9F63-9A926ADC6B33}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9AC07305-28FA-42BE-918A-ADD8C27A7D76}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A74B2BE6-9033-48AE-914A-4E15DCF74B24}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1E20059-C879-4546-B732-831CA27320EB}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBFB8148-2495-4350-946D-592D7C822096}: DhcpNameServer = 192.168.2.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-01-28 21:00:27 | 000,000,088 | ---- | M] () - H:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010-05-06 03:53:10 | 000,000,000 | R--D | M] - L:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002-10-16 18:56:50 | 000,000,036 | R--- | M] () - L:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{34e80f11-bc55-11e0-86cc-bcaec56dc1a0}\Shell - "" = AutoRun
O33 - MountPoints2\{534c5357-bf4e-11e0-88b8-bcaec56dc1a0}\Shell - "" = AutoRun
O33 - MountPoints2\{534c5357-bf4e-11e0-88b8-bcaec56dc1a0}\Shell\AutoRun\command - "" = O:\EasySuite.exe
O33 - MountPoints2\{fca5d7cb-2fa2-11e1-9bde-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fca5d7cb-2fa2-11e1-9bde-806e6f6e6963}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-11-07 20:57:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-11-07 20:40:16 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Desktop\RK_Quarantine
[2012-11-04 20:55:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-11-04 20:55:43 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\ElevatedDiagnostics
[2012-11-04 20:38:43 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012-11-02 22:30:50 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\MAGIX_MxTray
[2012-11-02 20:47:18 | 000,000,000 | R--D | C] -- C:\ESD
[2012-11-02 13:08:13 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012-11-02 13:07:52 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2012-11-02 13:02:43 | 000,000,000 | R--D | C] -- C:\Users\Pieter\SkyDrive
[2012-11-02 13:00:31 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012-11-02 12:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-11-02 12:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-11-02 12:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-11-02 12:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-10-27 16:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012-10-27 16:44:52 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2012-10-27 16:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2012-10-27 16:44:43 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Winamp
[2012-10-27 16:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2012-10-27 16:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2012-10-27 16:19:00 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\GlarySoft
[2012-10-27 16:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2012-10-26 15:49:04 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\My Weblog Posts
[2012-10-23 15:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Wave MP3 Cutter Joiner
[2012-10-23 15:41:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\X-Wave MP3 Cutter Joiner
[2012-10-22 14:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2012-10-22 14:44:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2012-10-22 14:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softonic
[2012-10-22 14:44:13 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\SlimWare Utilities Inc
[2012-10-22 14:44:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
[2012-10-20 16:42:32 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\DJMixPro
[2012-10-13 14:46:22 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\3delite
[2012-10-13 14:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MP3 Stream Editor
[2012-10-13 14:25:59 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicBee
[2012-10-11 18:22:08 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\gtk-2.0
[2012-10-11 18:18:40 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Participatory Culture Foundation

========== Files - Modified Within 30 Days ==========

[2012-11-07 21:09:36 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-07 21:09:36 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-07 21:04:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-07 21:03:21 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012-11-07 21:02:33 | 000,015,712 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012-11-07 21:02:08 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-07 21:01:38 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012-11-07 21:01:30 | 000,000,484 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012-11-07 21:01:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-07 21:00:59 | 4092,108,798 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-07 20:57:18 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012-11-07 20:39:07 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-07 20:24:53 | 000,088,008 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2012-11-07 20:24:53 | 000,083,880 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2012-11-07 20:24:53 | 000,035,240 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2012-11-05 16:49:00 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\COMODO System Cleaner Update.job
[2012-11-04 21:06:42 | 000,001,363 | ---- | M] () -- C:\Users\Pieter\Desktop\Windows installeren.lnk
[2012-11-04 20:42:31 | 000,096,678 | ---- | M] () -- C:\Users\Pieter\Desktop\ccleaner backup register 4-11.reg
[2012-11-03 02:42:11 | 000,095,253 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012-11-03 02:42:11 | 000,095,253 | ---- | M] () -- C:\Windows\diagerr.xml
[2012-11-02 21:46:16 | 2822,373,376 | ---- | M] () -- C:\Users\Pieter\Desktop\Windows.iso
[2012-11-02 20:35:31 | 000,001,204 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Photo Commander 10.lnk
[2012-11-02 16:45:16 | 000,102,880 | ---- | M] () -- C:\Users\Pieter\Documents\Spilt_Milk.wsz
[2012-11-02 12:51:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-10-31 19:34:30 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Sound Organizer.lnk
[2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-10-30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-10-30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-10-30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-10-27 16:44:53 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012-10-27 16:19:03 | 000,001,030 | ---- | M] () -- C:\Users\Pieter\Desktop\Glary Utilities.lnk
[2012-10-22 14:45:00 | 000,002,467 | ---- | M] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012-10-22 14:44:16 | 000,000,109 | ---- | M] () -- C:\user.js
[2012-10-21 11:46:58 | 000,029,846 | ---- | M] () -- C:\Users\Pieter\Documents\cc_20121021_124654.reg
[2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012-10-13 14:22:07 | 000,000,218 | ---- | M] () -- C:\Users\Pieter\AppData\Local\recently-used.xbel
[2012-10-11 18:22:06 | 000,000,280 | ---- | M] () -- C:\Users\Pieter\.gtk-bookmarks

========== Files Created - No Company Name ==========

[2012-11-04 20:42:27 | 000,096,678 | ---- | C] () -- C:\Users\Pieter\Desktop\ccleaner backup register 4-11.reg
[2012-11-02 22:35:51 | 000,095,253 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012-11-02 22:35:51 | 000,095,253 | ---- | C] () -- C:\Windows\diagerr.xml
[2012-11-02 21:45:38 | 2822,373,376 | ---- | C] () -- C:\Users\Pieter\Desktop\Windows.iso
[2012-11-02 21:00:42 | 000,001,363 | ---- | C] () -- C:\Users\Pieter\Desktop\Windows installeren.lnk
[2012-11-02 20:35:31 | 000,001,204 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Photo Commander 10.lnk
[2012-11-02 16:41:07 | 000,102,880 | ---- | C] () -- C:\Users\Pieter\Documents\Spilt_Milk.wsz
[2012-11-02 13:07:49 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2012-10-31 19:34:30 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Sound Organizer.lnk
[2012-10-27 16:44:53 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012-10-27 16:19:03 | 000,001,030 | ---- | C] () -- C:\Users\Pieter\Desktop\Glary Utilities.lnk
[2012-10-27 16:19:03 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2012-10-22 14:44:16 | 000,000,412 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012-10-22 14:44:16 | 000,000,109 | ---- | C] () -- C:\user.js
[2012-10-22 14:44:14 | 000,015,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012-10-22 14:44:11 | 000,002,467 | ---- | C] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012-10-21 11:46:56 | 000,029,846 | ---- | C] () -- C:\Users\Pieter\Documents\cc_20121021_124654.reg
[2012-10-13 14:22:07 | 000,000,218 | ---- | C] () -- C:\Users\Pieter\AppData\Local\recently-used.xbel
[2012-10-11 18:22:06 | 000,000,280 | ---- | C] () -- C:\Users\Pieter\.gtk-bookmarks
[2012-03-09 05:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-03-09 05:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-01-31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011-11-11 11:59:27 | 000,001,442 | ---- | C] () -- C:\Windows\crhzp-t32.ini
[2011-11-09 17:46:01 | 000,000,040 | --S- | C] () -- C:\ProgramData\.zreglib
[2011-11-06 13:48:46 | 000,211,432 | ---- | C] () -- C:\Windows\hpoins18.dat
[2011-11-06 13:48:46 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-10-09 13:39:42 | 000,000,046 | ---- | C] () -- C:\Windows\PCCT.INI
[2011-10-07 12:28:10 | 000,000,111 | ---- | C] () -- C:\Windows\installation.ini
[2011-09-09 17:06:00 | 000,000,000 | ---- | C] () -- C:\Users\Pieter\AppData\Local\{60EE572B-9A87-4B2B-9524-AE878826B46D}
[2011-09-06 13:43:12 | 000,007,605 | ---- | C] () -- C:\Users\Pieter\AppData\Local\Resmon.ResmonCfg
[2011-09-03 15:58:30 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011-09-03 15:57:26 | 000,006,289 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011-08-29 15:59:50 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011-08-29 15:59:50 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011-08-01 17:54:26 | 000,014,336 | ---- | C] () -- C:\Users\Pieter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-24 09:48:40 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin
[2011-07-24 09:44:20 | 000,024,576 | RH-- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011-07-24 09:44:20 | 000,013,440 | RH-- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011-07-24 09:44:19 | 000,011,832 | -H-- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011-07-24 09:44:19 | 000,010,216 | -H-- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011-07-24 09:42:14 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-07-24 09:35:22 | 000,001,769 | -H-- | C] () -- C:\Windows\Language_trs.ini
[2011-07-24 09:35:17 | 000,040,619 | -H-- | C] () -- C:\Windows\Ascd_tmp.ini
[2011-06-07 10:13:38 | 000,974,848 | -H-- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011-06-07 10:13:38 | 000,081,920 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011-06-07 10:13:38 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011-06-07 10:13:38 | 000,057,344 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011-06-07 10:13:38 | 000,030,568 | -H-- | C] () -- C:\Windows\MusiccityDownload.exe

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-01-04 11:44:25 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-01-04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012-07-31 19:29:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\AC1
[2012-05-13 16:50:24 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Ad-Aware Antivirus
[2012-07-20 13:09:09 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Ashampoo
[2012-10-07 19:15:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Audacity
[2012-10-21 11:46:05 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Azureus
[2012-02-20 17:04:09 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Belastingdienst
[2011-12-08 20:06:59 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Broad Intelligence
[2011-12-29 20:07:11 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\calibre
[2012-10-28 17:11:11 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Canon
[2012-09-21 15:31:20 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ComplitlyEngine
[2011-08-09 19:04:47 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DeviceDoctorSoftware
[2012-10-27 16:38:39 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DeviceVm
[2012-09-17 13:02:47 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Downloaded Installations
[2012-03-04 13:26:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DriverCure
[2011-11-23 17:50:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVD Catalyst 4
[2012-09-02 12:15:31 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVDVideoSoft
[2012-03-20 13:38:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers
[2011-08-05 13:50:01 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\EasySuite
[2012-10-05 13:26:49 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\eType
[2011-09-02 08:42:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\FDRLab
[2011-08-09 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Foxit Software
[2011-10-13 16:24:35 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\FreeCommander
[2012-10-27 16:40:53 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\GlarySoft
[2011-09-29 18:16:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\GrabIt
[2012-08-03 13:17:08 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Hardcoded Software
[2011-07-29 16:25:31 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ImgBurn
[2012-08-26 16:17:22 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\JAM Software
[2012-09-30 16:09:08 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MAGIX
[2012-08-18 15:24:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MediaMonkey
[2012-10-26 15:37:17 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Mp3tag
[2012-10-13 18:43:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MusicBee
[2012-06-02 10:44:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\NewsLeecher
[2012-10-28 17:07:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Nitro PDF
[2012-09-16 11:58:18 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ObviousIdea
[2011-07-28 17:55:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ODIN
[2012-09-02 12:15:25 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\OpenCandy
[2011-08-01 18:25:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\OpenOffice.org
[2012-10-11 18:18:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Participatory Culture Foundation
[2012-03-04 13:26:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\PC Unleashed Online
[2012-08-12 12:38:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Pegasus Mail
[2012-10-23 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Philipp Winterberg
[2012-10-07 12:38:23 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Power MP3 Cutter
[2012-09-21 15:34:28 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Power Mp3 Recorder
[2011-07-26 17:37:45 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Samsung
[2012-03-22 11:33:23 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\shrink_pic
[2012-08-12 21:09:24 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\simplitec
[2011-10-21 18:30:14 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Songbird2
[2011-11-23 15:07:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\spotmau
[2012-04-06 10:48:20 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Temp
[2012-02-28 22:54:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TeraCopy
[2011-11-01 10:24:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TestApp
[2011-11-06 10:19:50 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Thinstall
[2011-07-24 20:13:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Thunderbird
[2012-08-10 14:28:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Transcend Elite
[2012-10-05 13:42:42 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TuneUpMedia
[2012-01-08 09:09:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Western Digital
[2012-08-31 15:14:03 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Windows Live Writer
[2012-08-31 15:12:53 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Winsplit Revolution
[2012-10-23 15:41:12 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\X-Wave MP3 Cutter Joiner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:664E4171
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >


The FSS report


Farbar Service Scanner Version: 07-11-2012
Ran by Pieter (administrator) on 07-11-2012 at 21:15:13
Running from "C:\Users\Pieter\Documents\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What error do you get when you try to download windows updates ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Pieter\AppData\Roaming\ComplitlyEngine\ComplitlyEngine.dll (SimplyGen)

:Files
C:\Users\Pieter\AppData\Roaming\ComplitlyEngine

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#5
dennisK16

dennisK16

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 155 posts
error code 80070005 and then its stating its a unknown error

i was going to post a printscreen but then realized it was in dutch so it wouldnt help you that much.
going to run the stuff you told me to do now
  • 0

#6
dennisK16

dennisK16

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 155 posts
here is the report
thanks again for your help

OTL logfile created on: 7-11-2012 21:55:05 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pieter\Documents\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

15,75 Gb Total Physical Memory | 13,13 Gb Available Physical Memory | 83,38% Memory free
31,49 Gb Paging File | 28,71 Gb Available in Paging File | 91,16% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,46 Gb Total Space | 830,50 Gb Free Space | 89,16% Space Free | Partition Type: NTFS
Drive D: | 2,63 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 931,46 Gb Total Space | 366,90 Gb Free Space | 39,39% Space Free | Partition Type: NTFS
Drive H: | 353,89 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 930,85 Gb Total Space | 481,06 Gb Free Space | 51,68% Space Free | Partition Type: NTFS
Drive J: | 292,97 Gb Total Space | 254,54 Gb Free Space | 86,88% Space Free | Partition Type: NTFS
Drive K: | 698,63 Gb Total Space | 506,08 Gb Free Space | 72,44% Space Free | Partition Type: NTFS
Drive L: | 254,53 Gb Total Space | 130,16 Gb Free Space | 51,14% Space Free | Partition Type: NTFS
Drive M: | 14,82 Gb Total Space | 14,13 Gb Free Space | 95,37% Space Free | Partition Type: FAT32

Computer Name: PIETER-NIEUW-PC | User Name: Pieter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-11-07 20:43:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pieter\Documents\Downloads\OTL (2).exe
PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-10-25 15:45:50 | 016,052,192 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012-10-14 14:29:46 | 029,378,432 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
PRC - [2012-10-10 11:06:17 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011-12-12 08:01:32 | 001,531,272 | ---- | M] (ashampoo GmbH & Co. KG) -- C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe
PRC - [2011-05-24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2010-02-03 15:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2010-01-22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009-10-01 20:32:04 | 004,584,288 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
PRC - [2009-09-08 13:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009-09-02 12:35:30 | 001,972,224 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe


========== Modules (No Company Name) ==========

MOD - [2012-11-07 21:49:32 | 000,096,256 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\win32api.pyd
MOD - [2012-11-07 21:49:32 | 000,086,016 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\_elementtree.pyd
MOD - [2012-11-07 21:49:32 | 000,040,448 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\_socket.pyd
MOD - [2012-11-07 21:49:31 | 000,571,392 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\pysqlite2._sqlite.pyd
MOD - [2012-11-07 21:49:31 | 000,263,168 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\win32com.shell.shell.pyd
MOD - [2012-11-07 21:49:31 | 000,070,656 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\wx._html2.pyd
MOD - [2012-11-07 21:49:31 | 000,023,040 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\win32ts.pyd
MOD - [2012-11-07 21:49:30 | 001,024,024 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\windows._cacheinvalidation.pyd
MOD - [2012-11-07 21:49:30 | 000,792,576 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\wx._gdi_.pyd
MOD - [2012-11-07 21:49:30 | 000,017,920 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\win32profile.pyd
MOD - [2012-11-07 21:49:30 | 000,011,776 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\win32crypt.pyd
MOD - [2012-11-07 21:49:29 | 000,731,136 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\wx._misc_.pyd
MOD - [2012-11-07 21:49:29 | 000,354,304 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\pythoncom26.dll
MOD - [2012-11-07 21:49:29 | 000,110,592 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\pywintypes26.dll
MOD - [2012-11-07 21:49:29 | 000,073,728 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\_ctypes.pyd
MOD - [2012-11-07 21:49:28 | 000,645,120 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\_ssl.pyd
MOD - [2012-11-07 21:49:28 | 000,110,592 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\win32security.pyd
MOD - [2012-11-07 21:49:27 | 000,022,528 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\win32pdh.pyd
MOD - [2012-11-07 21:49:26 | 001,169,408 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\wx._core_.pyd
MOD - [2012-11-07 21:49:26 | 000,807,424 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\wx._windows_.pyd
MOD - [2012-11-07 21:49:26 | 000,311,808 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\_hashlib.pyd
MOD - [2012-11-07 21:49:26 | 000,121,856 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\wx._wizard.pyd
MOD - [2012-11-07 21:49:26 | 000,111,104 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\win32file.pyd
MOD - [2012-11-07 21:49:26 | 000,036,352 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\win32process.pyd
MOD - [2012-11-07 21:49:25 | 000,039,424 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\win32inet.pyd
MOD - [2012-11-07 21:49:24 | 001,056,256 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\wx._controls_.pyd
MOD - [2012-11-07 21:49:24 | 000,585,728 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\unicodedata.pyd
MOD - [2012-11-07 21:49:24 | 000,153,088 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\pyexpat.pyd
MOD - [2012-11-07 21:49:24 | 000,017,920 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\win32event.pyd
MOD - [2012-11-07 21:49:24 | 000,011,776 | ---- | M] () -- C:\Users\Pieter\AppData\Local\Temp\_MEI24722\select.pyd
MOD - [2012-10-10 11:06:15 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012-10-10 11:06:13 | 012,435,992 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012-10-10 11:06:12 | 004,005,912 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012-10-10 11:04:57 | 000,578,072 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012-10-10 11:04:55 | 000,123,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012-10-10 11:04:44 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012-10-10 11:04:43 | 000,275,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012-10-10 11:04:42 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2011-12-12 08:01:28 | 000,065,416 | ---- | M] () -- C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\MouseHook.dll
MOD - [2009-09-30 04:33:08 | 000,024,576 | RH-- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009-09-02 12:35:30 | 001,972,224 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe
MOD - [2009-07-30 16:07:14 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\MFL_u_VC8.dll
MOD - [2009-03-25 15:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009-03-19 21:35:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009-03-19 21:35:50 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
MOD - [2009-01-15 13:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
MOD - [2007-09-05 16:42:10 | 000,638,976 | ---- | M] () -- C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2010_Download-versie\PlayRIpl.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012-09-13 01:26:20 | 000,229,392 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:64bit: - [2012-08-06 11:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012-05-04 19:33:20 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2010-02-11 04:05:44 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-11-07 20:25:11 | 000,147,888 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012-11-07 20:24:53 | 000,375,728 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012-11-02 12:53:31 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-10-19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-07-23 15:35:06 | 000,171,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe -- (PACSPTISVR-Sound_Organizer)
SRV - [2012-06-08 11:06:24 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011-05-24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011-04-26 12:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010-03-18 12:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-10-01 20:32:04 | 004,584,288 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2009-09-21 19:25:34 | 001,571,336 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service)
SRV - [2009-09-21 19:19:22 | 002,963,960 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe -- (SymSnapService)
SRV - [2009-09-08 13:12:51 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-10-21 14:50:00 | 000,548,864 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-11-07 21:47:51 | 000,015,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012-11-07 20:24:53 | 000,088,008 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012-08-21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012-07-28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012-06-26 20:38:30 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012-06-24 21:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012-06-18 12:34:44 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012-06-18 12:34:42 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012-06-08 11:06:24 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012-06-08 11:05:56 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012-05-04 19:33:12 | 002,196,592 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012-04-12 00:30:00 | 000,708,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012-03-07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012-03-05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012-03-05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011-11-29 03:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011-06-10 16:00:38 | 000,208,896 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011-06-10 16:00:36 | 000,091,648 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011-06-02 06:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011-06-02 06:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011-06-02 06:47:22 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011-06-02 06:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011-04-26 10:26:00 | 000,353,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | -H-- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | -H-- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-16 17:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011-01-15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010-12-21 06:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010-12-16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010-11-20 14:33:35 | 000,078,720 | -H-- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-08-20 02:45:28 | 000,654,720 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2010-08-20 02:44:48 | 000,943,872 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2010-06-30 17:01:04 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV:64bit: - [2010-02-18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010-02-11 04:24:04 | 006,368,256 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-02-11 03:11:12 | 000,188,416 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-02-06 14:49:24 | 000,690,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2009-10-01 21:03:40 | 000,154,168 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2009-09-30 22:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009-09-21 19:40:14 | 000,020,528 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV:64bit: - [2009-09-21 19:26:10 | 000,054,320 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2009-09-21 19:20:42 | 000,170,032 | -H-- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\symsnap.sys -- (symsnap)
DRV:64bit: - [2009-07-16 04:38:40 | 000,015,416 | -H-- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | -H-- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | -H-- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | -H-- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | -H-- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-02-29 10:15:18 | 000,041,488 | ---- | M] (Logicool, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2000-01-01 01:00:00 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2000-01-01 01:00:00 | 000,016,552 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV - [2012-06-08 11:06:24 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2011-08-01 17:27:09 | 000,096,320 | ---- | M] (Acronis) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\snapman.sys -- (snapman)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-01-20 05:42:00 | 000,014,208 | ---- | M] (MAGIX) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\disksec.sys -- (DiskSec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect...mrud=10-05-2012

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.softon...chSource=10&cc=
IE - HKCU\..\URLSearchHook: {0734d757-fea6-4637-a7e4-2bd40a7fd8da} - No CLSID value found
IE - HKCU\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0BD4D1DC-D7D6-4D17-882E-E0D343CEAE92}: "URL" = http://websearch.ask...79-C4EB9971482D
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{307C2D13-5611-4B35-87A8-C27B7D7FC264}: "URL" = http://search.softon...rce=4&cc=&r=987
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.search...q={searchTerms}
IE - HKCU\..\SearchScopes\{56DDD002-DF69-4F1B-977D-2E434C4618A7}: "URL" = http://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerms}&lng={moz:locale}&iy=&ychte=nl
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect...mrud=10-05-2012
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-21 14:01:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-02 12:51:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-21 14:01:00 | 000,000,000 | ---D | M]

[2011-10-21 18:30:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\Extensions
[2011-10-21 18:30:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\Extensions\[email protected]
[2011-09-02 13:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pieter\AppData\Roaming\mozilla\SeaMonkey\Profiles\bu614np4.default\extensions
[2012-07-10 15:33:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-04-23 11:28:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask...q={searchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch....q={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: YouTube = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Facebook = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Google Zoeken = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: ComplitlyEngine plugin for chrome = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\
CHR - Extension: Megavideo Playerplus = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\efpoolkicbnlkaibhppihnfehghajfeg\1.7.3_0\
CHR - Extension: LastPass = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: TV Netherlands - Television Netherlands = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcfidfojebalmpcconceiiolchimckba\2.2_0\
CHR - Extension: Skype Click to Call = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\
CHR - Extension: FileConverter 1.4 = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf\10.13.1.89_0\
CHR - Extension: Gmail = C:\Users\Pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-11-07 21:44:28 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O2:64bit: - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Pieter\AppData\Roaming\ComplitlyEngine\64\ComplitlyEngine64.dll File not found
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll (Softonic.com)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKCU..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe (ashampoo GmbH & Co. KG)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [OTButtonManager-00] D:\SATA-225-OTB\StorageButtonManager-12.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2289CDEB-23FE-423F-9920-8274E629ECCB}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68D74764-2204-4D4D-B6EB-F27A1D3500EC}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70D10440-B4B9-42CB-8892-8AE0262DA58D}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C5D766C-F131-48E1-88A2-AACC8D0D51A4}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D102F77-5F2F-4458-9F63-9A926ADC6B33}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9AC07305-28FA-42BE-918A-ADD8C27A7D76}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A74B2BE6-9033-48AE-914A-4E15DCF74B24}: DhcpNameServer = 62.179.104.196 213.46.228.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1E20059-C879-4546-B732-831CA27320EB}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBFB8148-2495-4350-946D-592D7C822096}: DhcpNameServer = 192.168.2.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-01-28 21:00:27 | 000,000,088 | ---- | M] () - H:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010-05-06 03:53:10 | 000,000,000 | R--D | M] - L:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002-10-16 18:56:50 | 000,000,036 | R--- | M] () - L:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{34e80f11-bc55-11e0-86cc-bcaec56dc1a0}\Shell - "" = AutoRun
O33 - MountPoints2\{534c5357-bf4e-11e0-88b8-bcaec56dc1a0}\Shell - "" = AutoRun
O33 - MountPoints2\{534c5357-bf4e-11e0-88b8-bcaec56dc1a0}\Shell\AutoRun\command - "" = O:\EasySuite.exe
O33 - MountPoints2\{fca5d7cb-2fa2-11e1-9bde-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fca5d7cb-2fa2-11e1-9bde-806e6f6e6963}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-11-07 20:57:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-11-07 20:40:16 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Desktop\RK_Quarantine
[2012-11-04 20:55:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-11-04 20:55:43 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\ElevatedDiagnostics
[2012-11-04 20:38:43 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012-11-02 22:30:50 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\MAGIX_MxTray
[2012-11-02 20:47:18 | 000,000,000 | R--D | C] -- C:\ESD
[2012-11-02 13:08:13 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012-11-02 13:07:52 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2012-11-02 13:02:43 | 000,000,000 | R--D | C] -- C:\Users\Pieter\SkyDrive
[2012-11-02 13:00:31 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012-11-02 12:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-11-02 12:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-11-02 12:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-11-02 12:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-10-27 16:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2012-10-27 16:44:52 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2012-10-27 16:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2012-10-27 16:44:43 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Winamp
[2012-10-27 16:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2012-10-27 16:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2012-10-27 16:19:00 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\GlarySoft
[2012-10-27 16:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2012-10-26 15:49:04 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\My Weblog Posts
[2012-10-23 15:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Wave MP3 Cutter Joiner
[2012-10-23 15:41:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\X-Wave MP3 Cutter Joiner
[2012-10-22 14:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2012-10-22 14:44:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2012-10-22 14:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softonic
[2012-10-22 14:44:13 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\SlimWare Utilities Inc
[2012-10-22 14:44:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
[2012-10-20 16:42:32 | 000,000,000 | ---D | C] -- C:\Users\Pieter\Documents\DJMixPro
[2012-10-13 14:46:22 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\3delite
[2012-10-13 14:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MP3 Stream Editor
[2012-10-13 14:25:59 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee
[2012-10-13 14:25:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicBee
[2012-10-11 18:22:08 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Local\gtk-2.0
[2012-10-11 18:18:40 | 000,000,000 | ---D | C] -- C:\Users\Pieter\AppData\Roaming\Participatory Culture Foundation

========== Files - Modified Within 30 Days ==========

[2012-11-07 21:54:53 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-07 21:54:53 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-07 21:48:12 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012-11-07 21:47:51 | 000,015,712 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012-11-07 21:47:36 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012-11-07 21:47:33 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-07 21:47:25 | 000,000,484 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012-11-07 21:47:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-07 21:47:06 | 4092,108,798 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-07 21:44:28 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012-11-07 21:39:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-07 21:04:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-07 20:24:53 | 000,088,008 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2012-11-07 20:24:53 | 000,083,880 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2012-11-07 20:24:53 | 000,035,240 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2012-11-05 16:49:00 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\COMODO System Cleaner Update.job
[2012-11-04 21:06:42 | 000,001,363 | ---- | M] () -- C:\Users\Pieter\Desktop\Windows installeren.lnk
[2012-11-04 20:42:31 | 000,096,678 | ---- | M] () -- C:\Users\Pieter\Desktop\ccleaner backup register 4-11.reg
[2012-11-03 02:42:11 | 000,095,253 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012-11-03 02:42:11 | 000,095,253 | ---- | M] () -- C:\Windows\diagerr.xml
[2012-11-02 21:46:16 | 2822,373,376 | ---- | M] () -- C:\Users\Pieter\Desktop\Windows.iso
[2012-11-02 20:35:31 | 000,001,204 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Photo Commander 10.lnk
[2012-11-02 16:45:16 | 000,102,880 | ---- | M] () -- C:\Users\Pieter\Documents\Spilt_Milk.wsz
[2012-11-02 12:51:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-10-31 19:34:30 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Sound Organizer.lnk
[2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-10-30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-10-30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-10-30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-10-27 16:44:53 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012-10-27 16:19:03 | 000,001,030 | ---- | M] () -- C:\Users\Pieter\Desktop\Glary Utilities.lnk
[2012-10-22 14:45:00 | 000,002,467 | ---- | M] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012-10-22 14:44:16 | 000,000,109 | ---- | M] () -- C:\user.js
[2012-10-21 11:46:58 | 000,029,846 | ---- | M] () -- C:\Users\Pieter\Documents\cc_20121021_124654.reg
[2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012-10-13 14:22:07 | 000,000,218 | ---- | M] () -- C:\Users\Pieter\AppData\Local\recently-used.xbel
[2012-10-11 18:22:06 | 000,000,280 | ---- | M] () -- C:\Users\Pieter\.gtk-bookmarks

========== Files Created - No Company Name ==========

[2012-11-04 20:42:27 | 000,096,678 | ---- | C] () -- C:\Users\Pieter\Desktop\ccleaner backup register 4-11.reg
[2012-11-02 22:35:51 | 000,095,253 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012-11-02 22:35:51 | 000,095,253 | ---- | C] () -- C:\Windows\diagerr.xml
[2012-11-02 21:45:38 | 2822,373,376 | ---- | C] () -- C:\Users\Pieter\Desktop\Windows.iso
[2012-11-02 21:00:42 | 000,001,363 | ---- | C] () -- C:\Users\Pieter\Desktop\Windows installeren.lnk
[2012-11-02 20:35:31 | 000,001,204 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Photo Commander 10.lnk
[2012-11-02 16:41:07 | 000,102,880 | ---- | C] () -- C:\Users\Pieter\Documents\Spilt_Milk.wsz
[2012-11-02 13:07:49 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2012-10-31 19:34:30 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Sound Organizer.lnk
[2012-10-27 16:44:53 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012-10-27 16:19:03 | 000,001,030 | ---- | C] () -- C:\Users\Pieter\Desktop\Glary Utilities.lnk
[2012-10-27 16:19:03 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2012-10-22 14:44:16 | 000,000,412 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012-10-22 14:44:16 | 000,000,109 | ---- | C] () -- C:\user.js
[2012-10-22 14:44:14 | 000,015,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012-10-22 14:44:11 | 000,002,467 | ---- | C] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012-10-21 11:46:56 | 000,029,846 | ---- | C] () -- C:\Users\Pieter\Documents\cc_20121021_124654.reg
[2012-10-13 14:22:07 | 000,000,218 | ---- | C] () -- C:\Users\Pieter\AppData\Local\recently-used.xbel
[2012-10-11 18:22:06 | 000,000,280 | ---- | C] () -- C:\Users\Pieter\.gtk-bookmarks
[2012-03-09 05:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-03-09 05:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-01-31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011-11-11 11:59:27 | 000,001,442 | ---- | C] () -- C:\Windows\crhzp-t32.ini
[2011-11-09 17:46:01 | 000,000,040 | --S- | C] () -- C:\ProgramData\.zreglib
[2011-11-06 13:48:46 | 000,211,432 | ---- | C] () -- C:\Windows\hpoins18.dat
[2011-11-06 13:48:46 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-10-09 13:39:42 | 000,000,046 | ---- | C] () -- C:\Windows\PCCT.INI
[2011-10-07 12:28:10 | 000,000,111 | ---- | C] () -- C:\Windows\installation.ini
[2011-09-09 17:06:00 | 000,000,000 | ---- | C] () -- C:\Users\Pieter\AppData\Local\{60EE572B-9A87-4B2B-9524-AE878826B46D}
[2011-09-06 13:43:12 | 000,007,605 | ---- | C] () -- C:\Users\Pieter\AppData\Local\Resmon.ResmonCfg
[2011-09-03 15:58:30 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011-09-03 15:57:26 | 000,006,289 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011-08-29 15:59:50 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011-08-29 15:59:50 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011-08-01 17:54:26 | 000,014,336 | ---- | C] () -- C:\Users\Pieter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-24 09:48:40 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin
[2011-07-24 09:44:20 | 000,024,576 | RH-- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011-07-24 09:44:20 | 000,013,440 | RH-- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011-07-24 09:44:19 | 000,011,832 | -H-- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011-07-24 09:44:19 | 000,010,216 | -H-- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011-07-24 09:42:14 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-07-24 09:35:22 | 000,001,769 | -H-- | C] () -- C:\Windows\Language_trs.ini
[2011-07-24 09:35:17 | 000,040,619 | -H-- | C] () -- C:\Windows\Ascd_tmp.ini
[2011-06-07 10:13:38 | 000,974,848 | -H-- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011-06-07 10:13:38 | 000,081,920 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011-06-07 10:13:38 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011-06-07 10:13:38 | 000,057,344 | -H-- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011-06-07 10:13:38 | 000,030,568 | -H-- | C] () -- C:\Windows\MusiccityDownload.exe

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-01-04 11:44:25 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-01-04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012-07-31 19:29:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\AC1
[2012-05-13 16:50:24 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Ad-Aware Antivirus
[2012-07-20 13:09:09 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Ashampoo
[2012-10-07 19:15:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Audacity
[2012-10-21 11:46:05 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Azureus
[2012-02-20 17:04:09 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Belastingdienst
[2011-12-08 20:06:59 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Broad Intelligence
[2011-12-29 20:07:11 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\calibre
[2012-10-28 17:11:11 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Canon
[2011-08-09 19:04:47 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DeviceDoctorSoftware
[2012-10-27 16:38:39 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DeviceVm
[2012-09-17 13:02:47 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Downloaded Installations
[2012-03-04 13:26:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DriverCure
[2011-11-23 17:50:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVD Catalyst 4
[2012-09-02 12:15:31 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVDVideoSoft
[2012-03-20 13:38:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\DVDVideoSoftIEHelpers
[2011-08-05 13:50:01 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\EasySuite
[2012-10-05 13:26:49 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\eType
[2011-09-02 08:42:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\FDRLab
[2011-08-09 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Foxit Software
[2011-10-13 16:24:35 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\FreeCommander
[2012-10-27 16:40:53 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\GlarySoft
[2011-09-29 18:16:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\GrabIt
[2012-08-03 13:17:08 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Hardcoded Software
[2011-07-29 16:25:31 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ImgBurn
[2012-08-26 16:17:22 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\JAM Software
[2012-09-30 16:09:08 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MAGIX
[2012-08-18 15:24:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MediaMonkey
[2012-10-26 15:37:17 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Mp3tag
[2012-10-13 18:43:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\MusicBee
[2012-06-02 10:44:52 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\NewsLeecher
[2012-10-28 17:07:32 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Nitro PDF
[2012-09-16 11:58:18 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ObviousIdea
[2011-07-28 17:55:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\ODIN
[2012-09-02 12:15:25 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\OpenCandy
[2011-08-01 18:25:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\OpenOffice.org
[2012-10-11 18:18:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Participatory Culture Foundation
[2012-03-04 13:26:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\PC Unleashed Online
[2012-08-12 12:38:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Pegasus Mail
[2012-10-23 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Philipp Winterberg
[2012-10-07 12:38:23 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Power MP3 Cutter
[2012-09-21 15:34:28 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Power Mp3 Recorder
[2011-07-26 17:37:45 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Samsung
[2012-03-22 11:33:23 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\shrink_pic
[2012-08-12 21:09:24 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\simplitec
[2011-10-21 18:30:14 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Songbird2
[2011-11-23 15:07:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\spotmau
[2012-04-06 10:48:20 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Temp
[2012-02-28 22:54:34 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TeraCopy
[2011-11-01 10:24:21 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TestApp
[2011-11-06 10:19:50 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Thinstall
[2011-07-24 20:13:30 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Thunderbird
[2012-08-10 14:28:40 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Transcend Elite
[2012-10-05 13:42:42 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\TuneUpMedia
[2012-01-08 09:09:41 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Western Digital
[2012-08-31 15:14:03 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Windows Live Writer
[2012-08-31 15:12:53 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\Winsplit Revolution
[2012-10-23 15:41:12 | 000,000,000 | ---D | M] -- C:\Users\Pieter\AppData\Roaming\X-Wave MP3 Cutter Joiner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:664E4171
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets see if we can resolve this

Download and run the System Update Readiness Tool

Ignore any message that may appear saying that you don't need to run the tool. Just download and run it.

Then retry windows updates

If it fails then run the MSFixit here in aggressive mode
  • 0

#8
dennisK16

dennisK16

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 155 posts
i think i already tried that MS hotfix but i will run it again.

if that doesn't work i will run the MS fix it

i will keep you posted thanks for your help!!!

PS does this mean the PC is mallware free? and did it have any on it?

i ran both and it didn't solve the update issue still getting the same error code 80070005 unknown error

Edited by dennisK16, 07 November 2012 - 04:34 PM.

  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
At this stage there was just a complity tool bar

But dependant on the result of running SURT and the fixit I may look deeper
  • 0

#10
dennisK16

dennisK16

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 155 posts
i ran both and it didn't solve the update issue still getting the same error code 80070005 unknown error
  • 0

#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets run the next trick... Apart from the update problem what other problems do you have

Download Windows Repair (all in one) from this site

Install the programme then run

Posted Image

Go to step 3 and allow it to run SFC
Posted Image


On the start repairs tab click start
Posted Image

Select the following items and tick restart system when finished
Posted Image
  • 0

#12
dennisK16

dennisK16

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 155 posts
no other problems besides the update issues that i'm having
Ran the program you told me to run and followed the steps.
now its saying that windows update isn't installed on the PC, i believe its installing it right now!
i'll keep you posted if i can run updates or not.

DK
  • 0

#13
dennisK16

dennisK16

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 155 posts
updates are downloading and installing now
Thank you so much for your help!!!!


DK
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP