About a week ago my laptop suddenly shut down showing a blue screen with a 'windows has shut down to prevent damage to your computer' message. After rebooting I decided to do a virus scan with Microsoft security essentials and it found this: Trojan:JS/BlacoleRef.BG. The trojan was quarantined and I deleted it, so I thought problem solved.
Ever since my laptop is 'acting weird' however. More specifically, random startups when it should be shut down (I wake up and find that the laptop decided to turn itself on) or that the fan is blowing quite loud even though CPU temp is at 41 degrees (the fan never made this much noise before last week). Today my laptop again shut down to the blue screen mentioned earlier, so there must still be something wrong.
Unfortunately this is the only computer I have available so I can't take it offline until the problem is fixed. Virus scans with MSE are not showing anything and a google search has not brought me any solutions either so I am at a loss what to do next.
Any help would be greatly appeciated! OTL data is below. If you need more info please let me know.
-Zep
OTL logfile created on: 21-1-2013 10:14:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luuk\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Netherlands | Language: NLD | Date Format: d-M-yyyy
7,89 Gb Total Physical Memory | 5,02 Gb Available Physical Memory | 63,68% Memory free
15,78 Gb Paging File | 12,57 Gb Available in Paging File | 79,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,45 Gb Total Space | 111,60 Gb Free Space | 39,94% Space Free | Partition Type: NTFS
Drive D: | 393,86 Gb Total Space | 261,45 Gb Free Space | 66,38% Space Free | Partition Type: NTFS
Drive E: | 7,78 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: LUUK-NOTEBOOK | User Name: Luuk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013-01-21 10:14:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luuk\Desktop\OTL.exe
PRC - [2013-01-21 10:03:33 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Luuk\Desktop\aswMBR.exe
PRC - [2013-01-08 09:06:24 | 001,248,360 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013-01-03 09:05:33 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Luuk\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012-12-29 08:02:24 | 028,539,392 | ---- | M] (Dropbox, Inc.) -- C:\Users\Luuk\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012-12-18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-12-17 19:50:28 | 016,328,976 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012-10-26 13:17:52 | 000,079,384 | ---- | M] (Google) -- C:\Users\Luuk\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2012-07-19 16:19:42 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2012-04-24 09:17:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-04-24 07:34:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-03-28 00:02:04 | 001,104,208 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012-03-28 00:02:02 | 001,304,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2012-03-28 00:01:56 | 001,014,096 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012-03-28 00:01:56 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2012-03-27 02:14:26 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-02-29 09:13:56 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012-02-29 09:13:54 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012-02-22 04:29:38 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012-02-22 04:29:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012-02-17 03:37:16 | 000,322,176 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012-02-16 09:38:10 | 000,174,720 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011-11-22 06:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2011-11-22 06:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2011-10-25 09:20:38 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009-06-20 02:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-20 02:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2008-12-23 09:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008-08-14 13:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
========== Modules (No Company Name) ==========
MOD - [2013-01-21 09:52:33 | 000,571,392 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\pysqlite2._sqlite.pyd
MOD - [2013-01-21 09:52:33 | 000,263,168 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\win32com.shell.shell.pyd
MOD - [2013-01-21 09:52:33 | 000,096,256 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\win32api.pyd
MOD - [2013-01-21 09:52:33 | 000,086,016 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\_elementtree.pyd
MOD - [2013-01-21 09:52:33 | 000,070,656 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\wx._html2.pyd
MOD - [2013-01-21 09:52:33 | 000,040,448 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\_socket.pyd
MOD - [2013-01-21 09:52:33 | 000,023,040 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\win32ts.pyd
MOD - [2013-01-21 09:52:32 | 001,024,616 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\windows._cacheinvalidation.pyd
MOD - [2013-01-21 09:52:32 | 000,792,576 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\wx._gdi_.pyd
MOD - [2013-01-21 09:52:32 | 000,731,136 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\wx._misc_.pyd
MOD - [2013-01-21 09:52:32 | 000,354,304 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\pythoncom26.dll
MOD - [2013-01-21 09:52:32 | 000,153,088 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\pyexpat.pyd
MOD - [2013-01-21 09:52:32 | 000,110,592 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\win32security.pyd
MOD - [2013-01-21 09:52:32 | 000,110,592 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\PyWinTypes26.dll
MOD - [2013-01-21 09:52:32 | 000,073,728 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\_ctypes.pyd
MOD - [2013-01-21 09:52:32 | 000,017,920 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\win32profile.pyd
MOD - [2013-01-21 09:52:32 | 000,011,776 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\win32crypt.pyd
MOD - [2013-01-21 09:52:31 | 001,169,408 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\wx._core_.pyd
MOD - [2013-01-21 09:52:31 | 000,807,424 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\wx._windows_.pyd
MOD - [2013-01-21 09:52:31 | 000,645,120 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\_ssl.pyd
MOD - [2013-01-21 09:52:31 | 000,311,808 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\_hashlib.pyd
MOD - [2013-01-21 09:52:31 | 000,121,856 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\wx._wizard.pyd
MOD - [2013-01-21 09:52:31 | 000,036,352 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\win32process.pyd
MOD - [2013-01-21 09:52:31 | 000,022,528 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\win32pdh.pyd
MOD - [2013-01-21 09:52:30 | 001,056,256 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\wx._controls_.pyd
MOD - [2013-01-21 09:52:30 | 000,585,728 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\unicodedata.pyd
MOD - [2013-01-21 09:52:30 | 000,111,104 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\win32file.pyd
MOD - [2013-01-21 09:52:30 | 000,039,424 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\win32inet.pyd
MOD - [2013-01-21 09:52:30 | 000,017,920 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\win32event.pyd
MOD - [2013-01-21 09:52:29 | 000,011,776 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Temp\_MEI50162\select.pyd
MOD - [2013-01-08 09:06:22 | 000,460,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppgooglenaclpluginchrome.dll
MOD - [2013-01-08 09:06:21 | 012,459,624 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
MOD - [2013-01-08 09:06:19 | 004,012,648 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
MOD - [2013-01-08 09:05:29 | 000,598,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libglesv2.dll
MOD - [2013-01-08 09:05:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libegl.dll
MOD - [2013-01-08 09:05:25 | 001,553,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll
MOD - [2012-11-28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012-11-28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012-09-13 04:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012-09-13 04:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012-03-29 23:57:36 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012-03-29 23:57:24 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012-03-29 23:57:14 | 000,626,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012-03-29 23:57:10 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012-02-03 14:29:52 | 000,628,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012-01-18 08:12:28 | 000,135,952 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012-01-10 04:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2009-07-14 10:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-12-18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-04-24 09:17:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-04-24 07:34:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-04-02 17:28:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-03-28 00:02:04 | 001,104,208 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012-03-28 00:02:02 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2012-03-28 00:01:56 | 001,014,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012-02-29 09:13:56 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-02-29 09:13:54 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-02-22 04:29:38 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012-02-22 04:29:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2011-11-22 06:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2011-11-22 06:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010-03-19 05:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-11 06:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012-12-24 19:09:47 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-09-28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012-08-31 05:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012-04-24 09:17:00 | 000,249,152 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2012-04-24 09:17:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012-04-12 07:49:00 | 000,035,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)
DRV:64bit: - [2012-04-12 07:48:58 | 000,016,512 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch)
DRV:64bit: - [2012-04-02 17:28:14 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012-03-27 02:13:20 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012-03-27 02:13:20 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012-03-27 02:13:18 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012-03-22 03:13:14 | 000,060,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012-03-13 06:06:46 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012-03-01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-03-01 11:01:08 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012-02-24 09:56:32 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012-02-24 09:56:32 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012-02-20 03:16:24 | 000,200,488 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012-02-14 01:10:40 | 000,747,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012-02-14 00:53:54 | 000,095,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012-01-27 10:37:24 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012-01-27 10:37:24 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012-01-16 16:49:16 | 000,103,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012-01-10 04:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012-01-10 04:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011-11-10 17:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010-11-20 22:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 20:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 20:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009-07-20 18:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009-07-14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 09:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009-07-14 08:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009-06-20 11:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009-06-11 06:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009-06-11 05:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009-06-11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-05-24 09:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011-09-08 01:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009-07-14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-03 09:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Luuk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Luuk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Luuk\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Luuk\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Luuk\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Luuk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Luuk\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Luuk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - Extension: Angry Birds = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Documenten = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Documenten = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.4_0\
CHR - Extension: Google Drive = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Google Drive = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google Zoeken = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: 20 Things I Learned About Browsers & the Web = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfdlnlenokgjjchimonbekcmnofmlibg\0.91_0\
CHR - Extension: Gmail Offline = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: AdBlock = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.55_0\
CHR - Extension: Crusader Tank = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpegcjgnjllooimlcfdnphhccfnmhfem\1.3.0_0\
CHR - Extension: Gmail = C:\Users\Luuk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009-06-11 06:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Luuk\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - Startup: C:\Users\Luuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Luuk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 134.160.82.12 134.160.82.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33DE248A-8FB2-4011-98E3-835CED5BCC89}: DhcpNameServer = 134.160.82.12 134.160.82.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91115B38-C0E0-46FF-926E-1ACF67005AFF}: DhcpNameServer = 10.64.226.4 10.64.226.5
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-01-21 10:14:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Luuk\Desktop\OTL.exe
[2013-01-21 10:02:25 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Luuk\Desktop\aswMBR.exe
[2013-01-18 14:39:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013-01-15 18:55:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2013-01-09 17:11:03 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013-01-09 17:11:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2013-01-09 16:01:53 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013-01-09 15:42:11 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Roaming\PDAppFlex
[2013-01-09 14:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013-01-09 14:07:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013-01-09 14:07:22 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2013-01-09 14:05:55 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013-01-09 14:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013-01-09 13:48:12 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013-01-09 13:47:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2013-01-06 20:27:40 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Local\Chromium
[2013-01-06 20:21:41 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Local\SKIDROW
[2013-01-06 20:21:35 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Roaming\The Creative Assembly
[2013-01-06 19:38:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total War Shogun 2 - Fall Of The Samurai
[2013-01-04 10:20:01 | 000,000,000 | ---D | C] -- C:\Users\Luuk\.fop
[2013-01-04 10:15:47 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Local\SciGen
[2013-01-04 10:15:45 | 000,000,000 | ---D | C] -- C:\Users\Luuk\.eclipse
[2013-01-04 10:14:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PosterGenius
[2013-01-04 10:10:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SciGen
[2013-01-03 09:05:34 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Local\Facebook
[2013-01-01 09:51:56 | 000,000,000 | ---D | C] -- C:\Users\Luuk\Desktop\New folder (2)
[2012-12-24 21:27:43 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-12-24 21:27:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2012-12-24 21:23:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
[2012-12-24 21:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eidos
[2012-12-24 20:57:26 | 000,000,000 | ---D | C] -- C:\Users\Luuk\Documents\CSF Data
[2012-12-24 20:54:21 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012-12-24 19:09:47 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-12-24 19:09:41 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Roaming\DAEMON Tools Lite
[2012-12-24 19:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012-12-24 18:58:11 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-12-24 15:06:08 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bullfrog
[2012-12-24 15:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullfrog
[2012-12-24 15:03:56 | 000,000,000 | ---D | C] -- C:\Users\Luuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Populous
[2012-12-24 15:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Populous
[2012-12-24 15:03:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bullfrog
[2012-12-24 14:38:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paradox Interactive
[2012-12-22 21:56:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-12-22 21:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012-12-22 21:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012-12-22 21:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012-12-22 21:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[1 C:\Users\Luuk\AppData\Local\*.tmp files -> C:\Users\Luuk\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013-01-21 10:14:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luuk\Desktop\OTL.exe
[2013-01-21 10:03:33 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Luuk\Desktop\aswMBR.exe
[2013-01-21 09:59:31 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-01-21 09:59:31 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-01-21 09:52:27 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-01-21 09:52:09 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013-01-21 09:51:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-01-21 09:51:45 | 2057,695,231 | -HS- | M] () -- C:\hiberfil.sys
[2013-01-21 09:44:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3861923253-463451815-4079807046-1001UA.job
[2013-01-21 09:39:53 | 595,109,280 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013-01-21 09:39:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-01-21 07:16:50 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3861923253-463451815-4079807046-1001UA.job
[2013-01-20 21:44:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3861923253-463451815-4079807046-1001Core.job
[2013-01-20 19:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013-01-18 09:10:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3861923253-463451815-4079807046-1001Core.job
[2013-01-16 15:01:37 | 000,267,915 | ---- | M] () -- C:\Users\Luuk\Desktop\Roussel et al 2005.pdf
[2013-01-15 18:55:05 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2013-01-15 18:53:41 | 000,007,609 | ---- | M] () -- C:\Users\Luuk\AppData\Local\Resmon.ResmonCfg
[2013-01-13 18:43:52 | 000,002,281 | ---- | M] () -- C:\Users\Luuk\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-01-10 03:30:40 | 005,048,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-01-10 03:13:39 | 000,765,178 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-01-10 03:13:39 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-01-10 03:13:39 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-01-10 03:13:29 | 000,765,178 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-01-09 11:01:39 | 000,078,708 | ---- | M] () -- C:\Users\Luuk\Desktop\nri1351-f1.jpg
[2012-12-30 08:29:24 | 000,001,057 | ---- | M] () -- C:\Users\Luuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012-12-28 17:40:35 | 000,353,560 | ---- | M] () -- C:\Users\Luuk\Desktop\kmap.jpg
[2012-12-24 20:54:21 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012-12-24 19:09:47 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[1 C:\Users\Luuk\AppData\Local\*.tmp files -> C:\Users\Luuk\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013-01-16 15:03:28 | 000,267,915 | ---- | C] () -- C:\Users\Luuk\Desktop\Roussel et al 2005.pdf
[2013-01-15 18:55:05 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2013-01-15 18:53:41 | 000,007,609 | ---- | C] () -- C:\Users\Luuk\AppData\Local\Resmon.ResmonCfg
[2013-01-09 14:08:26 | 000,001,652 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk
[2013-01-09 14:07:26 | 000,001,520 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk
[2013-01-09 14:06:53 | 000,001,039 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2013-01-09 14:06:26 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2013-01-09 14:05:03 | 000,001,355 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2013-01-09 14:04:59 | 000,001,521 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2013-01-09 14:04:38 | 000,000,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2013-01-09 13:48:00 | 000,001,045 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2013-01-09 11:01:39 | 000,078,708 | ---- | C] () -- C:\Users\Luuk\Desktop\nri1351-f1.jpg
[2013-01-03 09:05:40 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3861923253-463451815-4079807046-1001UA.job
[2013-01-03 09:05:40 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3861923253-463451815-4079807046-1001Core.job
[2012-12-28 17:40:34 | 000,353,560 | ---- | C] () -- C:\Users\Luuk\Desktop\kmap.jpg
[2012-05-08 17:25:13 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012-05-08 17:25:01 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012-05-08 17:24:47 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-05-08 17:24:30 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012-04-24 07:35:04 | 000,417,600 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012-02-24 11:42:37 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2012-02-24 11:28:11 | 000,765,178 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-02-03 14:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2009-07-14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 14:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 13:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 21:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012-10-02 18:26:12 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\ASUS
[2012-10-02 18:47:09 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\ASUS WebStorage
[2013-01-09 17:11:03 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013-01-09 13:48:12 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012-12-14 20:35:56 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\com.readcube.catalyst
[2012-12-24 20:48:25 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\DAEMON Tools Lite
[2013-01-21 10:20:27 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\Dropbox
[2012-12-17 15:38:33 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\EndNote
[2012-10-20 22:08:36 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\Firefly Studios
[2012-10-02 18:35:28 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\MAGIX
[2013-01-09 15:42:11 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\PDAppFlex
[2012-10-02 21:33:09 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\SoftGrid Client
[2013-01-09 16:01:53 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013-01-06 20:21:35 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\The Creative Assembly
[2012-10-02 21:30:58 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\TP
[2013-01-20 16:24:48 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\uTorrent
[2012-11-12 13:41:03 | 000,000,000 | ---D | M] -- C:\Users\Luuk\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:5D458568
< End of report >