Eric schreef:
De
unsigned files skip je,
En dan Eric ik snap niet wat er met de onderste 2 quarantine Moet gebeuren
11:31:09.0335 3236 kinonivd (
UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:31:09.0478 3236 RDPDISPM (
UnsignedFile.Multi.Generic ) - User select action: Quarantine
Waar is het OTL logje ?
Hier is het OTL logje mijn optic onderwerp compleet is link
http://www.nationaalcomputerforum.nl/sh ... post798880 
OTL logfile created on: 16-3-2012 11:39:25 - Run 1
OTL by OldTimer - Version 3.2.37.1 Folder = C:\Users\Sydney\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
4,00 Gb Total Physical Memory | 0,71 Gb Available Physical Memory | 17,77% Memory free
4,68 Gb Paging File | 0,62 Gb Available in Paging File | 13,35% Paging File free
Paging file location(s): e:\pagefile.sys 64 6085 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 459,66 Gb Total Space | 398,08 Gb Free Space | 86,60% Space Free | Partition Type: NTFS
Drive E: | 6,00 Gb Total Space | 5,24 Gb Free Space | 87,40% Space Free | Partition Type: NTFS
Drive F: | 1009,48 Mb Total Space | 1009,47 Mb Free Space | 100,00% Space Free | Partition Type: FAT
Computer Name: SYDNEY_NOTEBOOK | User Name: Sydney | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012-03-16 11:36:12 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Sydney\Downloads\OTL.com
PRC - [2012-02-03 15:28:22 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012-02-03 15:28:12 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012-02-03 15:28:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012-01-22 16:39:49 | 000,124,832 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
PRC - [2012-01-04 13:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012-01-04 13:32:06 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011-10-21 19:40:38 | 000,073,728 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
========== Modules (No Company Name) ==========
MOD - [2012-02-15 06:03:36 | 000,429,040 | ---- | M] () -- C:\Users\Sydney\AppData\Local\Google\Chrome\Applic ation\17.0.963.56\ppGoogleNaClPluginChrome.dll
MOD - [2012-02-15 06:03:34 | 003,772,912 | ---- | M] () -- C:\Users\Sydney\AppData\Local\Google\Chrome\Applic ation\17.0.963.56\pdf.dll
MOD - [2012-02-15 06:02:10 | 000,122,880 | ---- | M] () -- C:\Users\Sydney\AppData\Local\Google\Chrome\Applic ation\17.0.963.56\avutil-51.dll
MOD - [2012-02-15 06:02:08 | 000,220,672 | ---- | M] () -- C:\Users\Sydney\AppData\Local\Google\Chrome\Applic ation\17.0.963.56\avformat-53.dll
MOD - [2012-02-15 06:02:07 | 001,747,456 | ---- | M] () -- C:\Users\Sydney\AppData\Local\Google\Chrome\Applic ation\17.0.963.56\avcodec-53.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012-02-15 04:13:00 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012-02-14 22:16:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011-11-23 14:15:30 | 000,035,648 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011-05-13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011-03-26 00:12:34 | 000,108,544 | ---- | M] (Montpellier-Informatique) [Auto | Running] -- C:\Program Files\Predator2\PredatorACE.exe -- (PredatorACE)
SRV:64bit: - [2010-09-22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010-03-23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\st wrt64.inf_amd64_neutral_960c1f056a541068\stacsv64. exe -- (STacSV)
SRV:64bit: - [2010-03-13 01:04:14 | 000,527,688 | ---- | M] (gogo6, Inc.) [Auto | Running] -- C:\Program Files\gogo6\gogoCLIENT\gogoc.exe -- (gogoc)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009-07-12 22:18:24 | 001,924,400 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-22 12:56:13 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2012-02-03 15:28:22 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012-02-03 15:28:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012-01-22 16:39:49 | 000,124,832 | ---- | M] (Yuna Software) [Auto | Running] -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe -- (MsgPlusService)
SRV - [2012-01-19 12:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-01-04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-11-23 14:15:40 | 002,118,976 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011-11-23 14:15:32 | 000,028,992 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011-10-21 19:40:38 | 000,073,728 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2011-08-03 14:23:54 | 000,828,944 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Program Files (x86)\TightVNC\tvnserver.exe -- (tvnserver)
SRV - [2010-03-23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_960c1f056a541068\STacSV64.e xe -- (STacSV)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-07-12 22:04:26 | 001,656,112 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012-02-27 13:38:16 | 002,782,848 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kinonivd.sys -- (kinonivd)
DRV:64bit: - [2012-02-15 04:48:32 | 010,856,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012-02-15 04:48:32 | 010,856,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012-02-15 03:13:12 | 000,327,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012-02-03 15:28:37 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012-02-03 15:28:37 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012-02-03 15:28:37 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012-01-03 22:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2011-12-15 01:46:42 | 000,222,904 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)
DRV:64bit: - [2011-12-10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011-12-05 20:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011-12-02 18:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011-11-23 23:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-11-23 15:13:10 | 002,796,544 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011-11-01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.s ys -- (UsbserFilt)
DRV:64bit: - [2011-11-01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sy s -- (upperdev)
DRV:64bit: - [2011-11-01 10:07:24 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011-11-01 10:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011-11-01 10:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011-11-01 10:07:24 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011-10-29 02:41:28 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011-10-29 02:41:26 | 000,080,512 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011-10-14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011-08-25 02:33:32 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2011-08-16 10:36:16 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF)
DRV:64bit: - [2011-05-13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011-05-13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 04:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010-11-21 04:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-08-31 12:32:44 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpdispm.sys -- (RDPDISPM)
DRV:64bit: - [2010-03-23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010-03-22 10:55:20 | 000,046,192 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2010-03-13 01:04:06 | 000,027,648 | ---- | M] (gogo6 Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gogotun.sys -- (gogoTunnelDevice)
DRV:64bit: - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-28 18:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-04-29 08:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2008-08-28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2011-11-09 09:21:18 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" =
http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://isearch.avg.com/?cid={9B5BD6D8-114B-4C83-B80C-411E6E83480C}&mid=633417c07b0847d19d92d16d38b42699-a9bcdaa11f3a1f7b96b249da38ba108a4d1e512a&lang=nl&d s=is015&pr=sa&d=2012-03-13 17:38:27&v=10.0.0.7&sap=hp
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://nl.msn.com/?ocid=iehpIE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 88 5F E1 19 3E D3 CC 01 [binary data]
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\..\URLSearchHook: {fcbf663e-8530-46f8-a880-ac5abe9d2b23} - No CLSID value found
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" =
http://www.plusnetwork.com/?sp=addr&q={searchTerms}
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" =
http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" =
http://isearch.avg.com/search?cid={9B5BD6D8-114B-4C83-B80C-411E6E83480C}&mid=633417c07b0847d19d92d16d38b42699-a9bcdaa11f3a1f7b96b249da38ba108a4d1e512a&lang=nl&d s=is015&pr=sa&d=2012-03-13 17:38:27&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sydney\AppData\Local\Google\Update\1.3.21 .99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sydney\AppData\Local\Google\Update\1.3.21 .99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\E-MAILADRES VERWIJDERD - Stuur een privébericht naar deze gebruiker i.p.v. een e-mail.: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-23 19:03:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\E-MAILADRES VERWIJDERD - Stuur een privébericht naar deze gebruiker i.p.v. een e-mail.: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012-03-16 11:07:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Ex tensions\\E-MAILADRES VERWIJDERD - Stuur een privébericht naar deze gebruiker i.p.v. een e-mail.: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-03-16 11:07:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensi ons\\E-MAILADRES VERWIJDERD - Stuur een privébericht naar deze gebruiker i.p.v. een e-mail.: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-23 19:03:00 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url =
http://www.google.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sydney\AppData\Local\Google\Chrome\Applic ation\17.0.963.56\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sydney\AppData\Local\Google\Chrome\Applic ation\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sydney\AppData\Local\Google\Chrome\Applic ation\17.0.963.56\pdf.dll
CHR - plugin: HP Product Detection Plugin for Mozilla (Enabled) = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkj kjoglp\1.0.15.0_0\plugins/npProductDetectPlugin.dll
CHR - plugin: HP Active Check Plugin (Enabled) = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkj kjoglp\1.0.15.0_0\plugins/npAclmPlugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Sydney\AppData\Local\Google\Update\1.3.21 .99\npGoogleUpdate3.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: TV = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfe mbdimh\1.0.11_0\
CHR - Extension: Turn Off the Lights = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfj jepjdn\2.0.0.66_0\
CHR - Extension: YouTube = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.5_0\
CHR - Extension: TVGiDS.tv = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocdjdnpjmkaaaangagmlnkcpf jkjfcn\1.0.0.1_0\
CHR - Extension: Chrome YouTube Downloader = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkj pbooja\2.6.3_0\
CHR - Extension: Google Zoeken = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.17_0\
CHR - Extension: witte ruis = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkjpdnomgodmagfmhojepjlaj poicip\1.6_0\
CHR - Extension: De QR Code Generator = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlkn nmogbb\0.2.2_0\
CHR - Extension: AdBlock = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom\2.5.20_0\
CHR - Extension: TweetDeck = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchb cdagbl\1.1.3_0\
CHR - Extension: Typing Test - KeyHero = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfak idlabm\1.3.1_0\
CHR - Extension: HootSuite = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\kneloppijbcidgidihgdjnooih jcdbij\5.244_0\
CHR - Extension: HP Product Detection Plugin = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkj kjoglp\1.0.15.0_0\
CHR - Extension: Jailbreak Rush = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncfiimlbhgllinjmkfjpikokpe dpdbae\2.0_0\
CHR - Extension: Gmail = C:\Users\Sydney\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\S-1-5-21-142432774-2739527009-1848016797-1000\..\Toolbar\WebBrowser: (no name) - {FCBF663E-8530-46F8-A880-AC5ABE9D2B23} - No CLSID value found.
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-142432774-2739527009-1848016797-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-142432774-2739527009-1848016797-1000..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-21-142432774-2739527009-1848016797-1000..\Run: [Predator] C:\Program Files\Predator2\Predator.exe (Montpellier-Informatique)
O4 - HKU\S-1-5-21-142432774-2739527009-1848016797-1000..\Run: [uTorrent] C:\Users\Sydney\Downloads\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
http://messenger.zone.msn.com/binary...r.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{B3460CC8-AF37-42CD-8F35-EE940C502F4B}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{BB872A6A-A673-415A-8873-7B3382EF8282}: NameServer = 192.168.2.254,192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-03-14 09:12:16 | 000,000,000 | ---- | M] () - F:\autorun.inf -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012-03-16 11:29:10 | 002,063,920 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Sydney\Desktop\TDSSKiller.exe
[2012-03-16 11:08:57 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Local\{49086BE0-D4D2-485B-8AB1-AD23F3FBCCB7}
[2012-03-16 11:08:41 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Local\{59CA3015-0BB5-41FF-A7B1-8CD2535F9131}
[2012-03-16 11:07:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012-03-16 11:07:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2012-03-16 08:21:39 | 000,000,000 | ---D | C] -- C:\Users\Sydney\Documents\text document
[2012-03-16 08:19:36 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2012-03-15 10:18:50 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012-03-15 08:45:09 | 000,210,432 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\st646233.dll
[2012-03-13 22:46:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-03-13 22:46:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-03-13 19:18:00 | 000,046,192 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Windows\SysNative\drivers\LPCFilter.sys
[2012-03-13 17:48:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012-03-13 17:48:35 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\HiJackThis
[2012-03-13 16:54:14 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Local\AMD
[2012-03-13 16:47:27 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\ATI
[2012-03-13 16:47:27 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Local\ATI
[2012-03-13 16:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-03-13 16:43:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012-03-13 16:42:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012-03-13 16:42:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012-03-13 16:42:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012-03-13 16:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Pro Control Center
[2012-03-13 16:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012-03-13 16:39:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012-03-13 16:38:38 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-03-13 15:51:27 | 000,000,000 | ---D | C] -- C:\symbols
[2012-03-13 15:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\dbg
[2012-03-13 15:31:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2012-03-13 15:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[2012-03-13 15:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2012-03-13 15:20:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x64)
[2012-03-13 15:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x64)
[2012-03-12 18:18:21 | 000,000,000 | ---D | C] -- C:\Users\Sydney\Documents\Nokia
[2012-03-11 14:23:42 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\SopCast
[2012-03-11 14:23:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
[2012-03-11 14:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
[2012-03-11 14:22:59 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\Systweak
[2012-03-11 14:22:57 | 000,018,816 | ---- | C] (Systweak Inc., (
www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2012-03-05 20:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012-03-05 20:40:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kinoni
[2012-03-03 11:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.7
[2012-03-03 11:46:11 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\ICQ Search
[2012-03-03 11:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2012-03-03 11:45:01 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\Mozilla
[2012-03-03 11:45:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2012-03-03 11:43:36 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\ICQ
[2012-03-03 11:43:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.7
[2012-03-03 11:18:52 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\TS3Client
[2012-03-03 10:56:12 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\TeamSpeak 3 Client
[2012-03-03 10:56:04 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Local\TeamSpeak 3 Client
[2012-03-02 19:45:23 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\Audacity
[2012-03-02 18:19:29 | 000,000,000 | ---D | C] -- C:\Users\Sydney\Documents\Outlook-bestanden
[2012-03-01 18:59:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012-03-01 18:59:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012-03-01 18:58:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012-03-01 18:56:59 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Local\Conduit
[2012-03-01 18:56:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012-02-28 15:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012-02-27 21:18:45 | 000,000,000 | ---D | C] -- C:\Users\Sydney\Documents\OneNote-notitieblokken
[2012-02-27 18:31:34 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\Avira
[2012-02-27 18:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012-02-27 18:26:02 | 000,132,320 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012-02-27 18:26:02 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012-02-27 18:26:02 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012-02-27 18:26:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012-02-27 18:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012-02-27 18:23:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012-02-27 13:38:16 | 002,782,848 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\kinonivd.sys
[2012-02-23 19:48:44 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\Windows Live Writer
[2012-02-23 19:48:44 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Local\Windows Live Writer
[2012-02-23 19:45:19 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\HpUpdate
[2012-02-23 19:45:18 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2012-02-23 19:31:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2012-02-23 19:08:52 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\HP
[2012-02-23 19:04:10 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Local\HP
[2012-02-23 19:01:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012-02-23 19:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012-02-23 18:58:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2012-02-23 18:58:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2012-02-23 18:57:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2012-02-23 18:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012-02-22 14:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-02-22 14:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012-02-22 14:15:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012-02-22 14:13:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012-02-22 14:13:29 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012-02-21 17:41:31 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Roaming\TeamViewer
[2012-02-21 17:40:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2012-02-20 20:40:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2012-02-20 20:04:52 | 002,796,544 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012-02-20 19:51:19 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Local\Innovative Solutions
[2012-02-20 19:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2012-02-20 19:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Innovative Solutions
[2012-02-19 20:27:43 | 000,000,000 | ---D | C] -- C:\Users\Sydney\Documents\Outlook Files
[2012-02-18 15:59:35 | 000,000,000 | ---D | C] -- C:\Users\Sydney\AppData\Local\Linkury
[2012-02-18 15:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus! for Skype
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012-03-16 11:29:22 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-03-16 11:29:22 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-03-16 11:29:10 | 002,063,920 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Sydney\Desktop\TDSSKiller.exe
[2012-03-16 11:24:16 | 001,557,408 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-03-16 11:24:16 | 000,702,318 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012-03-16 11:24:16 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-03-16 11:24:16 | 000,134,120 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012-03-16 11:24:16 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-03-16 11:20:13 | 000,416,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-03-16 11:20:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-03-16 11:07:55 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012-03-15 09:54:08 | 002,044,822 | ---- | M] () -- C:\Users\Sydney\Desktop\tdsskiller.zip
[2012-03-15 08:38:32 | 000,001,101 | ---- | M] () -- C:\Users\Sydney\Documents\s_besselink-agenda.ics
[2012-03-14 16:04:28 | 000,002,048 | -H-- | M] () -- C:\Users\Sydney\Documents\Default.rdp
[2012-03-14 15:49:49 | 000,000,831 | ---- | M] () -- C:\Users\Sydney\Desktop\Xbox 360 - Snelkoppeling.lnk
[2012-03-14 15:46:29 | 000,000,347 | ---- | M] () -- C:\Users\Sydney\Desktop\Netwerk.lnk
[2012-03-13 22:46:49 | 000,002,513 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-03-13 17:38:40 | 000,001,234 | ---- | M] () -- C:\Users\Sydney\Desktop\DriverMax.lnk
[2012-03-13 16:17:11 | 000,005,568 | ---- | M] () -- C:\Users\Sydney\AppData\Local\Temp5.html
[2012-03-13 16:17:08 | 000,001,858 | ---- | M] () -- C:\Users\Sydney\AppData\Local\Temp1.html
[2012-03-13 15:26:59 | 000,013,360 | ---- | M] () -- C:\Users\Sydney\AppData\Local\Temp11.html
[2012-03-11 15:37:52 | 000,001,660 | ---- | M] () -- C:\Windows\SysNative\ASOROSet.bin
[2012-03-11 14:31:23 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-03-11 14:30:20 | 000,001,842 | ---- | M] () -- C:\Users\Sydney\Desktop\ICQ7.7.lnk
[2012-03-11 14:23:42 | 000,000,991 | ---- | M] () -- C:\Users\Sydney\Desktop\SopCast.lnk
[2012-03-10 09:35:10 | 000,001,181 | ---- | M] () -- C:\Users\Sydney\Desktop\TeamSpeak 3 Client.lnk
[2012-03-05 18:09:15 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-142432774-2739527009-1848016797-1000UA.job
[2012-03-05 18:09:15 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-142432774-2739527009-1848016797-1000Core.job
[2012-03-05 14:24:07 | 001,575,212 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-03-03 11:46:11 | 000,001,848 | ---- | M] () -- C:\Users\Sydney\Application Data\Microsoft\Internet Explorer\Quick Launch\ICQ7.7.lnk
[2012-02-27 21:18:50 | 000,001,296 | ---- | M] () -- C:\Users\Sydney\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
[2012-02-27 18:23:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2012-02-27 13:38:16 | 002,782,848 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\kinonivd.sys
[2012-02-23 20:10:29 | 000,001,131 | ---- | M] () -- C:\Users\Sydney\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012-02-23 19:37:34 | 000,002,364 | ---- | M] () -- C:\Users\Sydney\Desktop\Google Chrome.lnk
[2012-02-23 19:04:11 | 000,177,286 | ---- | M] () -- C:\Windows\hpoins14.dat
[2012-02-22 12:56:13 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\srvany.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012-03-16 11:29:03 | 002,044,822 | ---- | C] () -- C:\Users\Sydney\Desktop\tdsskiller.zip
[2012-03-16 11:19:57 | 000,416,664 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-03-16 11:07:55 | 000,002,089 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012-03-15 08:38:32 | 000,001,101 | ---- | C] () -- C:\Users\Sydney\Documents\s_besselink-agenda.ics
[2012-03-14 15:49:49 | 000,000,831 | ---- | C] () -- C:\Users\Sydney\Desktop\Xbox 360 - Snelkoppeling.lnk
[2012-03-14 15:46:29 | 000,000,347 | ---- | C] () -- C:\Users\Sydney\Desktop\Netwerk.lnk
[2012-03-14 08:37:40 | 000,001,296 | ---- | C] () -- C:\Users\Sydney\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
[2012-03-13 17:38:40 | 000,001,234 | ---- | C] () -- C:\Users\Sydney\Desktop\DriverMax.lnk
[2012-03-13 16:17:11 | 000,005,568 | ---- | C] () -- C:\Users\Sydney\AppData\Local\Temp5.html
[2012-03-13 15:26:59 | 000,013,360 | ---- | C] () -- C:\Users\Sydney\AppData\Local\Temp11.html
[2012-03-13 15:26:15 | 000,001,858 | ---- | C] () -- C:\Users\Sydney\AppData\Local\Temp1.html
[2012-03-11 14:30:20 | 000,001,842 | ---- | C] () -- C:\Users\Sydney\Desktop\ICQ7.7.lnk
[2012-03-11 14:28:03 | 000,001,660 | ---- | C] () -- C:\Windows\SysNative\ASOROSet.bin
[2012-03-11 14:23:42 | 000,000,991 | ---- | C] () -- C:\Users\Sydney\Desktop\SopCast.lnk
[2012-03-10 09:35:10 | 000,001,181 | ---- | C] () -- C:\Users\Sydney\Desktop\TeamSpeak 3 Client.lnk
[2012-03-05 14:24:07 | 001,575,212 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-03-03 11:46:11 | 000,001,848 | ---- | C] () -- C:\Users\Sydney\Application Data\Microsoft\Internet Explorer\Quick Launch\ICQ7.7.lnk
[2012-02-27 18:23:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2012-02-23 20:10:29 | 000,001,131 | ---- | C] () -- C:\Users\Sydney\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012-02-23 18:45:26 | 000,177,286 | ---- | C] () -- C:\Windows\hpoins14.dat
[2012-02-23 18:45:26 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2012-02-22 12:56:38 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2012-02-21 17:40:12 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012-02-15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-02-15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-02-14 22:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012-01-31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011-12-21 12:00:56 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2011-12-21 12:00:56 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2011-12-21 12:00:53 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2011-12-21 12:00:53 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2011-12-21 12:00:53 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2011-12-20 17:56:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-09-13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== LOP Check ==========
[2012-03-02 20:17:22 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\Audacity
[2011-12-21 08:41:01 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\DriverCure
[2011-12-21 04:02:36 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\GFI Software
[2012-03-14 09:14:31 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\ICQ
[2012-03-03 11:46:11 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\ICQ Search
[2012-02-12 21:38:46 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\Montpellier-Informatique
[2012-03-16 11:29:05 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\Nokia
[2012-03-16 11:29:05 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\Nokia Suite
[2012-01-07 21:11:19 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\Paltalk
[2011-12-30 21:30:34 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\PC Suite
[2011-12-21 12:36:54 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\QFX Software
[2012-03-11 14:28:18 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\Systweak
[2012-02-21 20:10:20 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\TeamViewer
[2012-01-02 19:48:10 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\TightVNC
[2012-03-03 11:34:42 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\TS3Client
[2011-12-21 03:55:40 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\TuneUp Software
[2012-03-16 11:38:06 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\uTorrent
[2012-02-23 19:48:44 | 000,000,000 | ---D | M] -- C:\Users\Sydney\AppData\Roaming\Windows Live Writer
[2012-03-09 09:55:50 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
16 maart 2012, 12:15 #8
Abraham54
Moderator
Toffee
Inloggen
Registreren
Help
.jpg)
.jpg)
