BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Trojan affection steam
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Trojan affection steam  
Forum Quick Jump
 
New Topic Post reply to : Trojan affection steam Printable version of : Trojan affection steam
[ << Previous Thread | Next Thread >> ]

ronnydepp
New Member


Date Joined Nov 2012
Total Posts : 6
 
   Posted 11/21/2012 10:57 AM (GMT +2)    Quote: Trojan affection steamAlert an admin about: Trojan affection steam
Hello,
 
Since recently the program stream doesnt work anymore. It started updating and stopped at 99%. My antivirus programs found this: Trojan horse PSW.Generic.10.AIXT" filename "C:\Program Files\Steam\bin\FileSystem_Steam.dll". My system's also slower than usual.
 
I already found another post on this forum wich seemed to be the same problem. So i downloaded OTL and did the same that the moderator touch told in the post.
 
Here are the OTL reports: (If you need someting else.. please let me know)
 
OTL logfile created on: 20-11-2012 16:31:59 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ron\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
 
3,25 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 49,36% Memory free
6,69 Gb Paging File | 4,78 Gb Available in Paging File | 71,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,50 Gb Total Space | 284,26 Gb Free Space | 31,19% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 8,76 Gb Free Space | 43,80% Space Free | Partition Type: FAT32
Drive E: | 1,34 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PC_VAN_RON | User Name: Ron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-11-20 16:25:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ron\Desktop\OTL.exe
PRC - [2012-11-15 09:44:21 | 000,321,376 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
PRC - [2012-11-15 09:44:16 | 000,178,528 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
PRC - [2012-11-15 09:43:14 | 001,756,512 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
PRC - [2012-11-15 09:39:33 | 000,304,480 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
PRC - [2012-10-17 00:46:34 | 001,573,576 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011-07-29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011-04-19 07:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011-04-19 07:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011-04-05 12:22:04 | 000,024,904 | ---- | M] () -- c:\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe
PRC - [2009-08-18 08:24:49 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009-08-18 08:24:48 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009-08-18 08:24:45 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009-08-18 08:24:42 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009-08-18 08:24:36 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-10-14 02:52:50 | 000,376,937 | ---- | M] () -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
PRC - [2008-10-14 02:52:50 | 000,184,423 | ---- | M] () -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
PRC - [2008-10-14 02:52:38 | 000,180,224 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
PRC - [2008-09-09 17:32:00 | 006,281,760 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-10-09 00:19:22 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007-10-09 00:19:20 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007-06-05 13:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe
PRC - [2001-11-12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-11-15 09:43:19 | 000,450,400 | ---- | M] () -- C:\Program Files\BullGuard Ltd\BullGuard\LibXml2.dll
MOD - [2012-11-15 09:43:02 | 000,482,656 | ---- | M] () -- C:\Program Files\BullGuard Ltd\BullGuard\SQLite.dll
MOD - [2012-06-20 09:51:08 | 000,073,568 | ---- | M] () -- C:\Program Files\BullGuard Ltd\BullGuard\zlib1.dll
MOD - [2012-02-28 10:32:02 | 000,014,464 | ---- | M] () -- C:\Program Files\BullGuard Ltd\BullGuard\res\nl\BpInspectorRes.dll
MOD - [2012-02-28 10:32:01 | 000,069,760 | ---- | M] () -- C:\Program Files\BullGuard Ltd\BullGuard\res\nl\BpBackupRes.dll
MOD - [2012-02-28 10:32:01 | 000,030,848 | ---- | M] () -- C:\Program Files\BullGuard Ltd\BullGuard\res\nl\BpMainRes.dll
MOD - [2011-07-29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011-07-29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011-06-24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011-06-24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008-10-14 02:52:52 | 000,299,118 | ---- | M] () -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapEngine.dll
MOD - [2008-10-14 02:52:52 | 000,127,080 | ---- | M] () -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchMgr.dll
MOD - [2008-10-14 02:52:52 | 000,032,768 | ---- | M] () -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapSvcps.dll
MOD - [2008-10-14 02:52:50 | 000,339,968 | ---- | M] () -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLTinyDB.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012-11-15 09:44:22 | 000,227,168 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan)
SRV - [2012-11-15 09:44:21 | 000,457,056 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll -- (BsFire)
SRV - [2012-11-15 09:44:21 | 000,321,376 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe -- (BsBhvScan)
SRV - [2012-11-15 09:44:16 | 000,178,528 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe -- (BsScanner)
SRV - [2012-11-15 09:44:12 | 000,398,688 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll -- (BsMailProxy)
SRV - [2012-11-15 09:43:46 | 000,218,464 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll -- (BsMain)
SRV - [2012-11-15 09:39:33 | 000,304,480 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BsUpdate)
SRV - [2012-06-14 13:57:44 | 000,060,256 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll -- (BsBackup)
SRV - [2011-07-27 13:54:00 | 000,316,888 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\System32\appdrvrem01.exe -- (appdrvrem01)
SRV - [2011-04-19 07:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011-04-19 07:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009-08-18 08:24:42 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009-08-18 08:24:36 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008-10-14 02:52:50 | 000,376,937 | ---- | M] () [Auto | Running] -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe -- (TVECapSvc)
SRV - [2008-10-14 02:52:50 | 000,184,423 | ---- | M] () [Auto | Running] -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe -- (TVESched)
SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-10-09 00:19:22 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007-06-05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2001-11-12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Ron\AppData\Local\Temp\jnv4_mib.sys -- (jnv4_mib)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (atyag3zd)
DRV - [2012-06-20 09:51:10 | 000,033,920 | R--- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Afw.sys -- (AFW)
DRV - [2012-06-20 09:51:08 | 000,339,584 | R--- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AfwCore.sys -- (afwcore)
DRV - [2012-02-28 10:32:01 | 000,020,040 | ---- | M] (NovaShield, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NSNetmon.sys -- (NovaShieldTDIDriver)
DRV - [2012-02-28 10:32:00 | 000,216,136 | ---- | M] (NovaShield, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\NSKernel.sys -- (NovaShieldFilterDriver)
DRV - [2012-02-28 10:31:59 | 000,308,296 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Trufos.sys -- (Trufos)
DRV - [2011-12-02 09:28:07 | 000,428,088 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011-08-02 17:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011-07-27 13:54:00 | 003,332,784 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\appdrv01.sys -- (appdrv01)
DRV - [2011-04-06 14:40:52 | 000,061,152 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\Windows\System32\drivers\BdSpy.sys -- (BdSpy)
DRV - [2010-09-01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2009-08-18 08:24:48 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-08-18 08:24:48 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-05-12 07:31:09 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008-09-25 15:28:06 | 001,332,576 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2008-09-22 19:10:00 | 007,400,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008-08-21 10:57:22 | 000,645,120 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2008-01-21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006-12-05 11:34:42 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2006-11-30 15:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006-11-17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{422AB165-0B21-4D87-8502-9BAC1D839A5D}: "URL" = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDB
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\.DEFAULT\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDB
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-18\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDB
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.vi.nl/ [binary data]
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 53 4A 9D CE 10 C3 CD 01  [binary data]
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111373&babsrc=SP_ss&mntrId=aa44f455000000000000002185c6467c
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\SearchScopes\{422AB165-0B21-4D87-8502-9BAC1D839A5D}: "URL" = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\SearchScopes\{5B291E6C-9A74-4034-971B-A4B007A0B315}: "URL" = http://radiobar.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www14.yoog.com/search.php?q={searchTerms}
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\SearchScopes\{6E35C641-9352-430D-BD7F-C72C1755EF68}: "URL" = http://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=nl&nt=1
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\SearchScopes\{88AC03C2-7A72-4526-83AF-D75674B125F5}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYNL&apn_uid=C6D876E6-4F2B-457D-A56C-0E14979E1237&apn_sauid=4945117D-A997-490A-BC45-05A8A6CFBE45
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\SearchScopes\{F2FB23FD-9B18-4CF6-8299-68B1F263B622}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDB_nl
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF [2009-07-21 10:25:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.5.0.850\FF [2009-07-21 10:25:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-20 16:55:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin [2012-02-29 09:11:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\TbSpamfilter [2012-06-01 08:13:57 | 000,000,000 | ---D | M]
 
[2012-06-27 18:11:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ron\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012-06-27 18:11:27 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Ron\AppData\Roaming\mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
 
O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Premiumplay Codec-C) - {11111111-1111-1111-1111-110011041135} - C:\Program Files\Premiumplay Codec-C\Premiumplay Codec-C.dll (WebPicks)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\Toolbar\WebBrowser: (no name) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - No CLSID value found.
O3 - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TVEService] C:\Program Files\HomeCinema\TV Enhance\TVEService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000..\Run: [Meelodl] C:\Users\Ron\AppData\Roaming\U!!!bo\agoxa.exe File not found
O4 - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-2903851507-1979561720-2490043369-1000..\Run: [Steam] C:\Program Files\steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\p2pmax.lnk =  File not found
O4 - Startup: C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ppcb_32.lnk =  File not found
O4 - Startup: C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runit_32.lnk =  File not found
O9 - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll File not found
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Spellen\Partypoker\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Spellen\Partypoker\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1B30FB82-138D-4449-AFE4-8AB8C27C18F1}: DhcpNameServer = 84.241.226.9 84.241.226.140
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9DF790B-D47C-48BC-A928-FA3ACCEA4442}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4909FBC-6F2F-410D-BBEE-41E9A1ECACDF}: DhcpNameServer = 192.168.0.1
O20 - AppInit_DLLs: (BgGamingMonitor.dll) - C:\Windows\System32\BgGamingMonitor.dll (BullGuard Ltd.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-06-21 14:45:00 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{188ede40-5f89-11e1-a7b2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{188ede40-5f89-11e1-a7b2-806e6f6e6963}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{48a1c80e-f907-11dd-a4ba-002185c6467c}\Shell - "" = AutoRun
O33 - MountPoints2\{48a1c80e-f907-11dd-a4ba-002185c6467c}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\{88a32b32-f269-11de-add1-002185c6467c}\Shell - "" = AutoRun
O33 - MountPoints2\{88a32b32-f269-11de-add1-002185c6467c}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\{cce2a70e-b838-11e0-928f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cce2a70e-b838-11e0-928f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2011-06-21 14:45:00 | 000,355,920 | R--- | M] (Valve Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webmappen
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {78310121-036D-427A-9FAA-A9D8135E5F8F} - .NET Framework
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
MsConfig - State: "startup" - 0
MsConfig - State: "bootini" - 0
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-11-20 16:25:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ron\Desktop\OTL.exe
[2012-11-20 16:23:49 | 000,000,000 | ---D | C] -- C:\Users\Ron\AppData\Roaming\Uniblue
[2012-11-20 16:23:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2012-11-20 16:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2012-11-20 16:08:46 | 000,000,000 | ---D | C] -- C:\Users\Ron\AppData\Roaming\dll-files.com
[2012-11-20 16:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\Dll-Files.com Fixer
[2012-11-20 16:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012-11-20 16:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\steam
[2012-11-19 18:46:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar
[2012-11-18 18:55:53 | 000,000,000 | ---D | C] -- C:\Users\Ron\AppData\Local\{57FE84A7-04FF-4762-A3A2-2361C05EB1C3}
[2012-11-16 18:26:29 | 000,000,000 | ---D | C] -- C:\Users\Ron\Desktop\Amerika
[2012-11-16 12:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\Applian Technologies
[2012-11-16 10:39:55 | 000,000,000 | ---D | C] -- C:\Users\Ron\AppData\Local\{3449A8D4-E64F-44DA-A4D0-75873DD21B58}
[2012-11-15 11:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012-11-15 10:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012-11-15 10:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012-11-15 10:35:58 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012-11-15 09:40:16 | 000,000,000 | ---D | C] -- C:\Users\Ron\AppData\Local\{F09CEF0D-5D37-43E2-A1D5-039926BCF785}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-11-20 16:25:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ron\Desktop\OTL.exe
[2012-11-20 16:23:43 | 000,000,986 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2012-11-20 16:08:51 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2012-11-20 16:08:51 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job
[2012-11-20 16:04:57 | 000,000,790 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012-11-20 15:01:48 | 000,639,328 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2012-11-20 15:01:48 | 000,560,324 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-11-20 15:01:48 | 000,122,200 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2012-11-20 15:01:48 | 000,095,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-11-20 14:58:01 | 000,000,512 | ---- | M] () -- C:\Windows\System32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2012-11-20 14:57:48 | 060,773,997 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2012-11-20 14:55:03 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-20 14:55:03 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-20 14:54:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-19 19:10:51 | 000,007,592 | ---- | M] () -- C:\Users\Ron\AppData\Local\d3d9caps.dat
[2012-11-19 13:59:28 | 000,008,400 | ---- | M] () -- C:\Users\Ron\Documents\Amerika.m3u
[2012-11-17 13:07:25 | 000,008,400 | ---- | M] () -- C:\Users\Ron\Documents\Ron.m3u
[2012-11-16 19:21:17 | 000,026,624 | ---- | M] () -- C:\Users\Ron\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-11-16 18:25:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2012-11-16 18:25:21 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012-11-15 17:32:24 | 000,368,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-11-15 09:44:19 | 000,100,216 | ---- | M] (BullGuard Ltd.) -- C:\Windows\System32\BgGamingMonitor.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-11-20 16:23:43 | 000,000,986 | ---- | C] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2012-11-20 16:08:51 | 000,000,276 | ---- | C] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2012-11-20 16:08:51 | 000,000,260 | ---- | C] () -- C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job
[2012-11-20 16:04:57 | 000,000,790 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012-11-20 14:58:01 | 000,000,512 | ---- | C] () -- C:\Windows\System32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2012-11-19 19:09:41 | 000,001,119 | ---- | C] () -- C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk
[2012-11-19 13:59:28 | 000,008,400 | ---- | C] () -- C:\Users\Ron\Documents\Amerika.m3u
[2012-11-16 18:25:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2012-11-16 18:25:21 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012-11-16 18:24:55 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012-02-25 17:58:07 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010-02-05 17:11:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-12-08 13:20:38 | 000,004,096 | -H-- | C] () -- C:\Users\Ron\AppData\Local\keyfile3.drm
[2008-12-05 15:07:08 | 000,007,592 | ---- | C] () -- C:\Users\Ron\AppData\Local\d3d9caps.dat
[2008-12-04 21:53:36 | 000,026,624 | ---- | C] () -- C:\Users\Ron\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2006-11-02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009-01-11 16:42:07 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\Ascaron Entertainment
[2012-03-12 13:38:00 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\Babylon
[2012-04-02 17:29:49 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\Belastingdienst
[2012-11-17 00:20:42 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\BitTorrent
[2012-02-25 18:04:05 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\Black Sea Studios
[2012-02-29 09:15:01 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\BullGuard
[2009-02-12 14:18:38 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\DAEMON Tools
[2012-02-25 17:49:11 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\DAEMON Tools Lite
[2009-02-12 14:20:12 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\DAEMON Tools Pro
[2012-11-20 16:08:46 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\dll-files.com
[2012-05-07 16:11:33 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\DVDVideoSoft
[2012-05-07 16:12:24 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\DVDVideoSoftIEHelpers
[2011-07-17 15:45:24 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\FrostWire
[2012-08-10 12:32:48 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\Lomiry
[2012-11-19 14:06:30 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\My Games
[2012-08-10 12:04:49 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\Ovbo
[2010-06-17 18:24:38 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\Pro Cycling Manager 2009
[2012-03-17 17:33:27 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\Pro Cycling Manager 2011
[2011-04-21 16:30:45 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\Software Inspection Library
[2011-10-21 12:29:19 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\Sports Interactive
[2012-03-06 20:34:28 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\thriXXX
[2012-08-12 07:15:23 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\U!!!bo
[2011-08-13 14:39:03 | 000,000,000 | ---D | M] -- C:\Users\Ron\AppData\Roaming\vghd
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color]
[2011-02-10 09:28:33 | 000,000,000 | -H-D | M] -- C:\$AVG
[2012-11-19 14:20:42 | 000,000,000 | -H-D | M] -- C:\$AVG8.VAULT$
[2012-11-16 18:54:58 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2009-11-17 09:48:37 | 000,000,000 | -HSD | M] -- C:\Boot
[2012-04-03 17:19:21 | 000,000,000 | ---D | M] -- C:\codec-info
[2006-11-02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009-06-30 13:44:56 | 000,000,000 | -HSD | M] -- C:\found.000
[2008-12-03 20:22:28 | 000,000,000 | ---D | M] -- C:\Incomplete
[2008-10-13 16:19:21 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009-02-07 13:27:57 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2012-11-20 16:43:54 | 000,000,000 | R--D | M] -- C:\Program Files
[2012-11-19 18:46:46 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012-08-17 21:41:23 | 000,000,000 | ---D | M] -- C:\Spellen
[2012-11-20 16:46:26 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009-07-03 17:39:06 | 000,000,000 | R--D | M] -- C:\Users
[2012-11-19 18:44:06 | 000,000,000 | ---D | M] -- C:\Windows
 
[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color]
 
[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]
 
[color=#A23BEC]< %windir%\Installer\*.* >[/color]
[2011-12-06 15:22:40 | 005,519,360 | R--- | M] () -- C:\Windows\Installer\10a70c.msp
[2010-02-01 01:11:25 | 000,119,296 | ---- | M] () -- C:\Windows\Installer\117182c.msi
[2009-04-09 13:50:38 | 005,800,960 | ---- | M] () -- C:\Windows\Installer\12498b5.msi
[2009-04-09 13:55:09 | 002,919,936 | ---- | M] () -- C:\Windows\Installer\12498c2.msi
[2011-07-24 20:11:14 | 000,459,264 | ---- | M] () -- C:\Windows\Installer\1336fae.msi
[2011-02-10 09:25:15 | 000,219,648 | ---- | M] () -- C:\Windows\Installer\133fa2.msi
[2011-08-21 14:36:56 | 001,769,984 | ---- | M] () -- C:\Windows\Installer\17cdca0.msi
[2009-02-08 16:58:52 | 000,648,192 | ---- | M] () -- C:\Windows\Installer\1e09d5.msi
[2008-12-13 09:58:22 | 000,754,688 | R--- | M] () -- C:\Windows\Installer\1e09e0.msp
[2008-07-15 22:12:14 | 001,298,432 | R--- | M] () -- C:\Windows\Installer\1f9c33.msp
[2012-04-12 17:46:25 | 000,023,040 | ---- | M] () -- C:\Windows\Installer\1fd7fb.msi
[2012-04-12 17:28:12 | 004,426,240 | R--- | M] () -- C:\Windows\Installer\1fd80a.msp
[2012-04-12 17:46:37 | 000,030,720 | ---- | M] () -- C:\Windows\Installer\1fd810.msi
[2012-04-12 17:28:13 | 002,932,224 | R--- | M] () -- C:\Windows\Installer\1fd824.msp
[2012-04-12 17:46:51 | 000,238,080 | ---- | M] () -- C:\Windows\Installer\1fd829.msi
[2012-04-12 17:28:14 | 000,136,704 | R--- | M] () -- C:\Windows\Installer\1fd82e.msp
[2012-04-12 17:46:59 | 000,212,992 | ---- | M] () -- C:\Windows\Installer\1fd833.msi
[2012-04-12 17:28:16 | 001,139,712 | R--- | M] () -- C:\Windows\Installer\1fd83f.msp
[2012-04-12 17:47:06 | 000,058,880 | ---- | M] () -- C:\Windows\Installer\1fd844.msi
[2012-04-12 17:28:18 | 000,715,264 | R--- | M] () -- C:\Windows\Installer\1fd84c.msp
[2012-04-12 17:47:13 | 000,200,192 | ---- | M] () -- C:\Windows\Installer\1fd854.msi
[2012-04-12 17:28:28 | 003,312,128 | R--- | M] () -- C:\Windows\Installer\1fd870.msp
[2012-04-12 17:47:21 | 000,417,792 | ---- | M] () -- C:\Windows\Installer\1fd878.msi
[2012-04-12 17:28:30 | 005,535,744 | R--- | M] () -- C:\Windows\Installer\1fd88c.msp
[2012-04-12 17:47:30 | 000,025,600 | ---- | M] () -- C:\Windows\Installer\1fd892.msi
[2012-04-12 17:28:31 | 000,038,912 | R--- | M] () -- C:\Windows\Installer\1fd897.msp
[2012-04-12 17:47:39 | 000,714,240 | ---- | M] () -- C:\Windows\Installer\1fd89e.msi
[2012-04-12 17:28:35 | 005,868,544 | R--- | M] () -- C:\Windows\Installer\1fd8b5.msp
[2012-04-12 17:47:48 | 000,205,312 | ---- | M] () -- C:\Windows\Installer\1fd8ba.msi
[2012-04-12 17:28:35 | 002,957,312 | R--- | M] () -- C:\Windows\Installer\1fd8d4.msp
[2012-04-12 17:48:03 | 000,216,064 | ---- | M] () -- C:\Windows\Installer\1fd8df.msi
[2012-04-12 17:28:46 | 014,624,256 | R--- | M] () -- C:\Windows\Installer\1fd90a.msp
[2012-04-12 17:48:22 | 000,074,752 | ---- | M] () -- C:\Windows\Installer\1fd912.msi
[2012-04-12 17:28:47 | 003,734,016 | R--- | M] () -- C:\Windows\Installer\1fd91b.msp
[2012-04-12 17:48:29 | 000,187,904 | ---- | M] () -- C:\Windows\Installer\1fd923.msi
[2012-04-12 17:28:51 | 000,205,824 | R--- | M] () -- C:\Windows\Installer\1fd92e.msp
[2012-04-12 17:48:46 | 000,139,264 | ---- | M] () -- C:\Windows\Installer\1fd946.msi
[2012-04-12 17:28:53 | 000,276,480 | R--- | M] () -- C:\Windows\Installer\1fd983.msp
[2012-04-12 17:48:58 | 000,277,504 | ---- | M] () -- C:\Windows\Installer\1fd98a.msi
[2012-04-12 17:28:57 | 003,105,792 | R--- | M] () -- C:\Windows\Installer\1fd996.msp
[2012-04-12 17:49:13 | 000,973,824 | ---- | M] () -- C:\Windows\Installer\1fd9a4.msi
[2012-04-12 17:49:22 | 000,099,840 | ---- | M] () -- C:\Windows\Installer\1fd9ba.msi
[2012-04-12 17:29:03 | 001,829,376 | R--- | M] () -- C:\Windows\Installer\1fd9c3.msp
[2012-04-12 17:49:25 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\1fd9c8.msi
[2012-04-12 17:29:03 | 000,029,696 | R--- | M] () -- C:\Windows\Installer\1fd9ce.msp
[2012-04-12 17:49:27 | 000,029,184 | ---- | M] () -- C:\Windows\Installer\1fd9d3.msi
[2012-04-12 17:29:05 | 000,630,272 | R--- | M] () -- C:\Windows\Installer\1fd9dc.msp
[2012-04-12 17:49:30 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\1fd9e1.msi
[2012-04-12 17:29:05 | 000,468,992 | R--- | M] () -- C:\Windows\Installer\1fd9eb.msp
[2012-04-12 17:49:33 | 000,023,552 | ---- | M] () -- C:\Windows\Installer\1fd9f1.msi
[2012-04-12 17:29:08 | 004,302,336 | R--- | M] () -- C:\Windows\Installer\1fd9fb.msp
[2012-04-12 17:49:37 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\1fda01.msi
[2012-04-12 17:29:09 | 000,665,088 | R--- | M] () -- C:\Windows\Installer\1fda07.msp
[2012-04-12 17:49:40 | 000,201,216 | ---- | M] () -- C:\Windows\Installer\1fda0c.msi
[2012-04-12 17:29:11 | 000,513,024 | R--- | M] () -- C:\Windows\Installer\1fda11.msp
[2012-04-12 17:49:43 | 000,023,552 | ---- | M] () -- C:\Windows\Installer\1fda17.msi
[2012-04-12 17:29:13 | 002,146,816 | R--- | M] () -- C:\Windows\Installer\1fda22.msp
[2012-04-12 17:49:45 | 000,021,504 | ---- | M] () -- C:\Windows\Installer\1fda28.msi
[2012-04-12 17:29:14 | 000,064,512 | R--- | M] () -- C:\Windows\Installer\1fda2d.msp
[2012-04-12 17:49:47 | 000,021,504 | ---- | M] () -- C:\Windows\Installer\1fda33.msi
[2012-04-12 17:29:15 | 000,023,552 | R--- | M] () -- C:\Windows\Installer\1fda38.msp
[2012-04-12 17:49:49 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\1fda3d.msi
[2012-04-12 17:29:17 | 000,031,232 | R--- | M] () -- C:\Windows\Installer\1fda42.msp
[2012-04-12 17:49:52 | 000,021,504 | ---- | M] () -- C:\Windows\Installer\1fda47.msi
[2012-04-12 17:49:54 | 000,038,912 | ---- | M] () -- C:\Windows\Installer\1fda52.msi
[2012-04-12 17:29:19 | 000,024,576 | R--- | M] () -- C:\Windows\Installer\1fda59.msp
[2010-03-14 12:18:14 | 000,228,352 | ---- | M] () -- C:\Windows\Installer\2175e0.msi
[2010-03-22 11:38:17 | 003,477,504 | ---- | M] () -- C:\Windows\Installer\2453a2.msi
[2009-04-10 14:52:56 | 011,368,448 | ---- | M] () -- C:\Windows\Installer\249ff9.msi
[2009-04-10 14:53:51 | 010,764,800 | ---- | M] () -- C:\Windows\Installer\24a005.msi
[2009-12-26 20:43:30 | 000,039,424 | ---- | M] () -- C:\Windows\Installer\25802ee.msi
[2009-12-26 20:43:30 | 000,027,136 | R--- | M] () -- C:\Windows\Installer\25802f4.msp
[2009-12-26 20:43:31 | 000,021,504 | R--- | M] () -- C:\Windows\Installer\25802fa.msp
[2009-12-26 20:43:33 | 000,375,296 | R--- | M] () -- C:\Windows\Installer\2580300.msp
[2009-12-26 20:43:35 | 001,927,680 | R--- | M] () -- C:\Windows\Installer\2580306.msp
[2009-12-26 20:44:13 | 032,395,264 | R--- | M] () -- C:\Windows\Installer\258030c.msp
[2009-12-26 20:44:18 | 002,018,304 | R--- | M] () -- C:\Windows\Installer\2580312.msp
[2008-10-13 15:05:17 | 005,099,520 | ---- | M] () -- C:\Windows\Installer\296e8.msi
[2008-10-13 14:10:33 | 000,055,296 | ---- | M] () -- C:\Windows\Installer\2b8eed.msi
[2008-01-08 20:53:44 | 001,298,944 | R--- | M] () -- C:\Windows\Installer\2b8ef5.msp
[2008-10-13 16:03:17 | 000,802,304 | ---- | M] () -- C:\Windows\Installer\2bcdf.msi
[2008-10-13 16:04:41 | 000,269,312 | ---- | M] () -- C:\Windows\Installer\2bce5.msi
[2008-10-13 16:06:50 | 007,726,592 | ---- | M] () -- C:\Windows\Installer\2bcea.msi
[2008-10-13 16:08:07 | 000,100,352 | ---- | M] () -- C:\Windows\Installer\2bcf0.msi
[2009-07-21 10:25:31 | 000,276,480 | ---- | M] () -- C:\Windows\Installer\2c9dda.msi
[2012-03-27 16:47:55 | 004,959,232 | R--- | M] () -- C:\Windows\Installer\2d01d.msp
[2012-08-15 12:35:37 | 000,900,608 | ---- | M] () -- C:\Windows\Installer\2d8698.msi
[2011-07-14 09:45:28 | 000,430,592 | ---- | M] () -- C:\Windows\Installer\2df8b5.msi
[2012-11-15 10:36:10 | 009,473,536 | ---- | M] () -- C:\Windows\Installer\348b8b.msi
[2012-11-15 10:42:55 | 001,547,776 | ---- | M] () -- C:\Windows\Installer\348c3b.msi
[2012-11-15 10:46:07 | 001,716,736 | ---- | M] () -- C:\Windows\Installer\348cb1.msi
[2012-07-18 15:54:24 | 002,831,360 | R--- | M] () -- C:\Windows\Installer\348d15.msp
[2012-07-25 16:57:08 | 002,532,864 | R--- | M] () -- C:\Windows\Installer\348d37.msp
[2012-07-18 15:55:46 | 009,585,664 | R--- | M] () -- C:\Windows\Installer\348d4a.msp
[2012-11-15 11:06:33 | 002,291,712 | ---- | M] () -- C:\Windows\Installer\348d52.msi
[2012-09-25 12:35:18 | 009,101,824 | R--- | M] () -- C:\Windows\Installer\348d63.msp
[2012-09-25 12:35:46 | 004,285,952 | R--- | M] () -- C:\Windows\Installer\348d6c.msp
[2012-11-04 19:47:18 | 005,520,896 | R--- | M] () -- C:\Windows\Installer\348d99.msp
[2012-09-25 12:35:30 | 007,695,360 | R--- | M] () -- C:\Windows\Installer\348dab.msp
[2012-09-27 16:53:12 | 006,825,472 | R--- | M] () -- C:\Windows\Installer\348dc8.msp
[2012-09-25 12:36:20 | 008,465,408 | R--- | M] () -- C:\Windows\Installer\348dd1.msp
[2012-08-06 13:24:02 | 007,682,560 | R--- | M] () -- C:\Windows\Installer\348df7.msp
[2012-09-06 09:22:10 | 013,475,840 | R--- | M] () -- C:\Windows\Installer\348e06.msp
[2012-09-10 08:59:10 | 010,739,712 | R--- | M] () -- C:\Windows\Installer\348e14.msp
[2007-10-12 20:43:52 | 026,643,456 | R--- | M] () -- C:\Windows\Installer\35ca96.msp
[2008-01-28 19:09:56 | 011,896,320 | R--- | M] () -- C:\Windows\Installer\35caaa.msp
[2008-07-03 12:36:32 | 011,937,792 | R--- | M] () -- C:\Windows\Installer\35cabd.msp
[2008-10-14 09:24:54 | 000,431,104 | ---- | M] () -- C:\Windows\Installer\35cacb.msi
[2008-02-15 09:54:20 | 009,736,192 | R--- | M] () -- C:\Windows\Installer\35cadc.msp
[2008-02-25 16:07:18 | 011,772,416 | R--- | M] () -- C:\Windows\Installer\35cae6.msp
[2008-05-21 01:45:28 | 005,246,976 | R--- | M] () -- C:\Windows\Installer\35cb0f.msp
[2008-07-03 12:37:46 | 011,759,104 | R--- | M] () -- C:\Windows\Installer\35cb19.msp
[2008-04-18 15:56:18 | 006,215,680 | R--- | M] () -- C:\Windows\Installer\35cb35.msp
[2008-08-11 12:49:32 | 022,457,344 | R--- | M] () -- C:\Windows\Installer\35cb50.msp
[2008-06-19 19:28:04 | 001,573,376 | R--- | M] () -- C:\Windows\Installer\35cb74.msp
[2008-08-11 12:51:14 | 015,916,544 | R--- | M] () -- C:\Windows\Installer\35cb86.msp
[2007-10-12 20:48:52 | 028,063,232 | R--- | M] () -- C:\Windows\Installer\35cba9.msp
[2007-10-12 20:49:12 | 006,205,440 | R--- | M] () -- C:\Windows\Installer\35cbc1.msp
[2007-10-12 20:49:20 | 005,749,760 | R--- | M] () -- C:\Windows\Installer\35cbcb.msp
[2007-10-12 20:49:24 | 000,324,608 | R--- | M] () -- C:\Windows\Installer\35cbd3.msp
[2007-10-12 20:49:04 | 004,116,480 | R--- | M] () -- C:\Windows\Installer\35cbde.msp
[2007-10-12 20:48:58 | 012,161,024 | R--- | M] () -- C:\Windows\Installer\35cbf1.msp
[2007-10-12 20:48:34 | 229,852,160 | R--- | M] () -- C:\Windows\Installer\35cc7e.msp
[2008-04-11 19:48:24 | 006,774,272 | R--- | M] () -- C:\Windows\Installer\35cc93.msp
[2007-10-12 21:02:48 | 026,613,760 | R--- | M] () -- C:\Windows\Installer\35cc9c.msp
[2008-04-11 19:07:02 | 013,257,728 | R--- | M] () -- C:\Windows\Installer\35ccb1.msp
[2011-08-03 11:53:51 | 000,019,968 | ---- | M] () -- C:\Windows\Installer\39b669.msi
[2009-04-04 08:04:34 | 013,961,728 | R--- | M] () -- C:\Windows\Installer\3c7afc.msp
[2009-04-04 08:05:36 | 019,899,904 | R--- | M] () -- C:\Windows\Installer\3c7b09.msp
[2009-04-04 16:08:40 | 343,058,432 | R--- | M] () -- C:\Windows\Installer\3c7c29.msp
[2009-04-04 16:09:26 | 010,874,880 | R--- | M] () -- C:\Windows\Installer\3c7c34.msp
[2009-04-04 16:10:08 | 009,926,144 | R--- | M] () -- C:\Windows\Installer\3c7c3f.msp
[2009-04-04 16:10:24 | 001,282,560 | R--- | M] () -- C:\Windows\Installer\3c7c47.msp
[2009-04-04 08:06:02 | 004,443,136 | R--- | M] () -- C:\Windows\Installer\3c7c4f.msp
[2009-04-04 08:04:52 | 038,101,504 | R--- | M] () -- C:\Windows\Installer\3c7c5e.msp
[2009-03-20 10:48:56 | 000,183,808 | R--- | M] () -- C:\Windows\Installer\3c7c69.msp
[2009-04-04 08:05:08 | 036,948,992 | R--- | M] () -- C:\Windows\Installer\3c7c79.msp
[2008-10-20 10:18:14 | 006,474,240 | R--- | M] () -- C:\Windows\Installer\3dff2.msp
[2008-09-24 12:05:44 | 016,381,440 | R--- | M] () -- C:\Windows\Installer\3e00b.msp
[2008-10-20 10:16:58 | 013,211,648 | R--- | M] () -- C:\Windows\Installer\3e02c.msp
[2008-10-20 10:21:40 | 011,937,280 | R--- | M] () -- C:\Windows\Installer\3e03e.msp
[2008-10-20 10:22:54 | 011,758,592 | R--- | M] () -- C:\Windows\Installer\3e050.msp
[2012-11-20 16:04:53 | 001,065,984 | ---- | M] () -- C:\Windows\Installer\3e343b.msi
[2008-12-03 18:04:49 | 001,383,424 | ---- | M] () -- C:\Windows\Installer\3ec2e7.msi
[2010-06-30 21:52:28 | 005,522,944 | R--- | M] () -- C:\Windows\Installer\42f00.msp
[2010-06-11 16:55:00 | 001,827,328 | R--- | M] () -- C:\Windows\Installer\42f1a.msp
[2010-06-11 16:52:10 | 045,542,912 | R--- | M] () -- C:\Windows\Installer\42f1b.msp
[2010-05-25 10:45:58 | 008,445,440 | R--- | M] () -- C:\Windows\Installer\42f32.msp
[2009-01-15 03:35:20 | 004,830,720 | R--- | M] () -- C:\Windows\Installer\43384.msp
[2010-05-04 21:25:30 | 007,681,024 | R--- | M] () -- C:\Windows\Installer\43a55.msp
[2010-11-10 01:15:36 | 001,830,400 | R--- | M] () -- C:\Windows\Installer\440ff.msp
[2010-11-10 00:23:40 | 001,139,712 | R--- | M] () -- C:\Windows\Installer\4410d.msp
[2010-11-10 03:58:48 | 005,870,080 | R--- | M] () -- C:\Windows\Installer\44126.msp
[2010-11-09 21:15:02 | 000,113,664 | R--- | M] () -- C:\Windows\Installer\44165.msp
[2010-11-10 02:20:22 | 003,733,504 | R--- | M] () -- C:\Windows\Installer\44187.msp
[2010-11-10 02:16:22 | 003,314,688 | R--- | M] () -- C:\Windows\Installer\441a6.msp
[2010-11-10 02:18:26 | 014,617,088 | R--- | M] () -- C:\Windows\Installer\441d4.msp
[2010-11-10 01:15:38 | 000,136,704 | R--- | M] () -- C:\Windows\Installer\441dc.msp
[2010-11-10 00:46:30 | 004,427,776 | R--- | M] () -- C:\Windows\Installer\441ed.msp
[2010-11-10 01:20:38 | 002,932,736 | R--- | M] () -- C:\Windows\Installer\44203.msp
[2010-11-10 01:36:26 | 002,958,336 | R--- | M] () -- C:\Windows\Installer\4421f.msp
[2010-11-10 01:31:00 | 000,205,312 | R--- | M] () -- C:\Windows\Installer\4422b.msp
[2010-11-10 01:19:42 | 000,024,576 | R--- | M] () -- C:\Windows\Installer\44233.msp
[2010-11-10 01:29:34 | 000,664,576 | R--- | M] () -- C:\Windows\Installer\4423b.msp
[2009-04-06 16:00:42 | 005,518,336 | R--- | M] () -- C:\Windows\Installer\44260.msp
[2009-02-25 18:08:18 | 008,311,808 | R--- | M] () -- C:\Windows\Installer\44271.msp
[2007-11-14 15:00:30 | 004,117,504 | R--- | M] () -- C:\Windows\Installer\45432.msp
[2008-07-28 13:45:04 | 000,162,304 | R--- | M] () -- C:\Windows\Installer\45447.msp
[2008-01-23 15:53:34 | 000,814,592 | R--- | M] () -- C:\Windows\Installer\45453.msp
[2008-07-08 10:27:36 | 008,436,736 | R--- | M] () -- C:\Windows\Installer\4547d.msp
[2008-01-14 14:24:52 | 010,721,280 | R--- | M] () -- C:\Windows\Installer\45489.msp
[2008-10-25 08:15:10 | 006,227,456 | R--- | M] () -- C:\Windows\Installer\454a9.msp
[2007-10-06 07:45:34 | 000,203,264 | R--- | M] () -- C:\Windows\Installer\454c4.msp
[2008-01-14 15:53:34 | 005,213,696 | R--- | M] () -- C:\Windows\Installer\454d6.msp
[2008-01-31 09:30:52 | 009,947,648 | R--- | M] () -- C:\Windows\Installer\45507.msp
[2008-06-04 12:29:48 | 016,905,728 | R--- | M] () -- C:\Windows\Installer\45514.msp
[2008-04-01 13:33:20 | 005,479,936 | R--- | M] () -- C:\Windows\Installer\45541.msp
[2008-10-22 21:48:56 | 007,672,832 | R--- | M] () -- C:\Windows\Installer\45557.msp
[2008-07-30 07:50:56 | 012,506,112 | R--- | M] () -- C:\Windows\Installer\45564.msp
[2008-10-22 21:43:52 | 006,820,352 | R--- | M] () -- C:\Windows\Installer\4558e.msp
[2008-06-11 14:05:06 | 009,994,240 | R--- | M] () -- C:\Windows\Installer\455a8.msp
[2009-04-14 03:58:20 | 010,964,480 | R--- | M] () -- C:\Windows\Installer\45621.msp
[2009-04-14 02:48:06 | 007,382,528 | R--- | M] () -- C:\Windows\Installer\45629.msp
[2009-04-14 03:23:26 | 007,083,008 | R--- | M] () -- C:\Windows\Installer\45631.msp
[2010-03-15 10:47:53 | 000,195,584 | ---- | M] () -- C:\Windows\Installer\463c6.msi
[2009-08-01 08:49:07 | 015,705,600 | R--- | M] () -- C:\Windows\Installer\47a24.msp
[2010-06-05 09:26:04 | 020,242,432 | R--- | M] () -- C:\Windows\Installer\47b00.msp
[2010-08-25 16:06:30 | 006,479,360 | R--- | M] () -- C:\Windows\Installer\4815a.msp
[2010-08-20 12:50:16 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\48184.msp
[2010-08-04 14:13:04 | 000,686,080 | R--- | M] () -- C:\Windows\Installer\48196.msp
[2010-08-05 11:59:16 | 004,033,536 | R--- | M] () -- C:\Windows\Installer\481b7.msp
[2010-01-21 09:44:16 | 015,710,720 | R--- | M] () -- C:\Windows\Installer\4880a.msp
[2009-12-16 22:58:22 | 005,382,144 | R--- | M] () -- C:\Windows\Installer\48d77.msp
[2012-02-08 14:06:28 | 003,947,520 | ---- | M] () -- C:\Windows\Installer\49b67.msi
[2009-07-30 09:55:52 | 000,248,832 | ---- | M] () -- C:\Windows\Installer\4a2b9.msi
[2009-09-10 08:05:46 | 015,709,696 | R--- | M] () -- C:\Windows\Installer\4a692.msp
[2009-08-25 13:57:34 | 005,518,336 | R--- | M] () -- C:\Windows\Installer\4a6a7.msp
[2009-04-24 11:29:02 | 009,013,760 | R--- | M] () -- C:\Windows\Installer\4ad70.msp
[2009-04-23 16:57:12 | 007,672,832 | R--- | M] () -- C:\Windows\Installer\4ad86.msp
[2009-05-26 17:53:56 | 000,579,072 | R--- | M] () -- C:\Windows\Installer\4ad97.msp
[2009-05-28 11:32:54 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\4adad.msp
[2009-04-24 11:30:16 | 002,583,552 | R--- | M] () -- C:\Windows\Installer\4adc1.msp
[2009-05-04 06:47:22 | 009,124,864 | R--- | M] () -- C:\Windows\Installer\4addb.msp
[2009-05-12 12:01:38 | 006,818,816 | R--- | M] () -- C:\Windows\Installer\4adf1.msp
[2009-05-04 06:46:14 | 008,299,008 | R--- | M] () -- C:\Windows\Installer\4ae04.msp
[2010-09-23 20:02:28 | 000,798,208 | R--- | M] () -- C:\Windows\Installer\4d59c.msp
[2009-10-22 12:28:50 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\4e592.msp
[2009-08-18 12:57:54 | 009,122,304 | R--- | M] () -- C:\Windows\Installer\4e5a4.msp
[2009-10-06 18:40:46 | 007,681,024 | R--- | M] () -- C:\Windows\Installer\4e5ba.msp
[2009-08-18 12:58:56 | 008,301,056 | R--- | M] () -- C:\Windows\Installer\4e5cc.msp
[2009-10-22 12:46:32 | 006,821,888 | R--- | M] () -- C:\Windows\Installer\4e5e9.msp
[2009-08-18 13:19:26 | 010,098,688 | R--- | M] () -- C:\Windows\Installer\4e5fc.msp
[2010-09-08 13:37:02 | 020,303,872 | R--- | M] () -- C:\Windows\Installer\4ed64.msp
[2010-03-30 11:34:48 | 003,826,688 | R--- | M] () -- C:\Windows\Installer\4f422.msp
[2010-05-03 15:06:36 | 005,053,952 | R--- | M] () -- C:\Windows\Installer\4f438.msp
[2010-04-24 16:10:46 | 008,486,400 | R--- | M] () -- C:\Windows\Installer\4f441.msp
[2010-04-24 16:07:04 | 010,118,144 | R--- | M] () -- C:\Windows\Installer\4f464.msp
[2010-04-24 16:07:58 | 004,667,392 | R--- | M] () -- C:\Windows\Installer\4f476.msp
[2010-03-24 17:54:54 | 002,516,992 | R--- | M] () -- C:\Windows\Installer\4f488.msp
[2010-05-10 16:17:22 | 005,520,896 | R--- | M] () -- C:\Windows\Installer\4f49e.msp
[2010-05-03 15:11:42 | 004,149,760 | R--- | M] () -- C:\Windows\Installer\4f4b4.msp
[2010-04-24 16:08:48 | 009,129,984 | R--- | M] () -- C:\Windows\Installer\4f4c6.msp
[2010-04-24 16:09:46 | 011,750,912 | R--- | M] () -- C:\Windows\Installer\4f4cf.msp
[2010-05-03 15:27:52 | 006,825,472 | R--- | M] () -- C:\Windows\Installer\4f4fc.msp
[2010-05-11 10:30:58 | 011,194,880 | R--- | M] () -- C:\Windows\Installer\4f509.msp
[2010-09-30 07:21:26 | 020,303,872 | R--- | M] () -- C:\Windows\Installer\4ff4e.msp
[2009-03-05 14:40:52 | 006,819,840 | R--- | M] () -- C:\Windows\Installer\502b2.msp
[2009-02-25 18:07:14 | 011,646,464 | R--- | M] () -- C:\Windows\Installer\502c4.msp
[2009-02-25 18:05:14 | 011,840,000 | R--- | M] () -- C:\Windows\Installer\502dd.msp
[2010-03-11 20:16:30 | 004,148,224 | R--- | M] () -- C:\Windows\Installer\50458.msp
[2010-03-11 11:03:40 | 005,524,480 | R--- | M] () -- C:\Windows\Installer\5046e.msp
[2010-02-21 00:03:34 | 004,472,832 | R--- | M] () -- C:\Windows\Installer\50486.msp
[2010-03-22 15:03:14 | 011,732,992 | R--- | M] () -- C:\Windows\Installer\5048f.msp
[2010-12-19 09:57:56 | 020,304,384 | R--- | M] () -- C:\Windows\Installer\522a6.msp
[2010-07-10 19:06:20 | 010,120,192 | R--- | M] () -- C:\Windows\Installer\526d2.msp
[2010-07-10 19:14:14 | 002,850,816 | R--- | M] () -- C:\Windows\Installer\526db.msp
[2010-07-26 16:02:46 | 005,519,360 | R--- | M] () -- C:\Windows\Installer\52701.msp
[2010-06-28 21:53:16 | 006,819,840 | R--- | M] () -- C:\Windows\Installer\52717.msp
[2010-06-28 15:01:18 | 007,677,952 | R--- | M] () -- C:\Windows\Installer\5272d.msp
[2011-04-07 03:43:30 | 123,313,664 | R--- | M] () -- C:\Windows\Installer\529b3.msp
[2011-05-18 21:55:38 | 019,624,448 | R--- | M] () -- C:\Windows\Installer\529c9.msp
[2010-08-24 08:49:22 | 006,825,472 | R--- | M] () -- C:\Windows\Installer\53344.msp
[2010-10-04 15:32:10 | 005,517,824 | R--- | M] () -- C:\Windows\Installer\5335a.msp
[2010-08-13 17:00:36 | 009,404,928 | R--- | M] () -- C:\Windows\Installer\5336d.msp
[2010-08-23 16:09:02 | 007,673,344 | R--- | M] () -- C:\Windows\Installer\53383.msp
[2010-08-13 17:02:20 | 002,545,664 | R--- | M] () -- C:\Windows\Installer\5338c.msp
[2010-08-13 16:59:46 | 008,182,272 | R--- | M] () -- C:\Windows\Installer\533a5.msp
[2010-08-13 17:01:28 | 008,993,280 | R--- | M] () -- C:\Windows\Installer\533c7.msp
[2009-10-16 06:08:48 | 002,237,952 | R--- | M] () -- C:\Windows\Installer\5387d.msp
[2010-04-21 16:46:50 | 005,522,432 | R--- | M] () -- C:\Windows\Installer\53893.msp
[2009-10-16 17:07:18 | 006,115,328 | R--- | M] () -- C:\Windows\Installer\5389f.msp
[2010-01-19 18:29:16 | 005,050,368 | R--- | M] () -- C:\Windows\Installer\54425.msp
[2010-01-19 17:51:12 | 005,524,480 | R--- | M] () -- C:\Windows\Installer\5443b.msp
[2009-09-21 15:53:56 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\545f9.msp
[2009-08-18 12:08:34 | 001,373,696 | R--- | M] () -- C:\Windows\Installer\5460b.msp
[2009-09-29 08:08:12 | 006,747,648 | R--- | M] () -- C:\Windows\Installer\54618.msp
[2009-07-27 03:31:24 | 003,738,624 | R--- | M] () -- C:\Windows\Installer\5463e.msp
[2009-08-05 06:49:32 | 003,457,024 | R--- | M] () -- C:\Windows\Installer\54660.msp
[2009-08-20 04:02:38 | 005,204,992 | R--- | M] () -- C:\Windows\Installer\5466c.msp
[2009-08-21 09:14:20 | 008,363,008 | R--- | M] () -- C:\Windows\Installer\5469c.msp
[2010-10-22 13:25:02 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\555b2.msp
[2010-10-01 17:42:36 | 005,054,464 | R--- | M] () -- C:\Windows\Installer\555c8.msp
[2010-10-07 18:43:04 | 001,980,416 | R--- | M] () -- C:\Windows\Installer\555da.msp
[2010-10-14 16:57:14 | 011,189,248 | R--- | M] () -- C:\Windows\Installer\555ee.msp
[2010-09-17 06:04:16 | 009,401,856 | R--- | M] () -- C:\Windows\Installer\5560b.msp
[2011-06-28 21:27:28 | 004,028,928 | R--- | M] () -- C:\Windows\Installer\55d82.msp
[2011-07-26 12:50:18 | 005,522,432 | R--- | M] () -- C:\Windows\Installer\5650d.msp
[2011-04-28 09:54:26 | 002,720,768 | R--- | M] () -- C:\Windows\Installer\5651a.msp
[2011-02-22 10:32:12 | 005,520,384 | R--- | M] () -- C:\Windows\Installer\57a32.msp
[2010-12-20 16:28:55 | 001,160,192 | ---- | M] () -- C:\Windows\Installer\59cef.msi
[2010-11-20 22:33:46 | 001,980,928 | R--- | M] () -- C:\Windows\Installer\5b856.msp
[2011-01-11 16:50:38 | 008,177,152 | R--- | M] () -- C:\Windows\Installer\5b866.msp
[2011-03-03 10:25:14 | 005,051,904 | R--- | M] () -- C:\Windows\Installer\5b88c.msp
[2011-03-17 19:01:58 | 009,563,648 | R--- | M] () -- C:\Windows\Installer\5b895.msp
[2011-02-11 07:43:44 | 010,951,168 | R--- | M] () -- C:\Windows\Installer\5b8ba.msp
[2010-11-20 22:34:34 | 001,198,080 | R--- | M] () -- C:\Windows\Installer\5b8c2.msp
[2010-11-20 22:32:52 | 004,165,120 | R--- | M] () -- C:\Windows\Installer\5b8dc.msp
[2011-04-05 11:52:16 | 005,519,872 | R--- | M] () -- C:\Windows\Installer\5b8f2.msp
[2011-02-24 08:38:52 | 010,984,448 | R--- | M] () -- C:\Windows\Installer\5b8ff.msp
[2011-03-17 19:00:20 | 000,090,624 | R--- | M] () -- C:\Windows\Installer\5b91b.msp
[2011-01-11 16:49:20 | 009,003,008 | R--- | M] () -- C:\Windows\Installer\5b92d.msp
[2011-01-27 13:49:14 | 006,825,472 | R--- | M] () -- C:\Windows\Installer\5b943.msp
[2012-08-02 09:29:26 | 005,521,920 | R--- | M] () -- C:\Windows\Installer\5b9b2.msp
[2012-07-18 14:53:36 | 010,937,344 | R--- | M] () -- C:\Windows\Installer\5b9bb.msp
[2012-07-17 09:11:02 | 006,145,024 | R--- | M] () -- C:\Windows\Installer\5b9df.msp
[2012-07-18 14:46:48 | 000,593,408 | R--- | M] () -- C:\Windows\Installer\5ba05.msp
[2012-07-25 15:59:06 | 011,032,064 | R--- | M] () -- C:\Windows\Installer\5ba17.msp
[2012-07-17 09:17:04 | 022,363,136 | R--- | M] () -- C:\Windows\Installer\5ba23.msp
[2012-06-26 17:03:12 | 003,875,840 | R--- | M] () -- C:\Windows\Installer\5ba3f.msp
[2011-06-16 09:15:12 | 000,467,456 | ---- | M] () -- C:\Windows\Installer\5c051.msi
[2011-04-13 10:37:02 | 019,201,024 | R--- | M] () -- C:\Windows\Installer\5c05f.msp
[2011-04-29 11:33:30 | 008,173,568 | R--- | M] () -- C:\Windows\Installer\5c06e.msp
[2011-05-17 17:28:52 | 006,862,848 | R--- | M] () -- C:\Windows\Installer\5c08b.msp
[2011-05-20 16:31:56 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\5c0b5.msp
[2011-03-25 08:03:44 | 005,079,552 | R--- | M] () -- C:\Windows\Installer\5c0bd.msp
[2011-04-27 18:51:18 | 006,825,472 | R--- | M] () -- C:\Windows\Installer\5c0d8.msp
[2011-06-16 09:29:19 | 020,333,056 | R--- | M] () -- C:\Windows\Installer\5c0e4.msp
[2011-06-16 09:31:53 | 000,223,744 | ---- | M] () -- C:\Windows\Installer\5c0eb.msi
[2011-04-29 11:28:40 | 001,995,264 | R--- | M] () -- C:\Windows\Installer\5c0f3.msp
[2011-05-24 15:27:26 | 000,060,928 | R--- | M] () -- C:\Windows\Installer\5c116.msp
[2011-04-29 11:31:46 | 009,006,080 | R--- | M] () -- C:\Windows\Installer\5c13c.msp
[2011-09-15 18:42:34 | 037,116,416 | R--- | M] () -- C:\Windows\Installer\5c5cb.msp
[2011-09-15 18:42:20 | 014,895,104 | R--- | M] () -- C:\Windows\Installer\5c5e7.msp
[2011-09-15 18:42:50 | 038,326,272 | R--- | M] () -- C:\Windows\Installer\5c5f4.msp
[2011-09-15 18:34:54 | 428,804,608 | R--- | M] () -- C:\Windows\Installer\5c717.msp
[2011-09-15 18:37:06 | 014,140,416 | R--- | M] () -- C:\Windows\Installer\5c723.msp
[2011-09-15 18:38:04 | 010,838,528 | R--- | M] () -- C:\Windows\Installer\5c72e.msp
[2011-09-15 18:40:36 | 007,959,552 | R--- | M] () -- C:\Windows\Installer\5c738.msp
[2011-09-15 18:40:52 | 004,760,064 | R--- | M] () -- C:\Windows\Installer\5c73f.msp
[2011-09-15 18:42:28 | 037,952,512 | R--- | M] () -- C:\Windows\Installer\5c757.msp
[2012-07-31 17:18:14 | 005,018,624 | R--- | M] () -- C:\Windows\Installer\5c786c.msp
[2012-03-05 21:34:06 | 005,519,872 | R--- | M] () -- C:\Windows\Installer\5d0ab.msp
[2008-12-03 09:37:34 | 000,432,640 | ---- | M] () -- C:\Windows\Installer\5d2dd.msi
[2012-01-25 14:55:08 | 005,520,384 | R--- | M] () -- C:\Windows\Installer\5debe.msp
[2011-10-26 15:38:54 | 002,830,848 | R--- | M] () -- C:\Windows\Installer\5dec6.msp
[2012-02-17 17:17:49 | 020,333,056 | R--- | M] () -- C:\Windows\Installer\5ded1.msp
[2010-02-21 01:00:02 | 008,480,768 | R--- | M] () -- C:\Windows\Installer\606ab.msp
[2010-02-04 17:24:30 | 009,122,304 | R--- | M] () -- C:\Windows\Installer\606cd.msp
[2010-01-27 17:53:46 | 006,820,864 | R--- | M] () -- C:\Windows\Installer\606e3.msp
[2010-02-04 18:11:54 | 005,526,528 | R--- | M] () -- C:\Windows\Installer\606f9.msp
[2011-11-03 13:31:36 | 005,525,504 | R--- | M] () -- C:\Windows\Installer\6103a.msp
[2008-10-13 16:17:42 | 000,360,448 | ---- | M] () -- C:\Windows\Installer\6129f.msi
[2008-10-13 16:17:47 | 000,355,840 | ---- | M] () -- C:\Windows\Installer\612a5.msi
[2008-10-13 16:19:40 | 002,415,616 | ---- | M] () -- C:\Windows\Installer\612ad.msi
[2008-10-13 16:19:47 | 001,752,064 | ---- | M] () -- C:\Windows\Installer\612b3.msi
[2008-10-13 16:19:57 | 001,642,496 | ---- | M] () -- C:\Windows\Installer\612b9.msi
[2008-10-13 16:20:00 | 001,643,520 | ---- | M] () -- C:\Windows\Installer\612c0.msi
[2008-10-13 16:20:05 | 000,505,344 | ---- | M] () -- C:\Windows\Installer\612c6.msi
[2008-10-13 16:20:11 | 000,513,536 | ---- | M] () -- C:\Windows\Installer\612cc.msi
[2008-10-13 16:20:16 | 000,516,608 | ---- | M] () -- C:\Windows\Installer\612d3.msi
[2008-10-13 16:20:22 | 000,506,880 | ---- | M] () -- C:\Windows\Installer\612da.msi
[2008-10-13 16:20:26 | 000,502,784 | ---- | M] () -- C:\Windows\Installer\612e0.msi
[2008-10-13 16:20:29 | 001,655,808 | ---- | M] () -- C:\Windows\Installer\612e7.msi
[2008-10-13 16:21:05 | 009,613,312 | ---- | M] () -- C:\Windows\Installer\612f2.msi
[2008-10-13 16:21:50 | 001,046,016 | ---- | M] () -- C:\Windows\Installer\612f9.msi
[2006-12-28 04:22:08 | 002,047,488 | R--- | M] () -- C:\Windows\Installer\6130a.msp
[2011-12-26 05:06:20 | 005,115,392 | R--- | M] () -- C:\Windows\Installer\61347.msp
[2011-12-25 05:40:46 | 000,819,200 | R--- | M] () -- C:\Windows\Installer\6134e.msp
[2011-03-08 09:59:47 | 020,308,992 | R--- | M] () -- C:\Windows\Installer\6186a.msp
[2009-06-30 10:30:08 | 005,520,384 | R--- | M] () -- C:\Windows\Installer\649ef.msp
[2009-04-24 11:28:00 | 004,450,816 | R--- | M] () -- C:\Windows\Installer\65043.msp
[2009-04-24 11:38:18 | 001,229,312 | R--- | M] () -- C:\Windows\Installer\6504c.msp
[2009-04-24 11:31:18 | 001,425,920 | R--- | M] () -- C:\Windows\Installer\65054.msp
[2009-05-01 14:49:44 | 004,328,960 | R--- | M] () -- C:\Windows\Installer\65072.msp
[2012-02-20 16:54:05 | 000,178,688 | ---- | M] () -- C:\Windows\Installer\6556a.msi
[2012-11-20 16:46:40 | 000,873,472 | ---- | M] () -- C:\Windows\Installer\667c77.msi
[2012-11-20 16:48:10 | 000,176,128 | ---- | M] () -- C:\Windows\Installer\667c87.msi
[2012-08-15 12:35:39 | 015,687,168 | ---- | M] () -- C:\Windows\Installer\667c88.mst
[2012-11-20 16:49:22 | 000,007,168 | ---- | M] () -- C:\Windows\Installer\667c8b.ipi
[2009-03-14 16:57:13 | 000,301,056 | ---- | M] () -- C:\Windows\Installer\671ca.msi
[2009-03-14 16:59:41 | 000,891,904 | ---- | M] () -- C:\Windows\Installer\67264.msi
[2009-03-14 17:01:06 | 000,549,888 | ---- | M] () -- C:\Windows\Installer\67283.msi
[2011-01-21 17:17:32 | 000,477,696 | ---- | M] () -- C:\Windows\Installer\685b9.msi
[2012-02-12 20:17:58 | 003,597,824 | ---- | M] () -- C:\Windows\Installer\686ca.msi
[2011-11-04 10:22:13 | 004,425,728 | R--- | M] () -- C:\Windows\Installer\686de.msp
[2011-11-04 10:22:23 | 002,933,248 | R--- | M] () -- C:\Windows\Installer\686f8.msp
[2012-02-08 10:00:29 | 000,136,704 | R--- | M] () -- C:\Windows\Installer\68702.msp
[2012-02-08 10:00:40 | 001,139,200 | R--- | M] () -- C:\Windows\Installer\68713.msp
[2012-02-12 20:14:12 | 000,715,264 | R--- | M] () -- C:\Windows\Installer\6872c.msp
[2012-02-12 20:14:14 | 003,313,152 | R--- | M] () -- C:\Windows\Installer\68750.msp
[2012-02-12 20:14:37 | 000,038,912 | R--- | M] () -- C:\Windows\Installer\6877f.msp
[2012-02-12 20:14:39 | 005,872,128 | R--- | M] () -- C:\Windows\Installer\6879d.msp
[2012-02-12 20:14:43 | 002,956,288 | R--- | M] () -- C:\Windows\Installer\687bc.msp
[2012-02-12 20:14:51 | 014,623,744 | R--- | M] () -- C:\Windows\Installer\687f2.msp
[2012-02-12 20:14:58 | 003,731,968 | R--- | M] () -- C:\Windows\Installer\68803.msp
[2012-02-12 20:15:00 | 000,205,824 | R--- | M] () -- C:\Windows\Installer\68816.msp
[2012-02-12 20:15:03 | 003,103,744 | R--- | M] () -- C:\Windows\Installer\68829.msp
[2012-02-12 20:15:11 | 001,828,864 | R--- | M] () -- C:\Windows\Installer\68855.msp
[2012-02-12 20:15:12 | 000,029,696 | R--- | M] () -- C:\Windows\Installer\68865.msp
[2012-02-12 20:15:13 | 000,630,272 | R--- | M] () -- C:\Windows\Installer\68873.msp
[2012-02-12 20:15:14 | 000,468,992 | R--- | M] () -- C:\Windows\Installer\68882.msp
[2012-02-12 20:15:18 | 000,664,064 | R--- | M] () -- C:\Windows\Installer\6889a.msp
[2012-02-12 20:15:19 | 000,512,512 | R--- | M] () -- C:\Windows\Installer\688a4.msp
[2012-02-12 20:15:20 | 002,146,816 | R--- | M] () -- C:\Windows\Installer\688b5.msp
[2012-02-12 20:15:21 | 000,064,512 | R--- | M] () -- C:\Windows\Installer\688c0.msp
[2012-02-12 20:15:22 | 000,023,552 | R--- | M] () -- C:\Windows\Installer\688cb.msp
[2012-02-12 20:15:22 | 000,031,232 | R--- | M] () -- C:\Windows\Installer\688d5.msp
[2012-02-12 20:15:23 | 000,024,576 | R--- | M] () -- C:\Windows\Installer\688ec.msp
[2009-11-26 17:10:27 | 000,429,568 | ---- | M] () -- C:\Windows\Installer\69246.msi
[2011-04-22 09:10:39 | 020,314,624 | R--- | M] () -- C:\Windows\Installer\6b860.msp
[2012-06-29 13:33:46 | 006,063,616 | R--- | M] () -- C:\Windows\Installer\6d8ad.msp
[2012-04-04 21:37:40 | 002,540,544 | R--- | M] () -- C:\Windows\Installer\6d8d3.msp
[2012-06-19 11:54:40 | 002,239,488 | R--- | M] () -- C:\Windows\Installer\6d8e4.msp
[2009-07-01 12:21:28 | 008,891,904 | R--- | M] () -- C:\Windows\Installer\7273d.msp
[2009-07-01 12:19:52 | 010,607,104 | R--- | M] () -- C:\Windows\Installer\7273e.msp
[2009-08-05 01:11:20 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\72769.msp
[2011-09-20 14:36:20 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\727b0.msp
[2011-07-11 16:19:28 | 010,619,904 | R--- | M] () -- C:\Windows\Installer\727bd.msp
[2011-10-14 08:32:26 | 020,333,568 | R--- | M] () -- C:\Windows\Installer\727c8.msp
[2009-12-11 10:29:56 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\737f5.msp
[2011-11-11 16:16:20 | 008,458,240 | R--- | M] () -- C:\Windows\Installer\7416a.msp
[2011-11-11 16:15:00 | 001,795,584 | R--- | M] () -- C:\Windows\Installer\7418c.msp
[2011-11-17 10:55:20 | 005,522,944 | R--- | M] () -- C:\Windows\Installer\741a2.msp
[2011-11-01 13:34:30 | 002,531,840 | R--- | M] () -- C:\Windows\Installer\741ab.msp
[2011-10-31 12:37:46 | 004,146,688 | R--- | M] () -- C:\Windows\Installer\741d9.msp
[2011-11-11 16:14:40 | 009,096,192 | R--- | M] () -- C:\Windows\Installer\741eb.msp
[2011-10-29 23:10:18 | 006,824,960 | R--- | M] () -- C:\Windows\Installer\74201.msp
[2011-11-01 13:34:28 | 002,247,168 | R--- | M] () -- C:\Windows\Installer\74213.msp
[2011-11-01 13:34:56 | 004,250,112 | R--- | M] () -- C:\Windows\Installer\7422e.msp
[2011-11-01 13:34:30 | 001,552,384 | R--- | M] () -- C:\Windows\Installer\74237.msp
[2011-04-29 11:30:12 | 001,197,056 | R--- | M] () -- C:\Windows\Installer\74a01.msp
[2011-04-29 12:04:54 | 005,053,440 | R--- | M] () -- C:\Windows\Installer\74a1e.msp
[2011-04-27 10:14:04 | 005,520,384 | R--- | M] () -- C:\Windows\Installer\74a34.msp
[2011-04-29 11:27:04 | 004,158,464 | R--- | M] () -- C:\Windows\Installer\74a46.msp
[2012-08-15 11:42:25 | 004,819,456 | ---- | M] () -- C:\Windows\Installer\753604.msi
[2012-02-20 18:58:46 | 002,002,432 | ---- | M] () -- C:\Windows\Installer\77c0ad.msi
[2011-07-27 06:39:50 | 009,892,352 | R--- | M] () -- C:\Windows\Installer\7856b.msp
[2011-09-06 20:48:02 | 008,181,248 | R--- | M] () -- C:\Windows\Installer\7858b.msp
[2011-07-21 11:34:34 | 003,456,000 | R--- | M] () -- C:\Windows\Installer\785a7.msp
[2011-08-10 16:42:04 | 007,070,208 | R--- | M] () -- C:\Windows\Installer\785b8.msp
[2011-09-06 20:46:22 | 009,006,080 | R--- | M] () -- C:\Windows\Installer\785d1.msp
[2011-08-16 11:35:02 | 005,519,872 | R--- | M] () -- C:\Windows\Installer\785e7.msp
[2011-07-26 07:17:10 | 006,824,960 | R--- | M] () -- C:\Windows\Installer\785fd.msp
[2011-07-26 15:33:48 | 010,984,448 | R--- | M] () -- C:\Windows\Installer\7860a.msp
[2011-08-10 16:43:30 | 003,795,968 | R--- | M] () -- C:\Windows\Installer\78627.msp
[2012-05-11 08:39:53 | 020,343,808 | R--- | M] () -- C:\Windows\Installer\79d32.msp
[2012-04-17 11:11:06 | 007,681,024 | R--- | M] () -- C:\Windows\Installer\79d47.msp
[2012-02-17 07:45:24 | 002,299,392 | R--- | M] () -- C:\Windows\Installer\79d5e.msp
[2012-04-28 20:43:58 | 008,459,264 | R--- | M] () -- C:\Windows\Installer\79d67.msp
[2012-04-27 14:09:22 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\79d8d.msp
[2012-03-15 01:24:28 | 001,795,584 | R--- | M] () -- C:\Windows\Installer\79d9f.msp
[2012-03-19 21:02:30 | 006,695,936 | R--- | M] () -- C:\Windows\Installer\79dac.msp
[2012-04-09 15:50:24 | 006,829,568 | R--- | M] () -- C:\Windows\Installer\79dd6.msp
[2011-12-15 12:40:40 | 023,374,336 | R--- | M] () -- C:\Windows\Installer\79deb.msp
[2012-04-04 21:38:16 | 003,620,864 | R--- | M] () -- C:\Windows\Installer\79df3.msp
[2012-04-28 20:44:02 | 009,586,176 | R--- | M] () -- C:\Windows\Installer\79e1d.msp
[2012-01-19 12:37:24 | 008,999,936 | R--- | M] () -- C:\Windows\Installer\79e28.msp
[2011-12-22 15:50:54 | 000,256,000 | R--- | M] () -- C:\Windows\Installer\79e2f.msp
[2012-04-28 20:44:02 | 009,101,824 | R--- | M] () -- C:\Windows\Installer\79e41.msp
[2012-04-04 21:38:44 | 002,831,360 | R--- | M] () -- C:\Windows\Installer\79e4a.msp
[2012-03-28 17:10:04 | 012,098,048 | R--- | M] () -- C:\Windows\Installer\79fb3.msp
[2012-03-22 12:09:58 | 005,521,920 | R--- | M] () -- C:\Windows\Installer\79fdd.msp
[2012-01-22 09:09:26 | 001,700,352 | R--- | M] () -- C:\Windows\Installer\79fe5.msp
[2011-11-01 12:34:26 | 001,169,920 | R--- | M] () -- C:\Windows\Installer\79ff6.msp
[2012-03-23 13:59:02 | 007,899,648 | R--- | M] () -- C:\Windows\Installer\7a007.msp
[2012-04-22 21:37:42 | 001,182,720 | R--- | M] () -- C:\Windows\Installer\7f175.msp
[2012-03-15 12:43:28 | 004,216,320 | R--- | M] () -- C:\Windows\Installer\7f17c.msp
[2009-10-16 07:09:28 | 002,518,016 | R--- | M] () -- C:\Windows\Installer\80d87.msp
[2009-09-03 11:51:44 | 000,630,784 | R--- | M] () -- C:\Windows\Installer\80d93.msp
[2009-11-20 15:00:24 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\80dbd.msp
[2008-10-05 04:12:22 | 004,784,128 | R--- | M] () -- C:\Windows\Installer\82487.msp
[2008-10-28 17:21:40 | 135,236,096 | ---- | M] () -- C:\Windows\Installer\8248c.msi
[2008-10-28 17:23:47 | 027,141,120 | ---- | M] () -- C:\Windows\Installer\82491.msi
[2008-10-28 17:23:57 | 004,554,240 | ---- | M] () -- C:\Windows\Installer\82497.msi
[2008-10-28 17:24:01 | 000,469,504 | ---- | M] () -- C:\Windows\Installer\8249d.msi
[2008-10-28 17:26:31 | 005,644,288 | ---- | M] () -- C:\Windows\Installer\824a5.msi
[2008-10-28 17:28:24 | 001,667,072 | ---- | M] () -- C:\Windows\Installer\824af.msi
[2008-10-28 17:31:01 | 007,383,552 | ---- | M] () -- C:\Windows\Installer\824b3.msi
[2008-10-28 17:32:50 | 002,450,944 | ---- | M] () -- C:\Windows\Installer\824b7.msi
[2008-10-28 17:33:42 | 002,188,288 | ---- | M] () -- C:\Windows\Installer\824bb.msi
[2011-04-19 12:53:24 | 002,087,936 | ---- | M] () -- C:\Windows\Installer\82657.msi
[2011-04-19 12:53:37 | 000,071,680 | ---- | M] () -- C:\Windows\Installer\8267b.msi
[2011-04-19 12:53:39 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\82689.msi
[2011-04-19 12:53:39 | 000,191,488 | ---- | M] () -- C:\Windows\Installer\8268d.msi
[2011-04-19 12:53:40 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\82691.msi
[2011-04-19 12:55:09 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\826ff.msi
[2008-11-13 09:34:19 | 001,471,488 | ---- | M] () -- C:\Windows\Installer\8285d.msi
[2011-04-19 12:57:34 | 000,024,064 | ---- | M] () -- C:\Windows\Installer\8287b.msi
[2011-04-19 12:59:13 | 000,087,552 | ---- | M] () -- C:\Windows\Installer\828cd.msi
[2011-04-19 12:59:14 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\828d1.msi
[2011-04-19 12:59:15 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\828d5.msi
[2011-04-19 13:00:03 | 000,926,208 | ---- | M] () -- C:\Windows\Installer\828f7.msi
[2011-05-23 13:15:48 | 003,617,792 | R--- | M] () -- C:\Windows\Installer\870c7.msp
[2010-10-01 21:53:12 | 004,147,712 | R--- | M] () -- C:\Windows\Installer\8a1c1.msp
[2010-07-23 01:03:24 | 000,338,432 | R--- | M] () -- C:\Windows\Installer\8a1d3.msp
[2010-12-06 15:02:34 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\8a1e9.msp
[2010-11-12 12:13:44 | 000,883,712 | R--- | M] () -- C:\Windows\Installer\8a1f5.msp
[2010-10-22 15:45:16 | 008,444,928 | R--- | M] () -- C:\Windows\Installer\8a220.msp
[2011-01-17 16:06:20 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\8a7f6.msp
[2010-12-20 16:31:25 | 000,434,688 | ---- | M] () -- C:\Windows\Installer\8c4d9.msi
[2008-07-29 23:18:28 | 011,933,184 | R--- | M] () -- C:\Windows\Installer\8eee0.msp
[2008-07-29 23:20:14 | 011,767,296 | R--- | M] () -- C:\Windows\Installer\8eef2.msp
[2009-02-08 19:55:48 | 000,436,736 | ---- | M] () -- C:\Windows\Installer\9961a7.msi
[2009-06-21 13:07:13 | 000,612,864 | ---- | M] () -- C:\Windows\Installer\9fb476.msi
[2011-11-21 23:07:36 | 017,191,936 | R--- | M] () -- C:\Windows\Installer\a6e510.msp
[2011-04-28 15:55:51 | 000,223,232 | ---- | M] () -- C:\Windows\Installer\b8ae6.msi
[2010-02-06 11:53:27 | 000,794,112 | ---- | M] () -- C:\Windows\Installer\c57c.msi
[2007-07-27 08:24:00 | 127,991,808 | R--- | M] () -- C:\Windows\Installer\c60a0.msp
[2009-02-11 14:02:00 | 005,519,872 | R--- | M] () -- C:\Windows\Installer\c6166.msp
[2005-10-26 13:59:54 | 002,883,072 | R--- | M] () -- C:\Windows\Installer\c617c.msp
[2008-10-14 08:41:40 | 000,431,104 | ---- | M] () -- C:\Windows\Installer\eb2a2.msi
[2012-02-28 10:30:49 | 000,160,768 | ---- | M] () -- C:\Windows\Installer\f7a52.msi
[2011-04-19 12:53:24 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}.SchedServiceConfig.rmi
[2012-04-12 17:49:13 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}.SchedServiceConfig.rmi
[2012-11-15 11:35:47 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{3C3901C5-3455-3E0A-A214-0B093A5070A6}.SchedServiceConfig.rmi
[2009-03-14 17:01:01 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{3CB5AB8B-BD97-4ACC-90B8-5858EDCDCCD3}.SchedServiceConfig.rmi
[2009-11-10 12:20:27 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{66867BB8-FBC5-450B-8533-C6BE2C9C4068}.SchedServiceConfig.rmi
[2012-02-20 19:00:21 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{8153ED9A-C94A-426E-9880-5E6775C08B62}.SchedServiceConfig.rmi
[2012-08-15 11:37:07 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}.SchedServiceConfig.rmi
[2012-02-12 20:21:09 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}.SchedServiceConfig.rmi
[2011-01-21 17:19:10 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{CAEB2BE8-EF9E-4BFE-8165-3B54B62AF6CF}.SchedServiceConfig.rmi
[2012-11-15 10:46:06 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}.SchedServiceConfig.rmi
[2012-06-02 11:30:48 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}.SchedServiceConfig.rmi
[2011-04-19 12:57:42 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{F53D678E-238F-4A71-9742-08BB6774E9DC}.SchedServiceConfig.rmi
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
 
[color=#A23BEC]< %windir%\system32\tasks\*.* >[/color]
[2010-04-15 18:02:54 | 000,003,160 | ---- | M] () -- C:\Windows\system32\tasks\CreateChoiceProcessTask
[2012-11-20 16:08:51 | 000,003,002 | ---- | M] () -- C:\Windows\system32\tasks\DLL-files.com Fixer_MONTHLY
[2012-11-20 16:08:51 | 000,003,016 | ---- | M] () -- C:\Windows\system32\tasks\DLL-files.com Fixer_UPDATES
[2011-06-25 00:23:05 | 000,002,916 | ---- | M] () -- C:\Windows\system32\tasks\Install_NSS
[2012-11-20 16:08:47 | 000,003,100 | ---- | M] () -- C:\Windows\system32\tasks\RDReminder
[2012-11-15 11:06:25 | 000,003,806 | ---- | M] () -- C:\Windows\system32\tasks\Scheduled Update for Ask Toolbar
[2009-07-20 09:01:35 | 000,002,980 | ---- | M] () -- C:\Windows\system32\tasks\{0E990073-E684-4F3F-863D-C64DEBA858D7}
[2009-04-07 19:07:12 | 000,002,968 | ---- | M] () -- C:\Windows\system32\tasks\{23474E80-5B2A-49E3-AED8-0E7F9B1D58D6}
[2010-02-05 17:09:12 | 000,002,882 | ---- | M] () -- C:\Windows\system32\tasks\{4926BE2C-67A3-467E-894C-C76E90ECDB0D}
[2009-02-04 17:02:20 | 000,003,066 | ---- | M] () -- C:\Windows\system32\tasks\{D859EA88-522A-4EDF-BB12-0D9347935518}
[2009-02-12 11:06:37 | 000,003,202 | ---- | M] () -- C:\Windows\system32\tasks\{D98DF8B5-2378-4FCD-9739-8959A100F2B0}
 
[color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color]
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2008-10-29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008-10-30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008-10-28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008-01-21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
[color=#A23BEC]< MD5 for: REGEDIT.EXE  >[/color]
[2008-01-21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008-01-21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
 
[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2008-01-21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008-01-21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008-01-21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
[color=#A23BEC]< C:\Windows\assembly\tmp\U\*.* /s >[/color]
[2006-11-02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006-11-02 14:01:49 | 000,032,570 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010-11-22 16:05:39 | 000,000,360 | ---- | C] () -- C:\Windows\Tasks\Install_NSS.job
[2012-11-20 16:08:51 | 000,000,260 | ---- | C] () -- C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job
[2012-11-20 16:08:51 | 000,000,276 | ---- | C] () -- C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
 
[color=#A23BEC]< %Temp%\smtmp\1\*.* >[/color]
 
[color=#A23BEC]< %Temp%\smtmp\2\*.* >[/color]
 
[color=#A23BEC]< %Temp%\smtmp\3\*.* >[/color]
 
[color=#A23BEC]< %Temp%\smtmp\4\*.* >[/color]
 
[color=#A23BEC]< type c:\diskreport.txt /c >[/color]
Microsoft DiskPart versie 6.0.6002
Copyright (C) 1999-2007 Microsoft Corporation.
Op computer: PC_VAN_RON
  Volume ###  Ltr  Label        FS     Type        Grootte  Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
  volume 0     E   FM2013       UDF    Dvd-rom     1375 MB  In orde           
  volume 1     I                       Dvd-rom         0 B  Geen medi         
  volume 2     C   BOOT         NTFS   partitie     912 GB  In orde    Systeem
  volume 3     D   RECOVER      FAT32  partitie      20 GB  In orde           
  volume 4     F                       Verwisselb      0 B  Geen medi         
  volume 5     G                       Verwisselb      0 B  Geen medi         
  volume 6     H                       Verwisselb      0 B  Geen medi         
< End of report >
 
OTL Extras logfile created on: 20-11-2012 16:31:59 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ron\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
 
3,25 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 49,36% Memory free
6,69 Gb Paging File | 4,78 Gb Available in Paging File | 71,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,50 Gb Total Space | 284,26 Gb Free Space | 31,19% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 8,76 Gb Free Space | 43,80% Space Free | Partition Type: FAT32
Drive E: | 1,34 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PC_VAN_RON | User Name: Ron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FD0F13B-1BEC-4E36-B41E-A42CEB02E0D3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{207B2825-4F08-42E1-9DC3-46D340891275}" = lport=5358 | protocol=6 | dir=in | app=system |
"{24725B25-C443-410E-AA0F-9DA9A906103E}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{2BC12981-70C7-4747-A634-AF6CEAC1FFCB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32A56B41-CF62-4E00-B7E3-155305C26C26}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3BCF7DF5-8C4C-4CC4-BDF0-61F3E07BA0FC}" = lport=5357 | protocol=6 | dir=in | app=system |
"{3CF9D4F3-8A05-4841-B914-9F7FA21E152D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3D988C07-9538-486A-BE25-41EDD1574773}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3DD7DF17-48CC-4624-B82B-403C95FCD7B2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4B015F67-5465-4E2A-9187-861926D53665}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{5C097619-3092-45B0-868E-7FBF78983E73}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5C9DA0C7-83C8-49D9-AA4E-F2FAEA2E25C8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5CE92971-E53B-48AC-AF9D-87ECCB96828A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{769A7FB6-37A4-4DE4-A4CB-CF5374DE75AB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{818A20D3-D522-4C4B-8542-A9B9D09D3F0B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{823C1DCE-8F2A-467C-A37D-B19CF736474A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{88113166-F1A0-4338-A47C-628D5023A4A2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A0D9461A-66E5-4EA9-8B38-3157E283CBC6}" = rport=5357 | protocol=6 | dir=out | app=system |
"{A2F28889-A5B2-4354-918A-F406880E9B20}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B60E752C-AE4A-428F-88C5-963EDF2783FC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CCE91491-1EC8-4BEF-9202-B163D796D965}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D31A2C5C-18A0-49A9-B622-7282C6EB2192}" = rport=5358 | protocol=6 | dir=out | app=system |
"{D9FC584D-D748-4612-BE02-D4C01D1F22ED}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{DB36FFE4-04FB-4FE4-A2DD-355D388917BF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED8BD33F-CB6D-4A63-B0D0-F3B2242FB781}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F2650DAC-3733-4FBF-912E-B546E83510A2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FB788594-B34C-4FAD-930A-CBFBC0FAF1D2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FF617224-0EB0-4743-B9BE-02D4F95434A2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02537E49-1556-403B-BFAD-D04A08B2DE3A}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{195454DA-063F-43FB-B1BF-FF5F56DB5100}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{1F42BAC7-8B97-4241-BDF0-D0D841111BA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1FE98103-562E-4B50-8A93-99C4121224A9}" = protocol=17 | dir=in | app=c:\program files\cyanide\pro cycling manager - seizoen 2011\pcm.exe |
"{24184756-3DDA-48D6-8BC4-5F3769F76A8A}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |
"{2435FB1A-5C4B-494F-B23C-8B540931116F}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{2528263C-F5FF-45F2-933D-BEB7D32B54B2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A21F3E0-682B-4370-AA13-7DC47B4F1FDB}" = protocol=6 | dir=in | app=c:\spellen\pro cycling manager - season 2008\pcm.exe |
"{2BA8516C-4FC1-49E9-B7F2-4EA21474506E}" = protocol=6 | dir=in | app=c:\spellen\pro cycling manager - seizoen 2010\autorun\exe\autorun.exe |
"{2BB5005E-A77A-421F-BCB0-752D4223ED25}" = protocol=17 | dir=in | app=c:\spellen\pro cycling manager - seizoen 2011\pcm.exe |
"{2E41F22F-9AA3-4323-ADCC-07C7F66E5ED8}" = protocol=17 | dir=in | app=c:\spellen\pro cycling manager - seizoen 2010\autorun\exe\autorun.exe |
"{2EE2AD6C-F903-4382-8BBF-1D654C94D1EC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012\fm.exe |
"{2F052945-CA22-4C00-8691-67E5EB3EBAFC}" = protocol=6 | dir=in | app=c:\program files\homecinema\tv enhance\tveservice.exe |
"{332708B8-C5D3-4560-B3C6-5DD1195D10E8}" = protocol=6 | dir=in | app=c:\program files\homecinema\tv enhance\tvenhance.exe |
"{347F0217-D2ED-4EF1-8C15-CD6C7607DFF2}" = protocol=6 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{356AA7EE-1A6D-4A98-82F0-6D3338C3CC63}" = protocol=17 | dir=in | app=c:\spellen\pro cycling manager - seizoen 2010\pcm.exe |
"{375CE1A5-1507-4754-AF00-413153E05316}" = protocol=6 | dir=in | app=c:\spellen\pro cycling manager - season 2009\autorun\exe\autorun.exe |
"{3A9B8BA0-CE3B-47A6-B03E-5CFC0FBF4B7B}" = protocol=6 | dir=in | app=c:\spellen\pro cycling manager - seizoen 2011\pcm.exe |
"{406405F1-4380-4B66-BA8C-997A5831EF06}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{429354BA-C320-427D-97E2-CFC61CE0EA85}" = protocol=17 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{42C1637E-F172-40EE-B0A3-49AEBCA6D7EB}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{431A35FA-1CC5-4CA3-BF1A-90A6C3DC655C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{43E4941F-732C-436D-AEDF-8D2728786384}" = protocol=17 | dir=in | app=c:\program files\sports interactive\football manager 2010\fm.exe |
"{45E8F53D-38BC-418B-BA97-7C6F33207F11}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2011\fm.exe |
"{4625189B-D92E-4D3D-ACC5-99ADE6F67E17}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{473CE1E9-25DD-4434-9239-DB10D24F2960}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{480F1890-161F-4BB6-85F7-A3236CDCA24E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{52E9B289-B559-485B-AED3-CD762AFF7B9A}" = protocol=6 | dir=in | app=c:\program files\homecinema\tv enhance\tvenhance.exe |
"{53C48285-91BB-4C51-9414-809ED9518BD3}" = protocol=6 | dir=in | app=c:\program files\cyanide\pro cycling manager - seizoen 2011\autorun\exe\autorun.exe |
"{55C71D0D-9AC5-475A-8C30-8771EADC7E6F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{597B6D2A-3529-4176-8BCB-FD77DB31BD5B}" = protocol=6 | dir=in | app=c:\spellen\pro cycling manager - season 2008\autorun\exe\autorun.exe |
"{5D99BE47-947C-4EC7-B774-749028BEC777}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6481E3D8-8215-44CB-AAA0-CFD80BE42595}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012\fm.exe |
"{69147431-54BE-4AAB-B3DD-19919978F466}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{6CDD7687-72E7-4307-9B01-6D0A5C5E8444}" = protocol=6 | dir=out | app=system |
"{70FC0B42-827B-4807-8956-76B550A59141}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{799F40AD-EDD0-4FCD-88B9-ADDD26D5E029}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{7A02F47C-4B08-4A60-86E0-B260D0CE1CC0}" = protocol=6 | dir=in | app=c:\spellen\pro cycling manager - seizoen 2010\pcm.exe |
"{7A8A4655-18B4-43D9-8CA7-5148CDAD2F4A}" = protocol=6 | dir=in | app=c:\spellen\pro cycling manager - season 2009\pcm.exe |
"{7E03A930-B5BA-4F0D-A8E9-7C95994BDC9C}" = protocol=17 | dir=in | app=c:\program files\homecinema\tv enhance\tvenhance.exe |
"{9E267F1C-6CC1-4FC0-9ED3-5C047772EDCA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012\fm.exe |
"{9FDE0C4F-3811-475D-B5FE-EA816EFDA4B7}" = protocol=6 | dir=in | app=c:\program files\firaxis games\sid meier's civilization 4\civilization4.exe |
"{A157A16A-33A8-439C-99E9-05BB36E5392B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A370E9DE-BD0F-4287-9308-092C94EA5406}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{A89E0916-1A14-4057-8F42-2543E7FF9F9B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AA010A70-6544-44EB-9C6D-33CBB0AA6692}" = protocol=17 | dir=in | app=c:\program files\homecinema\tv enhance\tveservice.exe |
"{AF7CAE7C-7AD8-41F5-8570-1FAFA506A82B}" = protocol=17 | dir=in | app=c:\spellen\pro cycling manager - season 2008\autorun\exe\autorun.exe |
"{B05DBB75-99ED-4955-B91F-47A3F1E2B949}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B2024A6F-B198-4CDE-966C-240AA95BF180}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{B5B204A7-A384-4D89-B739-E44470278656}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B831F5CE-4611-4CAC-AB87-9FAC1C93D118}" = protocol=6 | dir=in | app=c:\program files\homecinema\tv enhance\tveservice.exe |
"{B93AF869-C719-4ABE-B187-48E1656AD357}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BFD148A4-720B-45F6-900F-D2799E385A2F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C0DC5BF0-AEE2-4166-9566-49B563345620}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C390C366-546E-4BAC-8986-FE7E70454342}" = protocol=17 | dir=in | app=c:\program files\homecinema\tv enhance\tveservice.exe |
"{C4D7C04E-C71E-4CD9-8429-BFF6E422ED9C}" = protocol=17 | dir=in | app=c:\spellen\pro cycling manager - season 2009\pcm.exe |
"{C789B51C-6EB1-4D73-90F9-2129297DAFB3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CC6A634A-4F79-4FD8-9136-EB47BC297937}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{CDB985A3-0F1C-46D2-BD93-7703D74C3B9D}" = protocol=6 | dir=in | app=c:\program files\cyanide\pro cycling manager - seizoen 2011\pcm.exe |
"{D513B87F-DF15-4AD4-AA02-A98E6B7862FA}" = protocol=6 | dir=in | app=c:\spellen\lord of the rings\game.dat |
"{D977948A-B7DD-4761-97A7-32D00B8F75BA}" = protocol=6 | dir=in | app=c:\program files\sports interactive\football manager 2010\fm.exe |
"{DDCA7BA2-5FE3-47E0-9349-7A64EB36FF4D}" = protocol=17 | dir=in | app=c:\program files\homecinema\tv enhance\tvenhance.exe |
"{E05C34B4-B03D-4AAB-901F-645C2AF43A57}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{E21087E7-E475-4C28-9DB8-5DF63860D452}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2012\fm.exe |
"{E2A1A93B-5DD2-4452-90AE-D9865A1CD0CD}" = protocol=17 | dir=in | app=c:\spellen\pro cycling manager - seizoen 2011\autorun\exe\autorun.exe |
"{E2E7714D-F679-484A-9B58-CCF8147D2144}" = protocol=17 | dir=in | app=c:\program files\cyanide\pro cycling manager - seizoen 2011\autorun\exe\autorun.exe |
"{E42DFBEE-8F19-418E-BD75-A8CFB06184F8}" = protocol=17 | dir=in | app=c:\spellen\lord of the rings\game.dat |
"{E464EF00-DE89-4710-A1A7-2C467F980D3F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E82FC541-C5CC-40FB-A599-56112561899C}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
"{EA3197DA-E1D3-47F1-9ED2-C19D6265B6C4}" = protocol=17 | dir=in | app=c:\spellen\pro cycling manager - season 2009\autorun\exe\autorun.exe |
"{EE2D60D6-EA4A-4022-A587-6E18532C5C1C}" = protocol=17 | dir=in | app=c:\program files\firaxis games\sid meier's civilization 4\civilization4.exe |
"{F27FD06E-1A01-45A3-8139-5C4DF567FDA3}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{F35F9C77-D25C-4BF1-AB8A-40A19CA80C17}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F43C78DB-C153-4B01-9BB5-4E1C78708AE0}" = protocol=17 | dir=in | app=c:\spellen\pro cycling manager - season 2008\pcm.exe |
"{F8D6A274-507A-4341-ADDC-48CDDC3FC560}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\r.u.s.e. beta\ruse.exe |
"{F8E7EE44-5765-4D16-B14D-BEA51AFDB5DD}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{F8EA9D4F-AB95-4441-B82C-5B9B23489853}" = protocol=6 | dir=in | app=c:\spellen\pro cycling manager - seizoen 2011\autorun\exe\autorun.exe |
"{F93AF174-6E85-40CF-8ED8-86CABDBB7A82}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2011\fm.exe |
"{FD06B1CF-01D0-4A38-A83E-6661EE5F1B9F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\r.u.s.e. beta\ruse.exe |
"TCP Query User{03809F26-3B32-42E7-ABBD-38B8C579CB51}C:\spellen\pro cycling manager - seizoen 2011\pcm.exe" = protocol=6 | dir=in | app=c:\spellen\pro cycling manager - seizoen 2011\pcm.exe |
"TCP Query User{0E0C24A2-F158-4B64-99C1-F6E3F469853D}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"TCP Query User{158B4FD5-3113-4E4C-B118-AE0C191775B6}C:\program files\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe |
"TCP Query User{17E74461-A32B-483B-9658-CBCAF946ACB8}C:\program files\steam\steamapps\ronnydepp\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\ronnydepp\counter-strike\hl.exe |
"TCP Query User{1B29A55D-9AB6-46DB-8B00-EC86F1260E3A}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{1D4AE6C7-5E13-4714-B6F3-E609A7303548}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{23502D39-C6BA-4D15-B933-8AC4699C554B}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{3531FC28-0B02-47EF-9133-A7571435AB75}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{6823B30D-05B6-4C7D-9B51-D9705A85E3E6}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{765B455B-A146-4752-AF58-C321918E4659}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{8D7DAF32-941B-4FE8-996F-83852E3DD454}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{A983E4EA-D808-4BE8-BDFF-DB816CEB8CB0}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{AD7D4099-4321-4DED-B2AB-09EA181CD0B6}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{B54DF09E-7819-434D-8709-56C2D6A4EFDB}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"TCP Query User{CA477647-D2DC-4274-9A0A-EB7662A9A0DD}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{CBAAA65D-7FAA-43CA-A16B-B6102619AE11}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{F71E3400-C0FB-4837-91FC-1174C1A39116}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{2B278C31-2B0E-4288-B16D-ACDEFA312022}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"UDP Query User{3452499C-9070-4F42-926D-A647CD641140}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{3EAABAE5-8C27-44C7-8640-AC26C82028D1}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"UDP Query User{499E867F-B2E9-495F-9715-D7A07240E3C6}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{539D9AFB-39CF-4AD9-B8F4-728AAD8D8103}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{592EB8E7-AF24-4A71-A383-7EAC0E352B1E}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{5E4D2F32-6F8A-411D-B161-4152F989990E}C:\program files\steam\steamapps\ronnydepp\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\ronnydepp\counter-strike\hl.exe |
"UDP Query User{6995B7A7-5024-4273-8BBC-0BEDF6E6B158}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{6F1A470B-1C82-4E38-900C-F4B6D00A969F}C:\spellen\pro cycling manager - seizoen 2011\pcm.exe" = protocol=17 | dir=in | app=c:\spellen\pro cycling manager - seizoen 2011\pcm.exe |
"UDP Query User{7EAEE27C-99A6-46E3-9480-02FF14C8FCE1}C:\program files\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe |
"UDP Query User{A46B5A9E-1F52-442F-A0A5-36C310AE8744}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{B17BB52B-2487-474D-B337-EAE162497A1D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{CAD7EC10-36F3-4E65-92B3-3DEF6AC3C857}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{D22A4A25-32A3-4D64-ABDA-E46AF6E7CBD2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D74BE345-ACBD-43F0-946C-E6771CC36BC6}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{E324671E-054F-4E1D-B645-85EC4B1A28C6}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{E5838D8E-A2C4-4ECF-81CA-EB74523727BE}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1" = Media Access Startup
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1" = Internet Saving Optimizer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}" = Rome - Total War
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{47948554-90C6-4AAC-8CFA-D23CE11C1043}" = Nero 8 Essentials
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5079F5CA-210A-4C0C-9FBF-02CF77FB0EAC}" = NVIDIA PhysX v8.09.19
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.2
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = CyberLink PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7911C404-9AFA-4BB2-B9B7-E47423D87528}" = Knights Of Honor
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}" = Windows Live Remote Service Resources
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_HOMESTUDENTR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90170413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Dutch)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1416622-0DDE-45B5-B06C-DFC3ED94C53B}" = The Godfather® II
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAA4850F-7E20-40D7-A4C3-3697E7FA4A54}" = Intel(R) Network Connections 13.2.8.0
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5096216-7703-409E-B85A-8A6EE7395128}}_is1" = System Search Dispatcher
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6436C60-3C20-4C5E-9267-349B09ACED0D}" = NL
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}" = Windows Live Sync
"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = CyberLink TV Enhance
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}" = Windows Live Remote Client Resources
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Aangifte inkomstenbelasting 2010" = Aangifte inkomstenbelasting 2010
"Aangifte inkomstenbelasting 2011" = Aangifte inkomstenbelasting 2011
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AVG8Uninstall" = AVG Free 8.5
"BitTorrent" = BitTorrent
"Brothers in Arms - Hell's Highway" = Brothers in Arms: Hell's Highway
"BullGuard" = BullGuard
"cont_blueskyadagency" = Contextual Platform Blueskyadagency
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX Setup
"Dll-Files.com Fixer_is1" = Dll-Files.com Fixer
"Football Manager 2010" = Football Manager 2010
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
"NVIDIA Drivers" = NVIDIA Drivers
"p2pmax" = P2P Max
"Port Royale 2" = Port Royale 2
"ppcbooster" = PPC Booster
"Premiumplay Codec-C" = Premiumplay Codec-C
"PROSetDX" = Intel(R) Network Connections 13.2.8.0
"Railroad Tycoon II" = Railroad Tycoon II
"runit" = Run It
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"Tachyon" = Tachyon
"VLC media player" = VLC media player 2.0.2
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"X10Hardware" = X10 Hardware(TM)
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-2903851507-1979561720-2490043369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Applicatie Detect
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 20-11-2012 11:34:24 | Computer Name = PC_van_Ron | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
 
Error - 20-11-2012 11:46:23 | Computer Name = PC_van_Ron | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
 
Error - 20-11-2012 11:46:24 | Computer Name = PC_van_Ron | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
 
Error - 20-11-2012 11:48:42 | Computer Name = PC_van_Ron | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
 
Error - 20-11-2012 11:48:50 | Computer Name = PC_van_Ron | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
 
Error - 20-11-2012 11:51:49 | Computer Name = PC_van_Ron | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
 
Error - 20-11-2012 11:51:49 | Computer Name = PC_van_Ron | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
 
Error - 20-11-2012 11:53:29 | Computer Name = PC_van_Ron | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
 
Error - 20-11-2012 11:53:30 | Computer Name = PC_van_Ron | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
 
Error - 20-11-2012 11:53:55 | Computer Name = PC_van_Ron | Source = MsiInstaller | ID = 11719
Description =
 
[ System Events ]
Error - 19-11-2012 14:07:20 | Computer Name = PC_van_Ron | Source = Service Control Manager | ID = 7001
Description =
 
Error - 19-11-2012 14:07:22 | Computer Name = PC_van_Ron | Source = Service Control Manager | ID = 7001
Description =
 
Error - 19-11-2012 14:07:47 | Computer Name = PC_van_Ron | Source = Service Control Manager | ID = 7001
Description =
 
Error - 19-11-2012 14:07:47 | Computer Name = PC_van_Ron | Source = Service Control Manager | ID = 7001
Description =
 
Error - 19-11-2012 14:07:55 | Computer Name = PC_van_Ron | Source = Service Control Manager | ID = 7001
Description =
 
Error - 19-11-2012 14:11:55 | Computer Name = PC_van_Ron | Source = Service Control Manager | ID = 7001
Description =
 
Error - 19-11-2012 14:11:55 | Computer Name = PC_van_Ron | Source = Service Control Manager | ID = 7026
Description =
 
Error - 20-11-2012 9:56:37 | Computer Name = PC_van_Ron | Source = Service Control Manager | ID = 7001
Description =
 
Error - 20-11-2012 9:56:37 | Computer Name = PC_van_Ron | Source = Service Control Manager | ID = 7026
Description =
 
Error - 20-11-2012 11:51:42 | Computer Name = PC_van_Ron | Source = BROWSER | ID = 8032
Description =
 
 
< End of report >
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 11/21/2012 11:30 AM (GMT +2)    Quote: Trojan affection steamAlert an admin about: Trojan affection steam
Hi ronnydepp smile



Running two antivirus - Bullguard and AVG - on the same computer can degrade performance and cause system instability.
I´ll therefore suggest you remove one of them from add/remove programs in controlpanel.



Here's a tool that is easy to use to remove even the hardest to remove adware, PUP's, hijacker's, and toolbars.

Please download AdwCleaner
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner


• Double click on AdwCleaner.exe to run the tool.
***Note: Windows Vista and Windows 7 users:
Right click in the adwCleaner.exe and select – Run as admin
• Click the Search button.

• A logfile will automatically open after the scan has finished.


Post the log in next reply.......


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

ronnydepp
New Member


Date Joined Nov 2012
Total Posts : 6
 
   Posted 11/21/2012 3:11 PM (GMT +2)    Quote: Trojan affection steamAlert an admin about: Trojan affection steam
Hello,
I've been trying to delete AVG in the control panel, because i pay for bullguard. But i'm unable to delete AVG.
Here's te logfile of adwcleaner:
 
# AdwCleaner v2.008 - Verslag gemaakt op 21/11/2012 om 14:12:09
# Geactualiseerd op 17/11/2012 door Xplode
# Besturingssysteem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Gebruiker : Ron - PC_VAN_RON
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q249NUSU\adwcleaner.exe
# Optie [Zoeken]

***** [Diensten] *****

***** [Files / Mappen] *****
File Aanwezig : C:\user.js
Map Aanwezig : C:\Program Files\Ask.com
Map Aanwezig : C:\Program Files\Media Access Startup
Map Aanwezig : C:\Program Files\Yontoo
Map Aanwezig : C:\ProgramData\Ask
Map Aanwezig : C:\ProgramData\Babylon
Map Aanwezig : C:\ProgramData\InstallMate
Map Aanwezig : C:\ProgramData\Premium
Map Aanwezig : C:\ProgramData\Tarma Installer
Map Aanwezig : C:\Users\Ron\AppData\Local\Babylon
Map Aanwezig : C:\Users\Ron\AppData\Local\Ilivid Player
Map Aanwezig : C:\Users\Ron\AppData\Local\Temp\BabylonToolbar
Map Aanwezig : C:\Users\Ron\AppData\LocalLow\AskToolbar
Map Aanwezig : C:\Users\Ron\AppData\LocalLow\BabylonToolbar
Map Aanwezig : C:\Users\Ron\AppData\LocalLow\boost_interprocess
Map Aanwezig : C:\Users\Ron\AppData\LocalLow\Media Access Startup
Map Aanwezig : C:\Users\Ron\AppData\Roaming\Babylon
Map Aanwezig : C:\Users\Ron\AppData\Roaming\vghd
Map Aanwezig : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Register] *****
Sleutel Aanwezig : HKCU\Software\APN
Sleutel Aanwezig : HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\AskToolbar
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Crossrider
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Media Access Startup
Sleutel Aanwezig : HKCU\Software\Ask.com
Sleutel Aanwezig : HKCU\Software\Cr_Installer
Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Sleutel Aanwezig : HKCU\Software\Softonic
Sleutel Aanwezig : HKLM\Software\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Sleutel Aanwezig : HKLM\Software\APN
Sleutel Aanwezig : HKLM\Software\AskToolbar
Sleutel Aanwezig : HKLM\Software\Babylon
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CrossriderApp0000435.BHO
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CrossriderApp0000435.BHO.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CrossriderApp0000435.FBApi
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CrossriderApp0000435.FBApi.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CrossriderApp0000435.Sandbox
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CrossriderApp0000435.Sandbox.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Prod.cap
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Sleutel Aanwezig : HKLM\Software\Iminent
Sleutel Aanwezig : HKLM\Software\Media Access Startup
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F84D69AA-3E20-4305-984E-18E640D7F7FF}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Sleutel Aanwezig : HKLM\SOFTWARE\Software
Sleutel Aanwezig : HKLM\Software\Tarma Installer
Sleutel Aanwezig : HKU\S-1-5-21-2903851507-1979561720-2490043369-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Het register bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner[R1].txt - [12561 octets] - [21/11/2012 14:12:09]
########## EOF - C:\AdwCleaner[R1].txt - [12622 octets] ##########
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 11/21/2012 3:53 PM (GMT +2)    Quote: Trojan affection steamAlert an admin about: Trojan affection steam
Please rescan with AdwCleaner.


• Double-click AdwCleaner.exe to run the tool.
• Click Delete.
• Everything that was found will be deleted.
• Save any open files and approve the reboot. A text file will open after the restart.


I don´t need the log.




Then ->


Please download Combofix from here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
And save to the desktop.

After the download is complete, perform the following tasks before using the ComboFix tool to scan your PC:
Exit all windows that are currently open on your computer.
To prevent interference, temporarily disable your antivirus, antispyware, firewall and other security tools that may be running on your computer.


Double-click on the combofix icon found on your desktop.

Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall.
In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

When finished, it will produce a logfile located at C:\combofix.txt.


Post the contents of that log in your next reply

The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Post Edited (Touch) : 11/21/2012 2:00:04 PM GMT

Back to Top
 

ronnydepp
New Member


Date Joined Nov 2012
Total Posts : 6
 
   Posted 11/21/2012 4:39 PM (GMT +2)    Quote: Trojan affection steamAlert an admin about: Trojan affection steam
Hi,
De AVG deleter worked. It is now deleted from my system and steam already worked after that. But i ran combofix anyway because you told me.. Here is the log.

 
ComboFix 12-11-21.01 - Ron 21-11-2012  15:19:44.1.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.31.1043.18.3325.1844 [GMT 1:00]
Gestart vanuit: c:\users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWMP8M0H\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\program files\p2pmax
c:\program files\p2pmax\p2pmaxu.exe
c:\program files\ppcbooster
c:\program files\ppcbooster\ppcbu_32.exe
c:\program files\runit
c:\program files\runit\runitu_32.exe
c:\program files\System Search Dispatcher
c:\program files\System Search Dispatcher\1.3.0.840\Data\eacore.mx
c:\program files\System Search Dispatcher\1.3.0.840\Data\URLDynamic.mx
c:\program files\System Search Dispatcher\1.3.0.840\Data\URLStatic.mx
c:\program files\System Search Dispatcher\1.3.0.840\unins000.dat
c:\program files\System Search Dispatcher\1.3.0.840\unins000.exe
c:\users\Ron\AppData\Roaming\020000002c578abf530C.manifest
c:\users\Ron\AppData\Roaming\020000002c578abf530O.manifest
c:\users\Ron\AppData\Roaming\020000002c578abf530P.manifest
c:\users\Ron\AppData\Roaming\020000002c578abf530S.manifest
c:\users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ppcb_32.lnk
c:\users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runit_32.lnk
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2012-10-21 to 2012-11-21  ))))))))))))))))))))))))))))))
.
.
2012-11-21 14:34 . 2012-11-21 14:34 -------- d-----w- c:\users\Ron\AppData\Local\temp
2012-11-21 14:34 . 2012-11-21 14:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-20 15:47 . 2012-11-20 15:46 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-20 15:08 . 2012-11-20 15:08 -------- d-----w- c:\users\Ron\AppData\Roaming\dll-files.com
2012-11-20 15:08 . 2012-11-20 15:08 -------- d-----w- c:\program files\Dll-Files.com Fixer
2012-11-20 15:04 . 2012-11-21 14:13 -------- d-----w- c:\program files\steam
2012-11-16 17:24 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 17:24 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 11:13 . 2012-11-19 13:06 -------- d-----w- c:\program files\Applian Technologies
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2012-11-15 09:35 . 2012-11-15 09:36 -------- d-----w- c:\program files\QuickTime
2012-11-15 08:55 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-15 08:55 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-11-15 08:55 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-11-15 08:55 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-11-15 08:55 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-11-15 08:55 . 2012-09-13 13:28 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-15 08:55 . 2012-10-12 14:29 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-11-15 08:54 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-11-15 08:54 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-20 15:46 . 2012-08-15 11:36 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-11-20 15:46 . 2010-05-13 10:48 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-15 09:32 . 2011-05-19 19:05 404920 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-15 08:44 . 2011-04-05 09:02 100216 ----a-w- c:\windows\system32\BgGamingMonitor.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Steam"="c:\program files\steam\Steam.exe" [2012-11-21 1353080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-08 178712]
"TVEService"="c:\program files\HomeCinema\TV Enhance\TVEService.exe" [2008-10-14 180224]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-09 6281760]
"Skytel"="Skytel.exe" [2008-09-09 1833504]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-22 13589024]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-22 92704]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-10-14 20480]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"BullGuard"="c:\program files\BullGuard Ltd\BullGuard\BullGuard.exe" [2012-11-15 1756512]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
c:\users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
p2pmax.lnk - c:\program files\p2pmax\p2pmax.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ    FontCache
BullGuard_Main REG_MULTI_SZ    BsMain
BullGuard REG_MULTI_SZ    BsFileScan BsFire
BullGuard_LowPriv REG_MULTI_SZ    BsBrowser
BullGuard_Backup REG_MULTI_SZ    BsBackup
BullGuard_Proxy REG_MULTI_SZ    BsMailProxy
.
Inhoud van de 'Gedeelde Taken' map
.
2012-11-20 c:\windows\Tasks\DLL-files.com Fixer_MONTHLY.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2012-11-20 13:31]
.
2012-11-20 c:\windows\Tasks\DLL-files.com Fixer_UPDATES.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2012-11-20 13:31]
.
2011-06-25 c:\windows\Tasks\Install_NSS.job
- c:\program files\DivX\Symantec\scstubinstaller.exe [2010-03-08 18:00]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{5B291E6C-9A74-4034-971B-A4B007A0B315} - (no file)
HKCU-Run-Meelodl - c:\users\Ron\AppData\Roaming\U!!!bo\agoxa.exe
AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.5.0.850\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
AddRemove-{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 - c:\program files\System Search Dispatcher\1.3.0.840\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-21 15:34
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-2903851507-1979561720-2490043369-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:00,c0,dc,ab,2e,ac,f8,b3,f0,32,2e,59,00,77,5b,fe,a2,54,93,be,20,97,05,
   6e,34,c0,b5,0a,07,a0,d7,de,b2,79,4b,ae,bd,b1,52,9d,4e,4c,a8,5c,df,7a,fa,d4,\
"??"=hex:03,f1,3a,95,8e,77,72,cb,93,ae,35,88,8a,83,cd,c1
.
[HKEY_USERS\S-1-5-21-2903851507-1979561720-2490043369-1000\Software\SecuROM\License information*]
"datasecu"=hex:a1,b5,ee,ed,de,7b,5b,05,e0,eb,8a,27,0d,99,55,74,76,20,40,8e,52,
   96,ab,2f,71,df,35,37,e3,89,48,16,98,66,c9,41,d9,bc,8c,d4,12,79,e7,05,e5,be,\
"rkeysecu"=hex:31,49,d7,e2,10,45,57,43,89,4a,3c,f3,9d,df,44,c6
.
Voltooingstijd: 2012-11-21  15:37:39
ComboFix-quarantined-files.txt  2012-11-21 14:37
.
Pre-Run: 316.337.504.256 bytes beschikbaar
Post-Run: 316.542.656.512 bytes beschikbaar
.
- - End Of File - - 5959C9A768351942EB2BDA47CF52F6A1
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 11/21/2012 10:53 PM (GMT +2)    Quote: Trojan affection steamAlert an admin about: Trojan affection steam
"De AVG deleter worked"

Good :-)



Open notepad and copy/paste the text in bold in below into it:


Snapshot::
Folder::
c:\program files\Spybot - Search & Destroy
c:\program files\p2pmax
File::
c:\windows\Tasks\DLL-files.com Fixer_MONTHLY.job
2012-11-20 c:\windows\Tasks\DLL-files.com Fixer_UPDATES.job
2011-06-25 c:\windows\Tasks\Install_NSS.job
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=-




Save this as:CFScript



Once saved, drag CFScript.txt into ComboFix.exe.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please post it to your next reply


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

ronnydepp
New Member


Date Joined Nov 2012
Total Posts : 6
 
   Posted 11/22/2012 11:19 AM (GMT +2)    Quote: Trojan affection steamAlert an admin about: Trojan affection steam
Hello,
 
Here is the log:
 
ComboFix 12-11-22.02 - Ron 22-11-2012   9:55.2.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.31.1043.18.3325.2193 [GMT 1:00]
Gestart vanuit: c:\users\Ron\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Ron\Desktop\CFScript.txt
AV: BullGuard Antivirus *Enabled/Updated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
FW: BullGuard Firewall *Disabled* {68747E43-7A47-EA26-053F-CB84640E3E67}
SP: BullGuard Antispyware *Enabled/Updated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
.
FILE ::
"c:\windows\Tasks\DLL-files.com Fixer_MONTHLY.job"
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Spybot - Search & Destroy
c:\program files\Spybot - Search & Destroy\advcheck.dll
c:\program files\Spybot - Search & Destroy\aports.dll
c:\program files\Spybot - Search & Destroy\blindman.exe
c:\program files\Spybot - Search & Destroy\Default configuration.ini
c:\program files\Spybot - Search & Destroy\DelZip179.dll
c:\program files\Spybot - Search & Destroy\Dummies\dummy.cd_clint.dll
c:\program files\Spybot - Search & Destroy\Dummies\dummy.dap.gif
c:\program files\Spybot - Search & Destroy\Dummies\dummy.data.xml
c:\program files\Spybot - Search & Destroy\Dummies\dummy.default.gif
c:\program files\Spybot - Search & Destroy\Dummies\dummy.related.htm
c:\program files\Spybot - Search & Destroy\Help\Brasil.license.txt
c:\program files\Spybot - Search & Destroy\Help\Cesky.license.txt
c:\program files\Spybot - Search & Destroy\Help\Deutsch.license.txt
c:\program files\Spybot - Search & Destroy\Help\English.chm
c:\program files\Spybot - Search & Destroy\Help\English.license.txt
c:\program files\Spybot - Search & Destroy\Help\Espanol.license.txt
c:\program files\Spybot - Search & Destroy\Help\Francais.license.txt
c:\program files\Spybot - Search & Destroy\Help\Hellenic.license.txt
c:\program files\Spybot - Search & Destroy\Help\Italiano.license.txt
c:\program files\Spybot - Search & Destroy\Help\Japanese.license.ansi.txt
c:\program files\Spybot - Search & Destroy\Help\Japanese.license.txt
c:\program files\Spybot - Search & Destroy\Help\Korean.license.txt
c:\program files\Spybot - Search & Destroy\Help\Nederlands.license.txt
c:\program files\Spybot - Search & Destroy\Help\Polski.license.txt
c:\program files\Spybot - Search & Destroy\Help\Russkiy.license.txt
c:\program files\Spybot - Search & Destroy\Help\Slovensky.license.txt
c:\program files\Spybot - Search & Destroy\Help\Srpski.license.txt
c:\program files\Spybot - Search & Destroy\Help\Suomi.license.txt
c:\program files\Spybot - Search & Destroy\Includes\Adware.sbi
c:\program files\Spybot - Search & Destroy\Includes\AdwareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Browserpages.sbs
c:\program files\Spybot - Search & Destroy\Includes\CLSIDs.sbs
c:\program files\Spybot - Search & Destroy\Includes\Cookies.sbi
c:\program files\Spybot - Search & Destroy\Includes\Cookies.sbs
c:\program files\Spybot - Search & Destroy\Includes\Dialer.sbi
c:\program files\Spybot - Search & Destroy\Includes\Dialer.sbs
c:\program files\Spybot - Search & Destroy\Includes\DialerC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Domains.sbs
c:\program files\Spybot - Search & Destroy\Includes\HeavyDuty.sbi
c:\program files\Spybot - Search & Destroy\Includes\Hijackers.sbi
c:\program files\Spybot - Search & Destroy\Includes\HijackersC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Keyloggers.sbi
c:\program files\Spybot - Search & Destroy\Includes\KeyloggersC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Logs.uts
c:\program files\Spybot - Search & Destroy\Includes\LSP.sbi
c:\program files\Spybot - Search & Destroy\Includes\LSP.sbs
c:\program files\Spybot - Search & Destroy\Includes\Malware.sbi
c:\program files\Spybot - Search & Destroy\Includes\MalwareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\OperaPlugins.sbs
c:\program files\Spybot - Search & Destroy\Includes\ProcWatch.sbs
c:\program files\Spybot - Search & Destroy\Includes\PUPS.sbi
c:\program files\Spybot - Search & Destroy\Includes\PUPSC.sbi
c:\program files\Spybot - Search & Destroy\Includes\RegWatch.sbs
c:\program files\Spybot - Search & Destroy\Includes\RegXLinks.sbs
c:\program files\Spybot - Search & Destroy\Includes\Revision.sbi
c:\program files\Spybot - Search & Destroy\Includes\Revision.sbs
c:\program files\Spybot - Search & Destroy\Includes\Searchpages.sbs
c:\program files\Spybot - Search & Destroy\Includes\Security.sbi
c:\program files\Spybot - Search & Destroy\Includes\SecurityC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Services.sbs
c:\program files\Spybot - Search & Destroy\Includes\Spybots.sbi
c:\program files\Spybot - Search & Destroy\Includes\SpybotsC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Spyware.sbi
c:\program files\Spybot - Search & Destroy\Includes\SpywareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Startup.tnfo
c:\program files\Spybot - Search & Destroy\Includes\Targets.nfo
c:\program files\Spybot - Search & Destroy\Includes\Tracks.uti
c:\program files\Spybot - Search & Destroy\Includes\Trojans.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC.sbi
c:\program files\Spybot - Search & Destroy\Includes\TTLASSH.sbs
c:\program files\Spybot - Search & Destroy\Includes\URL-Blacklist.sbs
c:\program files\Spybot - Search & Destroy\Includes\X509White.sbs
c:\program files\Spybot - Search & Destroy\Languages\Afrikaans.sbl
c:\program files\Spybot - Search & Destroy\Languages\Arabic.sbl
c:\program files\Spybot - Search & Destroy\Languages\Azeri.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bahasa Indonesia.sbl
c:\program files\Spybot - Search & Destroy\Languages\Belarusskiy.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bosanski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Brasil.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bulgarski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Catalan.sbl
c:\program files\Spybot - Search & Destroy\Languages\Cesky.sbl
c:\program files\Spybot - Search & Destroy\Languages\Chinese (simplified).sbl
c:\program files\Spybot - Search & Destroy\Languages\Chinese (traditional).sbl
c:\program files\Spybot - Search & Destroy\Languages\Dansk.sbl
c:\program files\Spybot - Search & Destroy\Languages\Deutsch.sbl
c:\program files\Spybot - Search & Destroy\Languages\Eesti.sbl
c:\program files\Spybot - Search & Destroy\Languages\English.sbl
c:\program files\Spybot - Search & Destroy\Languages\Espanol.sbl
c:\program files\Spybot - Search & Destroy\Languages\Esperanto.sbl
c:\program files\Spybot - Search & Destroy\Languages\Euskera.sbl
c:\program files\Spybot - Search & Destroy\Languages\Farsi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Francais.sbl
c:\program files\Spybot - Search & Destroy\Languages\Furlan.sbl
c:\program files\Spybot - Search & Destroy\Languages\Galego.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hebrew.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hellenic.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hindi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hrvatski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Islenska.sbl
c:\program files\Spybot - Search & Destroy\Languages\Italiano.sbl
c:\program files\Spybot - Search & Destroy\Languages\Japanese.sbl
c:\program files\Spybot - Search & Destroy\Languages\Korean.sbl
c:\program files\Spybot - Search & Destroy\Languages\Latvian.sbl
c:\program files\Spybot - Search & Destroy\Languages\Letzebuergesch.sbl
c:\program files\Spybot - Search & Destroy\Languages\Lietuviu.sbl
c:\program files\Spybot - Search & Destroy\Languages\Magyar.sbl
c:\program files\Spybot - Search & Destroy\Languages\Makedonski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Melayu.sbl
c:\program files\Spybot - Search & Destroy\Languages\Nederlands.sbl
c:\program files\Spybot - Search & Destroy\Languages\Norsk.sbl
c:\program files\Spybot - Search & Destroy\Languages\Polski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Portugues.sbl
c:\program files\Spybot - Search & Destroy\Languages\Romaneste.sbl
c:\program files\Spybot - Search & Destroy\Languages\Russkiy.sbl
c:\program files\Spybot - Search & Destroy\Languages\Shqip.sbl
c:\program files\Spybot - Search & Destroy\Languages\Slovenscina.sbl
c:\program files\Spybot - Search & Destroy\Languages\Slovensky.sbl
c:\program files\Spybot - Search & Destroy\Languages\Srpski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Suomi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Svenska.sbl
c:\program files\Spybot - Search & Destroy\Languages\Thai.sbl
c:\program files\Spybot - Search & Destroy\Languages\Turkce.sbl
c:\program files\Spybot - Search & Destroy\Languages\Ukrainian.sbl
c:\program files\Spybot - Search & Destroy\Languages\Uzbek.sbl
c:\program files\Spybot - Search & Destroy\messages.zres
c:\program files\Spybot - Search & Destroy\OHBAWDROOXRE.scr
c:\program files\Spybot - Search & Destroy\OptOut.ini
c:\program files\Spybot - Search & Destroy\Plugins\Chai.dll
c:\program files\Spybot - Search & Destroy\Plugins\Fennel.dll
c:\program files\Spybot - Search & Destroy\Plugins\Mate.dll
c:\program files\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
c:\program files\Spybot - Search & Destroy\SDFiles.exe
c:\program files\Spybot - Search & Destroy\SDHelper.dll
c:\program files\Spybot - Search & Destroy\SDMain.exe
c:\program files\Spybot - Search & Destroy\SDShred.exe
c:\program files\Spybot - Search & Destroy\SDUpdate.exe
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\program files\Spybot - Search & Destroy\Skins\Colorblind.ini
c:\program files\Spybot - Search & Destroy\Skins\Italia.ini
c:\program files\Spybot - Search & Destroy\Skins\Italia.jpg
c:\program files\Spybot - Search & Destroy\Skins\Peace.ini
c:\program files\Spybot - Search & Destroy\Skins\Peace.jpg
c:\program files\Spybot - Search & Destroy\SpybotSD.exe
c:\program files\Spybot - Search & Destroy\sqlite3.dll
c:\program files\Spybot - Search & Destroy\TeaTimer.exe
c:\program files\Spybot - Search & Destroy\Tools.dll
c:\program files\Spybot - Search & Destroy\unins000.dat
c:\program files\Spybot - Search & Destroy\unins000.exe
c:\program files\Spybot - Search & Destroy\unins000.msg
c:\program files\Spybot - Search & Destroy\UninsSrv.dll
c:\program files\Spybot - Search & Destroy\Update.exe
c:\program files\Spybot - Search & Destroy\Updates\clsid.zip
c:\program files\Spybot - Search & Destroy\Updates\downloaded.ini
c:\program files\Spybot - Search & Destroy\Updates\lang.nederlands.zip
c:\program files\Spybot - Search & Destroy\Updates\online.ini
c:\program files\Spybot - Search & Destroy\Updates\online.ini.uiz
c:\program files\Spybot - Search & Destroy\WFZRQLXM.scr
c:\program files\Spybot - Search & Destroy\YOPFYJPD.scr
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SBSDWSCService
-------\Service_SBSDWSCService
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2012-10-22 to 2012-11-22  ))))))))))))))))))))))))))))))
.
.
2012-11-22 09:08 . 2012-11-22 09:11 -------- d-----w- c:\users\Ron\AppData\Local\temp
2012-11-20 15:47 . 2012-11-20 15:46 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-20 15:08 . 2012-11-20 15:08 -------- d-----w- c:\users\Ron\AppData\Roaming\dll-files.com
2012-11-20 15:08 . 2012-11-20 15:08 -------- d-----w- c:\program files\Dll-Files.com Fixer
2012-11-20 15:04 . 2012-11-22 09:11 -------- d-----w- c:\program files\steam
2012-11-16 17:24 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 17:24 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 11:13 . 2012-11-19 13:06 -------- d-----w- c:\program files\Applian Technologies
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2012-11-15 09:36 . 2012-11-15 09:36 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2012-11-15 09:35 . 2012-11-15 09:36 -------- d-----w- c:\program files\QuickTime
2012-11-15 08:55 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-15 08:55 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-11-15 08:55 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-11-15 08:55 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-11-15 08:55 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-11-15 08:55 . 2012-09-13 13:28 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-15 08:55 . 2012-10-12 14:29 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-11-15 08:54 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-11-15 08:54 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-20 15:46 . 2012-08-15 11:36 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-11-20 15:46 . 2010-05-13 10:48 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-15 09:32 . 2011-05-19 19:05 404920 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-15 08:44 . 2011-04-05 09:02 100216 ----a-w- c:\windows\system32\BgGamingMonitor.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Steam"="c:\program files\steam\Steam.exe" [2012-11-21 1353080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-08 178712]
"TVEService"="c:\program files\HomeCinema\TV Enhance\TVEService.exe" [2008-10-14 180224]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-09 6281760]
"Skytel"="Skytel.exe" [2008-09-09 1833504]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-22 13589024]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-22 92704]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-10-14 20480]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"BullGuard"="c:\program files\BullGuard Ltd\BullGuard\BullGuard.exe" [2012-11-15 1756512]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
c:\users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
p2pmax.lnk - c:\program files\p2pmax\p2pmax.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\System32\BgGamingMonitor.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ    FontCache
BullGuard_Main REG_MULTI_SZ    BsMain
BullGuard REG_MULTI_SZ    BsFileScan BsFire
BullGuard_LowPriv REG_MULTI_SZ    BsBrowser
BullGuard_Backup REG_MULTI_SZ    BsBackup
BullGuard_Proxy REG_MULTI_SZ    BsMailProxy
.
Inhoud van de 'Gedeelde Taken' map
.
2012-11-21 c:\windows\Tasks\DLL-files.com Fixer_MONTHLY.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2012-11-20 13:31]
.
2012-11-22 c:\windows\Tasks\DLL-files.com Fixer_UPDATES.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2012-11-20 13:31]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
AddRemove-{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 - c:\program files\Spybot - Search & Destroy\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-22 10:11
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-2903851507-1979561720-2490043369-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:00,c0,dc,ab,2e,ac,f8,b3,f0,32,2e,59,00,77,5b,fe,a2,54,93,be,20,97,05,
   6e,34,c0,b5,0a,07,a0,d7,de,b2,79,4b,ae,bd,b1,52,9d,4e,4c,a8,5c,df,7a,fa,d4,\
"??"=hex:03,f1,3a,95,8e,77,72,cb,93,ae,35,88,8a,83,cd,c1
.
[HKEY_USERS\S-1-5-21-2903851507-1979561720-2490043369-1000\Software\SecuROM\License information*]
"datasecu"=hex:a1,b5,ee,ed,de,7b,5b,05,e0,eb,8a,27,0d,99,55,74,76,20,40,8e,52,
   96,ab,2f,71,df,35,37,e3,89,48,16,98,66,c9,41,d9,bc,8c,d4,12,79,e7,05,e5,be,\
"rkeysecu"=hex:31,49,d7,e2,10,45,57,43,89,4a,3c,f3,9d,df,44,c6
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PSIService.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\program files\Secunia\PSI\PSIA.exe
c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
c:\program files\Secunia\PSI\sua.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Voltooingstijd: 2012-11-22  10:17:53 - machine werd herstart
ComboFix-quarantined-files.txt  2012-11-22 09:17
ComboFix2.txt  2012-11-21 14:37
.
Pre-Run: 311.391.465.472 bytes beschikbaar
Post-Run: 310.827.626.496 bytes beschikbaar
.
- - End Of File - - 2ACD0C0EAD083CBE55E248A95C18EE7D
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 11/22/2012 4:40 PM (GMT +2)    Quote: Trojan affection steamAlert an admin about: Trojan affection steam
Looks clean to me smile



And the computer is still running fine?


If it does, then it's time to clean up................



Click on the CleanUp! button.
You'll be asked if you want to Begin cleanup process? Select Yes.
This step removes the files, folders, and shortcuts created by the tools I had you download and run.

When done, you will be prompted to restart your computer. Please restart your computer.


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

ronnydepp
New Member


Date Joined Nov 2012
Total Posts : 6
 
   Posted 11/23/2012 11:02 AM (GMT +2)    Quote: Trojan affection steamAlert an admin about: Trojan affection steam
Hi,
Looks clean to me too.. Computer is fast again. Its great. Thanks a lot.
Do you recommend a standard program that is shoud run occasionally besides bullguard to keep my computer fast and safe?
Thanks already!..
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 11/23/2012 4:24 PM (GMT +2)    Quote: Trojan affection steamAlert an admin about: Trojan affection steam
>>Do you recommend a standard program that is shoud run occasionally besides bullguard to keep my computer fast and safe?<<


Yes, a few actually


"Secunia Personal Software Inspector (PSI) is a free computer security solution that
identifies vulnerabilities in non-Microsoft (third-party) programs which can leave your PC open to attacks."

http://secunia.com/vulnerability_scanning/personal/


"CCleaner is the number-one tool for cleaning your Windows PC.
It protects your privacy online and makes your computer faster and more secure.
Easy to use and a small, fast download."

http://www.piriform.com/ccleaner

Malwarebyte - Free Download

http://www.malwarebytes.org/


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

ronnydepp
New Member


Date Joined Nov 2012
Total Posts : 6
 
   Posted 11/23/2012 4:28 PM (GMT +2)    Quote: Trojan affection steamAlert an admin about: Trojan affection steam
Already had Secunia.. Now downloaded CCcleaner.
Thanks a lot for the help!!
Greetz..
Back to Top
 
New Topic Post reply to : Trojan affection steam Printable version of : Trojan affection steam
 
Forum Information
Currently it is Friday, October 31, 2014 12:47 PM (GMT +2)
There are a total of 60,719 posts in 13,338 threads.
In the last 3 days there were 4 new threads and 6 reply posts. View Active Threads
Who's Online
This forum has 36602 registered members. Please welcome our newest member, Babette Hadden.
4 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Budget Kitchens London (0)10/31/2014 7:04:45 AM (rakpenak)
Cheap Kitchen Units In UK (0)10/31/2014 6:48:00 AM (mtkyytpw)
COMPUTER PROBLEMS (2)10/31/2014 3:00:32 AM (Deb1957)
Cheap Kitchen Units In Leeds UK (0)10/31/2014 1:45:44 AM (ceagceog8)
Bullguard dosent update to latest versions (19)10/30/2014 6:35:00 PM (LeoK)