Ga naar inhoud

verwijderen mallware troep


Aanbevolen berichten

Hey, ik zou graag alle mallwartroep van mn laptop verwijderen.

zoals aangegeven in de instructies de kopie van het logje... Chrz bij voorbaat:-)

Logfile of random's system information tool 1.09 (written by random/random)

Run by otis at 2013-10-01 20:49:10

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 450 GB (65%) free of 697 GB

Total RAM: 8044 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:49:19, on 1-10-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16686)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\otis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search-Gol

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe"

O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\Files32\Antiphishing\IE\BGAntiphishingIE.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\Files32\BgAgent.dll

O23 - Service: AcerSyncSystemService - Unknown owner - C:\Program Files\Acer\AcerSync\AcerSyncSystemService.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: BitGuard - Unknown owner - C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardBhvScanner.exe

O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exe

O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe

O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11607 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

winlogon.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe 25029584

\??\C:\Windows\system32\conhost.exe "5824840381686010903-18027422691922422325-2049112790-129503714526246239-1961998064

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files\Acer\AcerSync\AcerSyncSystemService.exe"

taskeng.exe {CDBF4DAE-0C2A-4743-8A33-005411EB82DC}

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

"C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardBhvScanner.exe"

C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy

C:\Windows\System32\SvcHost.exe -k BullGuard_Main

"C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exe"

"C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exe"

"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"

taskeng.exe {E2327717-77CA-4FCF-BF91-217A30796764}

"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"

"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"

"C:\Program Files (x86)\Launch Manager\LMworker.exe"

"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" /PROTECT

"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"

"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"

"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE

"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"

"C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe" "C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe"

C:\Windows\System32\SvcHost.exe -k BullGuard

"c:\program files\bullguard ltd\bullguard antivirus\BgWsc.exe" /prodpath "c:\program files\bullguard ltd\bullguard antivirus\BullGuard.exe" /setav expire /setas off

\??\C:\Windows\system32\conhost.exe "-1521619505761228823-492565048-611304787823710032-775744610-1775627880-1003310377

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"

"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2220

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

"C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuard.exe" -boot

"C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5eea4b5e-43ca-44ba-a3af-5d034019b6b1 -SystemEventPortName:HostProcess-f911719d-c628-4dc4-be5c-2de3022b49b8 -IoCancelEventPortName:HostProcess-c92e679b-e25b-4f86-9b48-ad1ee91fffde -NonStateChangingEventPortName:HostProcess-33793497-2d36-4987-96f6-234f2845821a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e3815e18-b02c-4d95-ba2c-0d14b20980b2 -DeviceGroupId:WpdFsGroup

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe"

"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4588.0.1489080464\299165264" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0126 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2418 --ignored=" --type=renderer " /prefetch:822062411

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_19/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4588.3.1485289857\711466530" /prefetch:673131151

"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_19/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="4588.5.1416450963\1213709881" /prefetch:673131151

"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_19/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4588.6.1105352769\1334482266" /prefetch:673131151

"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4588.7.18103347\1852769411" --lang=nl --ignored=" --type=renderer " /prefetch:-632637702

"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_19/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4588.10.661753608\1257467262" /prefetch:673131151

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

"C:\Windows\system32\wuauclt.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical

"C:\Program Files\EgisTec IPS\PMMUpdate.exe"

"C:\Program Files\EgisTec IPS\EgisUpdate.exe"

"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt

"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_19/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4588.13.143587142\1678753115" /prefetch:673131151

"C:\Users\otis\Downloads\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

C:\Windows\tasks\DSite.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2102026880-3765431175-3054695707-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2102026880-3765431175-3054695707-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-01 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]

delta Helper Object - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll [2013-08-15 314264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-01 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2013-04-17 197920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{82E1477C-B154-48D3-9891-33D83C26BCD3} - Delta Toolbar - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll [2013-08-15 300952]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"BullGuard"=C:\Program Files\BullGuard Ltd\BullGuard Antivirus\bullguard.exe [2013-06-06 970080]

"BullGuardUpdate2"=c:\program files\bullguard ltd\bullguard antivirus\BullGuardUpdate2.exe [2013-06-06 2531168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"=C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-11 116648]

"Spotify Web Helper"=C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-03-22 1103768]

"Yontoo Desktop"=C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe [2013-04-17 42784]

"MyTomTomSA.exe"=C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [2013-04-17 455608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer AnySync]

C:\Program Files\Acer\AcerSync\AcerSync.exe [2011-06-16 3044456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService]

C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-08-27 177448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Advanced Audio v2]

C:\Dolby PCEE4\pcee4.exe [2011-06-01 506712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]

C:\Program Files\Elantech\ETDCtrl.exe [2011-04-05 2589992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-11 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

C:\Windows\system32\hkcmd.exe [2011-06-21 392472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

C:\Windows\system32\igfxtray.exe [2011-06-21 167704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelTBRunOnce]

wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]

C:\Windows\system32\M-AudioTaskBarIcon.exe [2011-10-18 924464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe]

C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2012-03-08 4280184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup]

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

C:\Windows\system32\igfxpers.exe [2011-06-21 416024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg_Dolby]

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-16 12673128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]

C:\Users\otis\AppData\Roaming\Spotify\Spotify.exe [2013-03-22 4477336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-03-22 1103768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]

C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

C:\PROGRA~2\MCAFEE~1\30937D~1.207\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~3\Wincert\WIN64C~1.DLL c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2011-06-10 389632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsUpdate]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2013-10-01 20:35:34 ----D---- C:\rsit

2013-10-01 20:35:34 ----D---- C:\Program Files\trend micro

2013-09-29 22:54:21 ----D---- C:\Users\otis\AppData\Roaming\Delta

2013-09-29 22:54:21 ----D---- C:\Program Files (x86)\Mozilla Firefox

2013-09-29 22:54:21 ----D---- C:\Program Files (x86)\Delta

2013-09-29 22:53:47 ----D---- C:\ProgramData\BitGuard

2013-09-29 22:53:45 ----D---- C:\ProgramData\DSearchLink

2013-09-13 11:24:50 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-09-13 11:24:50 ----A---- C:\Windows\system32\ieui.dll

2013-09-13 11:24:49 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-09-13 11:24:49 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-09-13 11:24:49 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-09-13 11:24:49 ----A---- C:\Windows\system32\iesetup.dll

2013-09-13 11:24:49 ----A---- C:\Windows\system32\iernonce.dll

2013-09-13 11:24:48 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-09-13 11:24:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-09-13 11:24:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-09-13 11:24:48 ----A---- C:\Windows\system32\iesysprep.dll

2013-09-13 11:24:48 ----A---- C:\Windows\system32\iertutil.dll

2013-09-13 11:24:48 ----A---- C:\Windows\system32\ie4uinit.exe

2013-09-13 11:24:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-09-13 11:24:47 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-09-13 11:24:47 ----A---- C:\Windows\system32\msfeeds.dll

2013-09-13 11:24:47 ----A---- C:\Windows\system32\jscript.dll

2013-09-13 11:24:46 ----A---- C:\Windows\system32\jscript9.dll

2013-09-13 11:24:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-09-13 11:24:45 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-09-13 11:24:45 ----A---- C:\Windows\system32\urlmon.dll

2013-09-13 11:24:44 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-09-13 11:24:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-09-13 11:24:44 ----A---- C:\Windows\system32\jsproxy.dll

2013-09-13 11:24:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-09-13 11:24:43 ----A---- C:\Windows\system32\wininet.dll

2013-09-13 11:24:42 ----A---- C:\Windows\system32\ieframe.dll

2013-09-13 11:24:41 ----A---- C:\Windows\system32\mshtml.dll

2013-09-13 11:24:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-09-11 01:46:35 ----A---- C:\Windows\system32\drivers\ataport.sys

2013-09-11 01:46:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2013-09-11 01:46:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2013-09-11 01:46:33 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-09-11 01:46:33 ----A---- C:\Windows\system32\ntdll.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\wow32.dll

2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\user.exe

2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\setup16.exe

2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll

2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll

2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\instnm.exe

2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\apisetschema.dll

2013-09-11 01:46:32 ----A---- C:\Windows\system32\wow64win.dll

2013-09-11 01:46:32 ----A---- C:\Windows\system32\wow64cpu.dll

2013-09-11 01:46:32 ----A---- C:\Windows\system32\wow64.dll

2013-09-11 01:46:32 ----A---- C:\Windows\system32\winsrv.dll

2013-09-11 01:46:32 ----A---- C:\Windows\system32\smss.exe

2013-09-11 01:46:32 ----A---- C:\Windows\system32\ntvdm64.dll

2013-09-11 01:46:32 ----A---- C:\Windows\system32\KernelBase.dll

2013-09-11 01:46:32 ----A---- C:\Windows\system32\kernel32.dll

2013-09-11 01:46:32 ----A---- C:\Windows\system32\csrsrv.dll

2013-09-11 01:46:32 ----A---- C:\Windows\system32\conhost.exe

2013-09-11 01:46:32 ----A---- C:\Windows\system32\apisetschema.dll

2013-09-11 01:46:31 ----A---- C:\Windows\system32\win32k.sys

2013-09-11 01:46:27 ----A---- C:\Windows\system32\shell32.dll

2013-09-11 01:46:26 ----A---- C:\Windows\SYSWOW64\shell32.dll

2013-09-11 01:46:25 ----A---- C:\Windows\SYSWOW64\shdocvw.dll

2013-09-11 01:46:25 ----A---- C:\Windows\system32\shdocvw.dll

2013-08-15 23:35:24 ----A---- C:\Windows\SYSWOW64\crypt32.dll

2013-08-15 23:35:24 ----A---- C:\Windows\system32\crypt32.dll

2013-08-15 23:35:23 ----A---- C:\Windows\SYSWOW64\wintrust.dll

2013-08-15 23:35:23 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll

2013-08-15 23:35:23 ----A---- C:\Windows\SYSWOW64\cryptnet.dll

2013-08-15 23:35:23 ----A---- C:\Windows\system32\wintrust.dll

2013-08-15 23:35:23 ----A---- C:\Windows\system32\cryptsvc.dll

2013-08-15 23:35:23 ----A---- C:\Windows\system32\cryptnet.dll

2013-08-15 23:35:15 ----A---- C:\Windows\SYSWOW64\tzres.dll

2013-08-15 23:35:15 ----A---- C:\Windows\system32\tzres.dll

2013-08-15 23:35:12 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL

2013-08-15 23:35:12 ----A---- C:\Windows\system32\WMVDECOD.DLL

2013-08-15 23:35:11 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll

2013-08-15 23:35:11 ----A---- C:\Windows\system32\rpcrt4.dll

2013-08-15 23:35:11 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2013-08-15 23:35:11 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-07-24 22:52:21 ----D---- C:\Program Files (x86)\Rockstar Games

2013-07-23 23:17:17 ----D---- C:\Program Files (x86)\Rage

2013-07-23 23:16:51 ----SHD---- C:\Windows\ei_temp

2013-07-10 21:20:29 ----A---- C:\Windows\SYSWOW64\qedit.dll

2013-07-10 21:20:29 ----A---- C:\Windows\system32\qedit.dll

2013-07-10 21:20:14 ----A---- C:\Windows\system32\DWrite.dll

2013-07-10 21:20:13 ----A---- C:\Windows\SYSWOW64\DWrite.dll

2013-07-08 23:27:46 ----A---- C:\Windows\SYSWOW64\REX Shared Library.dll

2013-07-08 23:27:46 ----A---- C:\Windows\SYSWOW64\ReWire.dll

2013-07-03 12:49:12 ----D---- C:\Users\otis\AppData\Roaming\PowerCinema

======List of files/folders modified in the last 3 months======

2013-10-01 20:49:16 ----D---- C:\ProgramData\BullGuard

2013-10-01 20:36:07 ----D---- C:\Windows\Prefetch

2013-10-01 20:35:34 ----RD---- C:\Program Files

2013-10-01 20:27:33 ----D---- C:\Windows\Temp

2013-10-01 20:27:32 ----A---- C:\Windows\SYSWOW64\log.txt

2013-10-01 20:27:15 ----D---- C:\Windows\System32

2013-10-01 20:25:42 ----D---- C:\ProgramData\clear.fi

2013-10-01 20:25:39 ----D---- C:\Users\otis\AppData\Roaming\Yontoo

2013-10-01 20:25:34 ----D---- C:\Windows\system32\config

2013-10-01 20:25:19 ----D---- C:\Windows\system32\Tasks

2013-09-29 23:06:56 ----SHD---- C:\System Volume Information

2013-09-29 23:03:48 ----A---- C:\Users\otis\AppData\Roaming\bitlord_log.txt

2013-09-29 22:54:59 ----D---- C:\Users\otis\AppData\Roaming\BitLord

2013-09-29 22:54:21 ----D---- C:\Program Files (x86)

2013-09-29 22:53:54 ----SHD---- C:\Windows\Installer

2013-09-29 22:53:47 ----HD---- C:\ProgramData

2013-09-29 22:51:36 ----A---- C:\Windows\wininit.ini

2013-09-17 12:36:46 ----D---- C:\Windows\rescache

2013-09-15 19:05:44 ----D---- C:\Windows\Microsoft.NET

2013-09-15 19:05:19 ----RSD---- C:\Windows\assembly

2013-09-14 21:59:54 ----D---- C:\Windows\winsxs

2013-09-14 21:57:42 ----D---- C:\Windows\SysWOW64

2013-09-14 21:57:42 ----D---- C:\Program Files (x86)\Internet Explorer

2013-09-14 21:57:41 ----D---- C:\Program Files\Internet Explorer

2013-09-14 21:57:40 ----D---- C:\Windows\AppPatch

2013-09-14 21:57:39 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-09-14 21:57:39 ----D---- C:\Windows\system32\nl-NL

2013-09-14 21:57:37 ----D---- C:\Windows\system32\DriverStore

2013-09-14 21:57:37 ----D---- C:\Windows\system32\drivers

2013-09-14 21:57:25 ----D---- C:\Users\otis\AppData\Roaming\SoftGrid Client

2013-09-14 00:06:59 ----D---- C:\Users\otis\AppData\Roaming\BSplayer

2013-09-13 11:25:20 ----D---- C:\Windows\system32\catroot

2013-09-13 11:25:18 ----D---- C:\Windows\system32\catroot2

2013-09-13 11:24:31 ----D---- C:\Windows\inf

2013-09-13 11:24:31 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2013-09-13 11:24:30 ----D---- C:\Program Files (x86)\Microsoft Application Virtualization Client

2013-08-16 03:02:13 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-08-01 23:10:36 ----D---- C:\Program Files (x86)\Google

2013-08-01 01:46:22 ----D---- C:\Windows

2013-07-24 22:52:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2013-07-22 19:47:53 ----D---- C:\ProgramData\McAfee

2013-07-11 13:56:25 ----D---- C:\Program Files\Microsoft Silverlight

2013-07-11 13:56:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2013-07-11 13:55:36 ----D---- C:\Program Files\Windows Defender

2013-07-11 13:55:36 ----D---- C:\Program Files (x86)\Windows Defender

2013-07-11 13:55:35 ----D---- C:\Program Files\Windows Journal

2013-07-10 21:30:57 ----D---- C:\Users\otis\AppData\Roaming\Spotify

2013-07-08 23:27:00 ----D---- C:\Program Files (x86)\Ableton

2013-07-07 14:59:17 ----D---- C:\Users\otis\AppData\Roaming\Ableton

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-04-26 557848]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-19 564824]

R1 BdSpy;BdSpy; C:\Windows\system32\drivers\BdSpy.sys [2013-03-18 68720]

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-11-19 22648]

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-11-19 20520]

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-11-19 62776]

R1 NovaShieldFilterDriver;NovaShieldFilterDriver; C:\Windows\system32\DRIVERS\NSKernel.sys [2012-06-26 256072]

R1 NovaShieldTDIDriver;NovaShieldTDIDriver; C:\Windows\system32\DRIVERS\NSNetmon.sys [2012-06-26 25160]

R1 StarPortLite;StarPort Storage Controller (Lite); C:\Windows\system32\DRIVERS\StarPortLite.sys [2012-04-20 118888]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]

R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-30 16120]

R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-01-21 67624]

R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-01-21 19496]

R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-06-08 4729408]

R3 BdNet;BdNet; C:\Windows\system32\drivers\BdNet.sys [2012-10-04 34928]

R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-05-17 51240]

R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-05-06 86056]

R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-04-05 142632]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-06-10 12230912]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-16 3056360]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-10 425000]

R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]

R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2013-01-25 350160]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]

R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408]

S1 jxzwyjgf;jxzwyjgf; \??\C:\Windows\system32\drivers\jxzwyjgf.sys []

S1 kooyxunb;kooyxunb; \??\C:\Windows\system32\drivers\kooyxunb.sys []

S1 pxcocxlw;pxcocxlw; \??\C:\Windows\system32\drivers\pxcocxlw.sys []

S1 rrojutsg;rrojutsg; \??\C:\Windows\system32\drivers\rrojutsg.sys []

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]

S3 MADFUVENOM;Service for M-Audio Venom DFU; C:\Windows\system32\DRIVERS\MAudioVenom_DFU.sys [2011-10-18 47792]

S3 MAUSBVENOM;Service for M-Audio Venom; C:\Windows\system32\DRIVERS\MAudioVenom.sys [2011-10-18 201008]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcerSyncSystemService;AcerSyncSystemService; C:\Program Files\Acer\AcerSync\AcerSyncSystemService.exe [2011-06-16 81304]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

R2 BitGuard;BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2013-09-23 2845664]

R2 BsBhvScan;BullGuard Behavioural Detection; C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardBhvScanner.exe [2013-06-06 384352]

R2 BsFileScan;BullGuard on-access service; C:\Windows\System32\SvcHost.exe [2009-07-14 27136]

R2 BsMailProxy;BullGuard e-mail monitoring service; C:\Windows\System32\SvcHost.exe [2009-07-14 27136]

R2 BsMain;BullGuard main service; C:\Windows\System32\SvcHost.exe [2009-07-14 27136]

R2 BsScanner;BullGuard scanning service; C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exe [2013-06-06 243552]

R2 BsUpdate;BullGuard update service; C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exe [2013-09-18 353120]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]

R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]

R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]

R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168]

R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568]

R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-01-31 2402080]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]

R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 Yontoo Desktop Updater;Yontoo Desktop Updater; C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [2013-04-17 23552]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-08 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-19 655624]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-08 116648]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-12 1255736]

S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
 {C1AF5FA5-852C-4C90-812E-A7F75E011D87};c
 C:\Program Files (x86)\Delta;fs
 {FD72061E-9FDE-484D-A58A-0BAB4151CAD8};c
 C:\Program Files (x86)\Yontoo;fs
 {82E1477C-B154-48D3-9891-33D83C26BCD3};c
 Yontoo Desktop;s
 C:\Users\otis\AppData\Roaming\Yontoo;fs
 BitGuard;s
 C:\ProgramData\BitGuard;fs
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar];r64
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
 "Yontoo Desktop"=-;r64
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r64
 "AppInit_DLLs"=-;r64
 Jxzwyjgf;s
 Kooyxunb;s
 Pxcocxlw;s
 Rrojutsg;s
 startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • HijackThis Log
  • Firefox Defaults
  • Reset Chrome
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.4 Updated 27-September-2013

Tool run by otis on di 01-10-2013 at 22:09:31,45.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\otis\AppData\Local\Temp\Rar$EX93.888\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

1-10-2013 22:13:28 Zoek.exe System Restore Point Created Succesfully.

==== Possible Rootkit Infection ======================

C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L

C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\U

C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L\00000004.@

==== Creating Sample_01-10-2013_2221.zip ======================

Process chrome.exe killed

Copied file C:\Users\otis\AppData\Roaming\BabMaint.exe to sample\BabMaint.exe

sample\BabMaint.exe renamed to CC1A55091FD96BCB624AD791CD15D179

C:\Users\Public\Desktop\sample_01-10-2013_2221.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully

HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully

HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0E7CFE28-70E5-4C6B-8E15-BD4DC91286E2} deleted successfully

HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD24} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BitGuard deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BitGuard deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jxzwyjgf deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Jxzwyjgf deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Kooyxunb deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Kooyxunb deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pxcocxlw deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Pxcocxlw deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rrojutsg deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Rrojutsg deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Yontoo Desktop Updater deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\otis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\otis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"bProtector Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Yontoo Desktop"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

"C:\windows\SysNative\Tasks\DSite" deleted

"C:\Users\otis\Downloads\iLividSetup-r757-n-bc.exe" deleted

"C:\Users\otis\Downloads\iLividSetup.exe" deleted

"C:\Users\otis\Downloads\codec_pack_740423_ch.exe" deleted

"C:\Windows\wininit.ini" deleted

"C:\windows\SysNative\Tasks\EPUpdater" deleted

"C:\Windows\tasks\DSite.job" deleted

"C:\windows\SysNative\tasks\BitGuard" deleted

"C:\Users\otis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\putlockerdownloader3@putlockerdownloader.com.xpi" deleted

"C:\Users\otis\Desktop\Search.lnk" deleted

"C:\Users\otis\AppData\Roaming\BabMaint.exe" deleted

"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L\00000004.@" deleted

"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L\201d3dde" deleted

"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L\76603ac3" deleted

"C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted

"C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted

"C:\Users\otis\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted

"C:\Users\otis\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted

"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}" deleted

"C:\Users\otis\AppData\Roaming\Delta" deleted

"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L" deleted

"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\U" deleted

"C:\Program Files (x86)\Delta" deleted

"C:\Program Files (x86)\Yontoo" deleted

"C:\Users\otis\AppData\Roaming\Yontoo" deleted

"C:\ProgramData\BitGuard" not deleted

"C:\Windows\syswow64\appdata" deleted

"C:\Program Files (x86)\Delta" deleted

"C:\Program Files (x86)\hdvidcodec.com" deleted

"C:\Program Files (x86)\HappyLyrics" deleted

"C:\Program Files (x86)\Yontoo" deleted

"C:\Program Files (x86)\PutLockerDownloader" deleted

"C:\found.000" deleted

"C:\Users\otis\AppData\Roaming\BabSolution" deleted

"C:\Users\otis\AppData\Roaming\Babylon" deleted

"C:\Users\otis\AppData\Roaming\Yontoo" deleted

"C:\Users\otis\AppData\Roaming\Delta" deleted

"C:\Users\otis\AppData\Roaming\DSite" deleted

"C:\Users\otis\AppData\Roaming\OpenCandy" deleted

"C:\ProgramData\Ask" deleted

"C:\ProgramData\APN" deleted

"C:\ProgramData\BitGuard" not deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\DSearchLink" deleted

"C:\ProgramData\Wincert" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Babylon" deleted

"C:\Users\otis\AppData\Local\PutLockerDownloader" deleted

"C:\Users\otis\AppData\Local\Software" deleted

"C:\Users\otis\AppData\Local\PackageAware" deleted

"C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc" deleted

"C:\Users\otis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard" deleted

"C:\Users\otis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com" deleted

"C:\Users\otis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com" deleted

"C:\Users\otis\AppData\LocalLow\Delta" deleted

"C:\Windows\SysWow64\searchplugins" deleted

"C:\Windows\SysWow64\Extensions" deleted

"C:\Users\otis\AppData\Roaming\Yontoo\dat" deleted

"C:\ProgramData\BitGuard\2.6.1694.246" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

"C:\Users\otis\AppData\Roaming\Yontoo\dat" deleted

"C:\ProgramData\BitGuard\2.6.1694.246" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\otis\AppData\Local\Temp ====

2013-10-01 20:08:11 122A32A068A76C220AD47B3C2780407C 1263104 ----a-w- C:\Users\otis\AppData\Local\Temp\Rar$EX93.888\Z-Analyse.exe

2013-09-29 20:53:30 B212865E7E478A28A97268F960079A8D 132096 ----a-w- C:\Users\otis\AppData\Local\Temp\F4307D98-BAB0-7891-8D2A-26F170C14DCA\Latest\BExternal.dll

2013-09-29 20:53:30 A21DE5067618D4F2DF261416315ED120 6144 ----a-w- C:\Users\otis\AppData\Local\Temp\F4307D98-BAB0-7891-8D2A-26F170C14DCA\Latest\IEHelper.dll

2013-09-29 20:53:30 0F66E8E2340569FB17E774DAC2010E31 520234 ----a-w- C:\Users\otis\AppData\Local\Temp\F4307D98-BAB0-7891-8D2A-26F170C14DCA\Latest\sqlite3.dll

2013-09-29 20:53:00 A0C27BA64BA52ECFF34D5C7DB93CA9D3 36080263 ----a-w- C:\Users\otis\AppData\Local\Temp\is2121167326\225535300_stp.EXE

2013-09-24 05:38:19 E1D607BD288B979FECE0770324EE6F11 245672 ----a-w- C:\Users\otis\AppData\Local\Temp\F4307D98-BAB0-7891-8D2A-26F170C14DCA\Latest\ccp.exe

2013-09-23 09:57:43 5D213EC175B9C1BE6B5F245C17A294EB 324976 ----a-w- C:\Users\otis\AppData\Local\Temp\bus7F7C\fntupdtr.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-10-01 19:09:01 0B094C1308FFDEBF433D7CE0675CF099 512 ----a-w- C:\Windows\Sysnative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD

====== C:\Windows\Sysnative\drivers =====

2013-09-10 23:46:35 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-01 18:35:34 -------- d-----w- C:\Program Files\trend micro

======= C:\Program Files (x86) =====

======= C: =====

====== C:\Users\otis\AppData\Roaming ======

2013-09-29 20:57:14 8DE9F588DFB1641F2C0EA05BD4B60605 218 ----a-w- C:\Users\otis\AppData\Local\recently-used.xbel

2013-09-29 20:55:03 -------- d-----w- C:\Users\otis\AppData\Local\avgchrome

2013-09-29 20:53:54 -------- d-----w- C:\Users\otis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord

====== C:\Users\otis ======

2013-10-01 18:35:04 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\otis\Downloads\RSITx64.exe

2013-10-01 18:05:19 DC5E900D2F88A9478024B9BEEF3A12B0 303856 ----a-w- C:\Users\otis\Downloads\download_file.exe

2013-09-29 21:03:28 1462F441FBEE47D53EFADA97CED09816 172752 ----a-w- C:\Users\otis\Downloads\JJCale23Album-8bpG9pPX.exe

2013-09-29 21:03:00 497E4C014014BD648B3A021E517C34D9 677696 ----a-w- C:\Users\otis\Downloads\jj_cale_23_album_BitLord.exe

2013-09-29 20:54:31 DF72ABFFDC1157AD6E0BB9BE90830C94 723824 ----a-w- C:\Users\otis\Downloads\BitLordInstall (3).exe

2013-09-29 20:53:47 -------- d-----w- C:\ProgramData\BitGuard

2013-09-29 20:52:44 DF72ABFFDC1157AD6E0BB9BE90830C94 723824 ----a-w- C:\Users\otis\Downloads\BitLordInstall (2).exe

2013-09-18 11:08:34 907282FF6142415DA6E83C8F1B497C73 314080 ----a-w- C:\Users\otis\Downloads\download_torntv (1).exe

2013-09-18 11:08:21 907282FF6142415DA6E83C8F1B497C73 314080 ----a-w- C:\Users\otis\Downloads\download_torntv.exe

====== C: exe-files ==

2013-10-01 20:08:11 122A32A068A76C220AD47B3C2780407C 1263104 ----a-w- C:\Users\otis\AppData\Local\Temp\Rar$EX93.888\Z-Analyse.exe

2013-10-01 18:35:35 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\otis.exe

2013-10-01 18:35:04 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\otis\Downloads\RSITx64.exe

2013-10-01 18:05:19 DC5E900D2F88A9478024B9BEEF3A12B0 303856 ----a-w- C:\Users\otis\Downloads\download_file.exe

2013-09-29 21:03:28 1462F441FBEE47D53EFADA97CED09816 172752 ----a-w- C:\Users\otis\Downloads\JJCale23Album-8bpG9pPX.exe

2013-09-29 21:03:00 497E4C014014BD648B3A021E517C34D9 677696 ----a-w- C:\Users\otis\Downloads\jj_cale_23_album_BitLord.exe

2013-09-29 20:54:31 DF72ABFFDC1157AD6E0BB9BE90830C94 723824 ----a-w- C:\Users\otis\Downloads\BitLordInstall (3).exe

2013-09-29 20:53:52 425622F8DB2694C34D1908A77612ACFC 2845664 ----a-w- C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe

2013-09-29 20:53:50 425622F8DB2694C34D1908A77612ACFC 2845664 ----a-w- C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

2013-09-29 20:53:00 A0C27BA64BA52ECFF34D5C7DB93CA9D3 36080263 ----a-w- C:\Users\otis\AppData\Local\Temp\is2121167326\225535300_stp.EXE

2013-09-29 20:52:44 DF72ABFFDC1157AD6E0BB9BE90830C94 723824 ----a-w- C:\Users\otis\Downloads\BitLordInstall (2).exe

=== C: other files ==

2013-10-01 20:21:30 166B141DBD72ECE02C47D4694FA5CE95 57597 ----a-w- C:\Users\Public\Desktop\sample_01-10-2013_2221.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Spotify Web Helper"="C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Spotify Web Helper"="C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard Antivirus\bullguard.exe -boot"

"BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard antivirus\BullGuardUpdate2.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acer AnySync]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Acer AnySync"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Acer\\AcerSync\\AcerSync.exe\" /autostartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeMovieService]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ArcadeMovieService"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Acer\\clear.fi\\Movie\\clear.fiMovieService.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BackupManagerTray"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\NTI\\Acer Backup Manager\\BackupManagerTray.exe\" -h -k"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dolby Advanced Audio v2]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Dolby Advanced Audio v2"

"hkey"="HKLM"

"command"="\"C:\\Dolby PCEE4\\pcee4.exe\" -autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDCtrl]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ETDCtrl"

"hkey"="HKLM"

"command"="%ProgramFiles%\\Elantech\\ETDCtrl.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Google Update"

"hkey"="HKCU"

"command"="\"C:\\Users\\otis\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HotKeysCmds"

"hkey"="HKLM"

"command"="C:\\Windows\\system32\\hkcmd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IgfxTray"

"hkey"="HKLM"

"command"="C:\\Windows\\system32\\igfxtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelTBRunOnce]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IntelTBRunOnce"

"hkey"="HKLM"

"command"="wscript.exe //b //nologo \"C:\\Program Files\\Intel\\TurboBoost\\RunTBGadgetOnce.vbs\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LManager"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\M-Audio Taskbar Icon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="M-Audio Taskbar Icon"

"hkey"="HKLM"

"command"="C:\\Windows\\system32\\M-AudioTaskBarIcon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mcui_exe]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="mcui_exe"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe\" /runkey"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="msnmsgr"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Norton Online Backup"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Persistence"

"hkey"="HKLM"

"command"="C:\\Windows\\system32\\igfxpers.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Power Management]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Power Management"

"hkey"="HKLM"

"command"="C:\\Program Files\\Acer\\Acer ePower Management\\ePowerTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="QuickTime Task"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVBg_Dolby]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RtHDVBg_Dolby"

"hkey"="HKLM"

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe /FORPCEE4 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RtHDVCpl"

"hkey"="HKLM"

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spotify"

"hkey"="HKCU"

"command"="\"C:\\Users\\otis\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spotify Web Helper"

"hkey"="HKCU"

"command"="\"C:\\Users\\otis\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SuiteTray"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"

"backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\PROGRA~2\\MCAFEE~1\\30937D~1.207\\SSSCHE~1.EXE "

"item"="McAfee Security Scan Plus"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08-07-2012 17:08]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08-07-2012 17:08]

==== Firefox Extensions ======================

ExtDir: C:\Users\otis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

- HDvid Codec - %ExtDir%\hdvc@hdvc.com.xpi

==== Firefox Plugins ======================

==== Deleting Files \ Folders ======================

"C:\Users\otis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\hdvc@hdvc.com.xpi" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\otis\AppData\Roaming\BabSolution\CR\Delta.crx[]

koalekbhpbggkcfhkkbolikjoaobbppi - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx[]

kpkbnefaikfaeadgidhpoanckoiaheli - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx[]

niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[]

nohfdhapjjlndfgjnmdlcabloeembdkj - C:\Users\otis\AppData\Roaming\BabSolution\CR\delta2.crx[]

YouTube - otis - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - otis - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Delta Toolbar - otis - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde

PutLockerDownloader V3.0 - otis - Default\Extensions\koalekbhpbggkcfhkkbolikjoaobbppi

HDvid Codec - otis - Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli

Chrome In-App Payments service - otis - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Delta Toolbar - otis - Default\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj

Gmail - otis - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage-journal deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage-journal deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage-journal deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage-journal deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Extensions\koalekbhpbggkcfhkkbolikjoaobbppi deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage-journal deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj deleted successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nohfdhapjjlndfgjnmdlcabloeembdkj_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.searchgol.com/?babsrc=HP_ss&mntrId=6C359439E582A7D9&affID=119357&tsp=5020"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchGol Url="http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6C359439E582A7D9&affID=119357&tsp=5020"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\koalekbhpbggkcfhkkbolikjoaobbppi deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\Files32\Antiphishing\IE\BGAntiphishingIE.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\Files32\BgAgent.dll

O23 - Service: AcerSyncSystemService - Unknown owner - C:\Program Files\Acer\AcerSync\AcerSyncSystemService.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardBhvScanner.exe

O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exe

O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe

O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\otis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\otis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\otis\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\otis\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\ProgramData\BitGuard" not found

"C:\ProgramData\BitGuard" not found

==== EOF on di 01-10-2013 at 22:32:18,84 ======================

Link naar reactie
Delen op andere sites

Download TDSSKiller en plaats het op je bureaublad.

  • Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen.

    [*] Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).

    [*] Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"

    [*] Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.

    [*] Start nu TDSSkiller opnieuw.

    [*] Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.

    51c8a229933ed-tdsskiller.PNG

    [*] Klik op de knop "Start Scan" en volg de instructies.

    • Gebruik nooit de "Delete" of "Quarantaine" optie bij een "Fail signature" melding.
    • Wanneer er een herstart nodig was, vind je de logfile in C:\\TDSSKiller.[Version]_[Date]_[Time]_log.txt
    • Voeg dit log-bestand als bijlage toe aan het volgende bericht.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.