danny1976
-
Items
2 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door danny1976
-
-
Hey, ik zou graag alle mallwartroep van mn laptop verwijderen.
zoals aangegeven in de instructies de kopie van het logje... Chrz bij voorbaat:-)
Logfile of random's system information tool 1.09 (written by random/random)
Run by otis at 2013-10-01 20:49:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 450 GB (65%) free of 697 GB
Total RAM: 8044 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:49:19, on 1-10-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\otis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search-Gol
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe"
O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\Files32\Antiphishing\IE\BGAntiphishingIE.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\Files32\BgAgent.dll
O23 - Service: AcerSyncSystemService - Unknown owner - C:\Program Files\Acer\AcerSync\AcerSyncSystemService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BitGuard - Unknown owner - C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11607 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 25029584
\??\C:\Windows\system32\conhost.exe "5824840381686010903-18027422691922422325-2049112790-129503714526246239-1961998064
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Acer\AcerSync\AcerSyncSystemService.exe"
taskeng.exe {CDBF4DAE-0C2A-4743-8A33-005411EB82DC}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
"C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardBhvScanner.exe"
C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy
C:\Windows\System32\SvcHost.exe -k BullGuard_Main
"C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exe"
"C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
taskeng.exe {E2327717-77CA-4FCF-BF91-217A30796764}
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" /PROTECT
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe" "C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe"
C:\Windows\System32\SvcHost.exe -k BullGuard
"c:\program files\bullguard ltd\bullguard antivirus\BgWsc.exe" /prodpath "c:\program files\bullguard ltd\bullguard antivirus\BullGuard.exe" /setav expire /setas off
\??\C:\Windows\system32\conhost.exe "-1521619505761228823-492565048-611304787823710032-775744610-1775627880-1003310377
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2220
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuard.exe" -boot
"C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5eea4b5e-43ca-44ba-a3af-5d034019b6b1 -SystemEventPortName:HostProcess-f911719d-c628-4dc4-be5c-2de3022b49b8 -IoCancelEventPortName:HostProcess-c92e679b-e25b-4f86-9b48-ad1ee91fffde -NonStateChangingEventPortName:HostProcess-33793497-2d36-4987-96f6-234f2845821a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e3815e18-b02c-4d95-ba2c-0d14b20980b2 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4588.0.1489080464\299165264" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0126 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2418 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_19/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4588.3.1485289857\711466530" /prefetch:673131151
"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_19/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="4588.5.1416450963\1213709881" /prefetch:673131151
"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_19/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4588.6.1105352769\1334482266" /prefetch:673131151
"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4588.7.18103347\1852769411" --lang=nl --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_19/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4588.10.661753608\1257467262" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\Users\otis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_19/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4588.13.143587142\1678753115" /prefetch:673131151
"C:\Users\otis\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Windows\tasks\DSite.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2102026880-3765431175-3054695707-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2102026880-3765431175-3054695707-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-01 462752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
delta Helper Object - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll [2013-08-15 314264]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-01 171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2013-04-17 197920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{82E1477C-B154-48D3-9891-33D83C26BCD3} - Delta Toolbar - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll [2013-08-15 300952]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BullGuard"=C:\Program Files\BullGuard Ltd\BullGuard Antivirus\bullguard.exe [2013-06-06 970080]
"BullGuardUpdate2"=c:\program files\bullguard ltd\bullguard antivirus\BullGuardUpdate2.exe [2013-06-06 2531168]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-11 116648]
"Spotify Web Helper"=C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-03-22 1103768]
"Yontoo Desktop"=C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe [2013-04-17 42784]
"MyTomTomSA.exe"=C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [2013-04-17 455608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer AnySync]
C:\Program Files\Acer\AcerSync\AcerSync.exe [2011-06-16 3044456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService]
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-08-27 177448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Advanced Audio v2]
C:\Dolby PCEE4\pcee4.exe [2011-06-01 506712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2011-04-05 2589992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-11 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2011-06-21 392472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2011-06-21 167704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelTBRunOnce]
wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
C:\Windows\system32\M-AudioTaskBarIcon.exe [2011-10-18 924464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2012-03-08 4280184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup]
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2011-06-21 416024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg_Dolby]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-16 12673128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\otis\AppData\Roaming\Spotify\Spotify.exe [2013-03-22 4477336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-03-22 1103768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~2\MCAFEE~1\30937D~1.207\SSSCHE~1.EXE []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~3\Wincert\WIN64C~1.DLL c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-06-10 389632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsMain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsUpdate]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2013-10-01 20:35:34 ----D---- C:\rsit
2013-10-01 20:35:34 ----D---- C:\Program Files\trend micro
2013-09-29 22:54:21 ----D---- C:\Users\otis\AppData\Roaming\Delta
2013-09-29 22:54:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-09-29 22:54:21 ----D---- C:\Program Files (x86)\Delta
2013-09-29 22:53:47 ----D---- C:\ProgramData\BitGuard
2013-09-29 22:53:45 ----D---- C:\ProgramData\DSearchLink
2013-09-13 11:24:50 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-09-13 11:24:50 ----A---- C:\Windows\system32\ieui.dll
2013-09-13 11:24:49 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-09-13 11:24:49 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-09-13 11:24:49 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-09-13 11:24:49 ----A---- C:\Windows\system32\iesetup.dll
2013-09-13 11:24:49 ----A---- C:\Windows\system32\iernonce.dll
2013-09-13 11:24:48 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-09-13 11:24:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-13 11:24:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 11:24:48 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-13 11:24:48 ----A---- C:\Windows\system32\iertutil.dll
2013-09-13 11:24:48 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-13 11:24:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-13 11:24:47 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-13 11:24:47 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-13 11:24:47 ----A---- C:\Windows\system32\jscript.dll
2013-09-13 11:24:46 ----A---- C:\Windows\system32\jscript9.dll
2013-09-13 11:24:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-13 11:24:45 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-13 11:24:45 ----A---- C:\Windows\system32\urlmon.dll
2013-09-13 11:24:44 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-13 11:24:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-13 11:24:44 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-13 11:24:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-13 11:24:43 ----A---- C:\Windows\system32\wininet.dll
2013-09-13 11:24:42 ----A---- C:\Windows\system32\ieframe.dll
2013-09-13 11:24:41 ----A---- C:\Windows\system32\mshtml.dll
2013-09-13 11:24:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-11 01:46:35 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-11 01:46:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-09-11 01:46:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-09-11 01:46:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-11 01:46:33 ----A---- C:\Windows\system32\ntdll.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 01:46:32 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\user.exe
2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-09-11 01:46:32 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-11 01:46:32 ----A---- C:\Windows\system32\wow64win.dll
2013-09-11 01:46:32 ----A---- C:\Windows\system32\wow64cpu.dll
2013-09-11 01:46:32 ----A---- C:\Windows\system32\wow64.dll
2013-09-11 01:46:32 ----A---- C:\Windows\system32\winsrv.dll
2013-09-11 01:46:32 ----A---- C:\Windows\system32\smss.exe
2013-09-11 01:46:32 ----A---- C:\Windows\system32\ntvdm64.dll
2013-09-11 01:46:32 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-11 01:46:32 ----A---- C:\Windows\system32\kernel32.dll
2013-09-11 01:46:32 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-11 01:46:32 ----A---- C:\Windows\system32\conhost.exe
2013-09-11 01:46:32 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-11 01:46:31 ----A---- C:\Windows\system32\win32k.sys
2013-09-11 01:46:27 ----A---- C:\Windows\system32\shell32.dll
2013-09-11 01:46:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-11 01:46:25 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-11 01:46:25 ----A---- C:\Windows\system32\shdocvw.dll
2013-08-15 23:35:24 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-15 23:35:24 ----A---- C:\Windows\system32\crypt32.dll
2013-08-15 23:35:23 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-15 23:35:23 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-15 23:35:23 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-15 23:35:23 ----A---- C:\Windows\system32\wintrust.dll
2013-08-15 23:35:23 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-15 23:35:23 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-15 23:35:15 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-15 23:35:15 ----A---- C:\Windows\system32\tzres.dll
2013-08-15 23:35:12 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-15 23:35:12 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-15 23:35:11 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-15 23:35:11 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-15 23:35:11 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-15 23:35:11 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-07-24 22:52:21 ----D---- C:\Program Files (x86)\Rockstar Games
2013-07-23 23:17:17 ----D---- C:\Program Files (x86)\Rage
2013-07-23 23:16:51 ----SHD---- C:\Windows\ei_temp
2013-07-10 21:20:29 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-10 21:20:29 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 21:20:14 ----A---- C:\Windows\system32\DWrite.dll
2013-07-10 21:20:13 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-08 23:27:46 ----A---- C:\Windows\SYSWOW64\REX Shared Library.dll
2013-07-08 23:27:46 ----A---- C:\Windows\SYSWOW64\ReWire.dll
2013-07-03 12:49:12 ----D---- C:\Users\otis\AppData\Roaming\PowerCinema
======List of files/folders modified in the last 3 months======
2013-10-01 20:49:16 ----D---- C:\ProgramData\BullGuard
2013-10-01 20:36:07 ----D---- C:\Windows\Prefetch
2013-10-01 20:35:34 ----RD---- C:\Program Files
2013-10-01 20:27:33 ----D---- C:\Windows\Temp
2013-10-01 20:27:32 ----A---- C:\Windows\SYSWOW64\log.txt
2013-10-01 20:27:15 ----D---- C:\Windows\System32
2013-10-01 20:25:42 ----D---- C:\ProgramData\clear.fi
2013-10-01 20:25:39 ----D---- C:\Users\otis\AppData\Roaming\Yontoo
2013-10-01 20:25:34 ----D---- C:\Windows\system32\config
2013-10-01 20:25:19 ----D---- C:\Windows\system32\Tasks
2013-09-29 23:06:56 ----SHD---- C:\System Volume Information
2013-09-29 23:03:48 ----A---- C:\Users\otis\AppData\Roaming\bitlord_log.txt
2013-09-29 22:54:59 ----D---- C:\Users\otis\AppData\Roaming\BitLord
2013-09-29 22:54:21 ----D---- C:\Program Files (x86)
2013-09-29 22:53:54 ----SHD---- C:\Windows\Installer
2013-09-29 22:53:47 ----HD---- C:\ProgramData
2013-09-29 22:51:36 ----A---- C:\Windows\wininit.ini
2013-09-17 12:36:46 ----D---- C:\Windows\rescache
2013-09-15 19:05:44 ----D---- C:\Windows\Microsoft.NET
2013-09-15 19:05:19 ----RSD---- C:\Windows\assembly
2013-09-14 21:59:54 ----D---- C:\Windows\winsxs
2013-09-14 21:57:42 ----D---- C:\Windows\SysWOW64
2013-09-14 21:57:42 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-14 21:57:41 ----D---- C:\Program Files\Internet Explorer
2013-09-14 21:57:40 ----D---- C:\Windows\AppPatch
2013-09-14 21:57:39 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-09-14 21:57:39 ----D---- C:\Windows\system32\nl-NL
2013-09-14 21:57:37 ----D---- C:\Windows\system32\DriverStore
2013-09-14 21:57:37 ----D---- C:\Windows\system32\drivers
2013-09-14 21:57:25 ----D---- C:\Users\otis\AppData\Roaming\SoftGrid Client
2013-09-14 00:06:59 ----D---- C:\Users\otis\AppData\Roaming\BSplayer
2013-09-13 11:25:20 ----D---- C:\Windows\system32\catroot
2013-09-13 11:25:18 ----D---- C:\Windows\system32\catroot2
2013-09-13 11:24:31 ----D---- C:\Windows\inf
2013-09-13 11:24:31 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-09-13 11:24:30 ----D---- C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-08-16 03:02:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-01 23:10:36 ----D---- C:\Program Files (x86)\Google
2013-08-01 01:46:22 ----D---- C:\Windows
2013-07-24 22:52:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-22 19:47:53 ----D---- C:\ProgramData\McAfee
2013-07-11 13:56:25 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-11 13:56:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 13:55:36 ----D---- C:\Program Files\Windows Defender
2013-07-11 13:55:36 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-11 13:55:35 ----D---- C:\Program Files\Windows Journal
2013-07-10 21:30:57 ----D---- C:\Users\otis\AppData\Roaming\Spotify
2013-07-08 23:27:00 ----D---- C:\Program Files (x86)\Ableton
2013-07-07 14:59:17 ----D---- C:\Users\otis\AppData\Roaming\Ableton
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-04-26 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-19 564824]
R1 BdSpy;BdSpy; C:\Windows\system32\drivers\BdSpy.sys [2013-03-18 68720]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-11-19 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-11-19 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-11-19 62776]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver; C:\Windows\system32\DRIVERS\NSKernel.sys [2012-06-26 256072]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver; C:\Windows\system32\DRIVERS\NSNetmon.sys [2012-06-26 25160]
R1 StarPortLite;StarPort Storage Controller (Lite); C:\Windows\system32\DRIVERS\StarPortLite.sys [2012-04-20 118888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-30 16120]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-01-21 67624]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-01-21 19496]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-06-08 4729408]
R3 BdNet;BdNet; C:\Windows\system32\drivers\BdNet.sys [2012-10-04 34928]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-05-17 51240]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-05-06 86056]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-04-05 142632]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-06-10 12230912]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-16 3056360]
R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-10 425000]
R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2013-01-25 350160]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408]
S1 jxzwyjgf;jxzwyjgf; \??\C:\Windows\system32\drivers\jxzwyjgf.sys []
S1 kooyxunb;kooyxunb; \??\C:\Windows\system32\drivers\kooyxunb.sys []
S1 pxcocxlw;pxcocxlw; \??\C:\Windows\system32\drivers\pxcocxlw.sys []
S1 rrojutsg;rrojutsg; \??\C:\Windows\system32\drivers\rrojutsg.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 MADFUVENOM;Service for M-Audio Venom DFU; C:\Windows\system32\DRIVERS\MAudioVenom_DFU.sys [2011-10-18 47792]
S3 MAUSBVENOM;Service for M-Audio Venom; C:\Windows\system32\DRIVERS\MAudioVenom.sys [2011-10-18 201008]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcerSyncSystemService;AcerSyncSystemService; C:\Program Files\Acer\AcerSync\AcerSyncSystemService.exe [2011-06-16 81304]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 BitGuard;BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2013-09-23 2845664]
R2 BsBhvScan;BullGuard Behavioural Detection; C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardBhvScanner.exe [2013-06-06 384352]
R2 BsFileScan;BullGuard on-access service; C:\Windows\System32\SvcHost.exe [2009-07-14 27136]
R2 BsMailProxy;BullGuard e-mail monitoring service; C:\Windows\System32\SvcHost.exe [2009-07-14 27136]
R2 BsMain;BullGuard main service; C:\Windows\System32\SvcHost.exe [2009-07-14 27136]
R2 BsScanner;BullGuard scanning service; C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exe [2013-06-06 243552]
R2 BsUpdate;BullGuard update service; C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exe [2013-09-18 353120]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-01-31 2402080]
R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Yontoo Desktop Updater;Yontoo Desktop Updater; C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [2013-04-17 23552]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-08 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-19 655624]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-08 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-12 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
verwijderen mallware troep
in Archief Bestrijding malware & virussen
Geplaatst:
Zoek.exe Version 4.0.0.4 Updated 27-September-2013
Tool run by otis on di 01-10-2013 at 22:09:31,45.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\otis\AppData\Local\Temp\Rar$EX93.888\zoek.exe [script inserted] [Checkboxes used]
==== System Restore Info ======================
1-10-2013 22:13:28 Zoek.exe System Restore Point Created Succesfully.
==== Possible Rootkit Infection ======================
C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L
C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\U
C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L\00000004.@
==== Creating Sample_01-10-2013_2221.zip ======================
Process chrome.exe killed
Copied file C:\Users\otis\AppData\Roaming\BabMaint.exe to sample\BabMaint.exe
sample\BabMaint.exe renamed to CC1A55091FD96BCB624AD791CD15D179
C:\Users\Public\Desktop\sample_01-10-2013_2221.zip created successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0E7CFE28-70E5-4C6B-8E15-BD4DC91286E2} deleted successfully
HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD24} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BitGuard deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BitGuard deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Jxzwyjgf deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Jxzwyjgf deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Kooyxunb deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Kooyxunb deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pxcocxlw deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Pxcocxlw deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rrojutsg deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Rrojutsg deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Yontoo Desktop Updater deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\otis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
Added to C:\Users\otis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Yontoo Desktop"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=-
==== Deleting Files \ Folders ======================
"C:\windows\SysNative\Tasks\DSite" deleted
"C:\Users\otis\Downloads\iLividSetup-r757-n-bc.exe" deleted
"C:\Users\otis\Downloads\iLividSetup.exe" deleted
"C:\Users\otis\Downloads\codec_pack_740423_ch.exe" deleted
"C:\Windows\wininit.ini" deleted
"C:\windows\SysNative\Tasks\EPUpdater" deleted
"C:\Windows\tasks\DSite.job" deleted
"C:\windows\SysNative\tasks\BitGuard" deleted
"C:\Users\otis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\putlockerdownloader3@putlockerdownloader.com.xpi" deleted
"C:\Users\otis\Desktop\Search.lnk" deleted
"C:\Users\otis\AppData\Roaming\BabMaint.exe" deleted
"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L\00000004.@" deleted
"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L\201d3dde" deleted
"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L\76603ac3" deleted
"C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted
"C:\Users\otis\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted
"C:\Users\otis\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted
"C:\Users\otis\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted
"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}" deleted
"C:\Users\otis\AppData\Roaming\Delta" deleted
"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\L" deleted
"C:\Windows\installer\{3e238814-def8-5251-4d05-1ca0ec60d85d}\U" deleted
"C:\Program Files (x86)\Delta" deleted
"C:\Program Files (x86)\Yontoo" deleted
"C:\Users\otis\AppData\Roaming\Yontoo" deleted
"C:\ProgramData\BitGuard" not deleted
"C:\Windows\syswow64\appdata" deleted
"C:\Program Files (x86)\Delta" deleted
"C:\Program Files (x86)\hdvidcodec.com" deleted
"C:\Program Files (x86)\HappyLyrics" deleted
"C:\Program Files (x86)\Yontoo" deleted
"C:\Program Files (x86)\PutLockerDownloader" deleted
"C:\found.000" deleted
"C:\Users\otis\AppData\Roaming\BabSolution" deleted
"C:\Users\otis\AppData\Roaming\Babylon" deleted
"C:\Users\otis\AppData\Roaming\Yontoo" deleted
"C:\Users\otis\AppData\Roaming\Delta" deleted
"C:\Users\otis\AppData\Roaming\DSite" deleted
"C:\Users\otis\AppData\Roaming\OpenCandy" deleted
"C:\ProgramData\Ask" deleted
"C:\ProgramData\APN" deleted
"C:\ProgramData\BitGuard" not deleted
"C:\ProgramData\boost_interprocess" deleted
"C:\ProgramData\DSearchLink" deleted
"C:\ProgramData\Wincert" deleted
"C:\ProgramData\Tarma Installer" deleted
"C:\ProgramData\Babylon" deleted
"C:\Users\otis\AppData\Local\PutLockerDownloader" deleted
"C:\Users\otis\AppData\Local\Software" deleted
"C:\Users\otis\AppData\Local\PackageAware" deleted
"C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc" deleted
"C:\Users\otis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard" deleted
"C:\Users\otis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com" deleted
"C:\Users\otis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com" deleted
"C:\Users\otis\AppData\LocalLow\Delta" deleted
"C:\Windows\SysWow64\searchplugins" deleted
"C:\Windows\SysWow64\Extensions" deleted
"C:\Users\otis\AppData\Roaming\Yontoo\dat" deleted
"C:\ProgramData\BitGuard\2.6.1694.246" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted
"C:\Users\otis\AppData\Roaming\Yontoo\dat" deleted
"C:\ProgramData\BitGuard\2.6.1694.246" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\otis\AppData\Local\Temp ====
2013-10-01 20:08:11 122A32A068A76C220AD47B3C2780407C 1263104 ----a-w- C:\Users\otis\AppData\Local\Temp\Rar$EX93.888\Z-Analyse.exe
2013-09-29 20:53:30 B212865E7E478A28A97268F960079A8D 132096 ----a-w- C:\Users\otis\AppData\Local\Temp\F4307D98-BAB0-7891-8D2A-26F170C14DCA\Latest\BExternal.dll
2013-09-29 20:53:30 A21DE5067618D4F2DF261416315ED120 6144 ----a-w- C:\Users\otis\AppData\Local\Temp\F4307D98-BAB0-7891-8D2A-26F170C14DCA\Latest\IEHelper.dll
2013-09-29 20:53:30 0F66E8E2340569FB17E774DAC2010E31 520234 ----a-w- C:\Users\otis\AppData\Local\Temp\F4307D98-BAB0-7891-8D2A-26F170C14DCA\Latest\sqlite3.dll
2013-09-29 20:53:00 A0C27BA64BA52ECFF34D5C7DB93CA9D3 36080263 ----a-w- C:\Users\otis\AppData\Local\Temp\is2121167326\225535300_stp.EXE
2013-09-24 05:38:19 E1D607BD288B979FECE0770324EE6F11 245672 ----a-w- C:\Users\otis\AppData\Local\Temp\F4307D98-BAB0-7891-8D2A-26F170C14DCA\Latest\ccp.exe
2013-09-23 09:57:43 5D213EC175B9C1BE6B5F245C17A294EB 324976 ----a-w- C:\Users\otis\AppData\Local\Temp\bus7F7C\fntupdtr.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-10-01 19:09:01 0B094C1308FFDEBF433D7CE0675CF099 512 ----a-w- C:\Windows\Sysnative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
====== C:\Windows\Sysnative\drivers =====
2013-09-10 23:46:35 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-10-01 18:35:34 -------- d-----w- C:\Program Files\trend micro
======= C:\Program Files (x86) =====
======= C: =====
====== C:\Users\otis\AppData\Roaming ======
2013-09-29 20:57:14 8DE9F588DFB1641F2C0EA05BD4B60605 218 ----a-w- C:\Users\otis\AppData\Local\recently-used.xbel
2013-09-29 20:55:03 -------- d-----w- C:\Users\otis\AppData\Local\avgchrome
2013-09-29 20:53:54 -------- d-----w- C:\Users\otis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
====== C:\Users\otis ======
2013-10-01 18:35:04 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\otis\Downloads\RSITx64.exe
2013-10-01 18:05:19 DC5E900D2F88A9478024B9BEEF3A12B0 303856 ----a-w- C:\Users\otis\Downloads\download_file.exe
2013-09-29 21:03:28 1462F441FBEE47D53EFADA97CED09816 172752 ----a-w- C:\Users\otis\Downloads\JJCale23Album-8bpG9pPX.exe
2013-09-29 21:03:00 497E4C014014BD648B3A021E517C34D9 677696 ----a-w- C:\Users\otis\Downloads\jj_cale_23_album_BitLord.exe
2013-09-29 20:54:31 DF72ABFFDC1157AD6E0BB9BE90830C94 723824 ----a-w- C:\Users\otis\Downloads\BitLordInstall (3).exe
2013-09-29 20:53:47 -------- d-----w- C:\ProgramData\BitGuard
2013-09-29 20:52:44 DF72ABFFDC1157AD6E0BB9BE90830C94 723824 ----a-w- C:\Users\otis\Downloads\BitLordInstall (2).exe
2013-09-18 11:08:34 907282FF6142415DA6E83C8F1B497C73 314080 ----a-w- C:\Users\otis\Downloads\download_torntv (1).exe
2013-09-18 11:08:21 907282FF6142415DA6E83C8F1B497C73 314080 ----a-w- C:\Users\otis\Downloads\download_torntv.exe
====== C: exe-files ==
2013-10-01 20:08:11 122A32A068A76C220AD47B3C2780407C 1263104 ----a-w- C:\Users\otis\AppData\Local\Temp\Rar$EX93.888\Z-Analyse.exe
2013-10-01 18:35:35 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\otis.exe
2013-10-01 18:35:04 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\otis\Downloads\RSITx64.exe
2013-10-01 18:05:19 DC5E900D2F88A9478024B9BEEF3A12B0 303856 ----a-w- C:\Users\otis\Downloads\download_file.exe
2013-09-29 21:03:28 1462F441FBEE47D53EFADA97CED09816 172752 ----a-w- C:\Users\otis\Downloads\JJCale23Album-8bpG9pPX.exe
2013-09-29 21:03:00 497E4C014014BD648B3A021E517C34D9 677696 ----a-w- C:\Users\otis\Downloads\jj_cale_23_album_BitLord.exe
2013-09-29 20:54:31 DF72ABFFDC1157AD6E0BB9BE90830C94 723824 ----a-w- C:\Users\otis\Downloads\BitLordInstall (3).exe
2013-09-29 20:53:52 425622F8DB2694C34D1908A77612ACFC 2845664 ----a-w- C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
2013-09-29 20:53:50 425622F8DB2694C34D1908A77612ACFC 2845664 ----a-w- C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
2013-09-29 20:53:00 A0C27BA64BA52ECFF34D5C7DB93CA9D3 36080263 ----a-w- C:\Users\otis\AppData\Local\Temp\is2121167326\225535300_stp.EXE
2013-09-29 20:52:44 DF72ABFFDC1157AD6E0BB9BE90830C94 723824 ----a-w- C:\Users\otis\Downloads\BitLordInstall (2).exe
=== C: other files ==
2013-10-01 20:21:30 166B141DBD72ECE02C47D4694FA5CE95 57597 ----a-w- C:\Users\Public\Desktop\sample_01-10-2013_2221.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-2102026880-3765431175-3054695707-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Spotify Web Helper"="C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Spotify Web Helper"="C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard Antivirus\bullguard.exe -boot"
"BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard antivirus\BullGuardUpdate2.exe"
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acer AnySync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Acer AnySync"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Acer\\AcerSync\\AcerSync.exe\" /autostartup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeMovieService]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ArcadeMovieService"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Acer\\clear.fi\\Movie\\clear.fiMovieService.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BackupManagerTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\NTI\\Acer Backup Manager\\BackupManagerTray.exe\" -h -k"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dolby Advanced Audio v2]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Dolby Advanced Audio v2"
"hkey"="HKLM"
"command"="\"C:\\Dolby PCEE4\\pcee4.exe\" -autostart"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDCtrl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ETDCtrl"
"hkey"="HKLM"
"command"="%ProgramFiles%\\Elantech\\ETDCtrl.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\otis\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HotKeysCmds"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\hkcmd.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IgfxTray"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxtray.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelTBRunOnce]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IntelTBRunOnce"
"hkey"="HKLM"
"command"="wscript.exe //b //nologo \"C:\\Program Files\\Intel\\TurboBoost\\RunTBGadgetOnce.vbs\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LManager"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\M-Audio Taskbar Icon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="M-Audio Taskbar Icon"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\M-AudioTaskBarIcon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mcui_exe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcui_exe"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe\" /runkey"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Norton Online Backup"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Persistence"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxpers.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Power Management]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Power Management"
"hkey"="HKLM"
"command"="C:\\Program Files\\Acer\\Acer ePower Management\\ePowerTray.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVBg_Dolby]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVBg_Dolby"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe /FORPCEE4 "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVCpl"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\otis\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\otis\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SuiteTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"
"backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\MCAFEE~1\\30937D~1.207\\SSSCHE~1.EXE "
"item"="McAfee Security Scan Plus"
==== Task Scheduler Jobs ======================
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08-07-2012 17:08]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08-07-2012 17:08]
==== Firefox Extensions ======================
ExtDir: C:\Users\otis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- HDvid Codec - %ExtDir%\hdvc@hdvc.com.xpi
==== Firefox Plugins ======================
==== Deleting Files \ Folders ======================
"C:\Users\otis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\hdvc@hdvc.com.xpi" deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\otis\AppData\Roaming\BabSolution\CR\Delta.crx[]
koalekbhpbggkcfhkkbolikjoaobbppi - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx[]
kpkbnefaikfaeadgidhpoanckoiaheli - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx[]
niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[]
nohfdhapjjlndfgjnmdlcabloeembdkj - C:\Users\otis\AppData\Roaming\BabSolution\CR\delta2.crx[]
YouTube - otis - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - otis - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Delta Toolbar - otis - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
PutLockerDownloader V3.0 - otis - Default\Extensions\koalekbhpbggkcfhkkbolikjoaobbppi
HDvid Codec - otis - Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Chrome In-App Payments service - otis - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Delta Toolbar - otis - Default\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj
Gmail - otis - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage-journal deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage-journal deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage-journal deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Extensions\koalekbhpbggkcfhkkbolikjoaobbppi deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage-journal deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj deleted successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nohfdhapjjlndfgjnmdlcabloeembdkj_0.localstorage deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.searchgol.com/?babsrc=HP_ss&mntrId=6C359439E582A7D9&affID=119357&tsp=5020"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchGol Url="http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6C359439E582A7D9&affID=119357&tsp=5020"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\koalekbhpbggkcfhkkbolikjoaobbppi deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj deleted successfully
==== HijackThis Entries ======================
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\otis\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\otis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\Files32\Antiphishing\IE\BGAntiphishingIE.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\Files32\BgAgent.dll
O23 - Service: AcerSyncSystemService - Unknown owner - C:\Program Files\Acer\AcerSync\AcerSyncSystemService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\otis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\otis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\otis\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\otis\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\otis\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found
"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found
"C:\ProgramData\BitGuard" not found
"C:\ProgramData\BitGuard" not found
==== EOF on di 01-10-2013 at 22:32:18,84 ======================