Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Facebook Virus. Warning and please help.


  • This topic is locked This topic is locked
9 replies to this topic

#1 wilfredzla

wilfredzla

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 22 February 2014 - 04:57 AM

Hello all,

 

Yesterday i received 2 messages at Facebook containing a FB Virus. I ignored the first one, but then i got one more from a guy a know abd without

thinking i opend the zipfile and dubbelclicked the .jar file inside. My screen flashed 1 time and nothing happend. At this point i kinda had a feeling whats going

on and did some research and it is a FB virus.

 

After this i changed my password of Facebook, ran my mcafee and SuperAntiSpyware. After some help i also downloaded and scanned with the following programs:

 

- Malwarebytes

- ADWCleaner
• RogueKiller
• Malwarebytes Anti-Rootkit
• TDSSKiller

 

Obviously i removed everything i found. I also updated Windows and tried to update jave, but it didnt let me ( i am at version 7, update 21 )

 

Because noone i talked is formiliar with this particul virus i am still worried , should i ? Not about my Facebook account, but about my PC in general.

I am kind of a newbie with this and is there a chance they can acces all kind of stuff on my computer now (bankaccounts, affiliate account i.e )

Or can i rest assured after all these scans.

 

Here are the 2 messages i got on Facebook:

 

- Someone added me on skype pretending to be you. I took a screenshot!!! Do you know her?? IMG_93532.zip
- do you know her?? She is uploading some of your photos
IMG_03934.zip

 

Thanks for the help in advance.

Wilfred



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 22 February 2014 - 02:09 PM

Hello Wilfred,

Obviously i removed everything i found.

Please post up all the log files that show what you've removed.

And run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 wilfredzla

wilfredzla
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 23 February 2014 - 04:44 PM

Hello aharonov,

 

Here are some log files of the scns i ran earlier:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Databaseversie: v2014.02.20.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Wilfred :: Willie [administrator]

21-2-2014 9:35:40
MBAM-log-2014-02-21 (11-34-17).txt

Scan type: Volledige scan (C:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 640323
Verstreken tijd: 1 uur/uren, 56 minuut/minuten, 58 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 25
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Geen actie ondernomen.
HKCR\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Geen actie ondernomen.
HKCR\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} (PUP.Optional.Bandoo.A) -> Geen actie ondernomen.
HKCR\BrowserConnection.Loader.1 (PUP.Optional.Bandoo.A) -> Geen actie ondernomen.
HKCR\BrowserConnection.Loader (PUP.Optional.Bandoo.A) -> Geen actie ondernomen.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Geen actie ondernomen.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Geen actie ondernomen.
HKCR\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
HKCR\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
HKCR\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
HKCR\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Geen actie ondernomen.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Geen actie ondernomen.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
HKCR\SearchQUIEHelper.DNSGuard (PUP.Optional.SearchQu) -> Geen actie ondernomen.
HKCR\SearchQUIEHelper.DNSGuard.1 (PUP.Optional.SearchQu) -> Geen actie ondernomen.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Geen actie ondernomen.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Geen actie ondernomen.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Geen actie ondernomen.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Geen actie ondernomen.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Geen actie ondernomen.
HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7abe12ca-e995-4ab4-9a4e-ef8820a20182} (PUP.Optional.SearchResults.A) -> Geen actie ondernomen.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7abe12ca-e995-4ab4-9a4e-ef8820a20182} (PUP.Optional.SearchResults.A) -> Geen actie ondernomen.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7abe12ca-e995-4ab4-9a4e-ef8820a20182} (PUP.Optional.SearchResults.A) -> Geen actie ondernomen.

Registerwaarden gedetecteerd: 2
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0L1N1H2O1S -> Geen actie ondernomen.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7abe12ca-e995-4ab4-9a4e-ef8820a20182} (PUP.Optional.SearchResults.A) -> Data: Search-Results Toolbar -> Geen actie ondernomen.

Registerdata gedetecteerd: 3
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Datamngr.A) -> Slecht: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) Goed: () -> Geen actie ondernomen.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Datamngr.A) -> Slecht: (C:\PROGRA~3\Wincert\WIN32C~1.DLL) Goed: () -> Geen actie ondernomen.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Datamngr.A) -> Slecht: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) Goed: () -> Geen actie ondernomen.

Mappen gedetecteerd: 17
C:\Program Files (x86)\RegClean Pro (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\ProgramData\BrowserDefender\2.6.1339.144 (PUP.Optional.BrowserDefender.A) -> Geen actie ondernomen.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\css (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64 (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.

Bestanden gedetecteerd: 102
C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll (PUP.Optional.Bandoo.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\IEBHO.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\ProgramData\YTD Video Downloader\ytd_installer.exe (PUP.Optional.Spigot.A) -> Geen actie ondernomen.
C:\Users\Wilfred\Desktop\DIVERS!\YTDSetup-1-.exe (PUP.Optional.Spigot.A) -> Geen actie ondernomen.
C:\Users\Wilfred\Downloads\SFInstaller_SFFZ_filezilla_8992693_.exe (PUP.Optional.Spigot.A) -> Geen actie ondernomen.
C:\Users\Wilfred\Downloads\SoftonicDownloader_voor_winzip.exe (PUP.Optional.Softonic.A) -> Geen actie ondernomen.
C:\Users\Wilfred\Downloads\SoftonicDownloader_voor_ytd-video-downloader.exe (PUP.Optional.Softonic.A) -> Geen actie ondernomen.
C:\Windows\Tasks\RegClean Pro_UPDATES.job (PUP.Optional.RegCleanerPro.J) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\TraditionalCn_rcp_zh-tw.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\Chinese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\CleanSchedule.exe (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\Danish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\Dutch_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\eng_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\Finnish_rcp_fi.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\French_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\German_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\greek_rcp_el.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\install_left_image.bmp (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\isxdl.dll (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\Italian_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\Japanese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\korean_rcp_ko.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\Norwegian_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\polish_rcp_pl.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\portugese_rcp_pt.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\Portuguese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\RCPUninstall.exe (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\RegCleanPro.dll (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\russian_rcp_ru.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\Spanish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\Swedish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\systweakasp.exe (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\turkish_rcp_tr.ini (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\unins000.dat (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\unins000.exe (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\unins000.msg (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Program Files (x86)\RegClean Pro\xmllite.dll (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Windows\Tasks\RegClean Pro_DEFAULT.job (PUP.Optional.RegCleanPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> Geen actie ondernomen.
C:\ProgramData\Wincert\win32cert.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\ProgramData\Wincert\win64cert.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\ProgramData\Wincert\win32prop.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\ProgramData\Wincert\win64prop.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> Geen actie ondernomen.
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngr.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\DnsBHO.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\installhelper.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\manifest.json (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\OurLocalPage.html (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\new-tab.html (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\css\new-tab.css (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_amazon.png (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ebay.png (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_facebook.png (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_fantastigames.png (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ftalk.png (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_youtube.png (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\IDR_WEBSTORE_ICON.png (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\imesh_logo_128.png (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\analytics.js (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\constant.js (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\default-config.js (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\jquery.js (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\localStorage.js (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\new-tab.js (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\preferences.js (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\datamngr.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\DnsBHO.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\IEBHO.dll (PUP.Optional.Datamngr.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\1365152318.reg (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Dutch_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_02-15-2014.log (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_02-16-2014.log (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_02-17-2014.log (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_02-18-2014.log (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_02-19-2014.log (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_02-20-2014.log (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\productSetup_Setup_4_10_2013.exe (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\rcpupdate.ini (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\summary2.bin (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rmx (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rxb (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rmx (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rxb (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rmx (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rxb (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000005.rmx (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000005.rxb (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000006.rmx (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000006.rxb (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000007.rmx (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.
C:\Users\Wilfred\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000007.rxb (PUP.Optional.RegCleanerPro.A) -> Geen actie ondernomen.

(einde)

 

 

Here is another log:

 

# AdwCleaner v3.019 - Report created 21/02/2014 at 13:14:49
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Wilfred - Willie
# Running from : C:\Users\Wilfred\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Public\Desktop\RegClean Pro.lnk
File Found : C:\Users\Wilfred\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage
File Found : C:\Users\Wilfred\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal
File Found : C:\Users\Wilfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
File Found : C:\Users\Wilfred\Desktop\jZip.lnk
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\DSite
File Found : C:\Windows\Tasks\DSite.job
Folder Found C:\Program Files (x86)\GreenTree Applications
Folder Found C:\Program Files (x86)\jZip
Folder Found C:\Program Files (x86)\Search Results Toolbar
Folder Found C:\Program Files (x86)\Systweak
Folder Found C:\Program Files (x86)\WinZip Registry Optimizer
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\Browser Manager
Folder Found C:\ProgramData\BrowserDefender
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Found C:\ProgramData\wincert
Folder Found C:\Users\Wilfred\AppData\Local\jZip
Folder Found C:\Users\Wilfred\AppData\Local\Temp\jZip
Folder Found C:\Users\Wilfred\AppData\Roaming\Babylon
Folder Found C:\Users\Wilfred\AppData\Roaming\DSite
Folder Found C:\Users\Wilfred\AppData\Roaming\Systweak

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN32C~1.DLL
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL
Key Found : HKCU\Software\9edadcb33dea49
Key Found : HKCU\Software\APN DTX
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\caphyon
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\jZip
Key Found : HKCU\Software\jziptoolbargaw
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\systweak
Key Found : [x64] HKCU\Software\APN DTX
Key Found : [x64] HKCU\Software\BabSolution
Key Found : [x64] HKCU\Software\caphyon
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : [x64] HKCU\Software\jZip
Key Found : [x64] HKCU\Software\jziptoolbargaw
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\9edadcb33dea49
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\caphyon
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\jZip.file
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\jZip
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_winzip_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_winzip_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\systweak
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\DataMngr
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v19.0.2 (nl)

[ File : C:\Users\Wilfred\AppData\Roaming\Mozilla\Firefox\Profiles\ij2w1baw.default-1392981782488\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Wilfred\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : urls_to_restore_on_startup
Found : homepage
Found : search_url
Found : keyword

*************************

AdwCleaner[R0].txt - [8153 octets] - [21/02/2014 13:14:49]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8213 octets] ##########

 

Here is my roquekiller log:

 

RogueKiller V8.8.8 [Feb 19 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

besturingssysteem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestart vanuit : Normale modus
Gebruiker : Wilfred [Administrator rechten]
Modus : Scan -- Datum : 02/21/2014 15:06:55
| ARK || FAK || MBR |

¤¤¤ Kwaadaardige processen : 0 ¤¤¤

¤¤¤ Register verwijzingen : 6 ¤¤¤
[HJ POL][PUM] HKLM[...]\System : DisableTaskMgr (0) -> gevonden
[HJ POL][PUM] HKLM[...]\System : DisableRegistryTools (0) -> gevonden
[HJ POL][PUM] HKLM[...]\Wow6432Node[...]\System : DisableTaskMgr (0) -> gevonden
[HJ POL][PUM] HKLM[...]\Wow6432Node[...]\System : DisableRegistryTools (0) -> gevonden
[HJ DESK][PUM] HKLM[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> gevonden
[HJ DESK][PUM] HKLM[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden

¤¤¤ geplande taken : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ webbrowsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Speciale Files / Folders: ¤¤¤

¤¤¤ Driver : [Niet geladen 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infectie : ¤¤¤

¤¤¤ HOSTS Bestand: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


¤¤¤ MBR Controle: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500420AS +++++
--- User ---
[MBR] 14a48eda348a9933c8345deb3bdbb880
[BSP] dea9defa67a18cc486b8c709b2ee22f0 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 208896 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30928896 | Size: 461837 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Gereed : << RKreport[0]_S_02212014_150655.txt >>



#4 wilfredzla

wilfredzla
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 23 February 2014 - 05:08 PM

Here are the 2 files of the FRST scan i just ran ( is it save t post all this info ? :) )

 

FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 02
Ran by Wilfred (administrator) on Willie on 23-02-2014 22:46:44
Running from C:\Users\Wilfred\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Dutch Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtKbd.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\chrome.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2370856 2010-09-24] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel® Corporation)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-25] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [ROC_roc_ssl_v12] - "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-10] (Dell)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1332975666-1747716022-2878370280-1000\...\Run: [Google Update] - C:\Users\Wilfred\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-26] (Google Inc.)
HKU\S-1-5-21-1332975666-1747716022-2878370280-1000\...\Run: [EPSON SX218 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1332975666-1747716022-2878370280-1000\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6588144 2013-10-10] (SUPERAntiSpyware)
HKU\S-1-5-21-1332975666-1747716022-2878370280-1000\...\MountPoints2: {3ad72367-219d-11e2-9638-14feb5b3911a} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1332975666-1747716022-2878370280-1000\...\MountPoints2: {7af0c6c0-9fe2-11e0-b037-806e6f6e6963} - E:\unlock.exe autoplay=true
HKU\S-1-5-21-1332975666-1747716022-2878370280-1000\...\MountPoints2: {bcc1514b-0516-11e3-91ff-14feb5b3911a} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1332975666-1747716022-2878370280-1000\...\MountPoints2: {bcc151b9-0516-11e3-91ff-14feb5b3911a} - E:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Wilfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technologie monitor 2.0.lnk
ShortcutTarget: Intel® Turbo Boost Technologie monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=nl&l=nl&s=gen
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {ACCE0ACA-56B2-467C-93CA-17F0F198E0BF} URL = http://nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
SearchScopes: HKCU - {ACCE0ACA-56B2-467C-93CA-17F0F198E0BF} URL = http://nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Wilfred\AppData\Roaming\Mozilla\Firefox\Profiles\ij2w1baw.default-1392981782488
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Wilfred\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Wilfred\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Wilfred\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bolcom-nl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\marktplaats-nl.xml
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2011-06-18]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchKeyword: search-results.com
CHR DefaultSearchProvider: Search Results
CHR DefaultSearchURL: http://dts.search-results.com/sr?src=crb&gct=ds&appid=100&systemid=102&apn_dtid=BND102&apn_ptnrs=AG7&o=APN10646&apn_uid=1975349331594474&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Wilfred\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Wilfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (DubLi Toolbar) - C:\Users\Wilfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\clagbfpdfojpoondfdloibkiaipdeibm [2013-12-06]
CHR Extension: (Google Zoeken) - C:\Users\Wilfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (Gmail) - C:\Users\Wilfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR StartMenuInternet: Google Chrome - C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [264488 2013-03-05] (Systweak Software, (www.systweak.com))
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1028464 2012-10-19] (iolo technologies, LLC)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-08] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R2 postgresql-8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w [X]

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2012-10-18] (EldoS Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 toshidpt; C:\Windows\System32\drivers\Toshidpt.sys [9608 2009-06-19] (TOSHIBA Corporation.)

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Accelern.sys E0065CBF1A25C015C218457D2CD522B9
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\System32\drivers\cfwids.sys 27DB8CC56E87042BCAF4668B53618C04
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CtClsFlt.sys FBE228ABEAB2BE13B9C3A3A112D4D8DC
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\ElRawDsk.sys 627350A11295D82BF78D155B12FFD0EF
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\System32\drivers\HipShieldK.sys 29F981739E50305128022CBE10B3659C
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\System32\DRIVERS\htcnprot.sys B8B1B284362E1D8135112573395D5DA5
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys D469B77687E12FE43E344806740B624D
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 8FED6428FDE53D7F4C105095F22524BE
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\jmcr.sys 43F319DE026E04B9CF9219A14BF24FE8
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\mfeapfk.sys 5C83E2DE29D603259AF04273D6485A42
C:\Windows\System32\drivers\mfeavfk.sys E06E9155364C4448B1529FB626256168
C:\Windows\System32\drivers\mfefirek.sys C2DA65EBCA098520CCA33B81343144A2
C:\Windows\System32\drivers\mfehidk.sys D1895C38D9B1D85557F5514A68A48EC9
C:\Windows\System32\DRIVERS\mfencbdc.sys FDB02B0C2865DBDE9571D57D3ABC6A6B
C:\Windows\System32\DRIVERS\mfencrk.sys C3EE053D6A0CCD75C07FADC73D7BA4E4
C:\Windows\System32\drivers\mfewfpk.sys 4DB07846C1BC5ED4305C6481B6998EF9
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETwNs64.sys 5D262402B0634C998F8CBCEAD7DD8676
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys E453ACF4E7D44E5530B5D5F2B9CA8563
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 0EBC9D13CD96C15B1B18D8678A609E4B
C:\Windows\System32\DRIVERS\nusb3xhc.sys 7BDEC000D56D485021D9C1E63C2F81CA
C:\Windows\System32\drivers\nvhda64v.sys 805F0C2B9C07E4C0F74D0EF70E9E827A
C:\Windows\System32\DRIVERS\nvlddmkm.sys EE6B7B6A54BCAFF516E30B1C15467495
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\System32\DRIVERS\nvstusb.sys D833919630E744B0377B30CC87E50847
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PDFsFilter.sys 8570C04D9DBFDDD2CCF655DEB4D84715
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PSKMAD.sys 05A0C2744CEAC6F1B723EC469B650EF0
C:\Windows\System32\Drivers\PxHlpa64.sys 87B04878A6D59D6C79251DC960C674C1
C:\Windows\System32\DRIVERS\qicflt.sys 0928BD20273625622722FE1DE5BBDE57
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\revoflt.sys 9C3AC71A9934B884FAC567A8807E9C4D
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0
C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 3289766038DB2CB14D07DC84392138D5
C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 58A38E75F3316A83C23DF6173D41F2B5
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\stdcfltn.sys 92E7F6666633D2DD91D527503DAA7BE0
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 5E3B232A614339399ACC71FA3AAAAA6B
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Toshidpt.sys 755E5CA34D6186FC0E1430CD47E6E97C
C:\Windows\System32\DRIVERS\tosporte.sys 8021F63311797085949FA387F7C83583
C:\Windows\System32\DRIVERS\tosrfbd.sys 0ADC36861F0D11A916EF78995272FDB7
C:\Windows\System32\Drivers\tosrfbnp.sys 62512B5277D88600F8BD4B7AEC43569D
C:\Windows\System32\Drivers\tosrfcom.sys C523A9186C39D65CC9ADEBB2E1B93CCD
C:\Windows\System32\DRIVERS\Tosrfhid.sys 451B8C1815C6CC39650AF916C2A382CD
C:\Windows\System32\DRIVERS\tosrfnds.sys B6FDC3C76FFE9C5171EEA9C37EA367C2
C:\Windows\System32\drivers\tosrfsnd.sys E1E045240C1184FA6628F3C7E7FF85D8
C:\Windows\System32\DRIVERS\tosrfusb.sys DA7AA562448E29CA895895920BFF8946
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TurboB.sys FD24F98D2898BE093FE926604BE7DB99
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 91D3C92A44FC682DD791147604E79152
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys F7FFDF2A1D19A76A87759126B244C816
C:\Windows\System32\DRIVERS\usbhub.sys 245FE7FC634D6A993E682E0A9EBA4ABB
C:\Windows\system32\drivers\usbohci.sys C1A8966E0D09BFB501045105B30D86F2
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 2E682DCE4319A90E02A327F8A427544A
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\system32\drivers\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wimfltr.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\system32\drivers\WSDScan.sys 4A2A5C50DD1A63577D3ACA94269FBC7F
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-23 22:46 - 2014-02-23 22:47 - 00040513 _____ () C:\Users\Wilfred\Downloads\FRST.txt
2014-02-23 22:46 - 2014-02-23 22:46 - 00000000 ____D () C:\FRST
2014-02-23 22:40 - 2014-02-23 22:40 - 02155520 _____ (Farbar) C:\Users\Wilfred\Downloads\FRST64.exe
2014-02-22 10:35 - 2014-02-22 10:35 - 02347384 _____ (ESET) C:\Users\Wilfred\Downloads\esetsmartinstaller_enu.exe
2014-02-22 01:06 - 2014-02-22 01:10 - 00026664 _____ () C:\Users\Wilfred\Downloads\List 1 22-2.txt
2014-02-22 01:06 - 2014-02-22 01:10 - 00000275 _____ () C:\Users\Wilfred\Downloads\Sq page design 22-2.txt
2014-02-22 01:06 - 2014-02-22 01:09 - 00000435 _____ () C:\Users\Wilfred\Downloads\twitter 22-2.txt
2014-02-22 01:06 - 2014-02-22 01:09 - 00000102 _____ () C:\Users\Wilfred\Downloads\funnelkit 22-2.txt
2014-02-22 01:06 - 2014-02-22 01:08 - 00005273 _____ () C:\Users\Wilfred\Downloads\Mylist 22-2.txt
2014-02-22 01:06 - 2014-02-22 01:08 - 00004871 _____ () C:\Users\Wilfred\Downloads\Google 22-2.txt
2014-02-22 01:06 - 2014-02-22 01:08 - 00000293 _____ () C:\Users\Wilfred\Downloads\buyerslist.txt
2014-02-22 01:06 - 2014-02-22 01:07 - 00001056 _____ () C:\Users\Wilfred\Downloads\Penny 22-2.txt
2014-02-22 01:06 - 2014-02-22 01:06 - 00028027 _____ () C:\Users\Wilfred\Downloads\DSD 22-2.txt
2014-02-22 00:20 - 2013-04-29 08:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-02-22 00:12 - 2013-06-12 13:10 - 00033512 _____ () C:\Windows\system32\Drivers\DasPtct.SYS
2014-02-22 00:11 - 2014-02-22 00:11 - 28656912 _____ (Panda Security ) C:\Users\Wilfred\Downloads\PandaCloudCleaner.exe
2014-02-21 23:23 - 2014-02-21 23:23 - 00000000 ____D () C:\Users\Wilfred\AppData\Roaming\Systweak
2014-02-21 19:25 - 2014-02-22 11:51 - 00000000 ____D () C:\Revo Uninstaller Pro
2014-02-21 19:25 - 2014-02-21 19:25 - 00000707 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-02-21 19:25 - 2014-02-21 19:25 - 00000000 ____D () C:\Users\Wilfred\AppData\Local\VS Revo Group
2014-02-21 19:25 - 2014-02-21 19:25 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-02-21 19:25 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-02-21 19:22 - 2014-02-21 19:22 - 10619688 _____ (VS Revo Group ) C:\Users\Wilfred\Downloads\RevoUninProSetup.exe
2014-02-21 17:48 - 2013-03-29 10:29 - 00174496 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-21 17:48 - 2013-03-29 10:29 - 00174496 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-21 17:46 - 2014-02-21 17:48 - 00000278 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-21 17:06 - 2014-02-21 17:06 - 00000029 _____ () C:\Users\Wilfred\AppData\Roaming\mbam.context.scan
2014-02-21 16:17 - 2014-02-21 16:17 - 00921000 _____ (Oracle Corporation) C:\Users\Wilfred\Downloads\jxpiinstall.exe
2014-02-21 15:14 - 2014-02-21 15:53 - 00000000 ____D () C:\Users\Wilfred\Desktop\mbar
2014-02-21 15:14 - 2014-02-21 15:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-21 15:14 - 2014-02-21 15:14 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-21 15:13 - 2014-02-21 15:13 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Wilfred\Downloads\mbar-1.07.0.1009.exe
2014-02-21 15:08 - 2014-02-21 15:08 - 00002114 _____ () C:\Users\Wilfred\Desktop\RKreport[0]_D_02212014_150829.txt
2014-02-21 15:06 - 2014-02-21 15:06 - 00001964 _____ () C:\Users\Wilfred\Desktop\RKreport[0]_S_02212014_150655.txt
2014-02-21 15:02 - 2014-02-21 15:09 - 00000000 ____D () C:\Users\Wilfred\Desktop\RK_Quarantine
2014-02-21 15:01 - 2014-02-21 15:01 - 03817984 _____ () C:\Users\Wilfred\Downloads\RogueKiller.exe
2014-02-21 14:22 - 2014-02-21 17:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-21 13:14 - 2014-02-21 20:59 - 00000000 ____D () C:\AdwCleaner
2014-02-21 13:13 - 2014-02-21 13:14 - 01241834 _____ () C:\Users\Wilfred\Downloads\AdwCleaner.exe
2014-02-21 12:23 - 2014-02-21 12:23 - 00000000 ____D () C:\Users\Wilfred\Desktop\Oude Firefox-gegevens
2014-02-20 20:55 - 2014-02-20 20:55 - 00000000 ____D () C:\Users\Wilfred\AppData\Roaming\Malwarebytes
2014-02-20 20:54 - 2014-02-20 20:54 - 00000710 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-20 20:54 - 2014-02-20 20:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-20 20:54 - 2014-02-20 20:54 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-02-20 20:54 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-20 20:53 - 2014-02-20 20:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Wilfred\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-17 16:42 - 2014-02-18 16:13 - 00000000 ____D () C:\Users\Wilfred\Desktop\FB Fast Cash
2014-02-16 21:27 - 2014-02-16 21:27 - 00000296 _____ () C:\Users\Wilfred\Desktop\GETRESPONSE PLAN.txt
2014-02-14 14:31 - 2014-02-14 14:31 - 00000139 _____ () C:\Users\Wilfred\Desktop\jhjbhgghv.url
2014-02-14 14:27 - 2014-02-14 14:28 - 00000139 _____ () C:\Users\Wilfred\Desktop\Bonus 1 .url
2014-02-14 14:09 - 2014-02-14 14:10 - 00000562 _____ () C:\Users\Wilfred\Desktop\Reset_Gadgets.bat
2014-02-14 01:16 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 01:16 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 01:16 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 01:16 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 01:15 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 01:15 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 01:15 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 01:15 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 01:15 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 01:15 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 01:15 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 01:15 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 01:15 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 01:15 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 01:15 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 01:15 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 01:15 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 01:15 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 01:15 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 01:15 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 01:15 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 01:15 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 01:15 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 01:15 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 01:15 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 01:15 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 01:15 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 01:15 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 01:15 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 01:15 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 01:15 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 01:15 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 01:15 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 01:15 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 01:15 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 01:15 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 01:15 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 01:15 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 01:15 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 01:15 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 01:15 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 22:26 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 22:26 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 22:26 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 22:26 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 22:26 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 22:26 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 22:26 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 22:26 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 22:26 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 22:26 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 22:26 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 22:26 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 22:26 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 22:26 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 22:26 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 22:26 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 22:26 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 22:26 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 22:26 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 22:26 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 22:26 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 22:26 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 22:26 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 22:26 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 22:26 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 22:26 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 22:26 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 22:26 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 18:58 - 2014-02-12 18:58 - 00001768 _____ () C:\Users\Wilfred\Downloads\popup-jquery - Centered Popup.txt
2014-02-12 00:07 - 2014-02-12 00:11 - 00000000 ____D () C:\Users\Wilfred\Desktop\Products Bought
2014-02-11 13:41 - 2014-02-11 13:41 - 00419375 _____ () C:\Users\Wilfred\Downloads\Earn Like Me On Valentines Day.txt
2014-02-10 12:08 - 2014-02-10 12:08 - 00008264 _____ () C:\Users\Wilfred\Desktop\Export Active Buyerslist leads PL excel.xlsx
2014-02-10 12:07 - 2014-02-10 12:07 - 00000298 _____ () C:\Users\Wilfred\Desktop\Export Buyerslist PL.txt
2014-02-10 12:06 - 2014-02-10 12:06 - 00008322 _____ () C:\Users\Wilfred\Desktop\Export Active Twitter leads PL excel.xlsx
2014-02-10 12:05 - 2014-02-10 12:05 - 00000385 _____ () C:\Users\Wilfred\Desktop\Export Twitter PL.txt
2014-02-10 12:04 - 2014-02-10 12:04 - 00011797 _____ () C:\Users\Wilfred\Desktop\Export Active Googleplus leads PL excel.xlsx
2014-02-10 12:03 - 2014-02-10 12:03 - 00004965 _____ () C:\Users\Wilfred\Desktop\Export Googleplus PL.txt
2014-02-10 12:02 - 2014-02-10 12:09 - 00012168 _____ () C:\Users\Wilfred\Desktop\Export Active Mylist leads PL excel.xlsx
2014-02-10 12:01 - 2014-02-10 12:01 - 00005304 _____ () C:\Users\Wilfred\Desktop\Export Mylist PL.txt
2014-02-10 12:00 - 2014-02-10 12:00 - 00008805 _____ () C:\Users\Wilfred\Desktop\Export Active Pennymatrix leads PL excel.xlsx
2014-02-10 11:59 - 2014-02-10 11:59 - 00001033 _____ () C:\Users\Wilfred\Desktop\Export Pennymatrix PL.txt
2014-02-10 11:52 - 2014-02-10 11:52 - 00021475 _____ () C:\Users\Wilfred\Desktop\Export Active List 1 leads PL excel.xlsx
2014-02-10 11:51 - 2014-02-10 11:51 - 00017496 _____ () C:\Users\Wilfred\Desktop\Export List 1 PL.txt
2014-02-10 11:47 - 2014-02-10 11:47 - 00028012 _____ () C:\Users\Wilfred\Desktop\Export Active DSD leads PL excel.xlsx
2014-02-10 11:45 - 2014-02-10 11:45 - 00026791 _____ () C:\Users\Wilfred\Desktop\export DSD list PL.txt
2014-02-09 23:47 - 2014-02-09 23:47 - 00001279 _____ () C:\Users\Wilfred\Downloads\config.inc.php
2014-02-09 21:16 - 2014-02-09 21:19 - 00000000 ____D () C:\Users\Wilfred\Desktop\PLR PACKAGE
2014-02-07 12:50 - 2014-02-07 12:50 - 02567111 _____ () C:\Users\Wilfred\Desktop\myclickbossclickboss.sql
2014-02-06 21:31 - 2014-02-20 20:16 - 00000000 ____D () C:\Users\Wilfred\Desktop\CLICKBANKING
2014-02-06 13:00 - 2014-02-06 13:00 - 00995455 _____ () C:\Users\Wilfred\Downloads\myclickboss-upgrade-1.1-to-2.0.zip
2014-02-03 13:24 - 2014-02-03 13:24 - 00540690 _____ () C:\Users\Wilfred\Downloads\404Pageimporttemplate.zip
2014-01-29 22:25 - 2014-01-29 22:25 - 00002913 _____ () C:\Users\Wilfred\Downloads\image.php
2014-01-24 12:25 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys

==================== One Month Modified Files and Folders =======

2014-02-23 22:47 - 2014-02-23 22:46 - 00040513 _____ () C:\Users\Wilfred\Downloads\FRST.txt
2014-02-23 22:46 - 2014-02-23 22:46 - 00000000 ____D () C:\FRST
2014-02-23 22:40 - 2014-02-23 22:40 - 02155520 _____ (Farbar) C:\Users\Wilfred\Downloads\FRST64.exe
2014-02-23 22:34 - 2009-07-14 05:45 - 00025008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-23 22:34 - 2009-07-14 05:45 - 00025008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-23 22:32 - 2011-06-18 06:51 - 01262962 _____ () C:\Windows\WindowsUpdate.log
2014-02-23 22:29 - 2013-03-28 23:32 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-23 22:27 - 2011-06-18 14:09 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-02-23 22:26 - 2011-12-05 18:33 - 00000000 ____D () C:\Users\postgres
2014-02-23 22:26 - 2011-06-24 13:43 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-02-23 22:26 - 2011-06-24 13:43 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-02-23 22:26 - 2011-06-18 06:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-23 22:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-23 22:26 - 2009-07-14 05:51 - 00193992 _____ () C:\Windows\setupact.log
2014-02-22 12:05 - 2011-02-15 09:00 - 01688448 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-22 12:05 - 2010-11-21 17:48 - 00765512 _____ () C:\Windows\system32\perfh013.dat
2014-02-22 12:05 - 2010-11-21 17:48 - 00161262 _____ () C:\Windows\system32\perfc013.dat
2014-02-22 12:05 - 2009-07-14 06:13 - 01688448 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-22 11:51 - 2014-02-21 19:25 - 00000000 ____D () C:\Revo Uninstaller Pro
2014-02-22 11:26 - 2011-06-26 17:26 - 00001074 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1332975666-1747716022-2878370280-1000UA.job
2014-02-22 11:26 - 2011-06-26 17:26 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1332975666-1747716022-2878370280-1000Core.job
2014-02-22 10:35 - 2014-02-22 10:35 - 02347384 _____ (ESET) C:\Users\Wilfred\Downloads\esetsmartinstaller_enu.exe
2014-02-22 10:10 - 2014-01-08 22:02 - 00003158 _____ () C:\Windows\System32\Tasks\Advanced System Optimizer
2014-02-22 01:10 - 2014-02-22 01:06 - 00026664 _____ () C:\Users\Wilfred\Downloads\List 1 22-2.txt
2014-02-22 01:10 - 2014-02-22 01:06 - 00000275 _____ () C:\Users\Wilfred\Downloads\Sq page design 22-2.txt
2014-02-22 01:09 - 2014-02-22 01:06 - 00000435 _____ () C:\Users\Wilfred\Downloads\twitter 22-2.txt
2014-02-22 01:09 - 2014-02-22 01:06 - 00000102 _____ () C:\Users\Wilfred\Downloads\funnelkit 22-2.txt
2014-02-22 01:08 - 2014-02-22 01:06 - 00005273 _____ () C:\Users\Wilfred\Downloads\Mylist 22-2.txt
2014-02-22 01:08 - 2014-02-22 01:06 - 00004871 _____ () C:\Users\Wilfred\Downloads\Google 22-2.txt
2014-02-22 01:08 - 2014-02-22 01:06 - 00000293 _____ () C:\Users\Wilfred\Downloads\buyerslist.txt
2014-02-22 01:07 - 2014-02-22 01:06 - 00001056 _____ () C:\Users\Wilfred\Downloads\Penny 22-2.txt
2014-02-22 01:06 - 2014-02-22 01:06 - 00028027 _____ () C:\Users\Wilfred\Downloads\DSD 22-2.txt
2014-02-22 00:20 - 2011-06-24 13:41 - 00134368 _____ () C:\Users\Wilfred\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-22 00:17 - 2010-11-21 04:47 - 00597802 _____ () C:\Windows\PFRO.log
2014-02-22 00:11 - 2014-02-22 00:11 - 28656912 _____ (Panda Security ) C:\Users\Wilfred\Downloads\PandaCloudCleaner.exe
2014-02-21 23:59 - 2013-11-03 19:04 - 00000000 ____D () C:\Users\Wilfred\Desktop\Ads
2014-02-21 23:59 - 2013-10-29 17:06 - 00015536 _____ () C:\Users\Wilfred\Desktop\new megaposter ads.odt
2014-02-21 23:23 - 2014-02-21 23:23 - 00000000 ____D () C:\Users\Wilfred\AppData\Roaming\Systweak
2014-02-21 23:21 - 2011-06-18 14:21 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-02-21 21:03 - 2009-07-14 05:45 - 00511896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-21 20:59 - 2014-02-21 13:14 - 00000000 ____D () C:\AdwCleaner
2014-02-21 19:25 - 2014-02-21 19:25 - 00000707 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-02-21 19:25 - 2014-02-21 19:25 - 00000000 ____D () C:\Users\Wilfred\AppData\Local\VS Revo Group
2014-02-21 19:25 - 2014-02-21 19:25 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-02-21 19:22 - 2014-02-21 19:22 - 10619688 _____ (VS Revo Group ) C:\Users\Wilfred\Downloads\RevoUninProSetup.exe
2014-02-21 18:58 - 2013-03-19 10:23 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-21 17:50 - 2014-02-21 14:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-21 17:48 - 2014-02-21 17:46 - 00000278 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-21 17:48 - 2011-06-18 13:58 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-21 17:06 - 2014-02-21 17:06 - 00000029 _____ () C:\Users\Wilfred\AppData\Roaming\mbam.context.scan
2014-02-21 16:17 - 2014-02-21 16:17 - 00921000 _____ (Oracle Corporation) C:\Users\Wilfred\Downloads\jxpiinstall.exe
2014-02-21 15:53 - 2014-02-21 15:14 - 00000000 ____D () C:\Users\Wilfred\Desktop\mbar
2014-02-21 15:53 - 2014-02-21 15:14 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-21 15:29 - 2011-07-02 16:00 - 00000000 ____D () C:\ProgramData\PCDr
2014-02-21 15:29 - 2011-06-18 14:21 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-02-21 15:22 - 2013-05-22 13:41 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-02-21 15:14 - 2014-02-21 15:14 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-21 15:13 - 2014-02-21 15:13 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Wilfred\Downloads\mbar-1.07.0.1009.exe
2014-02-21 15:09 - 2014-02-21 15:02 - 00000000 ____D () C:\Users\Wilfred\Desktop\RK_Quarantine
2014-02-21 15:08 - 2014-02-21 15:08 - 00002114 _____ () C:\Users\Wilfred\Desktop\RKreport[0]_D_02212014_150829.txt
2014-02-21 15:06 - 2014-02-21 15:06 - 00001964 _____ () C:\Users\Wilfred\Desktop\RKreport[0]_S_02212014_150655.txt
2014-02-21 15:01 - 2014-02-21 15:01 - 03817984 _____ () C:\Users\Wilfred\Downloads\RogueKiller.exe
2014-02-21 14:34 - 2013-03-27 16:41 - 00000000 ____D () C:\Users\Wilfred\AppData\Local\Mozilla
2014-02-21 14:28 - 2013-03-27 16:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-21 13:14 - 2014-02-21 13:13 - 01241834 _____ () C:\Users\Wilfred\Downloads\AdwCleaner.exe
2014-02-21 12:59 - 2013-06-07 13:11 - 00000000 ____D () C:\Users\Wilfred\Desktop\DIVERS!
2014-02-21 12:23 - 2014-02-21 12:23 - 00000000 ____D () C:\Users\Wilfred\Desktop\Oude Firefox-gegevens
2014-02-20 23:28 - 2011-07-07 23:09 - 00000000 ____D () C:\Users\Wilfred\AppData\Roaming\Skype
2014-02-20 20:55 - 2014-02-20 20:55 - 00000000 ____D () C:\Users\Wilfred\AppData\Roaming\Malwarebytes
2014-02-20 20:54 - 2014-02-20 20:54 - 00000710 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-20 20:54 - 2014-02-20 20:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-20 20:54 - 2014-02-20 20:54 - 00000000 ____D () C:\Malwarebytes' Anti-Malware
2014-02-20 20:53 - 2014-02-20 20:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Wilfred\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-20 20:16 - 2014-02-06 21:31 - 00000000 ____D () C:\Users\Wilfred\Desktop\CLICKBANKING
2014-02-20 10:19 - 2013-12-20 19:55 - 00000000 ____D () C:\Users\Wilfred\Desktop\FunneKit Graphics
2014-02-19 11:00 - 2013-04-10 21:18 - 00000462 _____ () C:\Windows\Tasks\ASOService.job
2014-02-18 16:13 - 2014-02-17 16:42 - 00000000 ____D () C:\Users\Wilfred\Desktop\FB Fast Cash
2014-02-16 21:31 - 2013-08-15 00:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 21:29 - 2012-07-29 12:21 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 21:27 - 2014-02-16 21:27 - 00000296 _____ () C:\Users\Wilfred\Desktop\GETRESPONSE PLAN.txt
2014-02-16 13:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-16 11:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-16 11:21 - 2011-06-26 17:26 - 00004048 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332975666-1747716022-2878370280-1000UA
2014-02-16 11:21 - 2011-06-26 17:26 - 00003652 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332975666-1747716022-2878370280-1000Core
2014-02-15 11:25 - 2011-06-24 13:41 - 00000000 ____D () C:\Users\Wilfred
2014-02-15 00:33 - 2014-01-05 16:02 - 00000000 ____D () C:\Users\Wilfred\Desktop\List Building Academy
2014-02-14 14:31 - 2014-02-14 14:31 - 00000139 _____ () C:\Users\Wilfred\Desktop\jhjbhgghv.url
2014-02-14 14:28 - 2014-02-14 14:27 - 00000139 _____ () C:\Users\Wilfred\Desktop\Bonus 1 .url
2014-02-14 14:11 - 2013-08-31 21:03 - 00003148 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-02-14 14:10 - 2014-02-14 14:09 - 00000562 _____ () C:\Users\Wilfred\Desktop\Reset_Gadgets.bat
2014-02-14 13:51 - 2014-01-05 16:12 - 00000000 ____D () C:\Users\Wilfred\AppData\Roaming\FileZilla
2014-02-14 11:00 - 2013-04-10 21:18 - 00002986 _____ () C:\Windows\System32\Tasks\ASOService
2014-02-14 01:17 - 2011-07-07 19:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-14 01:17 - 2009-07-14 03:34 - 00000510 _____ () C:\Windows\win.ini
2014-02-13 22:18 - 2013-04-10 21:18 - 00000434 _____ () C:\Windows\Tasks\ASO-OneClickCare.job
2014-02-12 22:18 - 2013-04-10 21:18 - 00000464 _____ () C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job
2014-02-12 18:58 - 2014-02-12 18:58 - 00001768 _____ () C:\Users\Wilfred\Downloads\popup-jquery - Centered Popup.txt
2014-02-12 00:11 - 2014-02-12 00:07 - 00000000 ____D () C:\Users\Wilfred\Desktop\Products Bought
2014-02-11 13:41 - 2014-02-11 13:41 - 00419375 _____ () C:\Users\Wilfred\Downloads\Earn Like Me On Valentines Day.txt
2014-02-10 13:08 - 2013-10-21 10:21 - 00000000 ____D () C:\Users\Wilfred\Desktop\DSD
2014-02-10 12:09 - 2014-02-10 12:02 - 00012168 _____ () C:\Users\Wilfred\Desktop\Export Active Mylist leads PL excel.xlsx
2014-02-10 12:08 - 2014-02-10 12:08 - 00008264 _____ () C:\Users\Wilfred\Desktop\Export Active Buyerslist leads PL excel.xlsx
2014-02-10 12:07 - 2014-02-10 12:07 - 00000298 _____ () C:\Users\Wilfred\Desktop\Export Buyerslist PL.txt
2014-02-10 12:06 - 2014-02-10 12:06 - 00008322 _____ () C:\Users\Wilfred\Desktop\Export Active Twitter leads PL excel.xlsx
2014-02-10 12:05 - 2014-02-10 12:05 - 00000385 _____ () C:\Users\Wilfred\Desktop\Export Twitter PL.txt
2014-02-10 12:04 - 2014-02-10 12:04 - 00011797 _____ () C:\Users\Wilfred\Desktop\Export Active Googleplus leads PL excel.xlsx
2014-02-10 12:03 - 2014-02-10 12:03 - 00004965 _____ () C:\Users\Wilfred\Desktop\Export Googleplus PL.txt
2014-02-10 12:01 - 2014-02-10 12:01 - 00005304 _____ () C:\Users\Wilfred\Desktop\Export Mylist PL.txt
2014-02-10 12:00 - 2014-02-10 12:00 - 00008805 _____ () C:\Users\Wilfred\Desktop\Export Active Pennymatrix leads PL excel.xlsx
2014-02-10 11:59 - 2014-02-10 11:59 - 00001033 _____ () C:\Users\Wilfred\Desktop\Export Pennymatrix PL.txt
2014-02-10 11:52 - 2014-02-10 11:52 - 00021475 _____ () C:\Users\Wilfred\Desktop\Export Active List 1 leads PL excel.xlsx
2014-02-10 11:51 - 2014-02-10 11:51 - 00017496 _____ () C:\Users\Wilfred\Desktop\Export List 1 PL.txt
2014-02-10 11:47 - 2014-02-10 11:47 - 00028012 _____ () C:\Users\Wilfred\Desktop\Export Active DSD leads PL excel.xlsx
2014-02-10 11:45 - 2014-02-10 11:45 - 00026791 _____ () C:\Users\Wilfred\Desktop\export DSD list PL.txt
2014-02-09 23:47 - 2014-02-09 23:47 - 00001279 _____ () C:\Users\Wilfred\Downloads\config.inc.php
2014-02-09 21:19 - 2014-02-09 21:16 - 00000000 ____D () C:\Users\Wilfred\Desktop\PLR PACKAGE
2014-02-09 12:53 - 2013-12-20 01:54 - 00009602 _____ () C:\Users\Wilfred\Desktop\Chart Amit Jvzoo.xlsx
2014-02-07 12:50 - 2014-02-07 12:50 - 02567111 _____ () C:\Users\Wilfred\Desktop\myclickbossclickboss.sql
2014-02-06 13:16 - 2014-02-14 01:15 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 13:07 - 2014-01-16 14:00 - 00000000 ____D () C:\My Click BOSS
2014-02-06 13:00 - 2014-02-06 13:00 - 00995455 _____ () C:\Users\Wilfred\Downloads\myclickboss-upgrade-1.1-to-2.0.zip
2014-02-06 12:30 - 2014-02-14 01:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-14 01:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-14 01:15 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-14 01:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-14 01:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-14 01:15 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-14 01:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-14 01:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-14 01:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-14 01:15 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-14 01:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-14 01:15 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-14 01:15 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-14 01:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-14 01:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-14 01:15 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-14 01:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-14 01:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 01:15 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-14 01:15 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-14 01:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 01:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-14 01:15 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-14 01:15 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-14 01:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-14 01:15 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-14 01:15 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-14 01:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-14 01:15 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-14 01:15 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-14 01:15 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 01:15 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 01:15 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-14 01:15 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-14 01:15 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-14 01:15 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-14 01:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-14 01:15 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 11:20 - 2013-11-03 18:55 - 00000000 ____D () C:\Users\Wilfred\Desktop\Graphics
2014-02-04 09:39 - 2011-06-18 14:26 - 00000000 ____D () C:\ProgramData\Sonic
2014-02-03 13:24 - 2014-02-03 13:24 - 00540690 _____ () C:\Users\Wilfred\Downloads\404Pageimporttemplate.zip
2014-02-03 12:09 - 2011-06-18 14:21 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-01-29 22:25 - 2014-01-29 22:25 - 00002913 _____ () C:\Users\Wilfred\Downloads\image.php
2014-01-27 08:43 - 2011-03-13 17:20 - 00070592 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\cfwids.sys
2014-01-27 08:37 - 2011-06-18 14:21 - 00185792 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2014-01-27 08:37 - 2011-03-13 17:20 - 00344688 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfewfpk.sys
2014-01-27 08:33 - 2011-03-13 17:20 - 00783864 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfehidk.sys
2014-01-27 08:31 - 2011-03-13 17:20 - 00520696 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfefirek.sys
2014-01-27 08:30 - 2011-03-13 17:20 - 00311600 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys
2014-01-27 08:29 - 2011-03-13 17:20 - 00180272 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeapfk.sys
2014-01-24 15:52 - 2013-11-04 23:38 - 00000000 ____D () C:\Users\Wilfred\Desktop\Google in a Box

Some content of TEMP:
====================
C:\Users\Wilfred\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Wilfred\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Wilfred\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows-opstartbeheer
---------------------
id                      {bootmgr}
device                  partition=\Device\HarddiskVolume2
description             Windows Boot Manager
locale                  nl-nl
inherit                 {globalsettings}
default                 {current}
resumeobject            {5766b00c-99b7-11e0-ba32-14feb5b3911a}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows-opstartlaadprogramma
----------------------------
id                      {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  nl-nl
inherit                 {bootloadersettings}
recoverysequence        {5766b00e-99b7-11e0-ba32-14feb5b3911a}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {5766b00c-99b7-11e0-ba32-14feb5b3911a}
nx                      OptIn

Windows-opstartlaadprogramma
----------------------------
id                      {5766b00e-99b7-11e0-ba32-14feb5b3911a}
device                  ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5766b00f-99b7-11e0-ba32-14feb5b3911a}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5766b00f-99b7-11e0-ba32-14feb5b3911a}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Hervatten uit sluimerstand
--------------------------
id                      {5766b00c-99b7-11e0-ba32-14feb5b3911a}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  nl-NL
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-geheugentest
--------------------
id                      {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  nl-NL
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-instellingen
----------------
id                      {emssettings}
bootems                 Yes

Debugger-instellingen
---------------------
id                      {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-defecten
------------
id                      {badmemory}

Globale instellingen
--------------------
id                      {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Instellingen voor opstartlaadprogramma
--------------------------------------
id                      {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor-instellingen
-------------------
id                      {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Instellingen voor hervattingslaadprogramma
------------------------------------------
id                      {resumeloadersettings}
inherit                 {globalsettings}

Apparaatopties
--------------
id                      {5766b00f-99b7-11e0-ba32-14feb5b3911a}
description             Ramdisk Options
ramdisksdidevice        partition=\Device\HarddiskVolume2
ramdisksdipath          \Recovery\WindowsRE\boot.sdi



LastRegBack: 2014-02-18 12:24

==================== End Of Log ============================

 

Addition

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2014 02
Ran by Wilfred at 2014-02-23 22:48:16
Running from C:\Users\Wilfred\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Antivirus en antispyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Antivirus en antispyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version:  - Belastingdienst)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AliG Social Lead Freak (HKLM-x32\...\com.aligmarketing.slf) (Version: 1.8 - Ali M. Gadit)
AliG Social Lead Freak (x32 Version: 1.8 - Ali M. Gadit) Hidden
Betfair.com Poker (HKCU\...\Betfair.com Poker) (Version:  - )
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.11 - TOSHIBA CORPORATION)
Cake Poker (HKLM-x32\...\Cake Poker(uninstall)) (Version:  - )
Cake Poker 2.0 (HKLM-x32\...\Cake Poker 2.0) (Version: 2.0.1.6506 - Cake Poker N.V.)
CarbonPoker (HKCU\...\CarbonPoker) (Version: 5.0 - )
Citrix Online Launcher (HKLM-x32\...\{9976E1A1-E6AE-4C45-A89E-E26D2C4E01CE}) (Version: 1.0.162 - Citrix)
CREVbeta (HKLM-x32\...\{CEDAEBD9-3A63-4A63-9E20-EEE508AA87E7}) (Version: 2.8.6 - CardRunnersEV)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version:  - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{708496ED-87FA-43F1-A974-7783194CEBAA}) (Version: 1.5.402.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.30 - ArcSoft)
Dell Stage (HKLM-x32\...\{C9D232EF-5F74-40F8-A5E0-11F588D44170}) (Version: 1.7.209.0 - Vingertoppen)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.125 - PC-Doctor, Inc.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1719 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1719 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX218 Series Handboek (HKLM-x32\...\EPSON SX218 Series Manual) (Version:  - )
EPSON SX218 Series Printer Uninstall (HKLM\...\EPSON SX218 Series) (Version:  - SEIKO EPSON Corporation)
FB Business Finder (HKLM-x32\...\{06175053-0418-472E-8569-3B5308013805}) (Version: 1.0.0 - None provided)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.46.3.WIN.FullTilt.COM - )
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 4.55.4.WIN.FullTilt.EU - )
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
GoToMeeting 6.0.0.1259 (HKCU\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version:  - )
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.0.0.008 - Uw bedrijfsnaam)
HTC Sync Manager (HKLM-x32\...\{7477F26F-CC6A-4F68-8C9D-496DBFF45E05}) (Version: 1.1.48.0 - Uw bedrijfsnaam)
inSSIDer (HKLM-x32\...\{65A5E87D-7A3F-4819-807D-B86990D5F369}) (Version: 2.1.6 - MetaGeek)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel® Turbo Boost Technologie monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 11.1.6 - iolo technologies, LLC)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware versie 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.934 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile NLD Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended NLD Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 nl)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Solodex (HKLM-x32\...\MySolodex) (Version: 1.01 - UNKNOWN)
My Solodex (x32 Version: 1.01 - UNKNOWN) Hidden
NVIDIA 3D Vision controllerstuurprogramma 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision stuurprogramma 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX systeemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049 - NVIDIA Corporation) Hidden
NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden
NVIDIA-configuratiescherm 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{C169BD5F-00C1-437C-8162-88FA6BE495D5}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
PokerStove version 1.24 (HKLM-x32\...\{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1) (Version:  - )
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.15.0 - Synaptics Incorporated)
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (HKLM\...\Microsoft .NET Framework 4 Client Profile NLD Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Taalpakket voor Microsoft .NET Framework 4 Extended - NLD (HKLM\...\Microsoft .NET Framework 4 Extended NLD Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Titan Poker (HKCU\...\Titan Poker) (Version:  - )
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{D5412C67-998B-4246-A668-AB522D9F63FE}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F8580E12-045B-471B-AF74-98C977347F4E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{39E58ED8-B687-49BD-88F9-968563F51F8E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUSR_{00A8F3D3-B596-4E04-A180-C9EB4EC87762}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{A3C746D9-41B4-4C7E-BF60-0F8C50AD5A0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{EADF44E2-DD3F-4FAC-B17F-566956C06503}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{97164652-BF81-41EE-8C0C-C086578E9956}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E8F64CB5-1419-47A8-9FCE-F6E4137F2D25}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{52105DB7-F9D9-482C-8796-1461BBB69123}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6FF949A3-1C3F-41C2-9464-933E885ECB53}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{538E777B-4508-4ABF-97E2-B93C1BF1CD77}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{538E777B-4508-4ABF-97E2-B93C1BF1CD77}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{DA8548B2-D229-4643-B6E2-989B3CFEECFB}) (Version:  - Microsoft)
Win Cake (HKLM-x32\...\Win Cake) (Version: 2.0.1.7205 - Cake Entertainment N.V.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
YTD Video Downloader 4.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.4 - GreenTree Applications SRL)

==================== Restore Points  =========================

16-02-2014 12:42:41 Gepland controlepunt
16-02-2014 20:28:40 Windows Update
21-02-2014 16:46:11 Installed Java 7 Update 51
21-02-2014 16:49:47 Removed Java™ 6 Update 26
21-02-2014 16:50:19 Removed Java™ 6 Update 24 (64-bit)
21-02-2014 16:51:17 Removed Java 7 Update 51
21-02-2014 18:29:13 Removed PCStreams
21-02-2014 22:49:23 Windows Update
22-02-2014 10:53:04 Removed eBay
22-02-2014 11:04:11 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {147E140F-DADD-4F1F-A4A8-3DD8CEAC6F71} - System32\Tasks\ASO-OneClickCare => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [2013-03-05] (Systweak Software, (www.systweak.com))
Task: {18C2BCFA-C092-4E62-AA49-1ED1987192CA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {351719B2-33A0-4FDA-B161-EE1F4FAA3958} - System32\Tasks\{D7ABD804-85E7-4B2A-9629-137363A13153} => Chrome.exe http://ui.skype.com/ui/0/6.7.0.102/nl/abandoninstall?page=tsProgressBar
Task: {39B764F9-84CC-4112-B7F1-36EBB61EA94F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332975666-1747716022-2878370280-1000Core => C:\Users\Wilfred\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-26] (Google Inc.)
Task: {439BA201-8116-4B9E-94BE-B86592D90A15} - System32\Tasks\ASOService => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [2013-03-05] (Systweak Software, (www.systweak.com))
Task: {4A9B5F2D-EE4B-43F6-A2AF-762858C91553} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {5AAE2B86-17D0-494E-9F95-C05F10D19494} - System32\Tasks\ASO-AutoCheckUpdate7Days => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe [2013-03-05] (Systweak Software, (www.systweak.com))
Task: {5E4728C0-8D34-466E-ADD8-01C1880FE8F9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {AE2CF62F-D2D8-4367-B8F5-706AF60E7F18} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332975666-1747716022-2878370280-1000UA => C:\Users\Wilfred\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-26] (Google Inc.)
Task: {B45ABC90-4E3A-4C88-B62D-411FA3559DCB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {B71EDDA6-76D2-49EF-BF94-568E60414755} - System32\Tasks\{E284FCA1-0493-4804-82DB-479D9D70D3CF} => Chrome.exe http://ui.skype.com/ui/0/6.7.0.102/nl/abandoninstall?page=tsProgressBar
Task: {CB0B6E1A-7B68-4668-9D62-1975F99E960F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E7A4D0B0-B5F8-4FCC-9C08-80942157C19E} - System32\Tasks\Advanced System Optimizer => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [2013-03-05] (Systweak Software, (www.systweak.com))
Task: {EE273FFC-70C0-4C29-8805-58DFD913C659} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-05-07] (PC-Doctor, Inc.)
Task: {FB97EA91-CCF4-4444-A345-3073FEE0B791} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {FF4533B7-2A78-4557-92A4-637B61D6E77D} - \DSite No Task File
Task: {FFF4F0EB-E7F0-4334-93E5-E043B7E71CFF} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-05-07] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe
Task: C:\Windows\Tasks\ASO-OneClickCare.job => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe
Task: C:\Windows\Tasks\ASOService.job => C:\Program Files (x86)\Advanced System Optimizer 3\aso3.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1332975666-1747716022-2878370280-1000Core.job => C:\Users\Wilfred\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1332975666-1747716022-2878370280-1000UA.job => C:\Users\Wilfred\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-30 10:59 - 2013-06-21 11:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-12-17 19:53 - 2010-12-17 19:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-10-17 11:25 - 2013-10-17 11:25 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-06-18 14:09 - 2011-08-18 16:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-06-18 14:00 - 2010-12-17 16:25 - 00686704 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2010-12-17 19:53 - 2010-12-17 19:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-02-01 11:50 - 2012-02-01 11:50 - 02195824 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
2010-11-29 21:04 - 2010-11-29 21:04 - 00403968 _____ () C:\Program Files\Intel\TurboBoost\nl\SignalIslandUi.resources.dll
2012-02-01 11:50 - 2012-02-01 11:50 - 01850224 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
2011-12-05 18:32 - 2011-01-28 06:15 - 00172032 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\LIBPQ.dll
2011-12-05 18:32 - 2009-02-12 20:01 - 00976384 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\libxml2.dll
2011-12-05 18:32 - 2005-07-20 11:48 - 00059904 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\zlib1.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
2013-10-17 11:25 - 2013-10-17 11:25 - 08866472 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-02-21 14:22 - 2014-02-21 14:22 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-07-23 21:17 - 2013-07-12 19:48 - 00601552 _____ () C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
2013-07-23 21:17 - 2013-07-12 19:48 - 00123344 _____ () C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\28.0.1500.72\libegl.dll
2013-07-23 21:17 - 2013-07-12 19:49 - 04052944 _____ () C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
2013-07-23 21:17 - 2013-07-12 19:49 - 00396240 _____ () C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
2013-07-23 21:17 - 2013-07-12 19:48 - 01597392 _____ () C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
2013-07-23 21:17 - 2013-07-12 19:49 - 13599184 _____ () C:\Users\Wilfred\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Program Files (x86)\Cake Poker:MID
AlternateDataStreams: C:\Program Files (x86)\Cake Poker 2.0:MID
AlternateDataStreams: C:\Users\Wilfred\Downloads\Michael Jackson feat. Akon - Hold my hand.mp3:Roxio EMC Stream

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: McAfee Inc. mfeapfk
Description: McAfee Inc. mfeapfk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mfeapfk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport-adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/23/2014 10:26:31 PM) (Source: PostgreSQL) (User: )
Description: 2014-02-23 22:26:31 CETFATAL:  the database system is starting up

Error: (02/23/2014 10:26:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/23/2014 10:26:30 PM) (Source: PostgreSQL) (User: )
Description: 2014-02-23 22:26:30 CETFATAL:  the database system is starting up

Error: (02/22/2014 10:35:59 AM) (Source: SideBySide) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/22/2014 10:35:53 AM) (Source: SideBySide) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/22/2014 10:08:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/22/2014 10:08:24 AM) (Source: PostgreSQL) (User: )
Description: 2014-02-22 10:08:24 CETFATAL:  the database system is starting up

Error: (02/22/2014 10:08:23 AM) (Source: PostgreSQL) (User: )
Description: 2014-02-22 10:08:23 CETFATAL:  the database system is starting up

Error: (02/22/2014 10:08:22 AM) (Source: PostgreSQL) (User: )
Description: 2014-02-22 10:08:22 CETFATAL:  the database system is starting up

Error: (02/22/2014 10:08:21 AM) (Source: PostgreSQL) (User: )
Description: 2014-02-22 10:08:21 CETFATAL:  the database system is starting up


System errors:
=============
Error: (02/23/2014 10:28:43 PM) (Source: Service Control Manager) (User: )
Description: De NVIDIA Update Service Daemon-service kan vanwege de volgende fout niet worden gestart:
%%1069

Error: (02/23/2014 10:28:43 PM) (Source: Service Control Manager) (User: )
Description: De nvUpdatusService-service kan niet als .\UpdatusUser met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout:
%%1330

Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd.

Error: (02/23/2014 10:28:06 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: toepassingsspecifiekLokaalStarten{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)

Error: (02/23/2014 10:27:35 PM) (Source: Service Control Manager) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: SftService.

Error: (02/23/2014 10:27:05 PM) (Source: Service Control Manager) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: SftService.

Error: (02/23/2014 10:26:26 PM) (Source: Service Control Manager) (User: )
Description: De McAfee Inc. mfeapfk-service kan vanwege de volgende fout niet worden gestart:
%%1243

Error: (02/23/2014 10:26:21 PM) (Source: BugCheck) (User: )
Description:

Error: (02/22/2014 10:10:35 AM) (Source: Service Control Manager) (User: )
Description: De NVIDIA Update Service Daemon-service kan vanwege de volgende fout niet worden gestart:
%%1069

Error: (02/22/2014 10:10:35 AM) (Source: Service Control Manager) (User: )
Description: De nvUpdatusService-service kan niet als .\UpdatusUser met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout:
%%1330

Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd.

Error: (02/22/2014 10:10:05 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: toepassingsspecifiekLokaalStarten{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)


Microsoft Office Sessions:
=========================
Error: (02/23/2014 10:26:31 PM) (Source: PostgreSQL)(User: )
Description: 2014-02-23 22:26:31 CETFATAL:  the database system is starting up

Error: (02/23/2014 10:26:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/23/2014 10:26:30 PM) (Source: PostgreSQL)(User: )
Description: 2014-02-23 22:26:30 CETFATAL:  the database system is starting up

Error: (02/22/2014 10:35:59 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wilfred\Downloads\esetsmartinstaller_enu.exe

Error: (02/22/2014 10:35:53 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Wilfred\Downloads\esetsmartinstaller_enu.exe

Error: (02/22/2014 10:08:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/22/2014 10:08:24 AM) (Source: PostgreSQL)(User: )
Description: 2014-02-22 10:08:24 CETFATAL:  the database system is starting up

Error: (02/22/2014 10:08:23 AM) (Source: PostgreSQL)(User: )
Description: 2014-02-22 10:08:23 CETFATAL:  the database system is starting up

Error: (02/22/2014 10:08:22 AM) (Source: PostgreSQL)(User: )
Description: 2014-02-22 10:08:22 CETFATAL:  the database system is starting up

Error: (02/22/2014 10:08:21 AM) (Source: PostgreSQL)(User: )
Description: 2014-02-22 10:08:21 CETFATAL:  the database system is starting up


==================== Memory info ===========================

Percentage of memory in use: 59%
Total physical RAM: 4076.17 MB
Available physical RAM: 1657.14 MB
Total Pagefile: 8150.52 MB
Available Pagefile: 4628.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:358.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#5 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 25 February 2014 - 05:07 AM

Hello,
 
I don't see any indication in the logs that there is still active malware around. Do you experience any strange symptoms right now or is everything running smoothly?
I see that you've downloaded ESET Online Scanner (esetsmartinstaller_enu.exe). Have you already run a scan with it? If yes please post the log file. If no then do it now:


Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
  • Note: Do not forget to re-enable your antivirus application after running the above scan!


#6 wilfredzla

wilfredzla
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 25 February 2014 - 07:04 AM

Hello aharonov,

 

Thanks for your help again. I have ran the scan before, but just did it again.

The only thing it found is this: (i cant seem to remove it, same as all the Systweak files )

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\jZip\Uninstall.exe.vir    probably a variant of Win32/Toolbar.SearchSuite.J potentially unwanted application.

 

I dont experience any strange symptoms after all the scans. Its running pretty smooth actually, but i was very worried.

 

You think my computer is safe ?

 

 



#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 25 February 2014 - 07:37 AM

Great. This found threat is just something that AdwCleaner has already quarantined.
I cannot guarantee that your computer is safe for sure, but neither I nor the scanners find any indication for malware so it's looking good.
Let's remove some of these stubborn Systweak entries and then we're done.


Step 1

Please download this attached Attached File  fixlist.txt   1.47KB   12 downloads and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • I don't need to see the log file.

 

 

 

 

That's it! Your logs look clean to me at the moment.
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.

My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!



Clean Up

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download DelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

 

 

 

Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefor it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:


Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1) MUI




Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.



#8 wilfredzla

wilfredzla
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 26 February 2014 - 04:03 AM

Thanks a lot aharonov.

 

I have completed all steps and i hope i will be good now.

 

I will keep doing scans for now :)



#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 26 February 2014 - 04:08 AM

Thanks for letting me know. :)



#10 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 AM

Posted 26 February 2014 - 04:08 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users