Zoek.exe v5.0.0.0 Updated 19-10-2014 Tool run by eigenaar on wo 22-10-2014 at 17:40:16,54. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\eigenaar\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 22-10-2014 17:42:03 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Google deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\EA Logs deleted successfully C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully C:\Users\eigenaar\AppData\Roaming\.StarMade deleted successfully C:\Users\eigenaar\AppData\Local\Bundled software uninstaller deleted successfully C:\Users\eigenaar\AppData\Local\CrashDumps deleted successfully C:\Users\eigenaar\AppData\Local\FalloutNV deleted successfully C:\Users\eigenaar\AppData\Local\ms-drivers deleted successfully C:\Users\eigenaar\AppData\Local\Unity deleted successfully C:\Users\eigenaar\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-975684090-3086628896-4001614900-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_USERS\S-1-5-21-975684090-3086628896-4001614900-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\SysWOW64\ASGT.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Steam\Steam.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe C:\Steam\bin\steamwebhelper.exe C:\Users\eigenaar\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Users\eigenaar\AppData\Local\Mojang\Scrolls\game\Scrolls.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ib updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ib updater deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found C:\Program Files (x86)\Perfect World Entertainment deleted C:\PROGRA~2\Delta deleted C:\PROGRA~2\ParetoLogic deleted C:\PROGRA~2\COMMON~1\ParetoLogic deleted C:\install.exe deleted C:\found.000 deleted C:\found.001 deleted C:\Users\eigenaar\AppData\Roaming\ParetoLogic deleted C:\Users\eigenaar\AppData\Roaming\DriverCure deleted C:\Users\eigenaar\AppData\Roaming\Babylon deleted C:\PROGRA~3\BrowserProtect deleted C:\PROGRA~3\ParetoLogic deleted C:\PROGRA~3\Tarma Installer deleted C:\PROGRA~3\Package Cache deleted C:\Users\eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic deleted C:\Users\eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect deleted C:\Windows\tasks\ParetoLogic Registration3.job deleted C:\windows\SysNative\Tasks\BrowserProtect deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 16330 MB CPU Info: AMD FX(tm)-4170 Quad-Core Processor CPU Speed: 4213,0 MHz Sound Card: Luidsprekers (Logitech G430 Gam | Realtek Digital Output(Optical) | SPDIF-interface (4- USB Audio D | Luidsprekers (4- USB Audio Devi | Realtek Digital Output (Realtek | Luidsprekers (Realtek High Defi | Display Adapters: NVIDIA GeForce GTX 680 | NVIDIA GeForce GTX 680 | NVIDIA GeForce GTX 680 | NVIDIA GeForce GTX 680 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 5x (D: | F: | G: | H: | J: | ) D: HL-DT-STDVDRAM GH24NS90 | F: DTSOFT BDROM | G: DTSOFT BDROM | H: DTSOFT BDROM | J: MagicISOVirtual DVD-ROM Ports: COM1 LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 931,5GB | E: 55,9GB | I: 931,5GB Hard Disks - Free: C: 150,4GB | E: 55,8GB | I: 196,5GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 10/20/10 | ALASKA - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. SABERTOOTH 990FX Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Kaspersky Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Kaspersky Internet Security disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Kaspersky Internet Security disabled Default Browser: Google Chrome 38.0.2125.104 Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 22.0 (x86 nl) Google Chrome version: 38.0.2125.104 Adobe Reader version: 10.1.1.33 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) Flash Player version: 15.0.0.152 Shockwave Player version: 12.1r150 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-10-14 17:56:29 812435A6B56A694377DDAEB64FC0356B 292 ----a-w- C:\Windows\EReg072.dat 2014-10-14 17:53:32 BF5464B78EFA008040A9B14A019C42EB 304128 ----a-w- C:\Windows\IsUninst.exe ====== C:\Users\eigenaar\AppData\Local\Temp ==== 2014-10-14 17:53:31 808D6587D9BB857D047C551E86F383C7 51712 ----a-r- C:\Users\eigenaar\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\dsetup32.dll 2014-10-14 17:53:31 7572CEFB2E2494F0ADB47CCAC8921C14 63248 ----a-r- C:\Users\eigenaar\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\DSETUP16.DLL 2014-10-14 17:53:31 145933961DF27A5C33B1C1170DDE03A4 127488 ----a-r- C:\Users\eigenaar\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\dsetup.dll ====== Java Cache ===== 2014-10-05 14:45:56 64D6C4D675F7484D119B25E0AA433484 1473354 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\1155f68d-4df77d9f 2014-10-05 14:45:55 32B08D161D4BB014C3629BA6A072AE60 443 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\2aedd98f-f70d3fa5685db6c8f4a536bab8b6e26f60821fb64e5b672d27b888a0b206bdb3-6.0.lap 2014-10-13 19:43:23 608E304DB5F990744FBB469D1B74EBD0 1475031 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\6c5bdf53-6b3310e4 2014-09-26 22:38:27 A38B233C58B8AE72284A7DD2CFDE7532 3798 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\13d9cc42-17573cb1 2014-10-05 14:46:03 F87605B656D5750A102F8F6A8BF7F5F6 3798 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\2f7ffe1c-2ce78697 2014-09-26 22:38:21 188B17B1B7DA31884DB1A681432B6A57 1449073 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\873a526-5fad886e 2014-10-22 15:39:04 30810F09A3FCC03EC583120B033700BC 282329 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-4f582579 2014-10-22 15:39:03 67911F367EC150BDC8F2CB46397F0925 845 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\15572e2f-1987df14 2014-10-13 19:45:49 FE33962F472CD2E642CAA567D788B5B8 72462 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\19325ab5-6b036599 2014-10-21 18:54:55 07527836C212AC928CCB6F92CE86A50B 456 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\35cd4f3f-ec75a99c7a9ae11ee5d9ed9f0dad9d8b3d5e9f33d88e9523fb409ffe448666a3-6.0.lap 2014-10-21 18:55:09 328FAFC4B724F4EBE73D504F17B66C77 101 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\1d58b207-abaf3bb26e68df8455dc95d86945157e665c9d93d39f00e380abb6350d2941de-6.0.lap 2014-10-22 15:39:04 67911F367EC150BDC8F2CB46397F0925 845 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-74f60107 2014-10-22 15:39:04 514E672CDB0E13EE9C3ED59EB7E2B86A 100 ----a-w- C:\Users\eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-e2e4c8970372d2fb4193a7ef29d16f6c3f08527947fcb9208b3a0e48820369fd-6.0.lap ====== C:\Windows\SysWOW64 ===== 2014-10-22 15:37:23 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-10-21 19:00:02 2A09B2528F02405BEB8E60161BBFA896 613696 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2014-10-21 18:58:27 27FA223B60B36476581ECB10EEF7E50D 32416 ----a-w- C:\Windows\SysWOW64\nvaudcap32v.dll 2014-10-21 18:58:26 CCF416A1D6DF293E76F98B570CFA1214 919240 ----a-w- C:\Windows\SysWOW64\NvIFR.dll 2014-10-21 18:58:26 C9FD79E0EBEDD9FC5C159EB43E352ABF 24552592 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll 2014-10-21 18:58:26 C2BAABA4E78846DB45688654AD8B7851 867528 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll 2014-10-21 18:58:26 A22CBC1CD46D7E4C709330E03F1EC392 348304 ----a-w- C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-10-21 18:58:26 8F365AD0A016905A0AEB69987AF08392 11330776 ----a-w- C:\Windows\SysWOW64\nvcuda.dll 2014-10-21 18:58:26 6F6071456E03859FF6099A2673C9F6C8 303600 ----a-w- C:\Windows\SysWOW64\nvoglshim32.dll 2014-10-21 18:58:26 4D520E0318FE67486C35E2E71DCE71A4 17259664 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll 2014-10-21 18:58:26 45EE714D769228110441F9D9A6819CD8 11392576 ----a-w- C:\Windows\SysWOW64\nvopencl.dll 2014-10-21 18:58:26 42EF9A92B07CD05BE387EAFFB3211D9D 894096 ----a-w- C:\Windows\SysWOW64\NvFBC.dll 2014-10-21 18:58:26 42EE8D8B24B1DFDBB71BA88E87857E15 417096 ----a-w- C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-10-21 18:58:26 272547EEE80A12EEFF38AB9A9CB45923 156840 ----a-w- C:\Windows\SysWOW64\nvinit.dll 2014-10-21 18:58:26 05D10DF838D54F4F479975FABC5B3F55 4008592 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll 2014-10-17 15:31:44 E525D9483FF1CAED80BCE596290123F9 1291280 ----a-w- C:\Windows\SysWOW64\nvspbridge.dll 2014-10-14 17:53:42 4E1BBF34C6637EDFA914AF5276E80A6F 132096 ----a-w- C:\Windows\SysWOW64\eaexec.exe 2014-10-14 17:53:42 07E48316342828607F3C41E0CD43FD39 24576 ----a-w- C:\Windows\SysWOW64\ealtest.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-10-21 18:58:27 14D26D0296CF1F2A4BF9C633401A701A 31520 ----a-w- C:\Windows\Sysnative\nvhdap64.dll 2014-10-21 18:58:26 F539919CD3837AB41E70651A87602438 13939272 ----a-w- C:\Windows\Sysnative\nvcuda.dll 2014-10-21 18:58:26 E66F3E7611AA899594897240DA71D21D 31887680 ----a-w- C:\Windows\Sysnative\nvoglv64.dll 2014-10-21 18:58:26 DBCCA25E8C7F1E9A3FB88DB6A99FA002 14026304 ----a-w- C:\Windows\Sysnative\nvopencl.dll 2014-10-21 18:58:26 CC73BCE2C83601D212A035CD56DF3BC6 393024 ----a-w- C:\Windows\Sysnative\NvIFROpenGL.dll 2014-10-21 18:58:26 C9DBEDB6431346CCC37C53A80F54F6F2 4287296 ----a-w- C:\Windows\Sysnative\nvcuvid.dll 2014-10-21 18:58:26 B61D05B9C46E7B6D43D91C9C2D2A0CF1 1876296 ----a-w- C:\Windows\Sysnative\nvdispco6434411.dll 2014-10-21 18:58:26 B2ECB09238D7B4F1EA5BFD057D7CADE5 957584 ----a-w- C:\Windows\Sysnative\NvIFR64.dll 2014-10-21 18:58:26 7AA0678C0FC7C29B2AD6AFA8647D1651 1539272 ----a-w- C:\Windows\Sysnative\nvdispgenco6434411.dll 2014-10-21 18:58:26 3F496A83C68F0E227D177A1A48882205 19954520 ----a-w- C:\Windows\Sysnative\nvd3dumx.dll 2014-10-21 18:58:26 37C7EB48BF1BC22B5A3815BD623C5B92 352016 ----a-w- C:\Windows\Sysnative\nvoglshim64.dll 2014-10-21 18:58:26 30D116E134CE4670B50B86D12B2CC2E3 925896 ----a-w- C:\Windows\Sysnative\NvFBC64.dll 2014-10-21 18:58:26 28ECED17BB8D61414AE0960F27005F74 174856 ----a-w- C:\Windows\Sysnative\nvinitx.dll 2014-10-21 18:58:26 128AD62DE1E8C07AEC1098B20481C9DE 501064 ----a-w- C:\Windows\Sysnative\nvEncodeAPI64.dll 2014-10-21 18:58:26 0E2A2FBD4C43EDDD0CEFC39924FE51C1 20922512 ----a-w- C:\Windows\Sysnative\nvcompiler.dll 2014-10-17 15:31:44 FA26E886329F8283609436C094DC577F 1715224 ----a-w- C:\Windows\Sysnative\nvspbridge64.dll ====== C:\Windows\Sysnative\drivers ===== 2014-10-21 18:58:27 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys 2014-10-21 18:58:27 1AF619620613869C07F9C147BC37520F 38048 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys 2014-10-21 18:58:26 A6975E0E4BE34667933846DE2F28AEFC 13157696 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2014-10-21 12:53:35 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\57CD0B5E.sys 2014-10-17 10:45:06 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\321E597D.sys 2014-10-16 15:44:35 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\119278A0.sys 2014-10-15 18:58:20 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\6BB35700.sys 2014-10-15 11:59:32 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\48F80F26.sys 2014-10-13 11:26:22 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\513F1897.sys 2014-10-12 11:59:32 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\0D9A47C9.sys 2014-10-11 09:36:00 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\496F41F6.sys 2014-10-09 11:38:11 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\70FF63DC.sys 2014-10-07 12:27:27 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\16B54BB5.sys 2014-10-02 14:02:11 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\41683013.sys 2014-09-29 14:01:10 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\164743CA.sys 2014-09-28 12:03:04 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\32BB67BB.sys 2014-09-23 20:47:01 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\5CD80644.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-28 19:09:00 -------- d-----w- C:\Program Files\OpenTTD ======= C:\PROGRA~2 ===== 2014-10-22 15:37:37 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-10-22 15:37:03 -------- d-----w- C:\PROGRA~2\Java 2014-10-21 19:16:34 -------- d-----w- C:\PROGRA~2\trend micro 2014-10-14 17:53:37 -------- d-----w- C:\PROGRA~2\Bullfrog 2014-10-09 14:00:49 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype ======= C: ===== ====== C:\Users\eigenaar\AppData\Roaming ====== 2014-10-22 15:39:08 -------- d-----w- C:\Users\eigenaar\AppData\Roaming\Oracle 2014-10-17 15:31:44 -------- d-----w- C:\Users\eigenaar\AppData\Local\NVIDIA Corporation 2014-10-10 17:12:47 -------- d-----w- C:\Users\eigenaar\AppData\Roaming\SpaceEngineers 2014-10-08 18:49:39 -------- d-----w- C:\Users\eigenaar\AppData\Local\GameMaker8.1 2014-10-08 18:49:28 -------- d-----w- C:\Users\eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker 8.1 2014-10-08 18:49:28 -------- d-----w- C:\Users\eigenaar\AppData\Roaming\GameMaker 2014-10-08 18:46:34 -------- d-----w- C:\Users\eigenaar\AppData\Local\YoYo_Games_Ltd 2014-10-08 18:45:37 -------- d-----w- C:\Users\eigenaar\AppData\Roaming\GameMaker-Studio 2014-10-08 18:45:05 -------- d-----w- C:\Users\eigenaar\AppData\Local\GameMaker-Studio ====== C:\Users\eigenaar ====== 2014-10-22 15:36:13 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\eigenaar\Downloads\chromeinstall-8u25 (1).exe 2014-10-22 14:06:39 9DFB22712C5F731FE53EC473C03380F4 6808688 ----a-w- C:\Users\eigenaar\Downloads\RegCureProSetup.exe 2014-10-22 13:49:27 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\eigenaar\Downloads\chromeinstall-8u25.exe 2014-10-21 19:14:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\eigenaar\Downloads\RSITx64.exe 2014-10-21 19:14:51 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\eigenaar\Downloads\RSIT.exe 2014-10-21 18:55:44 798B4D72B44891317288AE3A1281BBA9 319671744 ----a-w- C:\Users\eigenaar\Downloads\344.11-desktop-win8-win7-winvista-64bit-international-whql.exe 2014-10-21 12:44:39 9AE4C48DB6D9EB7D060C71AB1AABF5F0 4965896 ----a-w- C:\Users\eigenaar\Downloads\ccsetup418 (3).exe 2014-10-21 12:44:39 9AE4C48DB6D9EB7D060C71AB1AABF5F0 4965896 ----a-w- C:\Users\eigenaar\Downloads\ccsetup418 (2).exe 2014-10-19 13:30:25 9AE4C48DB6D9EB7D060C71AB1AABF5F0 4965896 ----a-w- C:\Users\eigenaar\Downloads\ccsetup418 (1).exe 2014-10-18 13:34:45 9AE4C48DB6D9EB7D060C71AB1AABF5F0 4965896 ----a-w- C:\Users\eigenaar\Downloads\ccsetup418.exe 2014-10-14 17:55:45 1BD9B5C8B1288528665321EFB65FC2E7 111 ----a-w- C:\Users\eigenaar\Desktop\startgame.bat 2014-10-14 17:53:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullfrog 2014-10-09 14:00:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-10-08 18:49:28 E3F0FC4BCB45BA9C4E40C606F4FFFE10 60374 ----a-w- C:\Users\eigenaar\GameMaker 8.1\uninstall.exe 2014-10-08 18:49:28 -------- d-----w- C:\Users\eigenaar\GameMaker 8.1 2014-10-08 18:48:53 380D42013B71EF68011D6DA3CAC8F60F 12725464 ----a-w- C:\Users\eigenaar\Downloads\GameMaker-Installer-8.1.exe 2014-09-28 19:09:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD ====== C: exe-files == 2014-10-22 15:37:14 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-10-22 15:37:14 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-10-22 15:37:14 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-10-22 15:37:07 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2014-10-22 15:37:07 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2014-10-22 15:37:07 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2014-10-22 15:37:07 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2014-10-22 15:37:07 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2014-10-22 15:37:07 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2014-10-22 15:37:07 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2014-10-22 15:37:07 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2014-10-22 15:37:07 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2014-10-22 15:37:07 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2014-10-22 15:37:07 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2014-10-22 15:37:07 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2014-10-22 15:37:07 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2014-10-22 15:37:07 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2014-10-22 15:37:07 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2014-10-22 15:37:07 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-10-22 15:37:07 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2014-10-22 15:37:07 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-10-22 15:37:07 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2014-10-22 15:37:07 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2014-10-22 15:37:07 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2014-10-21 19:16:35 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\eigenaar.exe 2014-10-21 19:12:49 C9D9EEBCCEF20D637F193490CEC05E79 10274136 ----a-w- C:\Steam\steamapps\common\dota 2 beta\_CommonRedist\vcredist\2010\vcredist_x64.exe 2014-10-21 19:12:49 BF3F290275C21BDD3951955C9C3CF32C 517976 ----a-w- C:\Steam\steamapps\common\dota 2 beta\_CommonRedist\DirectX\Jun2010\DXSETUP.exe 2014-10-21 19:12:49 1801436936E64598BAB5B87B37DC7F87 8990552 ----a-w- C:\Steam\steamapps\common\dota 2 beta\_CommonRedist\vcredist\2010\vcredist_x86.exe 2014-10-21 19:00:03 177C418C4DFD5F644B51E4FF9E8BE6FC 8354120 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe 2014-10-21 19:00:02 F6FB711AA0BBAF73C2CDB26BB0D221BB 830792 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe 2014-10-21 19:00:02 E4838C1C4C5CF90FDB83EA1B732E8601 1105224 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe 2014-10-21 19:00:02 BB6AE27095921B5861BF381AA90ADA64 436424 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe 2014-10-21 19:00:02 B15FE74BE649703D6504A960E9C32241 896144 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe 2014-10-21 19:00:02 AD5CE4DBBBAFB82B728BA0548876C5B6 411968 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 2014-10-21 19:00:02 5D91C43120ACCC1C90986BE53D237395 1904968 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 2014-10-21 19:00:02 59CF3B05538D83982B968AEF796E32C3 2608128 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe 2014-10-21 18:59:50 9DA4B86A4E6AD07CE5346B75D996B1D3 411792 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\SETUP.EXE 2014-10-21 18:59:37 C22AD682A219699DD4924E7BE56AD942 3429520 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\NvGpuUtilization.exe 2014-10-21 18:58:27 CA506B28F36A5BC7257319016F93E9A6 18749880 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{86B1A083-20D2-45DC-89CC-2FBFABF445E1}\3DVision.exe 2014-10-21 18:58:27 C9FF0D30FCAD7E9DACAD148B94767868 197440 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Update.Core.{E8866FC1-6DF4-4C13-9ECA-B5C3FABBDDC6}\WLMerger.exe 2014-10-21 18:58:27 C4EFFA3554FA1B6E924209721A5ECD4E 1796928 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Network.Service.{3A41DF4F-F765-4449-BF53-8A0654AF9029}\NVNetworkService.exe 2014-10-21 18:58:27 046CA262E8D521A1B050566E330B7178 2461504 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Update.Core.{E8866FC1-6DF4-4C13-9ECA-B5C3FABBDDC6}\NvBackend.exe 2014-10-21 18:58:26 A34D0730CCBA7ED873DD12672870AF18 85089272 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{68E0A6C7-BF8C-4BA6-A407-0403348D3E3F}\NvCplSetupInt.exe 2014-10-21 18:58:26 333EEAB7137890C23EBBF8AFA549087F 438984 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{68E0A6C7-BF8C-4BA6-A407-0403348D3E3F}\dbInstaller.exe 2014-10-21 18:58:26 333EEAB7137890C23EBBF8AFA549087F 438984 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2014-10-21 18:57:36 F4B7FA4858FC2DA365B6F119E03DD7F0 2728736 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\Display.NView\nwiz.exe 2014-10-21 18:57:36 C9FF0D30FCAD7E9DACAD148B94767868 197440 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\Update.Core\WLMerger.exe 2014-10-21 18:57:36 A35F9D3872B1740148A3EAB9E6B95741 479520 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\Display.NView\nvTaskBar.exe 2014-10-21 18:57:36 9DA4B86A4E6AD07CE5346B75D996B1D3 411792 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\setup.exe 2014-10-21 18:57:36 80A9B7771F435CAF872CC7A87EA2D14F 18045760 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe 2014-10-21 18:57:35 F70ECE5969C38D0E749F18D7F19C13B4 86344 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedServiceHost.exe 2014-10-21 18:57:35 C4EFFA3554FA1B6E924209721A5ECD4E 1796928 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\Network.Service\NVNetworkService.exe 2014-10-21 18:57:35 AFE0CD228CF4B2F42F707EAFC5BD1EFC 3678016 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps64.exe 2014-10-21 18:57:35 92E315C80C2FD2BAA8D6563DF15EB201 126096 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedVisualizer.exe 2014-10-21 18:57:35 79DA5A5B1BBD498CFACB5D522A7C34D6 3885376 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe 2014-10-21 18:57:35 6DE4A11F862CCC113A9D5ACD3C80A5EE 637584 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2014-10-21 18:57:35 4AB4C7D4C37E5A478F54D532948AAF82 4767552 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe 2014-10-21 18:57:35 3DA5F388ACF78522384054AC49BE09B0 2831168 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps.exe 2014-10-21 18:57:35 3663D058753E5004159BFFBB43C80AE9 1796928 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\NVI2\NVNetworkService.exe 2014-10-21 18:57:35 34878C9CFF0F0B95082A92F3A03A3F7B 19440960 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe 2014-10-21 18:57:28 D94812045785B0B84E304623678A11E5 916800 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\GfExperienceService\GfExperienceService32.exe 2014-10-21 18:57:28 A34D0730CCBA7ED873DD12672870AF18 85089272 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\Display.Driver\NvCplSetupInt.exe 2014-10-21 18:57:28 478D7132376A9B209C06CB5136F5436A 744736 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\Display.NView\nvAppBar.exe 2014-10-21 18:57:28 1ECC630EBA38F953F33814496A1FC331 4811584 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\GFExperience\GFExperience.exe 2014-10-21 18:57:28 11CE87BFED28457EC4A2FA264C83312E 1149760 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\GfExperienceService\GfExperienceService64.exe 2014-10-21 18:57:28 046CA262E8D521A1B050566E330B7178 2461504 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\Update.Core\NvBackend.exe 2014-10-21 18:57:27 63E1A9C32CCA4B40F40E044CAFAA62D9 596800 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\GFExperience\7z.exe 2014-10-21 18:57:27 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\MS.NET\dotNetFx40_Full_setup.exe 2014-10-21 18:57:27 3D53A06950CD92869A11EEBBA4554DDF 521024 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\ShadowPlay\DXSETUP.exe 2014-10-21 18:57:27 333EEAB7137890C23EBBF8AFA549087F 438984 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\Display.Driver\dbInstaller.exe 2014-10-21 18:57:26 CA506B28F36A5BC7257319016F93E9A6 18749880 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\NV3DVision\3DVision.exe 2014-10-21 17:56:14 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateBroker.exe 2014-10-21 17:56:14 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe 2014-10-21 17:56:13 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateSetup.exe 2014-10-21 17:56:08 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe 2014-10-21 17:56:08 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe 2014-10-21 17:56:07 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe 2014-10-21 17:56:07 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdate.exe 2014-10-21 17:55:50 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.5\GoogleUpdateSetup.exe 2014-10-17 20:55:26 68270679465EC5A66B65489C6E44AD64 11100752 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.104\38.0.2125.104_37.0.2062.124_chrome_updater.exe 2014-10-17 15:31:36 C9FF0D30FCAD7E9DACAD148B94767868 197440 ----a-w- C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe 2014-10-17 15:31:36 046CA262E8D521A1B050566E330B7178 2461504 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 2014-10-17 15:31:32 C4EFFA3554FA1B6E924209721A5ECD4E 1796928 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 2014-10-16 15:14:55 14FC93920CB41A4C991A637EAB54A321 163328 ----a-w- C:\Program Files (x86)\Dota 2 Translator\Updater.exe === C: other files == 2014-10-22 15:37:07 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2014-10-21 18:59:50 F3370013563FA428D0FAD3D1BA506E55 15680 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService32.sys 2014-10-21 18:59:50 112F21755F58ADFE08284FCB8FBB168A 16704 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService64.sys 2014-10-21 18:58:27 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{DD096402-B767-4040-B032-B883D21EE0F0}\NVSWCFilter32.sys 2014-10-21 18:58:27 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{094A421D-1547-45D9-9421-F78AEA2EF6E6}\nvhda64v.sys 2014-10-21 18:58:27 B612810DD740F53244C9E53362D7D9A0 129184 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{094A421D-1547-45D9-9421-F78AEA2EF6E6}\nvhda32.sys 2014-10-21 18:58:27 91724DB3DDD59F27000D1C159A5F67FB 162592 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{094A421D-1547-45D9-9421-F78AEA2EF6E6}\nvhda32v.sys 2014-10-21 18:58:27 86E5948C370B1DB07A8E66C9598131D1 451400 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{672E460D-0CD8-4AAE-8244-4AC87D02CD84}\nvstusb64.sys 2014-10-21 18:58:27 81060E9F913E96F59CF1AEBC4F0618FF 163104 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{094A421D-1547-45D9-9421-F78AEA2EF6E6}\nvhda64.sys 2014-10-21 18:58:27 788CF35DA7A8EDA0EC7E61DCAB5D91C2 32928 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{310E0759-2321-4227-9364-369AED7A4FB7}\nvvad32v.sys 2014-10-21 18:58:27 5A5A3643CDF92E423BAD0F35156DD908 434832 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{672E460D-0CD8-4AAE-8244-4AC87D02CD84}\nvstusb32.sys 2014-10-21 18:58:27 1AF619620613869C07F9C147BC37520F 38048 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{310E0759-2321-4227-9364-369AED7A4FB7}\nvvad64v.sys 2014-10-21 18:58:27 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{DD096402-B767-4040-B032-B883D21EE0F0}\NVSWCFilter64.sys 2014-10-21 18:57:40 F3370013563FA428D0FAD3D1BA506E55 15680 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService32.sys 2014-10-21 18:57:40 E348BC1AB11D4C786BF00E8A9615464D 40256 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\Miracast.VirtualAudio\nvvadarm.sys 2014-10-21 18:57:40 D078EB53721E2866E5DCFC5105512BB7 20288 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys 2014-10-21 18:57:40 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\ShieldWirelessController\NVSWCFilter32.sys 2014-10-21 18:57:40 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\HDAudio\nvhda64v.sys 2014-10-21 18:57:40 B612810DD740F53244C9E53362D7D9A0 129184 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\HDAudio\nvhda32.sys 2014-10-21 18:57:40 91724DB3DDD59F27000D1C159A5F67FB 162592 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\HDAudio\nvhda32v.sys 2014-10-21 18:57:40 86E5948C370B1DB07A8E66C9598131D1 451400 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb64.sys 2014-10-21 18:57:40 81060E9F913E96F59CF1AEBC4F0618FF 163104 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\HDAudio\nvhda64.sys 2014-10-21 18:57:40 788CF35DA7A8EDA0EC7E61DCAB5D91C2 32928 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\NvVAD\nvvad32v.sys 2014-10-21 18:57:40 5A5A3643CDF92E423BAD0F35156DD908 434832 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb32.sys 2014-10-21 18:57:40 47EB46B8E8CE8DA4560F67B6F38F3763 20288 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys 2014-10-21 18:57:40 1AF619620613869C07F9C147BC37520F 38048 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\NvVAD\nvvad64v.sys 2014-10-21 18:57:40 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\ShieldWirelessController\NVSWCFilter64.sys 2014-10-21 18:57:40 112F21755F58ADFE08284FCB8FBB168A 16704 ----a-w- C:\NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService64.sys 2014-10-17 15:31:41 47EB46B8E8CE8DA4560F67B6F38F3763 20288 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-975684090-3086628896-4001614900-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="C:\Steam\steam.exe -silent" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #3"="C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe /RestartByRestartManager:1BECCCEA-0362-431e-8BEB-719DE9CDC3FC" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #3"="C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe /RestartByRestartManager:1BECCCEA-0362-431e-8BEB-719DE9CDC3FC" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" "Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="C:\Steam\steam.exe -silent" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent] "command"="\"C:\\Users\\eigenaar\\AppData\\Roaming\\BitTorrent\\BitTorrent.exe\" /MINIMIZED" "hkey"="HKCU" "item"="BitTorrent" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Connectivity Fixer] "command"="\"f:\\program files (x86)\\badosoft\\connectivity fixer\\connectivity fixer.exe\" -m" "hkey"="HKCU" "item"="Connectivity Fixer" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "command"="\"c:\\program files (x86)\\daemon tools lite\\dtlite.exe\" -autorun" "hkey"="HKCU" "item"="DAEMON Tools Lite" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Desura] "command"="c:\\program files (x86)\\desura\\desura.exe -autostart" "hkey"="HKCU" "item"="Desura" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IncrediMail] "command"="c:\\program files (x86)\\incredimail\\bin\\incmail.exe /c" "hkey"="HKCU" "item"="IncrediMail" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\JMB36X IDE Setup] "command"="c:\\windows\\raidtool\\xinside.exe" "hkey"="HKLM" "item"="JMB36X IDE Setup" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui] "command"="\"c:\\program files (x86)\\logmein hamachi\\hamachi-2-ui.exe\" --auto-start" "hkey"="HKLM" "item"="LogMeIn Hamachi Ui" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MurGee.com Auto Keyboard] "command"="c:\\program files (x86)\\auto keyboard\\autokeyboard.exe :silent" "hkey"="HKCU" "item"="MurGee.com Auto Keyboard" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Razer Comms] "command"="c:\\program files (x86)\\razer\\core\\razercore.exe /chatapplet" "hkey"="HKCU" "item"="Razer Comms" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Razer Synapse] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "command"="c:\\program files\\realtek\\audio\\hda\\ravcpl64.exe -s" "hkey"="HKLM" "item"="RtHDVCpl" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "command"="\"c:\\program files (x86)\\skype\\phone\\skype.exe\" /minimized /regrun" "hkey"="HKCU" "item"="Skype" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="StartCCC" "hkey"="HKLM" "command"="\"c:\\program files (x86)\\ati technologies\\ati.ace\\core-static\\clistart.exe\" msrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" "hkey"="HKLM" "item"="SunJavaUpdateSched" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24-09-2014 17:33] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-10-2014 19:55] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-10-2014 19:55] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASC6_PerformanceMonitor" [F:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Badosoft\Connectivity Fixer" ["F:\Program Files (x86)\Badosoft\Connectivity Fixer\Connectivity Fixer.exe"] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com" [20-05-2014 09:05] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{58bd07eb-0ee0-4df0-8121-dc9b693373df}"="C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\0 - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com ProfilePath: C:\Users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\fgwocczh.default - SQLite Manager - %ProfilePath%\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi ProfilePath: C:\Users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com ExtDir: C:\Users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi - HDvid Codec - %ExtDir%\hdvc@hdvc.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\fgwocczh.default F6D12679B9112358AC705A1308156F59 - C:\Users\eigenaar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 0E8B2D0D9E3415A91EF259CE1112C579 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll - Shockwave for Director / Shockwave for Director ==== Deleted Firefox Extensions ====================== C:\Users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\hdvc@hdvc.com.xpi deleted C:\Users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx[29-11-2012 13:26] kpkbnefaikfaeadgidhpoanckoiaheli - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx[] lpoimibckejjdjcfbdnajaicnklhfplh - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh[] nfengeggddojhakldhlpjdlddgkkjkdd - F:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx[] pgafcinpmmpklohkojmllohdhomoefph - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx[] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx[29-11-2012 13:26] Last updated at time on date - eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Kaspersky URL Advisor - eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj Kaspersky Protection - eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh Google Wallet - eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda BrowserProtect - eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph Anti-Banner - eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman ==== Chromium Fix ====================== C:\Users\eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage deleted successfully C:\Users\eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage-journal deleted successfully C:\Users\eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage deleted successfully C:\Users\eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage-journal deleted successfully C:\Users\eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh deleted successfully C:\Users\eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4DB74D06-491C-440D-305E-012400990F3E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DB74D06-491C-440D-305E-012400990F3E} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-975684090-3086628896-4001614900-1000\Software\mozilla\Firefox\Extensions\{58bd07eb-0ee0-4df0-8121-dc9b693373df} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectivity Fixer deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Synapse deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Steam] "C:\Steam\steam.exe" -silent O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #3] C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe /RestartByRestartManager:1BECCCEA-0362-431e-8BEB-719DE9CDC3FC (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #3] C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe /RestartByRestartManager:1BECCCEA-0362-431e-8BEB-719DE9CDC3FC (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - Unknown owner - F:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Arc Service (ArcService) - Unknown owner - C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe (file missing) O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache64 - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe O23 - Service: wampmysqld64 - Unknown owner - c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ8N89NW will be deleted at reboot C:\Users\eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\eigenaar\AppData\Local\Mozilla\Firefox\Profiles\fgwocczh.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1488 folders=217 6262006416 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\eigenaar\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot