Zoek.exe v5.0.0.0 Updated 22-February-2015 Tool run by robin on zo 22/02/2015 at 12:02:15,03. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: F:\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 22/02/2015 12:03:14 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\Ableton deleted successfully C:\PROGRA~3\ALM deleted successfully C:\Users\robin\AppData\Local\ms-drivers deleted successfully C:\Users\robin\AppData\Local\PackageStaging deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat X Pro - Italiano, Espa¤ol, Nederlands, Portuguˆs Adobe AIR Adobe Community Help Adobe Content Viewer Adobe Creative Suite 5.5 Design Premium Adobe Flash Player 16 NPAPI Adobe Reader XI (11.0.09) - Nederlands Adobe Shockwave Player 12.1 Adobe Widget Browser AllShare Framework DMS ANNO 2070 Apple Application Support Apple Mobile Device Support Apple Software Update ASUS PCE-AC68 WLAN Card Utilities/Driver Audacity 2.0.6 AVG 2015 Battlefield 4T Battlelog Web Plugins Battlestations: Midway Battlestations: Pacific Belgium e-ID middleware 4.0.7 (build 7445) BlueJ Bonjour CLICKBIOSII Colossus Addon Mod 1.0 Contents ControlCenter Corel VideoStudio Ultimate X5 CPUID HWMonitor 1.26 CyberLink AudioDirector 5 CyberLink Holiday Pack vol 5 CyberLink Holiday Pack vol 6 CyberLink PowerDirector 13 CyberLink PowerDirector 13 Content Pack Essential CyberLink PowerDirector 13 Content Pack Premium CyberLink Travel Pack 2012 Travel Pack 2 CyberLink WaveEditor 2 CyberLink Wedding Pack Darksiders II De SimsT 4 DreamStation DXi2 Far Cry Far Cry© 3 Fraps (remove only) Free Studio version 6.4.3.128 Free YouTube Download version 3.2.49.1022 Free YouTube to MP3 Converter version 3.12.49.1022 GlassFish Server Open Source Edition 4.1 Goat Simulator Google Chrome Google Update Helper Grand Theft Auto: Episodes from Liberty City Guild Wars 2 ICA Intel Processor Diagnostic Tool 64bit Intel(R) Management Engine Components Intel(R) Smart Connect Technology Intel© Trusted Connect Service Client IPM_VS_Pro ISCOM Java 8 Update 31 Java Auto Updater League of Legends Light Replacement Mod (LRM) v4.0 Mega Pack Live Update 5 Logitech Gaming Software Logitech Gaming Software 8.53 LOLReplay Malwarebytes Anti-Malware versie 2.0.4.1028 Melodyne Runtime 4.1 (x64) Melodyne singletrack Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) Microsoft ASP.NET MVC 4 Runtime Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft WSE 3.0 Runtime Microsoft Xbox 360 Accessories 1.2 Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Microsoft_VC90_MFCLOC_x86_x64 MSI Afterburner 4.0.0 MSI Fan Control NetBeans IDE 8.0.1 Network Addon Mod NewBlue Titler EX for Corel VSX5 NewBlue Titler Pro for Windows NewBlue Video Essentials for Windows NewBlue Video Essentials V for Windows Novation USB Audio Driver 2.5 NVIDIA-configuratiescherm 347.52 NVIDIA 3D Vision controllerstuurprogramma 347.09 NVIDIA 3D Vision stuurprogramma 347.52 NVIDIA GeForce Experience 2.2.2 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 347.52 NVIDIA HD Audio-stuurprogramma 1.3.33.0 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Miracast virtuele audio 347.52 NVIDIA Network Service NVIDIA PhysX NVIDIA ShadowPlay 17.12.8 NVIDIA Stereoscopic 3D Driver NVIDIA Update 17.12.8 NVIDIA Update Core NVIDIA Virtual Audio 1.2.27 Open Broadcaster Software Origin PDF Settings CS5 Plants vs. ZombiesT proDAD Adorage 3.0 (64bit) QuickTime Rainmeter Razer Core Razer Synapse Region Census Beta RivaTuner Statistics Server 6.2.0 RuneScape Launcher 1.2.3 Samsung Data Migration Samsung Link 2.0.0.1412161531 SC4 Mapper 2013 SC4DataNode Setup Share Share64 SHIELD Streaming SHIELD Wireless Controller Driver SimCity 4 Deluxe SimCityT Skype Toolbars SkypeT 6.16 SmartSound Common Data SmartSound Quicktracks 5 SONAR X3 Space Engineers Speccy Steam Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4) swMSM System Requirements Lab CYRI System Requirements Lab for Intel TeamSpeak 3 Client The Elder Scrolls V: Skyrim Traffic Simulator Configuration Tool Uplay Visual Paradigm 11.2 Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player VSClassic VSHelp VSUltimate Vuze Watch_Dogs Webinaria 2.0 Windows Media Encoder 9 Series WinRAR 5.01 (32-bit) XSplit Broadcaster ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Windows\system32\PnkBstrA.exe C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe C:\Program Files (x86)\LOLReplay\LOLRecorder.exe C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\ASUS\PCE-AC68 WLAN Card Utilities\WlanMgr.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe F:\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AGEIA Technologies not found C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Windows\wininit.ini deleted C:\END deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWow64\AI_RecycleBin deleted "C:\PROGRA~2\Windows Multimedia Platform" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 16335 MB CPU Info: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz CPU Speed: 3506,4 MHz Sound Card: Luidsprekers (High Definition A | G246HL-4 (NVIDIA High Definitio | Luidsprekers (2- Sirus Headset) | Display Adapters: NVIDIA GeForce GTX 980 | NVIDIA GeForce GTX 980 | NVIDIA GeForce GTX 980 | NVIDIA GeForce GTX 980 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter #2 | ASUS PCE-AC68 802.11ac Network Adapter CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-224BB Ports: COM1 LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 465,2GB | E: 931,3GB | F: 2794,4GB Hard Disks - Free: C: 368,3GB | E: 562,5GB | F: 2228,4GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | ALASKA - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: MSI Z77A-G43 GAMING (MS-7758) Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated) Default Browser: Google Chrome 40.0.2214.115 Internet Explorer Version: 11.0.9600.17631 Google Chrome version: 40.0.2214.115 Adobe Reader version: 11.0.9.29 Sun Java version: 1.8.0_31 (32-bit) Sun Java version: 1.8.0_31 (64-bit) Flash Player version: 16.0.0.305 Shockwave Player version: 12.1.3r153 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\robin\AppData\Local\Temp ==== 2015-02-18 21:08:21 E3A25C80E2375B2D42C3D4729769BDF3 10240 ----a-w- C:\Users\robin\AppData\Local\Temp\SDIAG_35e97adf-e657-4b33-9c81-1860f56aa8e9\NetworkDiagnosticSnapIn.dll ====== Java Cache ===== 2015-02-22 11:01:31 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\robin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-256df1a7 ====== C:\Windows\SysWOW64 ===== 2015-02-22 11:00:55 13D186FA6F19823C598335443CE233BC 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-02-13 19:06:05 46F29AEB5FC0F6E6BD477EBB4AE0EB42 621384 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2015-02-13 19:05:14 FB50C5D41D7F82EA3718650C4DF536CF 3247248 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll 2015-02-13 19:05:14 C4AF7B27D1075C1538202AD78CB328C3 24768144 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll 2015-02-13 19:05:14 BEEA0DAC92DE547308490AB21AC3D87E 877816 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll 2015-02-13 19:05:14 B64744D40FBA7087418CB3026942769D 908104 ----a-w- C:\Windows\SysWOW64\NvFBC.dll 2015-02-13 19:05:14 ABB5AAB1D4A0B41E104E8E1F3B8EB309 345744 ----a-w- C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-02-13 19:05:14 A2DFE770DC30E4B9B0C597FAE2103A74 929936 ----a-w- C:\Windows\SysWOW64\NvIFR.dll 2015-02-13 19:05:14 989E428DE10969A562B1CA829FB78039 399504 ----a-w- C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-02-13 19:05:14 7678A3DF65245E7776B7913E7E90A1C0 305136 ----a-w- C:\Windows\SysWOW64\nvoglshim32.dll 2015-02-13 19:05:14 5C75272E819BD2F906623EF1C4C6D425 164752 ----a-w- C:\Windows\SysWOW64\nvinit.dll 2015-02-13 19:05:14 36954111C79EE44D1E5F5F02C3E78B73 10773704 ----a-w- C:\Windows\SysWOW64\nvopencl.dll 2015-02-13 19:05:14 0E33E10321FB93651EE64AB28E489C20 10713256 ----a-w- C:\Windows\SysWOW64\nvcuda.dll 2015-02-13 19:05:13 E30DCEF5DB526593786F8A7A66EDC11E 20466496 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll 2015-02-13 17:43:41 E6C2F1D8B667DDC04CB55B9F0159EF97 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_39.dll 2015-02-13 17:43:41 C4F1972497FE2CEB7D900938C97FCF91 1493528 ----a-w- C:\Windows\SysWOW64\D3DCompiler_39.dll 2015-02-13 17:43:41 8CB3DEFB8887C4F0846DB1FC1304D6D2 3851784 ----a-w- C:\Windows\SysWOW64\D3DX9_39.dll 2015-02-13 17:25:36 4FD3763F3917201856B0CBCE310003EA 4300800 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-02-11 17:34:59 C9E243A14893E41E1EF6D3A31BAEF08A 359424 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-02-11 17:34:58 332625D3A96613A7CBC66B04F307F2FA 393728 ----a-w- C:\Windows\SysWOW64\scesrv.dll 2015-02-11 17:34:56 A7AA844B8C4F7A5A13D85201877C84E5 1498360 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-02-11 17:34:55 96750B86DA18725EBAE201989AAD9B98 1489072 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 17:34:53 6705E8543E628DE9877F726C6B4A1E39 324096 ----a-w- C:\Windows\SysWOW64\certcli.dll 2015-02-11 17:34:34 74887EBB4777EC450EF167645C99163E 602776 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 17:34:32 61C74D794C14E9FC94D93F5F0F72A3F9 19740160 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-02-11 17:34:31 78A1A938D51D4F83A772123B93EE1612 12829184 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-02-11 17:34:30 EF05E63ACC834470A07A2E73D519B5FA 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 17:34:30 E4D2BC3DA34348662960E5C2A66DD2F4 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-02-11 17:34:30 AD3F5926EC2C1F21FB45D1CDED6E2A47 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 17:34:30 9DEE691C8FDBC2DE6957F1AE873C78FC 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-02-11 17:34:30 9A91F9B5035F54C2D0BA92CF9B16EE34 2277888 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-02-11 17:34:30 8FBC9680719ACDA9351B67D906C682F4 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 17:34:30 8E8137569741D3693F88DDF94CC38C20 1307136 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-02-11 17:34:30 47893802431547E170D36E033F846882 327168 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 17:34:29 FD6AF61AF029B9BC2CF4EFF57CDD5821 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 17:34:29 F285D499EC42969D963CA49EADA63218 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-02-11 17:34:29 E06ED042936F8D932748FACCB229A52C 128000 ----a-w- C:\Windows\SysWOW64\iepeers.dll 2015-02-11 17:34:29 9947D49276026A96D8ACDE9CBAAFC807 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2015-02-11 17:34:29 94BD6172078CFB71B59A7AF56CF77AF9 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2015-02-11 17:34:29 3B9EF1B8E154D202D32A7765E2F33554 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-02-13 19:05:14 F5DFB62C6A453DBA3D8E0D0BFC1EFAF7 353224 ----a-w- C:\Windows\Sysnative\nvoglshim64.dll 2015-02-13 19:05:14 E9431F732193A7491C0656A2003CF4AF 177624 ----a-w- C:\Windows\Sysnative\nvinitx.dll 2015-02-13 19:05:14 D3069F84428EFEDB8EAA083741B7CEF6 995248 ----a-w- C:\Windows\Sysnative\nvumdshimx.dll 2015-02-13 19:05:14 A511A028F8A62D17D93545ABDABE63AD 1895240 ----a-w- C:\Windows\Sysnative\nvdispco6434752.dll 2015-02-13 19:05:14 9EF2996DA79FEC7EC22BCE4CB840CD4C 13294528 ----a-w- C:\Windows\Sysnative\nvopencl.dll 2015-02-13 19:05:14 957F4975395BAC8D2121824B3E82C987 496272 ----a-w- C:\Windows\Sysnative\nvEncodeAPI64.dll 2015-02-13 19:05:14 94347A7E86A13AA86C300F1C5C5CEF3C 32106640 ----a-w- C:\Windows\Sysnative\nvoglv64.dll 2015-02-13 19:05:14 9078AC0E927A0C79482B3641C85BAC15 13208200 ----a-w- C:\Windows\Sysnative\nvcuda.dll 2015-02-13 19:05:14 7E666353814451F0F542A2C3A84B34A8 1557648 ----a-w- C:\Windows\Sysnative\nvdispgenco6434752.dll 2015-02-13 19:05:14 707C496AEF315B7FF5A1CDB066C582BE 969872 ----a-w- C:\Windows\Sysnative\NvIFR64.dll 2015-02-13 19:05:14 6CE8B8035C34D6F63B3C9E143CDC8175 833680 ----a-w- C:\Windows\Sysnative\nvmcumd.dll 2015-02-13 19:05:14 51882706E67A98DC5985247D4933D836 943760 ----a-w- C:\Windows\Sysnative\NvFBC64.dll 2015-02-13 19:05:14 1ACC850CEA37D18049CC0B3E6DE8FB7A 3610768 ----a-w- C:\Windows\Sysnative\nvcuvid.dll 2015-02-13 19:05:14 0A2E0523140DC8AF034FFB367D990E30 390472 ----a-w- C:\Windows\Sysnative\NvIFROpenGL.dll 2015-02-13 19:05:13 9BDA27EA6E10AB35CE0A2997071B0189 25460880 ----a-w- C:\Windows\Sysnative\nvcompiler.dll 2015-02-13 19:05:13 81133487FFCEDA0431E235EA2C0B1A16 100496 ----a-w- C:\Windows\Sysnative\nvaudcaparm.dll 2015-02-13 17:25:37 16ACAA0C01F31B39F39446188F6A3593 6041600 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-02-11 17:34:59 3D2E3A5CFCE65310134C11A00D6D32D0 430080 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-02-11 17:34:58 F8A442ABBAB56529B625DB9D916EA46A 538624 ----a-w- C:\Windows\Sysnative\scesrv.dll 2015-02-11 17:34:57 3A620A263DA883515786E68BE3CE23AA 7472960 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-02-11 17:34:56 7162FD845D142C542C0D041F3B3D525F 1733440 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-02-11 17:34:55 9EC0B4E613DB6002DEF0346208E433E7 1762840 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2015-02-11 17:34:53 F5BC103612FE72C176C751721B874FA6 445440 ----a-w- C:\Windows\Sysnative\certcli.dll 2015-02-11 17:34:34 6835D94FDAAB39E008E8490BD3E88CA3 788680 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2015-02-11 17:34:34 43647B730E82998201C61CA7FF7B524A 391526 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2015-02-11 17:34:32 CD726C899BD9A398E8420564A957320B 25056256 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-02-11 17:34:31 E0F76B5B904E4F448641B2B506496351 14401024 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-02-11 17:34:30 D7922F3AC6BF1EA77240E0061D648174 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-02-11 17:34:30 BF57C911895454A8874E9DFA5716C624 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-02-11 17:34:30 A7A3775B0014B165D75A00A1F632E4B5 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-02-11 17:34:30 9DFE41A69DF70AAB75CB5BA8C1109EA2 2358272 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-02-11 17:34:30 8076BB31004C1D763D5D4AEF9F0BDD4B 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-02-11 17:34:30 76DB5845E168173BBA2D3CCC4B363E42 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-02-11 17:34:30 505815B1967A504B077497D304239B4A 816128 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-02-11 17:34:30 49FABD0144A3BBD59D5DA1A0180DCE6E 374272 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-02-11 17:34:30 47162151E35EA0B7152B7C841FA21FDB 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-02-11 17:34:30 15842FB41A3BF2A2F5071518B38C957A 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-02-11 17:34:29 F86097CFDE7624DA2DE246F5B4BE3704 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2015-02-11 17:34:29 CF1488FCA487516DB09E797F3AC49E4A 2865152 ----a-w- C:\Windows\Sysnative\actxprxy.dll 2015-02-11 17:34:29 CB2528D522FF1F5A7BF9B27D2FB250FF 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-02-11 17:34:29 A04F0C4A0B80C92F92E854E7157D6466 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-02-11 17:34:29 907B558B742B1E52E9E37E3CAAF6508E 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2015-02-11 17:34:29 7A388AFC6885D22F4D988EE9B8D1291A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-02-11 17:34:22 BA0ED854110D45E5D4A46BD250BAF4E0 1487976 ----a-w- C:\Windows\Sysnative\sppobjs.dll 2015-02-11 17:34:08 FCEE1C08EA416800FAC891DDEB608627 414208 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-02-11 17:34:08 EF2C89AEE3D56860F6CCB8D97374402B 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-02-11 17:34:08 E357B0D37DB9C4B17923C893CCF75A18 894464 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-02-11 17:34:08 642A03FB834B4C4BCA8DFEE2EFD4175B 609280 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-02-11 17:34:08 32DE26000788F35DA344702B44728524 761856 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-02-11 17:34:08 12D4142E4EBFDB6F057B615A0547C4CF 1098752 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-02-11 17:33:54 E6905909E7334990033CFDAF56920004 4175872 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2015-02-13 19:05:14 3B99271224C43ADAB5A7F8D4B574AE3F 10284872 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2015-02-13 19:05:13 45D8EB2E74120CB676E334A20512035D 39240 ----a-w- C:\Windows\Sysnative\drivers\nvvadarm.sys 2015-02-11 17:34:53 3930E508DDA46C1FF68FD963F350AA0A 563504 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-02-11 17:34:53 15C8C65CEA018C02EA0F648448C491C5 177984 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-02-21 17:11:40 -------- d-----w- C:\Program Files\trend micro 2015-02-18 20:56:11 -------- d-----w- C:\Program Files\CPUID 2015-02-07 21:02:03 -------- d-----w- C:\Program Files\Samsung ======= C:\PROGRA~2 ===== 2015-02-22 11:00:56 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-02-19 21:59:30 -------- d-----w- C:\PROGRA~2\Origin 2015-02-18 22:02:32 -------- d-----w- C:\PROGRA~2\Origin Games 2015-02-12 18:42:36 -------- d-----w- C:\PROGRA~2\AVG ======= C: ===== ====== C:\Users\robin\AppData\Roaming ====== 2015-02-21 19:07:30 -------- d-----w- C:\Users\robin\AppData\Local\Steam 2015-02-19 22:00:02 -------- d-----w- C:\Users\robin\AppData\Local\Origin 2015-02-13 17:29:43 -------- d-----w- C:\Users\robin\AppData\Local\Garena 2015-02-12 18:43:09 -------- d-----w- C:\Users\robin\AppData\Roaming\AVG2015 2015-02-12 18:43:01 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2015-02-12 18:42:50 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2015-02-12 18:42:50 -------- d-----w- C:\Users\robin\AppData\Roaming\TuneUp Software 2015-02-12 18:42:36 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015 2015-02-12 18:36:59 -------- d-----w- C:\Users\robin\AppData\Local\Avg2015 2015-02-07 21:02:16 -------- d-----w- C:\Users\robin\AppData\Roaming\SAMSUNG ====== C:\Users\robin ====== 2015-02-22 11:00:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-02-19 21:59:02 E86F044806FAE013C904AB3909C24F47 17102664 ----a-w- C:\Users\robin\Documents\OriginThinSetup.exe 2015-02-18 20:56:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2015-02-13 17:43:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-02-12 18:42:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-02-12 18:42:42 -------- d-----w- C:\ProgramData\AVG2015 2015-02-12 18:36:59 -------- d--h--w- C:\ProgramData\Common Files 2015-02-07 21:02:29 -------- d-----w- C:\Users\robin\Samsung Link 2015-02-07 21:02:16 -------- d-----w- C:\ProgramData\SAMSUNG ====== C: exe-files == 2015-02-22 11:00:47 B0D46640968F989830413EB88F43E0D0 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-02-22 11:00:47 52C8B9FD016E6317FDB151296FF90877 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-02-22 11:00:47 3E72E1AB196855916E2065C604674631 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-02-22 11:00:44 F9D744CD9BC58F287F8FA59D32508EDD 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\orbd.exe 2015-02-22 11:00:44 F5EA785B2BCC08DC28CBC2D96E05F2C1 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe 2015-02-22 11:00:44 DF1C8EDDAF14D2960A06A9DF7B2D0A89 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java-rmi.exe 2015-02-22 11:00:44 DBB5C8AE19ACFA2857CFB90C7305AC56 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssvagent.exe 2015-02-22 11:00:44 DA34E76DE9CD93471F24E7BD43139958 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\kinit.exe 2015-02-22 11:00:44 CDB1FE0DCF2ADB755EBF65C8AEBBC871 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\servertool.exe 2015-02-22 11:00:44 B0D46640968F989830413EB88F43E0D0 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe 2015-02-22 11:00:44 AF82EA1498FEC5C49B8A1AE5AA0A5F6C 77224 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe 2015-02-22 11:00:44 A8884FB8246655C84F110E77DF5E1B4A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ktab.exe 2015-02-22 11:00:44 90C02BD6D01BBC1C620323F9E330E89C 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jjs.exe 2015-02-22 11:00:44 8B6DF9CD28359C5E819446FD79CE3948 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmiregistry.exe 2015-02-22 11:00:44 7479DA0BED071427A3F0017AC51CC27B 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\unpack200.exe 2015-02-22 11:00:44 69BD74EE834B5629226BF89468B8020B 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\keytool.exe 2015-02-22 11:00:44 5F7C51E0DCA813D647F14FC12AE675F2 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\policytool.exe 2015-02-22 11:00:44 577F5DCBA4DE4C345631873670F84E79 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\tnameserv.exe 2015-02-22 11:00:44 52C8B9FD016E6317FDB151296FF90877 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe 2015-02-22 11:00:44 3E72E1AB196855916E2065C604674631 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe 2015-02-22 11:00:44 39685FC75B6FB2144E793595F1AB111D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\pack200.exe 2015-02-22 11:00:44 2F77C9862B1A2401278C4A5B932DA69D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\klist.exe 2015-02-22 11:00:44 0FB2ACAC796B166F6486B593B604A3FF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmid.exe 2015-02-22 11:00:44 063A1044A451660B159426B9C5E75957 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jabswitch.exe 2015-02-21 21:36:22 9F71717AABE220607990D3B142B24213 7035496 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\Packages\00006ce5\vops-far_cry_3.19252641.exe 2015-02-21 21:36:17 6E6850013159BA8129A5A612D4390A7A 4942576 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\Packages\00006fe9\vops-watch_dogs.19307525.exe 2015-02-21 21:36:17 4870B929D6B7A75196C54710221FBA56 4402928 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\Packages\00006fd5\vops-skyrim.19307525.exe 2015-02-21 21:36:16 FF5199F1A001EA89F4BDFA351F68770A 395584 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\Packages\000065d4\streaming-assets-far_cry_3.18975565.exe 2015-02-21 21:36:16 C494F5A5A6F8FA8453D98585882532BA 272032 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\Packages\000065dd\streaming-assets-grand_theft_auto_iv_eflc.18975565.exe 2015-02-21 21:36:16 C3D32CD2A2430CF303AED944C50B28C8 294688 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\Packages\00006275\streaming-assets-watch_dogs.18870976.exe 2015-02-21 21:36:16 95236DE1532434ECEBC5BD48953A2016 229064 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\Packages\000065f1\streaming-assets-skyrim.18975565.exe 2015-02-21 21:36:16 9077E312FFD11DF125FB70AAD784357B 4058800 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\Packages\000062a8\vops-grand_theft_auto_iv_eflc.18888158.exe 2015-02-21 21:36:15 A2D04ED69D9B32F7465E6C33139F2FA9 194016 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\Packages\0000620a\streaming-assets-darksiders_2.18870976.exe 2015-02-21 19:07:30 25C16F7D749F1BA7D573756338658727 835776 ----a-w- C:\Program Files (x86)\Common Files\Steam\SteamServiceTmp.exe 2015-02-21 17:11:40 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\robin.exe 2015-02-20 21:35:01 FF7FFD6962396B565838F04656F94004 437408 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\Packages\0000706b\CoProc update.19337009.exe 2015-02-20 18:10:30 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files (x86)\Google\Update\Install\{36D06CD4-EB41-4C56-8F63-D673F01A12A1}\40.0.2214.115_40.0.2214.111_chrome_updater.exe 2015-02-20 18:10:30 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.115\40.0.2214.115_40.0.2214.111_chrome_updater.exe 2015-02-19 21:59:58 760E9D47E2DA105EBE8C69C6F9DA42B4 1688432 ----a-w- C:\Program Files (x86)\Origin\OriginCrashReporter.exe 2015-02-19 21:59:58 4F2ED8FB21F127DC1FA98D4CA2279E75 1910128 ----a-w- C:\Program Files (x86)\Origin\OriginClientService.exe 2015-02-19 21:59:58 23F00DC45201E89DC2341D2EE86A6235 10485592 ----a-w- C:\Program Files (x86)\Origin\OriginER.exe 2015-02-19 21:59:57 F920621A848115ADE15E7F0922130401 96632 ----a-w- C:\Program Files (x86)\Origin\legacyPM\EACoreServer.exe 2015-02-19 21:59:57 F8E945F3E3DFCC8DB2EFCE99F8A9D108 14176 ----a-w- C:\Program Files (x86)\Origin\igoproxy64.exe 2015-02-19 21:59:57 F2C037BE90E479A72FBDBC34BF7A1647 1628032 ----a-w- C:\Program Files (x86)\Origin\legacyPM\EAProxyInstaller.exe 2015-02-19 21:59:57 7F94D00603AC062768B31EDB41C3DB6A 830832 ----a-w- C:\Program Files (x86)\Origin\legacyPM\OriginLegacyCLI.exe 2015-02-19 21:59:57 736DFBE85CE56FF569E9B2B626FE4B76 471416 ----a-w- C:\Program Files (x86)\Origin\legacyPM\PatchProgress.exe 2015-02-19 21:59:57 56AD75E5527EA5F36203CE79C54664E4 1332648 ----a-w- C:\Program Files (x86)\Origin\legacyPM\OriginUninstall.exe 2015-02-19 21:59:57 52CA5E84ACB2F193B0D1917F74A1CA29 480096 ----a-w- C:\Program Files (x86)\Origin\legacyPM\Login.exe 2015-02-19 21:59:57 459825F17783BFC987ACCFB7AABAABA3 402800 ----a-w- C:\Program Files (x86)\Origin\legacyPM\MessageDlg.exe 2015-02-19 21:59:57 15BAE4266D5A3E5D7EA691F6F573079E 1632104 ----a-w- C:\Program Files (x86)\Origin\EAProxyInstaller.exe 2015-02-19 21:59:02 E86F044806FAE013C904AB3909C24F47 17102664 ----a-w- C:\Users\robin\Documents\OriginThinSetup.exe 2015-02-19 21:58:51 EE296E33423CB8048934B8F6649933B0 722788 ----a-w- C:\Users\robin\Desktop\SimCity 4\Plugins_winter\Network Addon Mod\uninst.exe 2015-02-19 21:58:45 47ECC5CACF8324E46050CF6739D9E1D1 62594 ----a-w- C:\Users\robin\Desktop\SimCity 4\Plugins_normal\a_CAM\uninst.exe 2015-02-19 21:58:39 D20FF6DEAFB3C151FA438C27CB112B1A 722788 ----a-w- C:\Users\robin\Desktop\SimCity 4\Plugins_normal\0005 Network Addon Mod\uninst.exe 2015-02-19 21:58:37 EE296E33423CB8048934B8F6649933B0 722788 ----a-w- C:\Users\robin\Desktop\SimCity 4\Plugins\Network Addon Mod\uninst.exe 2015-02-18 20:56:11 9149C383FC5862852F9CEAA5B14F8A2C 2304696 ----a-w- C:\Program Files\CPUID\HWMonitor\HWMonitor.exe 2015-02-18 20:56:11 59ED4D76FA8C324C4057BCDE5F21251E 719521 ----a-w- C:\Program Files\CPUID\HWMonitor\unins000.exe 2015-02-18 18:34:32 95151043AAA4E000687A938E83136DB8 32771576 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_game_client\releases\0.0.1.18\deploy\League of Legends.exe 2015-02-17 19:28:40 4B0D0C51DAC9B9F5ACE7C04AB0E03164 5020680 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\Packages\00007049\DAO.19325675.exe 2015-02-17 15:19:28 CEEAD3EE1AC23B22AD12F280DD39523D 675256 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2015-02-17 15:19:26 D0B6133A3F38786CAD39FF206D1DB49E 172984 ----a-w- C:\Users\robin\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2015-02-16 17:47:49 EE296E33423CB8048934B8F6649933B0 722788 ----a-w- C:\Users\robin\Documents\SimCity 4\Plugins_Top3\Network Addon Mod\uninst.exe === C: other files == 2015-02-22 11:00:45 3315140254247E248C3531F159C79109 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\lib\deploy\ffjcext.zip 2015-02-17 18:30:30 36F61A9904A7254E136482E93F5B1475 33727 ----a-w- C:\Users\robin\AppData\Local\Temp\lol_beta_riotgames_comCrash_021715_193030.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1445297486-2176638070-3027749873-1001\Software\Microsoft\Windows\CurrentVersion\Run] "DS4Windows"="C:\Program Files (x86)\DSDCS\DS4Windows\DS4Windows.exe" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LiveUpdate 5"="C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder" "ControlCenterCount"="C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS5.5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe -launchedbylogin" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Acrobat Speed Launcher"="F:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "Acrobat Assistant 8.0"="F:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DS4Windows"="C:\Program Files (x86)\DSDCS\DS4Windows\DS4Windows.exe" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISCT Tray"="C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe" "Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "XboxStat"="C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe silentrun" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "Samsung Link"="C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" ==== Startup Folders ====================== 2014-12-07 17:15:40 1742 ----a-w- C:\Users\robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk 2015-01-07 19:21:05 2009 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04/02/2015 20:15] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/04/2014 22:56] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/04/2014 22:56] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\PCEAC68WLANMGR" ["C:\Program Files (x86)\ASUS\PCE-AC68 WLAN Card Utilities\WlanMgr.exe"] "C:\Windows\SysNative\tasks\Start Corsair Link" ["C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{B2E0F3E3-362A-4EAD-A898-48146B7E889B}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{1314E329-6358-40C0-BDEF-86B6C7116AED}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "web2pdfextension@web2pdf.adobedotcom"="F:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn" [19/06/2014 19:21] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [06/11/2014 17:50] ==== Chromium Look ====================== Google Drive - robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Porsche - robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg Announcify - robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiolkcfamcbpoandjpnefiegkcpeoan Google Wallet - robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1445297486-2176638070-3027749873-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-1445297486-2176638070-3027749873-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [LiveUpdate 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder O4 - HKLM\..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "F:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "F:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [DS4Windows] "C:\Program Files (x86)\DSDCS\DS4Windows\DS4Windows.exe" O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4 - Global Startup: LOLRecorder.lnk = C:\Program Files (x86)\LOLReplay\LOLRecorder.exe O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - CyberLink - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer, Inc. - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\robin\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\robin\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\robin\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\robin\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=139 folders=58 42865877 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\robin\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\robin\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 22/02/2015 at 12:24:50,77 ======================