Zoek.exe v5.0.0.1 Updated 28-09-2015 Tool run by Pj_Dc on wo 30/09/2015 at 14:53:02,04. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Pj_Dc\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 30/09/2015 14:55:15 Zoek.exe System Restore Point Created Successfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\DropboxCopyHook {FBC9D74C-AF55-4309-9FB2-C426E071637F} C:\Users\Pj_Dc\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Possible Rootkit Infection ====================== C:\Windows\installer\{d8212601-b776-5ff1-5657-09230b647ebc}\L C:\Windows\installer\{d8212601-b776-5ff1-5657-09230b647ebc}\U C:\Windows\installer\{d8212601-b776-5ff1-5657-09230b647ebc}\@ ==== Empty Folders Check ====================== C:\PROGRA~2\Alaplaya deleted successfully C:\PROGRA~2\Freemake deleted successfully C:\PROGRA~2\Hi-Rez Studios deleted successfully C:\PROGRA~2\Intel deleted successfully C:\PROGRA~2\ManyCam deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Pando Networks deleted successfully C:\PROGRA~2\RealFogs deleted successfully C:\PROGRA~2\Wisdom-soft ScreenHunter 6.0 Pro deleted successfully C:\PROGRA~2\COMMON~1\LWS deleted successfully C:\Program Files\Bitdefender deleted successfully C:\PROGRA~3\Evernote deleted successfully C:\PROGRA~3\Freemake deleted successfully C:\PROGRA~3\Hi-Rez Studios deleted successfully C:\PROGRA~3\Orbit deleted successfully C:\PROGRA~3\Systweak deleted successfully C:\Users\Pj_Dc\AppData\Roaming\Awesomium deleted successfully C:\Users\Pj_Dc\AppData\Roaming\DRPSu deleted successfully C:\Users\Pj_Dc\AppData\Roaming\QuickScan deleted successfully C:\Users\Pj_Dc\AppData\Roaming\systweak deleted successfully C:\Users\Pj_Dc\AppData\Local\Avg2013 deleted successfully C:\Users\Pj_Dc\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Pj_Dc\AppData\Local\EmieSiteList deleted successfully C:\Users\Pj_Dc\AppData\Local\EmieUserList deleted successfully C:\Users\Pj_Dc\AppData\Local\PACE Anti-Piracy deleted successfully C:\Users\Pj_Dc\AppData\Local\TomTom deleted successfully C:\Users\Pj_Dc\AppData\Local\WarThunder deleted successfully C:\Users\Pj_Dc\AppData\Local\Wisdom-soft deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4253350116-951323700-1799462684-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-4253350116-951323700-1799462684-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-4253350116-951323700-1799462684-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-4253350116-951323700-1799462684-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-4253350116-951323700-1799462684-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0497689E-731C-4220-84E9-D40FC4CF1C9A} deleted successfully HKEY_USERS\S-1-5-21-4253350116-951323700-1799462684-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully HKEY_USERS\S-1-5-21-4253350116-951323700-1799462684-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Pj_Dc\AppData\Roaming\Mozilla\Firefox\Profiles\0 user.js not found ---- Lines WebSearch removed from prefs.js ---- user_pref("browser.startup.homepage", "http://websearch.soft-quick.info/"); user_pref("browser.search.order.1", "WebSearch"); user_pref("browser.search.defaultenginename", "WebSearch"); user_pref("browser.search.selectedEngine", "WebSearch"); user_pref("browser.search.defaulturl", "http://websearch.soft-quick.info/?l=1&q="); user_pref("browser.search.order.1,S", "WebSearch"); user_pref("browser.search.defaultenginename,S", "WebSearch"); user_pref("browser.search.selectedEngine,S", "WebSearch"); user_pref("keyword.URL", "http://websearch.soft-quick.info/?l=1&q="); ---- FireFox user.js and prefs.js backups ---- prefs_20153009_1511_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Alaplaya not found C:\PROGRA~2\Freemake not found C:\PROGRA~2\Hi-Rez Studios not found C:\PROGRA~2\Intel not found C:\PROGRA~2\ManyCam not found C:\PROGRA~2\Pando Networks not found C:\PROGRA~2\RealFogs not found C:\PROGRA~2\Wisdom-soft ScreenHunter 6.0 Pro not found C:\Program Files (x86)\Common Files\DVDVideoSoft deleted C:\ProgramData\clear.fi deleted C:\Windows\syswow64\appdata deleted C:\windows\SysNative\Tasks\ContinueToSaveUpdaterTask{298AC125-907E-4A5E-BC79-64A146A523DE} deleted C:\PROGRA~3\WoW Worldwide Software LTD deleted C:\PROGRA~3\Premium deleted C:\PROGRA~3\{51B0C2F8-BB02-4FF9-83E6-6BBD135AD344} deleted C:\PROGRA~3\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14} deleted C:\PROGRA~3\{C79644E3-0443-4647-AF82-C8A62EB1B82A} deleted C:\PROGRA~3\Package Cache deleted C:\Users\Pj_Dc\AppData\Local\CrashRpt deleted C:\Windows\wininit.ini deleted C:\windows\SysNative\tasks\YourFile Update deleted C:\Windows\tasks\ContinueToSaveUpdaterTask{298AC125-907E-4A5E-BC79-64A146A523DE}.job deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" deleted "C:\Program Files (x86)\Microsoft\BingBar" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Pj_Dc\AppData\Local\Temp ==== 2015-09-30 12:50:01 78F768C4E0BD116AAF5EE41D760F899D 71168 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaqmhuo.dll 2015-09-29 17:47:53 E519FF8E248789FE655E71B859CFEBD8 4608 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ru-RU\RzSynapse.resources.dll 2015-09-29 17:47:53 DF60AA237A668855075FF6196FBDB444 6656 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ru-RU\RzAIOInstallManager.resources.dll 2015-09-29 17:47:53 C403B1FCC50E63B7DAA3FEB8FCC23814 8704 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\zh-CHT\RzSynapseLoginUI.resources.dll 2015-09-29 17:47:53 ABA220AA6ACDE5EF0A69782723EB98DC 6144 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\pt-BR\RzUpdateManager.resources.dll 2015-09-29 17:47:53 A79DC0213D630958E635A9663940B11C 6144 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\zh-CN\RzUpdateManager.resources.dll 2015-09-29 17:47:53 99F99255B0820F17D89513EE8C8BEC3C 5632 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\zh-CHT\RzAIOInstallManager.resources.dll 2015-09-29 17:47:53 8137AD760C468DEBEC4C7523A07A7A3F 4608 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\zh-CN\RzSynapse.resources.dll 2015-09-29 17:47:53 78E8159A2C47981C36B559F210D7AA28 4608 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\zh-CHT\RzSynapse.resources.dll 2015-09-29 17:47:53 7501E85D01005907A8CB712E5A9F791B 6144 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\zh-CHT\RzUpdateManager.resources.dll 2015-09-29 17:47:53 66940F565B7B643D8D09317CB7714D98 12800 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\zh-CHT\RzAIOGeneratorUi.resources.dll 2015-09-29 17:47:53 6237646E48F8D0E0B26B87BE3F71322E 5632 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\zh-CN\RzAIOInstallManager.resources.dll 2015-09-29 17:47:53 5A29BACE64E1525BCC420F2720167BD3 8704 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\zh-CN\RzSynapseLoginUI.resources.dll 2015-09-29 17:47:53 535ACB7E804F97DB48F1E8B06AE5F63B 17920 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ru-RU\RzAIOGeneratorUi.resources.dll 2015-09-29 17:47:53 2BF964CC56E675B881D836BA4133FB2A 12800 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\zh-CN\RzAIOGeneratorUi.resources.dll 2015-09-29 17:47:53 0FB3E287C32AD18D3784724397CA0334 11776 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ru-RU\RzSynapseLoginUI.resources.dll 2015-09-29 17:47:53 0581CBC3F59069E8589463D86767EB69 7168 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ru-RU\RzUpdateManager.resources.dll 2015-09-29 17:47:52 F5BF773CDC7DBDF36A518F6B64C38E7A 10752 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ja-JP\RzSynapseLoginUI.resources.dll 2015-09-29 17:47:52 F3F3306579375025F1B9BADAC56A4A34 13824 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\pt-BR\RzAIOGeneratorUi.resources.dll 2015-09-29 17:47:52 EE6DB4C421E9955A7C46EDFFA0C14042 6144 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ko-KR\RzAIOInstallManager.resources.dll 2015-09-29 17:47:52 D2398815725909C83BF8B02730A768DA 4608 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\fr-FR\RzSynapse.resources.dll 2015-09-29 17:47:52 D134D05099788DF6DD48377D7A2B4BB9 4608 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ko-KR\RzSynapse.resources.dll 2015-09-29 17:47:52 CF32C0352800F19BB4540984BB79DD99 9728 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\pt-BR\RzSynapseLoginUI.resources.dll 2015-09-29 17:47:52 CD5BA7A8799D2EEF5D5CC97D608050C7 14848 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ko-KR\RzAIOGeneratorUi.resources.dll 2015-09-29 17:47:52 C12E20427A6C83341F32902A94AE0028 6144 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ja-JP\RzAIOInstallManager.resources.dll 2015-09-29 17:47:52 B8E16202EE19BCE83245A28835021CAF 15872 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ja-JP\RzAIOGeneratorUi.resources.dll 2015-09-29 17:47:52 B3A7EDAA557EDF9702845D9C6F91346F 4608 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\pt-BR\RzSynapse.resources.dll 2015-09-29 17:47:52 94A745F1F820F1C215CE13C153417D98 9728 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ko-KR\RzSynapseLoginUI.resources.dll 2015-09-29 17:47:52 93A8B95A269C65ED03877383DEF590A4 6144 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\fr-FR\RzUpdateManager.resources.dll 2015-09-29 17:47:52 8FD82D99716E9DCC5A4760717496CB8B 6144 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\es-ES\RzUpdateManager.resources.dll 2015-09-29 17:47:52 8C1363F4E82A39A51780E9BF6ACBA241 5632 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\es-ES\RzAIOInstallManager.resources.dll 2015-09-29 17:47:52 86672E71C816345836D9E08939728C83 6144 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\fr-FR\RzAIOInstallManager.resources.dll 2015-09-29 17:47:52 5F72DE76198E5C8BC912854D49AAF27C 6144 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ko-KR\RzUpdateManager.resources.dll 2015-09-29 17:47:52 455FCEA490FCE4C85F08818C4A5BA1BA 4608 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ja-JP\RzSynapse.resources.dll 2015-09-29 17:47:52 431E3321DAD1CB3C1C3071785C726EEA 14336 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\fr-FR\RzAIOGeneratorUi.resources.dll 2015-09-29 17:47:52 3E313671D7140A55B69476351210C28E 5632 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\pt-BR\RzAIOInstallManager.resources.dll 2015-09-29 17:47:52 32B0540326170059EA3596095BB8AE56 9728 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\fr-FR\RzSynapseLoginUI.resources.dll 2015-09-29 17:47:52 321B2A69F9EA8D04ED87DE6C5BA0FD89 6144 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\ja-JP\RzUpdateManager.resources.dll 2015-09-29 17:47:52 2EC5F3E88982813DF6C521BE2D031624 4608 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\es-ES\RzSynapse.resources.dll 2015-09-29 17:47:52 2C262ADCC93D93E5707803EE1F697426 9728 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\es-ES\RzSynapseLoginUI.resources.dll 2015-09-29 17:47:51 C7AD7D09DECA1ADD726C4BF3ED901DCC 386560 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\RzStorage.dll 2015-09-29 17:47:51 B8F0DE2319A652F240EEB6E4F240EC5E 9728 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\de-DE\RzSynapseLoginUI.resources.dll 2015-09-29 17:47:51 B89CB7F3F1A1E2807E708F5435DEB13D 270336 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\log4net.dll 2015-09-29 17:47:51 ADADFB4D2E516CDF2170010E37FDC201 83968 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\RzUpdate.dll 2015-09-29 17:47:51 A9EBE84C4A7BE772000F3B5F11726827 112128 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\RzCommon.dll 2015-09-29 17:47:51 A85A9F78572E8B4ADAB2EF9F5B2BFD8B 14336 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\de-DE\RzAIOGeneratorUi.resources.dll 2015-09-29 17:47:51 6DED8FCBF5F1D9E422B327CA51625E24 462336 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\Ionic.Zip.dll 2015-09-29 17:47:51 4DE99B63E3DF220C51712C814130A885 6656 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\de-DE\RzUpdateManager.resources.dll 2015-09-29 17:47:51 42C5D7652195B34CCE409101435C3CE0 508416 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\RzUpdateManagerUI.dll 2015-09-29 17:47:51 343A4FF73965111E4695AF920D3F3DAD 4608 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\de-DE\RzSynapse.resources.dll 2015-09-29 17:47:51 2BAC2D23BAEAEF21215966B46217B30B 6144 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\de-DE\RzAIOInstallManager.resources.dll 2015-09-29 17:47:51 0D20DB220CE847A6104FCB12F9D70D1F 550096 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\RzUpdateManager.exe 2015-09-29 17:47:51 04C1C61A29B2AAA3FD31B20E9B7F0CC3 13824 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\Razer\RzUpdater\es-ES\RzAIOGeneratorUi.resources.dll 2015-09-26 14:06:34 6B1D908AAACC6B4793D749AB9D950BE2 121448 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\clear.fiClient\cabarc.exe 2015-09-26 11:30:26 1714D2B9D03CD71541AFD1FA0ED23759 7675448 ----a-w- C:\Users\Pj_Dc\AppData\Local\Temp\SpotifyUninstall.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-09-26 10:52:05 B23936CF83DAC4B64660A88711B5234A 12128 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-09-26 10:52:05 85CEBA9A21CE5D51B35EF2DE9EBFBAC4 12128 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-09-26 10:52:05 80BEB858D2EEE9CA657647B599E5D844 11616 ----a-w- C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2015-09-26 10:52:05 4669249FB01EA369C7FD40A530966FA1 12640 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-09-26 10:52:05 00A0A24BB2E9AADE11494B627EB164C4 12640 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-09-26 10:52:04 CBF3CFC9EE1FD29707D95C63A5E7A78B 19808 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-09-26 10:52:04 C1096DA4634AD3356A10C00B24F53393 22368 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-09-26 10:52:04 9F9FE5F52E9B2AD655C896B849883B1A 12128 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-09-26 10:52:04 9D66FCC681389EC619D4E801F1DDBB2F 17760 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-09-26 10:52:04 94FEB4417CF3E39C8C58A1B73620687E 66400 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-09-26 10:52:04 8E534F49C77D787DB69BABFF931A497A 12640 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-09-26 10:52:04 73CED8B30963E54D262DAE2559116E46 13664 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-09-26 10:52:04 6C7F782FDBF9AEFFE7663FA1579A610E 17760 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-09-26 10:52:04 5B55E9A1360A6C52CC988DA6804D6CA2 901264 ----a-w- C:\Windows\SysWOW64\ucrtbase.dll 2015-09-26 10:52:04 408019E57D3D2DA62A9F28389EED0AC1 16224 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-09-26 10:52:04 39F9D0F1B698D53D78C79576C7C60526 14176 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-09-26 10:52:04 33E8CCBE05123C8146CD16293B688417 15712 ----a-w- C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-09-23 16:58:48 EB160711A78A07ADB9621B4CB38B5EB9 574072 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2015-09-23 16:57:59 17A782D4B2FB2E223967BDFBB160EBBC 105080 ----a-w- C:\Windows\SysWOW64\OpenCL.dll 2015-09-23 16:56:09 C078B1220C469008179C54707C4D8777 14635600 ----a-w- C:\Windows\SysWOW64\nvwgf2um.dll 2015-09-23 16:56:09 7ED2C02AEA1050BE383D6C901BADB41A 155792 ----a-w- C:\Windows\SysWOW64\nvinit.dll 2015-09-23 16:56:09 7A616A99185125F903F717C1259540C7 944760 ----a-w- C:\Windows\SysWOW64\NvFBC.dll 2015-09-23 16:56:09 77233B6E30E94DCE5E23EB5C7C34E828 18543736 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll 2015-09-23 16:56:09 71798CED665D7732803BBBB51BB42F7B 986232 ----a-w- C:\Windows\SysWOW64\NvIFR.dll 2015-09-23 16:56:09 5F3C6EE81919D1860482AC5308524FBB 12514824 ----a-w- C:\Windows\SysWOW64\nvd3dum.dll 2015-09-23 16:56:09 5E655604305A77CC66EDAAEA2214B53D 943712 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll 2015-09-23 16:56:09 4494DC336D83E88649CCD27AAF476017 2627192 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll 2015-09-23 16:56:09 1FD64D82847BF3B3CE32A7C73E4380C1 13660648 ----a-w- C:\Windows\SysWOW64\nvopencl.dll 2015-09-23 16:56:09 1BD4F0EC1284DE1764D46A153EBF2745 128512 ----a-w- C:\Windows\SysWOW64\nvoglshim32.dll 2015-09-23 16:56:09 0D5F91EFE978BEA551E8D18DE523D9EB 12185344 ----a-w- C:\Windows\SysWOW64\nvcuda.dll 2015-09-23 16:56:08 8640F34B62A84B129E11E752EB799037 37819000 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll 2015-09-23 16:56:08 060CFC37DB71EFB027133603296DCFD6 3116160 ----a-w- C:\Windows\SysWOW64\nvapi.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-09-26 10:52:05 ED14B64C94F543974B7FDC592FA0594B 12640 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-conio-l1-1-0.dll 2015-09-26 10:52:05 CC337898E64D9078CB697AC19F995C7F 12128 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-utility-l1-1-0.dll 2015-09-26 10:52:05 6631C212F79350458589A5281374B38B 12640 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-process-l1-1-0.dll 2015-09-26 10:52:05 56556659C691DD043DBE24B0A195D64C 20832 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-math-l1-1-0.dll 2015-09-26 10:52:05 53E9526AF1FDCE39F799BFE9217397A8 17760 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-stdio-l1-1-0.dll 2015-09-26 10:52:05 32B2264317EA6200DA5DEEEC7DCB0EEB 11616 ----a-w- C:\Windows\Sysnative\api-ms-win-eventing-provider-l1-1-0.dll 2015-09-26 10:52:05 2381E189321EAD521FF71E72D08A6B17 984448 ----a-w- C:\Windows\Sysnative\ucrtbase.dll 2015-09-26 10:52:05 090DD0BB2BDDEE3EAAE5B6FF15FAE209 14176 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-time-l1-1-0.dll 2015-09-26 10:52:04 F97E7878A2B372291B1269D80327BBF6 12640 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-heap-l1-1-0.dll 2015-09-26 10:52:04 ECCF5973B80D771A79643732017CEA9A 17760 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-string-l1-1-0.dll 2015-09-26 10:52:04 E9F6D776545843A9817D8ACF38D06D09 19808 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-multibyte-l1-1-0.dll 2015-09-26 10:52:04 BBAE7B5436D6D1B0FC967FF67E35415F 16224 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-runtime-l1-1-0.dll 2015-09-26 10:52:04 AF851DFD0D9FECB76FF2B403F3C30F5B 12128 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-environment-l1-1-0.dll 2015-09-26 10:52:04 761DDD8669A661D57D9CF9C335949C06 12128 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-locale-l1-1-0.dll 2015-09-26 10:52:04 653CB5DF3CEC6A4A0E402B33D8AA5C08 63840 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-private-l1-1-0.dll 2015-09-26 10:52:04 1908861649E67CDC20C563C234A89914 15712 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-convert-l1-1-0.dll 2015-09-26 10:52:04 0F143310FADE4DE116070A3917A79C18 13664 ----a-w- C:\Windows\Sysnative\api-ms-win-crt-filesystem-l1-1-0.dll 2015-09-23 16:58:19 F5AA16917E1E478DD0CC1F9AB1B32656 62584 ----a-w- C:\Windows\Sysnative\nvshext.dll 2015-09-23 16:58:19 DF19BF8869AD97B7A3849B21C5DAF180 2558584 ----a-w- C:\Windows\Sysnative\nvsvcr.dll 2015-09-23 16:58:19 B1F62E749615AB69509C0EF90B8E4458 6884984 ----a-w- C:\Windows\Sysnative\nvcpl.dll 2015-09-23 16:58:19 7B9B5B31CB5BF1C023F7A0EDC85B9EF0 937776 ----a-w- C:\Windows\Sysnative\nvvsvc.exe 2015-09-23 16:58:19 2893C0C2283BF82487C818C9EAD10F47 5231082 ----a-w- C:\Windows\Sysnative\nvcoproc.bin 2015-09-23 16:58:19 1F2CCBB9012498F71C2091BDD0CF31CE 3496056 ----a-w- C:\Windows\Sysnative\nvsvc64.dll 2015-09-23 16:58:19 1D85F514EC7C59DC965AA91C8CD3D97B 385144 ----a-w- C:\Windows\Sysnative\nvmctray.dll 2015-09-23 16:57:59 63A89DA550E4A4B1C34DD559754FB935 112760 ----a-w- C:\Windows\Sysnative\OpenCL.dll 2015-09-23 16:56:10 C2AE4C3F32BB06E4E2E24962AAB0B830 40280 ----a-w- C:\Windows\Sysnative\nvhdap64.dll 2015-09-23 16:56:09 F9079A9D26AF662CD1C45ED862BB4E9C 2940024 ----a-w- C:\Windows\Sysnative\nvcuvid.dll 2015-09-23 16:56:09 DEC064F84263F6250FE3DCB8F3A33F92 1898288 ----a-w- C:\Windows\Sysnative\nvdispco6435598.dll 2015-09-23 16:56:09 D235A16BF7E765DEB2D69005576467D6 16637528 ----a-w- C:\Windows\Sysnative\nvopencl.dll 2015-09-23 16:56:09 B40CCD9453430F7D26761D5D16C5F2E4 1105976 ----a-w- C:\Windows\Sysnative\nvumdshimx.dll 2015-09-23 16:56:09 B08CF20C326FAE262AD31C9AE362222D 15513208 ----a-w- C:\Windows\Sysnative\nvd3dumx.dll 2015-09-23 16:56:09 86FA1411E3BB89C0BA3DCB011A7DCFF9 1558832 ----a-w- C:\Windows\Sysnative\nvdispgenco6435598.dll 2015-09-23 16:56:09 82F2A170D2D4F6136C477BA6D17828A8 1074808 ----a-w- C:\Windows\Sysnative\NvFBC64.dll 2015-09-23 16:56:09 70241DAFC19BB9F5C1D11746157CEE30 14936264 ----a-w- C:\Windows\Sysnative\nvcuda.dll 2015-09-23 16:56:09 6642C832F79F331B5728C52B27639D72 150832 ----a-w- C:\Windows\Sysnative\nvoglshim64.dll 2015-09-23 16:56:09 64BA5FB9F872ECDAB863E75D2429C63F 176904 ----a-w- C:\Windows\Sysnative\nvinitx.dll 2015-09-23 16:56:09 51C8D9C14FEA2EE4FB32335D73D64CD3 22525560 ----a-w- C:\Windows\Sysnative\nvoglv64.dll 2015-09-23 16:56:09 47EAE6F10AC7B9DDE35D67AFE4F84082 33079 ----a-w- C:\Windows\Sysnative\nvinfo.pb 2015-09-23 16:56:09 39BF61603ABC97820444185C6D3A02C7 17082928 ----a-w- C:\Windows\Sysnative\nvwgf2umx.dll 2015-09-23 16:56:09 2905530015375E6E8AD8820B877EE6CE 1567576 ----a-w- C:\Windows\Sysnative\nvhdagenco6420103.dll 2015-09-23 16:56:09 1B81B94059C961D7F51ED0092E445EE2 1064056 ----a-w- C:\Windows\Sysnative\NvIFR64.dll 2015-09-23 16:56:08 F5BE20BB3F1D9882023D8DEC16BCCFBB 42840368 ----a-w- C:\Windows\Sysnative\nvcompiler.dll 2015-09-23 16:56:08 D994DA6EC388F0A64C7146D3782E52A7 3530608 ----a-w- C:\Windows\Sysnative\nvapi64.dll ====== C:\Windows\Sysnative\drivers ===== 2015-09-23 16:56:09 B9E5A80F646DDFEF158773722A466EA3 204648 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys 2015-09-23 16:56:09 9A94B3F0DA75AAB7A5D80535A5841D8C 11096696 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2015-09-09 12:30:22 A0711D119BA4B48A1470C768D301013E 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2015-09-03 17:12:22 02B05959794D013B4B004DBDB69F0708 201424 ----a-w- C:\Windows\Sysnative\drivers\rzudd.sys ====== C:\Windows\Tasks ====== 2015-09-18 14:36:30 ED429FED8B91B29028035404310F6111 3800 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore1d0f21f684f3a4f 2015-09-18 14:36:30 4F976B917F280DF5BF7B21E75F3A8BB7 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f21f688650ae.job 2015-09-18 14:36:30 27007850EF412196A74D2BF11CAC5D5E 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f21f684f3a4f.job 2015-09-18 14:36:30 19F51A7FB8905016951E2C1C57718090 4052 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA1d0f21f688650ae 2015-09-17 15:02:15 C9C9A1EC169B5009E89EC1BDB3E9A6A8 1066 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d0f159d6ba6fe8.job 2015-09-17 15:02:15 65749665072D2F745A8AD8B1530A516E 4036 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d0f159d6ba6fe8 2015-09-01 07:36:29 ED429FED8B91B29028035404310F6111 3800 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore1d0e488ea34e192 2015-09-01 07:36:29 62BDEB147DF98589B38F9389510503FD 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e488ea63e183.job 2015-09-01 07:36:29 19F51A7FB8905016951E2C1C57718090 4052 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA1d0e488ea63e183 2015-09-01 07:36:28 6E83C3E14E47A10859F7A045E285F1CD 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e488ea34e192.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-09-27 11:24:24 -------- d-----w- C:\Program Files\Application Verifier 2015-09-27 08:08:48 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-09-27 11:24:24 -------- d-----w- C:\PROGRA~2\Application Verifier 2015-09-27 11:20:23 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 12.0 2015-09-27 11:03:14 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 14.0 2015-09-17 14:43:24 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2015-09-09 14:05:35 -------- d-----w- C:\PROGRA~2\Notepad++ ======= C: ===== ====== C:\Users\Pj_Dc\AppData\Roaming ====== 2015-09-26 14:20:13 -------- d-----w- C:\Users\Pj_Dc\AppData\Roaming\NVIDIA 2015-09-26 12:20:25 -------- d-----w- C:\Users\Pj_Dc\AppData\Locallow\uTorrent 2015-09-09 14:05:35 -------- d-----w- C:\Users\Pj_Dc\AppData\Roaming\Notepad++ 2015-09-08 14:30:14 -------- d-----w- C:\Users\Pj_Dc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-09-08 14:12:56 -------- d-----w- C:\Users\Pj_Dc\AppData\Roaming\TeamViewer ====== C:\Users\Pj_Dc ====== 2015-09-27 11:24:17 -------- d-----w- C:\ProgramData\Windows App Certification Kit 2015-09-27 11:18:09 -------- d-----w- C:\ProgramData\NuGet 2015-09-27 11:07:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015 2015-09-27 10:56:07 -------- d-----w- C:\ProgramData\VsTelemetry 2015-09-27 10:55:54 723ADFA914A78A02D84EEEF4DAA4B270 2933472 ----a-w- C:\Users\Pj_Dc\Downloads\wdexpress_full.exe 2015-09-27 08:08:21 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Pj_Dc\Downloads\RSITx64.exe 2015-09-26 15:07:46 1AFE68F72989B329B7E2A4FF963F0036 130168080 ----a-w- C:\Users\Pj_Dc\Downloads\msert (2).exe 2015-09-26 15:06:49 DC4515E2796965495257808585F4E0FA 127891736 ----a-w- C:\Users\Pj_Dc\Downloads\msert (1).exe 2015-09-26 15:06:25 E1F400FE17F30385CAC1056FB0C84A1F 6291456 ----a-w- C:\Users\Pj_Dc\Downloads\msert.exe 2015-09-18 14:41:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2015-09-18 14:41:02 -------- d-----w- C:\ProgramData\ESET 2015-09-17 14:43:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ====== C: exe-files == 2015-09-27 08:08:48 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Pj_Dc.exe 2015-09-26 15:06:02 DD2731139A22B1CD1A2DEECBE3D1F143 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-4253350116-951323700-1799462684-1000\$ICRGC7I.exe 2015-09-26 15:03:05 571D9B247DC506A31BAEF915AC50CD70 15728640 ----a-w- C:\$Recycle.Bin\S-1-5-21-4253350116-951323700-1799462684-1000\$RCRGC7I.exe 2015-09-26 14:18:33 D5624D7B58C862E2917A5A1F4D5D87FE 2120704 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\MakeScenesImage.exe 2015-09-26 14:18:33 AB656CFC1EDC9A891A102F40C11154FC 513216 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\bin\steamerrorreporter.exe 2015-09-24 15:35:40 F051A6D1D7D27C094928DB1157291E5A 2934864 ----a-w- C:\Program Files (x86)\Google\Update\Install\{CD5F3CB5-03C8-42DE-BF08-CF298F07F859}\45.0.2454.99_45.0.2454.93_chrome_updater.exe 2015-09-24 15:35:40 F051A6D1D7D27C094928DB1157291E5A 2934864 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.99\45.0.2454.99_45.0.2454.93_chrome_updater.exe 2015-09-23 16:58:49 FEA4FDC42FD5D40D1C04DB71D65E3C7B 1866360 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 2015-09-23 16:58:49 ACB18F72371C2CA3F1735D7BCCAC2741 8316536 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe 2015-09-23 16:58:48 B8C1F6D3E68BA96CF27A0C7E77647315 785016 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe 2015-09-23 16:58:48 ABC3FFA05BAF9EC1ACAF0B451B6DD7C0 1066104 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe 2015-09-23 16:58:48 61A2E50B9BA20DAA7B434CB65D7C08A9 896120 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe 2015-09-23 16:58:48 42B1FA716603441EC9BA682FC035243D 437368 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe 2015-09-23 16:58:48 359D8117AC40C673651680E7817CEDE9 410744 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 2015-09-23 16:58:48 0C0D3D309388009CD065E0C5BB5F3407 2578040 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe 2015-09-23 16:58:19 D452A4F5ED933D46EF377127055F2E56 62256 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe 2015-09-23 16:58:19 C6001C850FBF6E26B84B25851B9E2EC2 62072 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe 2015-09-23 16:58:19 1EDDF0810028E44C1B385B18B0291F48 2447992 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 2015-09-23 16:58:18 C2AE0BA6DCA45B7112CC982FC4913E97 12732024 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe 2015-09-23 16:58:18 8218F1FCF946D51266B7ED39F3A52312 1250936 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 2015-09-23 16:58:18 094293A2A7409B6FD9FB317BE77F535B 3406968 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\NvGpuUtilization.exe 2015-09-23 16:56:10 4CE08028EF2E40E56FF6E0BD4A27C40B 18849536 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{9988EC08-965D-4B01-8838-0E7BC00CED7C}\3DVision.exe 2015-09-23 16:56:09 BC97970E84BE471B3A9CEA6A645C0BC2 227960 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvdebugdump.exe 2015-09-23 16:56:09 600C6B9385247CA1D4A554427EC6AF17 415536 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvidia-smi.exe 2015-09-23 16:56:08 94E1FDE45BF99FCCCA72DF30838C7F59 95421520 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{32A3655F-6CDC-45CB-911A-F62257390D35}\NvCplSetupInt.exe 2015-09-23 16:56:08 614FF39D7C222D4B53021D6C67E984B1 448120 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{32A3655F-6CDC-45CB-911A-F62257390D35}\dbInstaller.exe 2015-09-23 16:56:08 614FF39D7C222D4B53021D6C67E984B1 448120 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2015-09-23 16:56:08 3209D487E3CB4D6B78DCB8BFE4AE07F4 841336 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\MCU.exe 2015-09-23 16:53:42 5B886015E9D392FB2BFC2C93F7FF16F2 1872504 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{17398B00-F6D0-4556-B93B-981E4FCB05B3}\NVNetworkService.exe 2015-09-23 16:39:21 5B886015E9D392FB2BFC2C93F7FF16F2 1872504 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{F80B828F-3400-43B9-8100-48337612D203}\NVNetworkService.exe 2015-09-23 16:34:21 3BD2FB5188EF2942F3B82E37DE4279D7 85983232 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\3930bf77-be49-4cf7-b386-5cfcd15c0c1b\355.98-desktop-win8-win7-winvista-64bit-international-whql-g.exe === C: other files == 2015-09-27 11:14:37 F3DDA3109EDC1CE769A168F07C320E5E 4791184 ----a-w- C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\WDExpressExtensions\4v4pviqg.ys0\libgit2-src.zip 2015-09-27 11:14:37 F3DDA3109EDC1CE769A168F07C320E5E 4791184 ----a-w- C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\CommonExtensions\Microsoft\TeamFoundation\Team Explorer\libgit2-src.zip 2015-09-23 16:56:10 5FAE3141271AAF8A43951487C973825D 454752 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{19459B7D-4844-4DF5-8CA3-FB253DEC8B9B}\nvstusb32.sys 2015-09-23 16:56:10 43DB182DC821C322C9EE8E936B82D8FB 469688 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{19459B7D-4844-4DF5-8CA3-FB253DEC8B9B}\nvstusb64.sys 2015-09-23 16:56:09 F38FA119FBFCEC7ADC062E6244440E44 136624 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CF87119-22A9-427E-A620-1CB0C35BDC95}\nvhda32.sys 2015-09-23 16:56:09 B9E5A80F646DDFEF158773722A466EA3 204648 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys 2015-09-23 16:56:09 B9E5A80F646DDFEF158773722A466EA3 204648 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CF87119-22A9-427E-A620-1CB0C35BDC95}\nvhda64v.sys 2015-09-23 16:56:09 9A94B3F0DA75AAB7A5D80535A5841D8C 11096696 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2015-09-23 16:56:09 7F17CB0F4AD4B30703BBC0529D35D1F0 171352 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CF87119-22A9-427E-A620-1CB0C35BDC95}\nvhda32v.sys 2015-09-23 16:56:09 66BC79AEBAAA9B6B3ED4616E2F359B88 171352 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CF87119-22A9-427E-A620-1CB0C35BDC95}\nvhda64.sys 2015-09-23 16:39:46 9D9CAD70EA640AB8D3EB77BFAE6CABE2 28344 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{3B1F75B6-9355-4CB4-9CFC-D8739C6FAF0D}\NVSWCFilter64.sys 2015-09-23 16:39:46 7ABD081BB7A1A8CF7E3B1E64183AB812 24760 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{3B1F75B6-9355-4CB4-9CFC-D8739C6FAF0D}\NVSWCFilter32.sys 2015-09-23 16:39:44 C2A9985C97DF5946AEAE7C001625410C 44840 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{3D1C7D8A-976A-4423-A93A-60208BB7F95E}\nvvad32v.sys 2015-09-23 16:39:44 35DFC12FD7E44B7CB8CCD7E5A2B3975A 50472 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{3D1C7D8A-976A-4423-A93A-60208BB7F95E}\nvvad64v.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4253350116-951323700-1799462684-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_837A1F6DACFC786CA650E488878C5696"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Google Update"="C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" "ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" "Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_837A1F6DACFC786CA650E488878C5696"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Google Update"="C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe /c" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "WheelMouse"="C:\Program Files\Mouse\Amoumain.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Creative Cloud] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Creative Cloud" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\ACC\\Creative Cloud.exe\" --showwindow=false --onOSstartup=true" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS6ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Akamai NetSession Interface" "hkey"="HKCU" "command"="\"C:\\Users\\Pj_Dc\\AppData\\Local\\Akamai\\netsession_win.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AllShareAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AllShareAgent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Samsung\\AllShare\\AllShareAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ArcSoft Connection Service" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BingSvc] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BingSvc" "hkey"="HKCU" "command"="C:\\Users\\Pj_Dc\\AppData\\Local\\Microsoft\\BingSvc\\BingSvc.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dropbox Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dropbox Update" "hkey"="HKCU" "command"="\"C:\\Users\\Pj_Dc\\AppData\\Local\\Dropbox\\Update\\DropboxUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\Pj_Dc\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Pj_Dc\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_837A1F6DACFC786CA650E488878C5696] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleChromeAutoLaunch_837A1F6DACFC786CA650E488878C5696" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Hotkey Utility] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Hotkey Utility" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Acer\\Hotkey Utility\\HotkeyUtility.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KORG USB-MIDI Driver] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KORG USB-MIDI Driver" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\KORG\\KORG USB-MIDI Driver\\EsHelper2.exe /s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Lycosa] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Lycosa" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Razer\\Lycosa\\razerhid.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Norton Online Backup" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvBackend" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ooVoo.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ooVoo.exe" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\ooVoo\\oovoo.exe /minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PWRISOVM.EXE" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\PowerISO\\PWRISOVM.EXE -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ShadowPlay] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ShadowPlay" "hkey"="HKLM" "command"="C:\\Windows\\system32\\rundll32.exe C:\\Windows\\system32\\nvspcap64.dll,ShadowPlayOnSystemStart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Pj_Dc\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Pj_Dc\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SwitchBoard" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wisdom-soft ScreenHunter 6.0 Pro] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Wisdom-soft ScreenHunter 6.0 Pro" "hkey"="HKCU" "command"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\XboxStat] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="XboxStat" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Xbox 360 Accessories\\XboxStat.exe\" silentrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\GamersFirst LIVE!.lnk" "backup"="C:\\Windows\\pss\\GamersFirst LIVE!.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\GAMERS~1\\LIVE!\\Live.exe /silent" "item"="GamersFirst LIVE!" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update ESET's license.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Update ESET's license.lnk" "backup"="C:\\Windows\\pss\\Update ESET's license.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Program Files\\ESET\\ESET NOD32 Antivirus\\MiNODLogin\\launcher.exe -d 10000" "item"="Update ESET's license" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Pj_Dc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\Pj_Dc\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Pj_Dc\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" ==== Startup Folders ====================== 2015-09-14 17:32:45 1139 ----a-w- C:\Users\Pj_Dc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22/09/2015 17:01] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1d0c176326becf7.job --a------ [Undetermined Task] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d0c1763291c48f.job --a------ C:\Users\Pj_Dc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [19/06/2015 09:18] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core.job --a------ [Undetermined Task] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA.job --a------ C:\Users\Pj_Dc\AppData\Local\Facebook\Update\FacebookUpdate.exe [25/07/2012 17:08] C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf2bf91ddc0814.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore1d042da386e3a3f.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore1d08fc430bc7b6f.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 09:36] C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0bfbbdce77bc5.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 09:36] C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0e488ea34e192.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 09:36] C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0f21f684f3a4f.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 09:36] C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8e4e1cec15b4.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 09:36] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d042da38ae7f66.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 09:36] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d08fc430fbf599.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 09:36] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0bfbbdd2ee50d.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 09:36] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0e488ea63e183.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 09:36] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0f21f688650ae.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1cf4d94b586617c.job --a------ C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe [31/08/2015 12:05] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1d04307784c277a.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1d08ff15f36cb10.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1d0bfbef046915d.job --a------ C:\Users\Pj_DC:\AppData\LoC:al\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1d0e3d49cb32533.job --a------ C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe [31/08/2015 12:05] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1cf8df54aed6a4d.job --a------ C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe [31/08/2015 12:05] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d043077875f737.job --a------ C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe [31/08/2015 12:05] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d08ff15f5ce114.job --a------ C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe [31/08/2015 12:05] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d0bfbef07d5103.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d0e3d49ce1d702.job --a------ C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe [31/08/2015 12:05] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d0f159d6ba6fe8.job --a------ C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe [31/08/2015 12:05] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Pj_Dc-PC-Pj_Dc" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"] "C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"] "C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1d0c176326becf7" [C:\Users\Pj_Dc\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d0c1763291c48f" [C:\Users\Pj_Dc\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\EgisUpdate" ["C:\Program Files\EgisTec IPS\EgisUpdate.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core" [C:\Users\Pj_Dc\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA" [C:\Users\Pj_Dc\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1cf2bf91ddc0814" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1d042da386e3a3f" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1d08fc430bc7b6f" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1d0bfbbdce77bc5" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1d0e488ea34e192" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1d0f21f684f3a4f" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1cf8e4e1cec15b4" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d042da38ae7f66" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d08fc430fbf599" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d0bfbbdd2ee50d" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d0e488ea63e183" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d0f21f688650ae" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1cf4d94b586617c" [C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1d04307784c277a" [C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1d08ff15f36cb10" [C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1d0bfbef046915d" [C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000Core1d0e3d49cb32533" [C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1cf8df54aed6a4d" [C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d043077875f737" [C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d08ff15f5ce114" [C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d0bfbef07d5103" [C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d0e3d49ce1d702" [C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4253350116-951323700-1799462684-1000UA1d0f159d6ba6fe8" [C:\Users\Pj_Dc\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"] "C:\Windows\SysNative\tasks\Razer_Game_Booster_AutoUpdate" [C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{64CFA7CC-38A2-4ECC-924B-ED18774CD978}" [D:\apb\APB Reloaded\Launcher\APBLauncher.exe] "C:\Windows\SysNative\tasks\{671079CA-3344-4F6E-BBC6-519C0928646E}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\{DD1459B1-6704-45A0-B279-94B795E63F76}" [D:\Fallout\steam.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2015-04-06 17:18:16 -------- d-----w- C:\PROGRA~3\Microsoft OneDrive 2015-06-16 15:03:59 -------- d-----w- C:\PROGRA~3\Battle.net 2015-06-19 07:18:29 -------- d-----w- C:\PROGRA~3\Dropbox 2015-06-19 07:35:48 -------- d-----w- C:\PROGRA~3\Microsoft Toolkit 2015-07-18 11:02:47 -------- d-----w- C:\PROGRA~3\boost_interprocess 2015-09-18 14:41:02 -------- d-----w- C:\PROGRA~3\ESET 2015-09-27 10:56:07 -------- d-----w- C:\PROGRA~3\VsTelemetry 2015-09-27 11:18:09 -------- d-----w- C:\PROGRA~3\NuGet 2015-09-27 11:24:17 -------- d-----w- C:\PROGRA~3\Windows App Certification Kit ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 45.0.2454.99 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[] mlohpoigapicknpkbickcanmmadbbflj - C:\ProgramData\continuetosave\mlohpoigapicknpkbickcanmmadbbflj.crx[] Torrent Search - Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee Google Drive - Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi AdBlock - Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Windows Media Player Extension for HTML5 - Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak avast WebRep - Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Webcam Toy - Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade Chrome Web Store Payments - Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Preferences 074"},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.be/",""]},"sync":{"remaining_rollback_tries":0}} ==== Chromium Fix ====================== C:\Users\Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Reset Google Chrome ====================== C:\Users\Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully C:\Users\Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4253350116-951323700-1799462684-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully HKEY_USERS\S-1-5-21-4253350116-951323700-1799462684-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF30E710-5112-BAAA-5841-193004D3C5E6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mlohpoigapicknpkbickcanmmadbbflj deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lycosa deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooVoo.exe deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Pj_Dc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Pj_Dc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4972 folders=2042 2394324299 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\hedev\AppData\Local\Temp emptied successfully C:\Users\Pj_Dc\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Pj_Dc\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Microsoft\BingBar" not found ==== EOF on wo 30/09/2015 at 15:37:31,34 ======================