Ga naar inhoud

PC loopt vast, Blue Screen, muisaanwijzer verandert van vorm...


MarkK

Aanbevolen berichten

Goedemorgen allemaal.

Sinds een week heb ik grote problemen met mijn PC. Al na een paar minuten na het opstarten bevriest mijn PC zodanig, dat de enige oplossing de 'UIT'-knop is om het systeem af te sluiten. Ook krijg ik om de 5 minuten een Blue Screen en verandert de muisaanwijzer constant van vorm. De muisaanwijzer is normaal een pijltje, maar verandert constant naar een soort tilde, dan weer naar een handje en ga zo maar door.

Ik dacht eerst dat het het stuurprogramma van mijn grafische kaart was. Standaard werd mijn PC geleverd met een GeForce GT320, maar die heb ik 2 jaar geleden vervangen door een GeForce 560 GTX. Ik heb het stuurprogramma verwijderd en opnieuw geinstalleerd, maar dat hielp niet. Daarna heb ik een oudere versie van het stuurprogramma geinstalleerd : dat ging iets beter, maar hoe langer de PC aanstaat, hoe slechter het gaat om uiteindelijk te bevriezen of een Blue Screen te geven.

Ik heb geen rare dingen gedaan met mijn PC die herleidbaar zijn naar de genoemde problemen en verder ook nooit problemen gehad, tot een week geleden. Ik ben fotograaf en gebruik mijn PC zeer intensief voor het bewerken van foto's met Photoshop en Lightroom, wat nu dus sinds een week eigenlijk onmogelijk is.

Is er iemand in de zaal die mij kan helpen?

Alvast bedankt voor het meedenken!

Link naar reactie
Delen op andere sites

  • Reacties 37
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Hoi MarkK, :welkom: op PCH,

Download en installeer Speccy.

Speccy is er ook in Nederlandstalige versie, bij de installatie (of update) kan je de taal wijzigen van Engels naar Nederlands ... als je op het driehoekje klikt, krijg je een uitrolmenu waarin je Nederlands kan selecteren.

Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is.

Speccysetup_zps67a9e41f.png

Start nu het programma en er zal een overzicht gemaakt worden van je hardware.

Als dit gereed is selecteer je bovenaan " Bestand - Publiceer Snapshot " en vervolgens bevestig je die keuze met " Ja ".

In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware.

Meer info over deze procedure lees je HIER.

Nadien kun je het volgende nog eens uitvoeren.

Download HD Tune en sla het bestand op.

Installeer HD Tune en start deze na de installatie op.

HDTune-error-scan.png

Vervolgens ga je naar het tabblad Error Scan, selecteer de harde schijf die je wil controleren en druk op Start.

De controle kan een hele tijd in beslag nemen afhankelijk van de grootte van de te controleren harde schijf.

Wat is het resultaat van deze test?

Link naar reactie
Delen op andere sites

Zo op het eerste zicht lijkt het Speccy logje normaal

Dan gaan we de HD proberen te testen met een tool van Seagate

Om je harddisk op fouten te controleren kun je het volgende uitvoeren.

Je dient wel een andere werkende pc/laptop ter beschikking te hebben.

Download Seatools for DOS ISO image op een andere pc.

Brand de ISO als image op een lege cd.

Stel in je BIOS je cd/dvd-rom in als first boot device en leg de cd in je drive.

Start nu je pc/laptop op vanaf deze cd.

Als de tool is opgestart accepteer je de gebruikersovereenkomst en zie je een venster waarin je jou HD kunt selecteren.

Klik in de linker bovenhoek op Basic tests en in het keuze menu kies je voor Long test.

Wat geeft dit als resultaat?

Een handleiding voor het gebruik van Seatool for DOS vind je hier.

Link naar reactie
Delen op andere sites

Beste Dasle,

Zowel de korte als de lange test geven geen bijzonderheden; er is niets dat gerepareerd dient te worden. Wat wel typisch is : toen ik het programma wilde afsluiten, bevroor onmiddellijk mijn PC, geen beweging meer in te krijgen. Ik heb de PC dus maar weer afgesloten met de 'Aan / Uit' - knop... Overigens kan ik nu wat langer doorwerken op de PC voordat hij bevriest, een Blauw Scherm toont of de muisaanwijzer van vorm veranderd. Wat wel raar is : als ik de monitor uit de slaapstand wil halen, start mijn PC opnieuw op...

Met groet, Mark

Link naar reactie
Delen op andere sites

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites

Run by Mark at 2013-08-28 20:45:21

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 67 GB (14%) free of 469 GB

Total RAM: 6103 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:45:26, on 28-8-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Unable to get Internet Explorer version!

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

c:\Windows\System32\oem\SetEvent.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

C:\Program Files\trend micro\Mark.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = This message is from the Microsoft Safety & Security Center

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = This message is from the Microsoft Safety & Security Center

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file)

O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [HKCU] C:\Users\Mark\AppData\Roaming\winupd\winup.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: TurboBoost - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10307 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Windows\system32\nvvsvc.exe"

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files\Bonjour\mDNSResponder.exe"

"C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe"

"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe"

"C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\diMaster.dll" /prefetch:1

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"

"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"

C:\OEM\USBDECTION\USBS3S4Detection.exe

"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-92b5e295-ecdc-41aa-b886-855c66c6b4a6 -SystemEventPortName:HostProcess-9f685108-124a-490d-89d8-9f27b32dc008 -IoCancelEventPortName:HostProcess-ceaca758-9b93-40bd-a9fb-8ffb4f8287a8 -NonStateChangingEventPortName:HostProcess-ec30a846-81d6-44fd-8e3a-f6f794081510 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c5b609fc-01b1-4244-9ceb-10167d3306d5 -DeviceGroupId:WpdFsGroup

"taskhost.exe"

"C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe" /c /a /s UserSession2

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

c:\Windows\System32\oem\SetEvent.exe

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1952.c1e6400.1061309940 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1952 "\\.\pipe\gecko-crash-server-pipe.1952" plugin

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --proxy-stub-channel=Flash4600.6B55A550.3080 --host-broker-channel=Flash4600.6B55A550.31097 --host-pid=4600 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll"

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --channel=5016.0040F264.925077689 --proxy-stub-channel=Flash4600.6B55A550.3080 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --host-npapi-version=27 --type=renderer

C:\Windows\system32\sppsvc.exe

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 596 600 608 65536 604

"C:\Users\Mark\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\obrcw018.default-1377551714922

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.8.800.94 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0]

"Description"=DivX Plus Web Player

"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]

"Description"=DivX VOD Helper Plug-in

"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652]

"Description"=RealNetworks RealPlayer Chrome Background Extension Plug-In

"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652]

"Description"=RealPlayer HTML5VideoShim Plug-In

"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.8.800.94 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]

"Description"=DivX VOD Helper Plug-in

"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\

{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\

nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\

NPOFF12.DLL

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\

yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]

DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-07-26 194912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll [2013-05-31 509776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL [2013-04-09 387040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-24 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-24 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{EEE6C35B-6118-11DC-9C72-001320C79847}

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll [2013-05-31 509776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-10-13 186904]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-28 8312352]

"PLD_FrameworkRun"=c:\windows\system32\oem\_NowIntoDT.vbs [2009-10-11 490]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HKCU"=C:\Users\Mark\AppData\Roaming\winupd\winup.exe []

"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]

C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]

C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2013-05-20 450560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-02-13 1263952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration]

C:\Program Files (x86)\Acer\Registration\GREG.exe BOOT []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files (x86)\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPlayerForWindows_UpdateReminder]

C:\Program Files (x86)\MPlayer for Windows\AutoUpdate.exe /L=1033 /TASK []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

C:\Program Files (x86)\uTorrent\uTorrent.exe [2013-05-15 896912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="acaptuser64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"vidc.ffds"=ff_vfw.dll

"vidc.lags"=lagarith.dll

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"wave7"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

"wave8"=wdmaud.drv

"midi8"=wdmaud.drv

"mixer8"=wdmaud.drv

"wave9"=wdmaud.drv

"midi9"=wdmaud.drv

"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-08-28 20:45:21 ----D---- C:\rsit

2013-08-28 20:45:21 ----D---- C:\Program Files\trend micro

2013-08-28 10:54:32 ----D---- C:\Program Files (x86)\HD Tune

2013-08-28 10:45:33 ----D---- C:\Program Files\Speccy

2013-08-27 23:08:18 ----D---- C:\ProgramData\NVIDIA

2013-08-27 23:00:13 ----D---- C:\Program Files (x86)\AGEIA Technologies

2013-08-27 22:59:55 ----A---- C:\Windows\system32\nvvsvc.exe

2013-08-27 22:59:55 ----A---- C:\Windows\system32\nvsvc64.dll

2013-08-27 22:59:55 ----A---- C:\Windows\system32\nvshext.dll

2013-08-27 22:59:55 ----A---- C:\Windows\system32\nvmctray.dll

2013-08-27 22:59:55 ----A---- C:\Windows\system32\nvcpl.dll

2013-08-27 22:59:43 ----D---- C:\ProgramData\NVIDIA Corporation

2013-08-27 22:57:54 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll

2013-08-27 22:57:54 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll

2013-08-27 22:57:54 ----A---- C:\Windows\SYSWOW64\nvopencl.dll

2013-08-27 22:57:54 ----A---- C:\Windows\system32\nvwgf2umx.dll

2013-08-27 22:57:54 ----A---- C:\Windows\system32\nvumdshimx.dll

2013-08-27 22:57:54 ----A---- C:\Windows\system32\nvopencl.dll

2013-08-27 22:57:53 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll

2013-08-27 22:57:53 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll

2013-08-27 22:57:53 ----A---- C:\Windows\SYSWOW64\nvinit.dll

2013-08-27 22:57:53 ----A---- C:\Windows\SYSWOW64\NvIFR.dll

2013-08-27 22:57:53 ----A---- C:\Windows\SYSWOW64\NvFBC.dll

2013-08-27 22:57:53 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll

2013-08-27 22:57:53 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll

2013-08-27 22:57:53 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll

2013-08-27 22:57:53 ----A---- C:\Windows\SYSWOW64\nvcuda.dll

2013-08-27 22:57:53 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll

2013-08-27 22:57:53 ----A---- C:\Windows\SYSWOW64\nvapi.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\nvoglv64.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\nvoglshim64.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\nvinitx.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\NvIFR64.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\NvFBC64.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\nvdispgenco6432049.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\nvdispco6432049.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\nvd3dumx.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\nvcuvid.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\nvcuvenc.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\nvcuda.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\nvcompiler.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\nvapi64.dll

2013-08-27 22:57:53 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys

2013-08-27 21:27:35 ----A---- C:\Windows\system32\drivers\truecrypt.sys

2013-08-23 12:34:50 ----D---- C:\NvidiaLogging

2013-08-17 09:38:29 ----D---- C:\Program Files (x86)\Mozilla Firefox

2013-08-14 23:08:04 ----A---- C:\Windows\SYSWOW64\DWrite.dll

2013-08-14 23:08:04 ----A---- C:\Windows\system32\DWrite.dll

2013-08-14 19:41:35 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll

2013-08-14 19:41:35 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll

2013-08-14 19:41:35 ----A---- C:\Windows\system32\UIAnimation.dll

2013-08-14 19:41:35 ----A---- C:\Windows\system32\msmpeg2vdec.dll

2013-08-14 19:41:34 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll

2013-08-14 19:41:34 ----A---- C:\Windows\system32\WMPhoto.dll

2013-08-14 19:41:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-08-14 19:41:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-08-14 19:41:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-08-14 19:41:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-08-14 19:41:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-08-14 19:41:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-08-14 19:41:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-08-14 19:41:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-08-14 19:41:32 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll

2013-08-14 19:41:32 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll

2013-08-14 19:41:32 ----A---- C:\Windows\system32\d3d10_1.dll

2013-08-14 19:41:31 ----A---- C:\Windows\system32\XpsGdiConverter.dll

2013-08-14 19:41:31 ----A---- C:\Windows\system32\d3d10warp.dll

2013-08-14 19:41:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2013-08-14 19:41:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-08-14 19:41:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-08-14 19:41:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-08-14 19:41:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-08-14 19:41:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2013-08-14 19:41:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-08-14 19:41:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-08-14 19:41:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-08-14 19:41:30 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-08-14 19:41:30 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll

2013-08-14 19:41:30 ----A---- C:\Windows\SYSWOW64\dxgi.dll

2013-08-14 19:41:30 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll

2013-08-14 19:41:30 ----A---- C:\Windows\SYSWOW64\d3d10core.dll

2013-08-14 19:41:30 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll

2013-08-14 19:41:30 ----A---- C:\Windows\SYSWOW64\d3d10.dll

2013-08-14 19:41:30 ----A---- C:\Windows\system32\dxgi.dll

2013-08-14 19:41:30 ----A---- C:\Windows\system32\d3d10level9.dll

2013-08-14 19:41:30 ----A---- C:\Windows\system32\d3d10core.dll

2013-08-14 19:41:30 ----A---- C:\Windows\system32\d3d10_1core.dll

2013-08-14 19:41:30 ----A---- C:\Windows\system32\d3d10.dll

2013-08-14 19:41:29 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll

2013-08-14 19:41:29 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll

2013-08-14 19:41:29 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll

2013-08-14 19:41:29 ----A---- C:\Windows\SYSWOW64\d2d1.dll

2013-08-14 19:41:29 ----A---- C:\Windows\system32\XpsPrint.dll

2013-08-14 19:41:29 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2013-08-14 19:41:29 ----A---- C:\Windows\system32\WindowsCodecs.dll

2013-08-14 19:41:29 ----A---- C:\Windows\system32\FntCache.dll

2013-08-14 19:41:29 ----A---- C:\Windows\system32\d2d1.dll

2013-08-14 19:39:56 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll

2013-08-14 19:39:56 ----A---- C:\Windows\system32\cryptdlg.dll

2013-08-14 19:39:51 ----A---- C:\Windows\SYSWOW64\d3d11.dll

2013-08-14 19:39:51 ----A---- C:\Windows\system32\drivers\fvevol.sys

2013-08-14 19:39:51 ----A---- C:\Windows\system32\d3d11.dll

2013-08-14 10:33:22 ----D---- C:\Users\Mark\AppData\Roaming\vlc

2013-08-14 08:02:57 ----A---- C:\Windows\system32\crypt32.dll

2013-08-14 08:02:56 ----A---- C:\Windows\SYSWOW64\crypt32.dll

2013-08-14 08:02:55 ----A---- C:\Windows\SYSWOW64\wintrust.dll

2013-08-14 08:02:55 ----A---- C:\Windows\system32\wintrust.dll

2013-08-14 08:02:54 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll

2013-08-14 08:02:54 ----A---- C:\Windows\SYSWOW64\cryptnet.dll

2013-08-14 08:02:54 ----A---- C:\Windows\system32\cryptsvc.dll

2013-08-14 08:02:54 ----A---- C:\Windows\system32\cryptnet.dll

2013-08-14 08:02:40 ----A---- C:\Windows\SYSWOW64\tzres.dll

2013-08-14 08:02:40 ----A---- C:\Windows\system32\tzres.dll

2013-08-14 08:02:26 ----A---- C:\Windows\system32\WMVDECOD.DLL

2013-08-14 08:02:25 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL

2013-08-14 08:02:24 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll

2013-08-14 08:02:24 ----A---- C:\Windows\system32\rpcrt4.dll

2013-08-14 08:02:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2013-08-14 08:02:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2013-08-14 08:02:21 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-08-14 08:02:20 ----A---- C:\Windows\SYSWOW64\wow32.dll

2013-08-14 08:02:20 ----A---- C:\Windows\SYSWOW64\user.exe

2013-08-14 08:02:20 ----A---- C:\Windows\SYSWOW64\setup16.exe

2013-08-14 08:02:20 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2013-08-14 08:02:20 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2013-08-14 08:02:20 ----A---- C:\Windows\SYSWOW64\instnm.exe

2013-08-14 08:02:20 ----A---- C:\Windows\system32\wow64.dll

2013-08-14 08:02:20 ----A---- C:\Windows\system32\ntdll.dll

2013-08-14 08:02:19 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2013-08-14 08:02:18 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-08-13 20:12:57 ----A---- C:\Windows\ntbtlog.txt

2013-08-13 17:15:40 ----D---- C:\Users\Mark\AppData\Roaming\Binreader

2013-07-31 14:51:40 ----D---- C:\Users\Mark\AppData\Roaming\Profotonet Album Designer

2013-07-31 14:51:12 ----D---- C:\Program Files (x86)\Profotonet Album Designer

======List of files/folders modified in the last 1 month======

2013-08-28 20:45:21 ----RD---- C:\Program Files

2013-08-28 20:45:08 ----D---- C:\Windows\Temp

2013-08-28 19:36:27 ----D---- C:\Windows\system32\config

2013-08-28 19:28:36 ----D---- C:\Windows\Prefetch

2013-08-28 19:26:20 ----A---- C:\Windows\SYSWOW64\log.txt

2013-08-28 17:58:41 ----SHD---- C:\System Volume Information

2013-08-28 17:17:54 ----D---- C:\Windows\Minidump

2013-08-28 17:17:52 ----D---- C:\Windows

2013-08-28 10:54:32 ----RD---- C:\Program Files (x86)

2013-08-27 23:08:18 ----HD---- C:\ProgramData

2013-08-27 23:00:15 ----SHD---- C:\Windows\Installer

2013-08-27 23:00:13 ----D---- C:\Program Files (x86)\NVIDIA Corporation

2013-08-27 22:59:55 ----D---- C:\Windows\System32

2013-08-27 22:59:55 ----D---- C:\Program Files\NVIDIA Corporation

2013-08-27 22:59:42 ----D---- C:\Windows\SysWOW64

2013-08-27 22:59:40 ----D---- C:\Windows\system32\drivers

2013-08-27 22:59:39 ----D---- C:\Windows\inf

2013-08-27 22:59:38 ----D---- C:\Windows\system32\catroot

2013-08-27 22:59:37 ----D---- C:\Windows\system32\catroot2

2013-08-27 22:59:35 ----D---- C:\Windows\system32\DriverStore

2013-08-27 09:57:01 ----D---- C:\Windows\Microsoft.NET

2013-08-26 23:48:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2013-08-26 21:36:48 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2013-08-26 21:36:41 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-08-26 21:36:32 ----RSD---- C:\Windows\assembly

2013-08-24 17:23:56 ----RD---- C:\Users

2013-08-24 16:56:59 ----D---- C:\Users\Mark\AppData\Roaming\uTorrent

2013-08-24 15:22:03 ----D---- C:\Windows\Tasks

2013-08-24 15:22:02 ----D---- C:\Windows\winsxs

2013-08-24 15:22:02 ----D---- C:\Windows\system32\wfp

2013-08-24 15:22:01 ----D---- C:\Windows\system32\wbem

2013-08-24 15:20:15 ----D---- C:\Windows\system32\CodeIntegrity

2013-08-24 15:20:15 ----D---- C:\Windows\L2Schemas

2013-08-24 15:19:56 ----D---- C:\Windows\AppCompat

2013-08-24 15:19:56 ----D---- C:\ProgramData\Norton

2013-08-24 15:19:39 ----D---- C:\Windows\registration

2013-08-18 14:42:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2013-08-16 22:39:36 ----D---- C:\ProgramData\DivX

2013-08-16 22:39:31 ----D---- C:\Program Files (x86)\DivX

2013-08-16 22:39:09 ----D---- C:\Program Files\DivX

2013-08-15 09:44:34 ----D---- C:\Windows\rescache

2013-08-14 23:30:51 ----D---- C:\Windows\AppPatch

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\zh-TW

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\zh-HK

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\zh-CN

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\tr-TR

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\sv-SE

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\ru-RU

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\pt-PT

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\pt-BR

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\pl-PL

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\nb-NO

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\ko-KR

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\ja-JP

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\it-IT

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\hu-HU

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\fr-FR

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\fi-FI

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\es-ES

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\en-US

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\el-GR

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\de-DE

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\da-DK

2013-08-14 23:30:49 ----D---- C:\Windows\SYSWOW64\cs-CZ

2013-08-14 23:30:45 ----D---- C:\Windows\system32\pt-BR

2013-08-14 23:30:44 ----D---- C:\Windows\system32\zh-HK

2013-08-14 23:30:44 ----D---- C:\Windows\system32\pt-PT

2013-08-14 23:30:44 ----D---- C:\Windows\system32\pl-PL

2013-08-14 23:30:44 ----D---- C:\Windows\system32\nl-NL

2013-08-14 23:30:44 ----D---- C:\Windows\system32\ko-KR

2013-08-14 23:30:44 ----D---- C:\Windows\system32\it-IT

2013-08-14 23:30:44 ----D---- C:\Windows\system32\hu-HU

2013-08-14 23:30:44 ----D---- C:\Windows\system32\el-GR

2013-08-14 23:30:43 ----D---- C:\Windows\system32\zh-TW

2013-08-14 23:30:43 ----D---- C:\Windows\system32\zh-CN

2013-08-14 23:30:43 ----D---- C:\Windows\system32\tr-TR

2013-08-14 23:30:43 ----D---- C:\Windows\system32\sv-SE

2013-08-14 23:30:43 ----D---- C:\Windows\system32\ru-RU

2013-08-14 23:30:43 ----D---- C:\Windows\system32\nb-NO

2013-08-14 23:30:43 ----D---- C:\Windows\system32\ja-JP

2013-08-14 23:30:43 ----D---- C:\Windows\system32\fr-FR

2013-08-14 23:30:43 ----D---- C:\Windows\system32\fi-FI

2013-08-14 23:30:43 ----D---- C:\Windows\system32\es-ES

2013-08-14 23:30:43 ----D---- C:\Windows\system32\en-US

2013-08-14 23:30:43 ----D---- C:\Windows\system32\de-DE

2013-08-14 23:30:43 ----D---- C:\Windows\system32\da-DK

2013-08-14 23:30:43 ----D---- C:\Windows\system32\cs-CZ

2013-08-14 19:47:36 ----D---- C:\ProgramData\Microsoft Help

2013-08-14 15:53:11 ----D---- C:\Program Files (x86)\SABnzbd

2013-08-14 09:23:52 ----D---- C:\Users\Mark\AppData\Roaming\NewsLeecher

2013-08-14 08:04:41 ----D---- C:\Windows\system32\MRT

2013-08-14 08:04:37 ----A---- C:\Windows\system32\MRT.exe

2013-08-13 23:46:58 ----D---- C:\Windows\system32\wdi

2013-08-13 16:10:58 ----D---- C:\ProgramData\boost_interprocess

2013-07-29 08:02:06 ----D---- C:\Program Files (x86)\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-13 409624]

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-10-29 115824]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS [2013-05-21 493656]

R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS [2013-05-23 1139800]

R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-05-31 1393240]

R1 ccSet_N360;Norton 360 Settings Manager; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [2013-04-16 169048]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-08-27 484952]

R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130827.001\IDSvia64.sys [2013-08-23 520280]

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [2013-03-05 36952]

R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [2013-03-05 224416]

R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [2013-04-25 433752]

R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]

R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2009-09-23 283824]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-08-27 140376]

R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080]

R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130828.002\ENG64.SYS [2013-08-23 126040]

R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130828.002\EX64.SYS [2013-08-23 2098776]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]

R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [2013-05-16 796760]

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-06-19 177312]

R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]

S3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-13 5020672]

S3 cpuz136;cpuz136; \??\C:\Users\Mark\AppData\Local\Temp\cpuz136\cpuz136_x64.sys []

S3 NPF;WinPcap Packet Driver (NPF); C:\Windows\system32\drivers\NPF.sys []

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-09 55144]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [2006-04-18 102400]

R2 FlipShare Service;FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [2010-10-11 460144]

R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2013-01-10 9216]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-10-13 354840]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-10-01 262144]

R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]

R2 N360;Norton 360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe [2013-05-21 144368]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-07-26 92632]

R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]

R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]

R2 USBS3S4Detection;USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-18 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 136176]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]

S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-10 1255736]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

{87775fdb-6972-41f9-ae51-8326e38cb206};c
{5C255C8A-E604-49b4-9D64-90988571CECB};c
{EEE6C35C-6118-11DC-9C72-001320C79847};c
C:\Users\Mark\AppData\Roaming\winupd\winup.exe;f
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA};c
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA};c
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA};c                
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}];r64
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
"HKCU"=-;r64
"AdobeBridge"=-;r64
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • HijackThis Log
  • Firefox Look
  • Chrome Look
  • Firefox Defaults
  • Reset Chrome
  • Shortcut Fix
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Goedemorgen Kape,

Het is mij duidelijk dat u er 'nogal' wat tijd aan heeft gespendeerd... Daarvoor ben ik u bijzonder erkentelijk! Hieronder de code :

Zoek.exe Version 4.0.0.4 Updated 26-08-2013

Tool run by Mark on do 29-08-2013 at 8:21:31,24.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Mark\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

29-8-2013 8:23:27 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1611534024-1097244977-3060432490-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_USERS\S-1-5-21-1611534024-1097244977-3060432490-1001\Software\Microsoft\Internet Explorer\SearchScopes\{641C2A66-0B94-45BC-A774-7C0B130D392F} deleted successfully

HKEY_USERS\S-1-5-21-1611534024-1097244977-3060432490-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B047CFC0-E395-47A5-AE03-5EE77247ABFF} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1611534024-1097244977-3060432490-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\obrcw018.default-1377551714922\prefs.js:

Added to C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\obrcw018.default-1377551714922\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HKCU"=-

"AdobeBridge"=-

==== Deleting Files \ Folders ======================

"C:\Users\Mark\AppData\Roaming\winupd\winup.exe" not found

"C:\Users\Mark\Downloads\SoftonicDownloader_for_edonkey2000.exe" deleted

"C:\Windows\SysNative\roboot64.exe" deleted

"C:\Windows\wininit.ini" deleted

"C:\END" deleted

"C:\Users\Public\Desktop\YTD Video Downloader.lnk" deleted

"C:\Users\Mark\AppData\Roaming\gnupg" deleted

"C:\Users\Mark\AppData\Roaming\winupd" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted

"C:\Users\Mark\AppData\Roaming\DVDVideoSoftIEHelpers" deleted

"C:\Users\Mark\AppData\Roaming\systweak" deleted

"C:\ProgramData\Partner" deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader" deleted

"C:\Users\Mark\AppData\LocalLow\boost_interprocess" deleted

"C:\Users\Mark\AppData\LocalLow\uTorrentBar_NL" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Mark\AppData\Local\Temp ====

2013-08-28 18:18:07 630D300104AD1806921BE3C8B12D046F 727936 ----a-w- C:\Users\Mark\AppData\Local\Temp\BRRTORRRUO.exe

2013-08-28 18:17:35 BC6051A4BC8F0CCA8E1D2B2B5B1FB3B6 572288 ----a-w- C:\Users\Mark\AppData\Local\Temp\OO.exe

2013-08-28 18:17:24 7B9E2BD17A3413166D23CFD0A8DF9BA5 469888 ----a-w- C:\Users\Mark\AppData\Local\Temp\NLMBTUPAOD.exe

2013-08-28 18:12:04 AB6D2F7A0B246D1E27F5C7A5F561EA5F 506752 ----a-w- C:\Users\Mark\AppData\Local\Temp\RS.exe

2013-08-28 08:45:41 55350DA221E2CA825354E46C4A55F6FB 1422848 ----a-w- C:\Users\Mark\AppData\Local\Temp\speccycpuid.dll

2013-08-24 15:24:29 359F134350EA329A7C14E97D649EB1FA 787232 ----a-w- C:\Users\Mark\AppData\Local\Temp\nvStInst.exe

====== C:\Windows\SysWOW64 =====

2013-08-27 20:57:54 60DAEEEEB1CDD47B2190F11769B5D764 925648 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll

2013-08-27 20:57:54 3945D7EF04A088D76D284189C9175C4E 6324360 ----a-w- C:\Windows\SysWOW64\nvopencl.dll

2013-08-27 20:57:54 086F19D0444F20725B585C7C1BACB6AF 13411896 ----a-w- C:\Windows\SysWOW64\nvwgf2um.dll

2013-08-27 20:57:53 F5DBD0D61AAA7ED8F6AD57CE8A8C6AAC 12427240 ----a-w- C:\Windows\SysWOW64\nvd3dum.dll

2013-08-27 20:57:53 D258C7D221ED6094264B703F91942BCB 2002720 ----a-w- C:\Windows\SysWOW64\nvcuvenc.dll

2013-08-27 20:57:53 C1DAD898B63CCDC48DAE0759CE69E037 17560352 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll

2013-08-27 20:57:53 A533F6994EB21E23D5631575DF9497A6 7687592 ----a-w- C:\Windows\SysWOW64\nvcuda.dll

2013-08-27 20:57:53 A344A8CF3FF27960DEA18072A97CD0B7 465184 ----a-w- C:\Windows\SysWOW64\NvFBC.dll

2013-08-27 20:57:53 8515B590192D404F916386A85E98C023 181488 ----a-w- C:\Windows\SysWOW64\nvoglshim32.dll

2013-08-27 20:57:53 80D472A78E7118DD1FB9CB1B87FD27CC 2597856 ----a-w- C:\Windows\SysWOW64\nvapi.dll

2013-08-27 20:57:53 5145324E9D9BF04BAABD644C146C2DD7 467232 ----a-w- C:\Windows\SysWOW64\NvIFR.dll

2013-08-27 20:57:53 5063A88F0743070B41401725950AFD3A 21102368 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll

2013-08-27 20:57:53 4EF5DB50AAC1E30334F89C91BAC146EB 214448 ----a-w- C:\Windows\SysWOW64\nvinit.dll

2013-08-27 20:57:53 4ABB2672072259948DBE2E7A4419DA78 2777888 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-08-27 20:59:55 BA35D263C76ACD397A31524DCE5B5F75 63776 ----a-w- C:\Windows\Sysnative\nvshext.dll

2013-08-27 20:59:55 889217182E0E260900B83737EF89B921 6496544 ----a-w- C:\Windows\Sysnative\nvcpl.dll

2013-08-27 20:59:55 83FAF4D829C3BD03E4DE9C799307B805 3253909 ----a-w- C:\Windows\Sysnative\nvcoproc.bin

2013-08-27 20:59:55 59D07A2A1558C75FB9B7A2BB8BACF866 3514656 ----a-w- C:\Windows\Sysnative\nvsvc64.dll

2013-08-27 20:59:55 52E6624302D0F8CAE7875C596E7B8013 237856 ----a-w- C:\Windows\Sysnative\nvmctray.dll

2013-08-27 20:59:55 25626309AD2F81D47C829CCB5E46E478 884512 ----a-w- C:\Windows\Sysnative\nvvsvc.exe

2013-08-27 20:57:54 9735B9EC9F600B6A2DBD3D53AA1D18E6 7641832 ----a-w- C:\Windows\Sysnative\nvopencl.dll

2013-08-27 20:57:54 742B2EBE81DEE9AB229E14AD9D3BA578 15920536 ----a-w- C:\Windows\Sysnative\nvwgf2umx.dll

2013-08-27 20:57:54 2522FE10F4059F9F3373B18DA900168B 1059560 ----a-w- C:\Windows\Sysnative\nvumdshimx.dll

2013-08-27 20:57:53 EB74A80456BFFCE997E16F4C366AB5EF 21578 ----a-w- C:\Windows\Sysnative\nvinfo.pb

2013-08-27 20:57:53 D9E7479DF36EC77DCC51C3CCFC44E21F 218592 ----a-w- C:\Windows\Sysnative\nvoglshim64.dll

2013-08-27 20:57:53 CED880833177945C58F51C5F7F16CFCC 1832224 ----a-w- C:\Windows\Sysnative\nvdispco6432049.dll

2013-08-27 20:57:53 B15F525CAF8C224B6D50D64D989E8B7B 15144928 ----a-w- C:\Windows\Sysnative\nvd3dumx.dll

2013-08-27 20:57:53 9DEA621929A681D98FA1C42E21AAAD76 266448 ----a-w- C:\Windows\Sysnative\nvinitx.dll

2013-08-27 20:57:53 8AF905FE963109384CBA0879B0C5D005 570656 ----a-w- C:\Windows\Sysnative\NvIFR64.dll

2013-08-27 20:57:53 7E2F86191BE7184A4CEA1AE77911B32D 9239344 ----a-w- C:\Windows\Sysnative\nvcuda.dll

2013-08-27 20:57:53 4AAA4B0FC0062185D10AD63AAE244FA2 2363680 ----a-w- C:\Windows\Sysnative\nvcuvenc.dll

2013-08-27 20:57:53 43D160EDFE2732DC0D5480EB61A539D2 1511712 ----a-w- C:\Windows\Sysnative\nvdispgenco6432049.dll

2013-08-27 20:57:53 362F68E250F2D8C05A04E1F5A2D05FFD 572704 ----a-w- C:\Windows\Sysnative\NvFBC64.dll

2013-08-27 20:57:53 2AB3B6BF054D96592545CB7E2AB60856 2936208 ----a-w- C:\Windows\Sysnative\nvapi64.dll

2013-08-27 20:57:53 0FE3193E76501763A73949BB910EB285 2953504 ----a-w- C:\Windows\Sysnative\nvcuvid.dll

2013-08-27 20:57:53 0EF477AA4DC0A4AA76393C4995298E77 25256224 ----a-w- C:\Windows\Sysnative\nvcompiler.dll

2013-08-27 20:57:53 0468F865724829FF1F211B9B26337D14 27781920 ----a-w- C:\Windows\Sysnative\nvoglv64.dll

====== C:\Windows\Sysnative\drivers =====

2013-08-27 20:57:53 EE6B7B6A54BCAFF516E30B1C15467495 11235104 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys

2013-08-27 19:27:35 370A6907DDF79532A39319492B1FA38A 231376 ----a-w- C:\Windows\Sysnative\drivers\truecrypt.sys

2013-08-14 17:39:51 8F6322049018354F45F05A2FD2D4E5E0 223752 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys

2013-08-14 06:02:19 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

2013-08-14 06:02:18 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-08-28 18:45:21 -------- d-----w- C:\Program Files\trend micro

2013-08-28 08:45:33 -------- d-----w- C:\Program Files\Speccy

2013-08-27 19:27:13 -------- d-----w- C:\Program Files\TrueCrypt

======= C:\Program Files (x86) =====

2013-08-28 08:54:32 -------- d-----w- C:\Program Files (x86)\HD Tune

2013-07-31 12:51:12 -------- d-----w- C:\Program Files (x86)\Profotonet Album Designer

======= C: =====

====== C:\Users\Mark\AppData\Roaming ======

2013-08-22 07:09:55 -------- d-----w- C:\users\Mark\AppData\Local\NVIDIA

2013-08-14 13:53:41 -------- d-----w- C:\users\Mark\AppData\Local\sabnzbd

2013-08-14 13:53:11 -------- d-----w- C:\users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SABnzbd

2013-08-14 08:33:22 -------- d-----w- C:\users\Mark\AppData\Roaming\vlc

2013-08-13 15:15:40 -------- d-----w- C:\users\Mark\AppData\Roaming\Binreader

2013-08-13 14:26:35 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\89339cf8

2013-08-13 14:26:35 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\8902654c

2013-08-13 14:26:32 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\1a5f65c0

2013-08-13 14:26:32 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\1a0a8ed8

2013-08-13 14:26:30 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\8a8c9940

2013-08-13 14:26:30 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\8a66beac

2013-08-13 14:26:30 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\8a376b98

2013-08-13 14:26:30 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\8a0bbae8

2013-08-13 14:26:23 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\1be5b464

2013-08-13 14:26:23 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\1b907b64

2013-08-13 14:24:42 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\5f31be4

2013-08-13 14:24:42 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\5cad254

2013-08-13 14:24:40 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b6aa0e90

2013-08-13 14:24:40 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b652d020

2013-08-13 14:24:38 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\39cdbb60

2013-08-13 14:24:38 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\39a6d67c

2013-08-13 14:24:38 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\397786b0

2013-08-13 14:24:38 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\3949b19c

2013-08-13 14:24:26 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\2c6036cc

2013-08-13 14:24:26 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\2c09b02c

2013-08-13 14:23:40 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\a33a376b

2013-08-13 14:23:40 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\a30df7dc

2013-08-13 14:23:38 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\19dc807c

2013-08-13 14:23:38 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\198799fc

2013-08-13 14:23:34 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\db31f6d8

2013-08-13 14:23:34 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\db039527

2013-08-13 14:23:34 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\dac9ebc4

2013-08-13 14:23:34 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\da95abde

2013-08-13 14:23:12 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\5b84b7f4

2013-08-13 14:23:12 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\5b30d53c

2013-08-13 14:22:27 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f0cec439

2013-08-13 14:22:27 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f0a66db2

2013-08-13 14:22:24 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\82a7fb50

2013-08-13 14:22:24 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\82539dd8

2013-08-13 14:22:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\da5bd4

2013-08-13 14:22:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\a861f0

2013-08-13 14:22:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\2bcab6c

2013-08-13 14:22:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\292a4d4

2013-08-13 14:22:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\23cfe6c

2013-08-13 14:22:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\213343c

2013-08-13 14:22:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\1be1358

2013-08-13 14:22:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\19457e4

2013-08-13 14:22:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\13b2dac

2013-08-13 14:22:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\10eb410

2013-08-13 14:22:12 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b4b1aa98

2013-08-13 14:22:12 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b45b99c0

2013-08-13 14:21:15 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\7c4f4e4d

2013-08-13 14:21:15 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\7c26a79f

2013-08-13 14:21:13 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\15e6eb0c

2013-08-13 14:21:13 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\15bb74f4

2013-08-13 14:21:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b5d87648

2013-08-13 14:21:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b5aeb96c

2013-08-13 14:21:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b552dffc

2013-08-13 14:21:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b52933e8

2013-08-13 14:21:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b4cc4150

2013-08-13 14:21:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b4a23fb0

2013-08-13 14:21:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b4430e48

2013-08-13 14:21:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b4194d90

2013-08-13 14:21:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b3e56270

2013-08-13 14:21:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b3b40972

2013-08-13 14:20:56 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b37110d4

2013-08-13 14:20:56 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b31b1154

2013-08-13 14:20:16 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f6902920

2013-08-13 14:20:16 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f66605dc

2013-08-13 14:20:13 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\4c6a24d4

2013-08-13 14:20:13 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\4c143d9c

2013-08-13 14:20:08 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\d70f326c

2013-08-13 14:20:08 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\d6e925e8

2013-08-13 14:20:08 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\d697ffdc

2013-08-13 14:20:08 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\d672375c

2013-08-13 14:20:08 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\d6405edc

2013-08-13 14:20:08 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\d61136b8

2013-08-13 14:19:56 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\8463ab88

2013-08-13 14:19:56 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\840f1da8

2013-08-13 14:18:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\c3d75c00

2013-08-13 14:18:22 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\c3aa566c

2013-08-13 14:18:19 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\bbece8e4

2013-08-13 14:18:19 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\bb97ab6c

2013-08-13 14:18:15 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f5bf152e

2013-08-13 14:18:15 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f598ea72

2013-08-13 14:18:15 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f5696426

2013-08-13 14:18:15 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f5432412

2013-08-13 14:18:15 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f5125e8a

2013-08-13 14:18:15 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f4e422e6

2013-08-13 14:17:52 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\bdd4ec9c

2013-08-13 14:17:52 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\bd7e57bc

2013-08-13 14:12:53 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\789dc6a5

2013-08-13 14:12:53 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\7871aed8

2013-08-13 14:12:41 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\72ed3df8

2013-08-13 14:12:41 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\7290afe0

2013-08-13 14:12:25 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\3c549718

2013-08-13 14:12:25 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\3c28a66c

2013-08-13 14:12:25 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\3bc35b68

2013-08-13 14:12:25 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\3b8d2f40

2013-08-13 14:11:36 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\4b135a20

2013-08-13 14:11:36 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\4ac424e0

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\fabe30be

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\fa7c8a11

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\fa4775d3

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f817e679

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f7dfe508

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f6e74461

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f635fe36

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\f5fb9750

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\e1ccedb0

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\e16dac28

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\e0f2a438

2013-08-13 14:11:33 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\ddd62838

2013-08-13 14:11:32 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\caca4390

2013-08-13 14:11:32 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\c8782168

2013-08-13 14:05:17 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\9355587b

2013-08-13 14:05:17 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\896b6355

2013-08-13 14:05:11 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\cbcf3ef5

2013-08-13 14:05:11 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\bca270b5

2013-08-13 14:05:11 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\bc1d9435

2013-08-13 14:05:11 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\bbcda825

2013-08-13 14:05:11 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\bb7a5fe5

2013-08-13 14:05:11 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\b15b18fd

2013-08-13 14:05:11 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\aba4cd83

2013-08-13 14:05:11 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\ab4c03b3

2013-08-13 14:05:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\95eeaf46

2013-08-13 14:05:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\9596d0dd

2013-08-13 14:05:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\86faaf4e

2013-08-13 14:05:09 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\86a2750d

2013-08-13 14:05:08 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\ec5624ad

2013-08-13 14:05:08 87E1F36E0870FEFE8AD613BCCB30C8F0 4634 ----a-w- C:\users\Mark\AppData\Roaming\487680bd

2013-07-31 12:51:47 BBABDCD7BA169BF48B67C9E1D59686E0 205824 ----a-w- C:\users\Mark\AppData\Roaming\Profotonet Album Designer Prefsv3

2013-07-31 12:51:40 -------- d-----w- C:\users\Mark\AppData\Roaming\Profotonet Album Designer

====== C:\Users\Mark ======

2013-08-28 18:44:47 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Mark\Downloads\RSITx64.exe

2013-08-28 08:54:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune

2013-08-28 08:52:57 088812A121E0A9CEB40CE9C808C8A90C 642632 ----a-w- C:\Users\Mark\Downloads\hdtune_255.exe

2013-08-28 08:45:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

2013-08-28 08:42:53 1EFDECC41128BABB5B09B4C9BEB98D46 5127856 ----a-w- C:\Users\Mark\Downloads\spsetup122.exe

2013-08-27 21:08:18 -------- d-----w- C:\ProgramData\NVIDIA

2013-08-27 20:59:43 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2013-08-27 20:41:06 86F75BC6AD38A9708954B401202B4B2C 185568600 ----a-w- C:\Users\Mark\Downloads\320.49-desktop-win8-win7-winvista-64bit-english-whql.exe

2013-08-26 21:38:01 F7E1DCE09CADBB58476231AB154D7DB8 184074008 ----a-w- C:\Users\Mark\Downloads\320.18-desktop-win8-win7-winvista-64bit-english-whql.exe

2013-08-22 06:56:39 44D3A020D1A5B49CD17097CBE5736055 229594432 ----a-w- C:\Users\Mark\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe

2013-08-14 08:33:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2013-08-14 06:15:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewsLeecher

2013-07-31 12:51:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Profotonet Album Designer

====== C: exe-files ==

2013-08-28 18:45:21 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Mark.exe

2013-08-28 18:44:47 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Mark\Downloads\RSITx64.exe

2013-08-28 18:18:07 630D300104AD1806921BE3C8B12D046F 727936 ----a-w- C:\Users\Mark\AppData\Local\Temp\BRRTORRRUO.exe

2013-08-28 18:17:35 BC6051A4BC8F0CCA8E1D2B2B5B1FB3B6 572288 ----a-w- C:\Users\Mark\AppData\Local\Temp\OO.exe

2013-08-28 18:17:24 7B9E2BD17A3413166D23CFD0A8DF9BA5 469888 ----a-w- C:\Users\Mark\AppData\Local\Temp\NLMBTUPAOD.exe

2013-08-28 18:12:04 AB6D2F7A0B246D1E27F5C7A5F561EA5F 506752 ----a-w- C:\Users\Mark\AppData\Local\Temp\RS.exe

2013-08-28 18:11:59 EE738FE9BCDD605821002CEC8C7206DB 334720 ----a-w- C:\Users\Mark\AppData\Local\Temp\Rar$EX00.685\RootkitRevealer.exe

2013-08-28 08:54:32 F8FC2D14DF813CC920A39B3CB7E59CBC 401408 ----a-w- C:\Program Files (x86)\HD Tune\HDTune.exe

2013-08-28 08:54:32 CEFC20D14D9940D53505E9B9769139E7 682266 ----a-w- C:\Program Files (x86)\HD Tune\unins000.exe

2013-08-28 08:52:57 088812A121E0A9CEB40CE9C808C8A90C 642632 ----a-w- C:\Users\Mark\Downloads\hdtune_255.exe

2013-08-28 08:42:53 1EFDECC41128BABB5B09B4C9BEB98D46 5127856 ----a-w- C:\Users\Mark\Downloads\spsetup122.exe

2013-08-27 20:59:55 C5BEF5C18AE2199A6619769414D42BA4 2450208 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

2013-08-27 20:59:55 979A78A7AD4F34DCD95802ED991D2DC7 60192 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe

2013-08-27 20:59:55 7AA8F91EEB5011A8F1241ACC0283DCEB 1137440 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

2013-08-27 20:59:55 14BB070543F337A4A83FFEBE08B70F0D 6866208 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe

2013-08-27 20:59:55 09A62F35644C2F617D71D985D94636E9 61728 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe

2013-08-27 20:59:54 C5BEF5C18AE2199A6619769414D42BA4 2450208 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{FE696987-1806-4E90-B34E-2CB2B8767377}\NvTray.exe

2013-08-27 20:59:54 979A78A7AD4F34DCD95802ED991D2DC7 60192 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{FE696987-1806-4E90-B34E-2CB2B8767377}\nvSmartMaxapp.exe

2013-08-27 20:59:54 91C6AFA2AD85B92BBC45A089D4623A53 406304 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{FE696987-1806-4E90-B34E-2CB2B8767377}\setup.exe

2013-08-27 20:59:54 7AA8F91EEB5011A8F1241ACC0283DCEB 1137440 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{FE696987-1806-4E90-B34E-2CB2B8767377}\nvxdsync.exe

2013-08-27 20:59:54 25626309AD2F81D47C829CCB5E46E478 884512 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{FE696987-1806-4E90-B34E-2CB2B8767377}\nvvsvc.exe

2013-08-27 20:59:54 14BB070543F337A4A83FFEBE08B70F0D 6866208 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{FE696987-1806-4E90-B34E-2CB2B8767377}\nvcplui.exe

2013-08-27 20:59:54 09A62F35644C2F617D71D985D94636E9 61728 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{FE696987-1806-4E90-B34E-2CB2B8767377}\nvSmartMaxapp64.exe

2013-08-27 20:59:53 91C6AFA2AD85B92BBC45A089D4623A53 406304 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{64BB686A-6AC7-4F5F-9B58-CCB47B3B5E12}\setup.exe

2013-08-27 20:57:53 9DB4E19AF1F6DCD0FA289B00A3374798 315680 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvidia-smi.exe

2013-08-27 20:57:53 50EB3CCE8AD7AB6A06CBD254BBA399B3 216352 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvdebugdump.exe

2013-08-27 20:57:53 3BFE7F73E59C93B5481F392C26BAF967 32056760 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{EDC0B5D7-CFD6-4F4F-B4C2-E84500A39924}\nvcplsetupeng.exe

2013-08-27 20:57:53 2FA21059D505DE656954CAB253139DE8 234272 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{EDC0B5D7-CFD6-4F4F-B4C2-E84500A39924}\dbInstaller.exe

2013-08-27 20:57:53 2FA21059D505DE656954CAB253139DE8 234272 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe

2013-08-27 20:57:53 12B0557DF4F858C7F47EEF2A46E6F40F 1562400 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\MCU.exe

2013-08-27 20:57:15 B9C8D32F69C6E7963C0DDC40636D1E35 406304 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{FEDA3141-3A41-4CED-8BAA-493108998784}\setup.exe

2013-08-27 20:57:13 C922C135D370C9ADF5490771596AA117 190752 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\Display.Update\WLMerger.exe

2013-08-27 20:57:13 B9C8D32F69C6E7963C0DDC40636D1E35 406304 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\setup.exe

2013-08-27 20:57:13 6B08632F7634F344372B25A507DA7C47 1012000 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\GFExperience\nvtmru.exe

2013-08-27 20:57:10 F575A5AC8F4D2BE570CB095B3DD87B1A 1213216 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\Display.Update\ComUpdatus.exe

2013-08-27 20:57:10 B1EFD4957494046388C2BABD2F99C556 785696 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\GFExperience\GFExperience.exe

2013-08-27 20:57:10 A9AFE5B0648C8D7A411A72D8222F7F6E 1826592 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\Display.Update\daemonu.exe

2013-08-27 20:57:10 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\MS.NET\dotNetFx40_Full_setup.exe

2013-08-27 20:57:10 3BFE7F73E59C93B5481F392C26BAF967 32056760 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\Display.Driver\nvcplsetupeng.exe

2013-08-27 20:57:10 33089179574688A583421956130B606F 596768 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\GFExperience\7z.exe

2013-08-27 20:57:10 2FA21059D505DE656954CAB253139DE8 234272 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\Display.Driver\dbInstaller.exe

2013-08-27 20:57:08 A790859AA35A4560D8AB7824AF7BA7D7 23108096 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\NV3DVision\3DVision_320.49.exe

2013-08-27 20:41:06 86F75BC6AD38A9708954B401202B4B2C 185568600 ----a-w- C:\Users\Mark\Downloads\320.49-desktop-win8-win7-winvista-64bit-english-whql.exe

2013-08-27 19:27:35 FA8F08013422A4EB68072668B3A73293 1516496 ----a-w- C:\Program Files\TrueCrypt\TrueCrypt.exe

2013-08-27 19:27:35 7A23AC83A0856C352025A6F7C9CC1526 3466248 ----a-w- C:\Program Files\TrueCrypt\TrueCrypt Setup.exe

2013-08-27 19:27:35 48538C19ABE905D22E147B1C25D90880 1610704 ----a-w- C:\Program Files\TrueCrypt\TrueCrypt Format.exe

2013-08-27 19:26:30 7A23AC83A0856C352025A6F7C9CC1526 3466248 ----a-w- C:\Users\Mark\Downloads\TrueCrypt Setup 7.1a.exe

2013-08-26 21:43:55 C922C135D370C9ADF5490771596AA117 190752 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\Display.Update\WLMerger.exe

2013-08-26 21:43:55 6B08632F7634F344372B25A507DA7C47 1012000 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\GFExperience\nvtmru.exe

2013-08-26 21:43:55 4801DB44E7F35518493B0B8D81202A7C 406304 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\setup.exe

2013-08-26 21:43:52 F575A5AC8F4D2BE570CB095B3DD87B1A 1213216 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\Display.Update\ComUpdatus.exe

2013-08-26 21:43:52 D77B3847374AF9007B550EF7396FA17E 32047864 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\Display.Driver\nvcplsetupeng.exe

2013-08-26 21:43:52 B1EFD4957494046388C2BABD2F99C556 785696 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\GFExperience\GFExperience.exe

2013-08-26 21:43:52 A9AFE5B0648C8D7A411A72D8222F7F6E 1826592 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\Display.Update\daemonu.exe

2013-08-26 21:43:52 69F71753EE718140E21D8A078B0132EB 234272 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\Display.Driver\dbInstaller.exe

2013-08-26 21:43:52 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\MS.NET\dotNetFx40_Full_setup.exe

2013-08-26 21:43:52 33089179574688A583421956130B606F 596768 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\GFExperience\7z.exe

2013-08-26 21:43:50 5342649BB5D13FB8FBFF80B4A79799BF 23107184 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\NV3DVision\3DVision_320.18.exe

2013-08-26 21:38:01 F7E1DCE09CADBB58476231AB154D7DB8 184074008 ----a-w- C:\Users\Mark\Downloads\320.18-desktop-win8-win7-winvista-64bit-english-whql.exe

2013-08-24 18:52:09 47239EB4A793EA0DC7C283A71F401493 112352 ----a-w- C:\Users\Mark\AppData\Local\Temp\UnityWebPlayer\UnityWebPlayerUpdate.exe

2013-08-24 15:24:29 359F134350EA329A7C14E97D649EB1FA 787232 ----a-w- C:\Users\Mark\AppData\Local\Temp\nvStInst.exe

2013-08-22 07:03:25 C922C135D370C9ADF5490771596AA117 190752 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\Display.Update\WLMerger.exe

2013-08-22 07:03:25 B9C8D32F69C6E7963C0DDC40636D1E35 406304 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\setup.exe

2013-08-22 07:03:25 6B08632F7634F344372B25A507DA7C47 1012000 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\GFExperience\nvtmru.exe

2013-08-22 07:03:19 B1EFD4957494046388C2BABD2F99C556 785696 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\GFExperience\GFExperience.exe

2013-08-22 07:03:19 9EBC7E8B6EE23F5793150D166DB53043 73544032 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\Display.Driver\NvCplSetupInt.exe

2013-08-22 07:03:19 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\MS.NET\dotNetFx40_Full_setup.exe

2013-08-22 07:03:19 2FA21059D505DE656954CAB253139DE8 234272 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\Display.Driver\dbInstaller.exe

2013-08-22 07:03:18 F575A5AC8F4D2BE570CB095B3DD87B1A 1213216 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\Display.Update\ComUpdatus.exe

2013-08-22 07:03:18 A9AFE5B0648C8D7A411A72D8222F7F6E 1826592 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\Display.Update\daemonu.exe

2013-08-22 07:03:18 33089179574688A583421956130B606F 596768 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\GFExperience\7z.exe

2013-08-22 07:03:17 A790859AA35A4560D8AB7824AF7BA7D7 23108096 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\NV3DVision\3DVision_320.49.exe

2013-08-22 06:56:39 44D3A020D1A5B49CD17097CBE5736055 229594432 ----a-w- C:\Users\Mark\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe

2013-08-22 06:52:55 7EFEC1D34620CC3714FB948CE6E2B56B 190312 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\Display.Update\WLMerger.exe

2013-08-22 06:52:55 02EB8C498C08BDB615A659096504ABB1 404328 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\setup.exe

2013-08-22 06:52:48 F66726ADBCC20A2D1D6B31476B9BCA63 1021288 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\Display.Update\ComUpdatus.exe

2013-08-22 06:52:48 A9E6868C786570380C209CD9BC48530A 72738440 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\Display.Driver\NVCPLSetupInt.exe

2013-08-22 06:52:48 84E035225474E48CD3A6A3CE52332095 1258856 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\Display.Update\daemonu.exe

2013-08-22 06:52:48 2AEEB81A0890BED1D44B96965C8A313B 233320 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\Display.Driver\dbInstaller.exe

2013-08-22 06:52:47 C81D64448EC6955BD75F98F1CA22A8FF 22580840 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\NV3DVision\3DVision_306.97.exe

2013-08-22 06:52:10 ED32DCB2D480363947FBFFB0BF81F74B 227947968 ----a-w- C:\Users\Mark\Downloads\nvidia_30697_8764_vga\306.97-desktop-win8-win7-winvista-64bit-international-whql.exe

=== C: other files ==

2013-08-27 20:57:14 EDDE04805AC865AC8465388DC4A4CCC7 128672 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\HDAudio\nvhda32.sys

2013-08-27 20:57:14 ED53B817E63AFFBA328C2E9632FBF487 154400 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\HDAudio\nvhda32v.sys

2013-08-27 20:57:14 D833919630E744B0377B30CC87E50847 448288 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\NV3DVisionUSB.Driver\nvstusb64.sys

2013-08-27 20:57:14 805F0C2B9C07E4C0F74D0EF70E9E827A 194848 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\HDAudio\nvhda64v.sys

2013-08-27 20:57:14 68346AF0AB99FB0AAB1EB7CC011E5EA8 432672 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\NV3DVisionUSB.Driver\nvstusb32.sys

2013-08-27 20:57:14 32DDB67B405D7E01F0B3BBE04FB8EFA5 162592 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\English\HDAudio\nvhda64.sys

2013-08-27 19:27:35 ED5E4CE36C54F55E7698642E94D32EC7 231760 ----a-w- C:\Program Files\TrueCrypt\truecrypt.sys

2013-08-27 19:27:35 370A6907DDF79532A39319492B1FA38A 231376 ----a-w- C:\Program Files\TrueCrypt\truecrypt-x64.sys

2013-08-26 21:43:56 EDDE04805AC865AC8465388DC4A4CCC7 128672 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\HDAudio\nvhda32.sys

2013-08-26 21:43:56 ED53B817E63AFFBA328C2E9632FBF487 154400 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\HDAudio\nvhda32v.sys

2013-08-26 21:43:56 C8E2C21A3A0DE1B410F9CD4AACD5B686 432672 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\NV3DVisionUSB.Driver\nvstusb32.sys

2013-08-26 21:43:56 A15A4A50A74CCD04CD528CE9E5F97C3F 448288 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\NV3DVisionUSB.Driver\nvstusb64.sys

2013-08-26 21:43:56 805F0C2B9C07E4C0F74D0EF70E9E827A 194848 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\HDAudio\nvhda64v.sys

2013-08-26 21:43:56 32DDB67B405D7E01F0B3BBE04FB8EFA5 162592 ----a-w- C:\NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\English\HDAudio\nvhda64.sys

2013-08-26 21:18:36 1D062796A5FF05D60F20A97677EDD437 824302 ----a-w- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\obrcw018.default-1377551714922\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

2013-08-26 21:18:32 1D062796A5FF05D60F20A97677EDD437 824302 ----a-w- C:\Users\Mark\AppData\Local\Temp\tmp-yvy.xpi

2013-08-26 21:15:21 EFAC8CD8FE05BF0A7D173F92E481E65A 138614 ----a-w- C:\Users\Mark\Desktop\Oude Firefox-gegevens\1afxk71k.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi

2013-08-26 21:15:21 CD915B48720467332DB6DBDCF0EC214F 71038 ----a-w- C:\Users\Mark\Desktop\Oude Firefox-gegevens\1afxk71k.default\extensions\SkipScreen@SkipScreen.xpi

2013-08-26 21:15:21 B128718153798E31D07FE5A3C9306858 224035 ----a-w- C:\Users\Mark\Desktop\Oude Firefox-gegevens\1afxk71k.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

2013-08-26 21:15:21 410DEF35ABED7E80B1B94279F1D2C74D 714654 ----a-w- C:\Users\Mark\Desktop\Oude Firefox-gegevens\1afxk71k.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

2013-08-26 21:15:21 1D062796A5FF05D60F20A97677EDD437 824302 ----a-w- C:\Users\Mark\Desktop\Oude Firefox-gegevens\1afxk71k.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

2013-08-26 21:15:21 021956C6B0E9257162FAFE4AC76375FB 1312907 ----a-w- C:\Users\Mark\Desktop\Oude Firefox-gegevens\1afxk71k.default\extensions\firefox@ghostery.com.xpi

2013-08-22 07:03:26 EDDE04805AC865AC8465388DC4A4CCC7 128672 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\HDAudio\nvhda32.sys

2013-08-22 07:03:26 ED53B817E63AFFBA328C2E9632FBF487 154400 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\HDAudio\nvhda32v.sys

2013-08-22 07:03:26 D833919630E744B0377B30CC87E50847 448288 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb64.sys

2013-08-22 07:03:26 805F0C2B9C07E4C0F74D0EF70E9E827A 194848 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\HDAudio\nvhda64v.sys

2013-08-22 07:03:26 68346AF0AB99FB0AAB1EB7CC011E5EA8 432672 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb32.sys

2013-08-22 07:03:26 32DDB67B405D7E01F0B3BBE04FB8EFA5 162592 ----a-w- C:\NVIDIA\DisplayDriver\320.49\Win8_WinVista_Win7_64\International\HDAudio\nvhda64.sys

2013-08-22 06:53:43 A211AB524324E84C2C805B52DFCDD544 124264 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{C801932B-813D-4A5B-9930-AA2C83752CD9}\nvhda32.sys

2013-08-22 06:53:43 77F9F9A199B87FE3F852E12F5419240B 149352 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{C801932B-813D-4A5B-9930-AA2C83752CD9}\nvhda32v.sys

2013-08-22 06:53:43 1F07B814C0BB5AABA703ABFF1F31F2E8 189288 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{C801932B-813D-4A5B-9930-AA2C83752CD9}\nvhda64v.sys

2013-08-22 06:53:43 0903639E765829867FE90895651BB558 156520 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{C801932B-813D-4A5B-9930-AA2C83752CD9}\nvhda64.sys

2013-08-22 06:52:56 A211AB524324E84C2C805B52DFCDD544 124264 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\HDAudio\nvhda32.sys

2013-08-22 06:52:56 8FCA563BDF108984932E4D80A5C44D83 430184 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb32.sys

2013-08-22 06:52:56 84948366BDC2D86EC4316A6FCC0C8561 445800 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb64.sys

2013-08-22 06:52:56 77F9F9A199B87FE3F852E12F5419240B 149352 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\HDAudio\nvhda32v.sys

2013-08-22 06:52:56 1F07B814C0BB5AABA703ABFF1F31F2E8 189288 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\HDAudio\nvhda64v.sys

2013-08-22 06:52:56 0903639E765829867FE90895651BB558 156520 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7_64\International\HDAudio\nvhda64.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Acrobat Speed Launcher]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe Acrobat Speed Launcher"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 9.0\\Acrobat\\Acrobat_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe Reader Speed Launcher"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeAAMUpdater-1.0"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeCS5ServiceManager"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXMediaServer]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DivXMediaServer"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\DivX\\DivX Media Server\\DivXMediaServer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DivXUpdate"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Global Registration]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Global Registration"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Acer\\Registration\\GREG.exe\" BOOT"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MPlayerForWindows_UpdateReminder]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MPlayerForWindows_UpdateReminder"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\MPlayer for Windows\\AutoUpdate.exe\" /L=1033 /TASK"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nvtmru]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Nvtmru"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\NVIDIA Corporation\\NVIDIA Update Core\\nvtmru.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="QuickTime Task"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TkBellExe"

"hkey"="HKLM"

"command"="\"c:\\program files (x86)\\real\\realplayer\\Update\\realsched.exe\" -osboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="uTorrent"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\uTorrent\\uTorrent.exe\" /MINIMIZED"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [18-07-2013 07:42]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26-09-2010 15:45]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26-09-2010 15:45]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\obrcw018.default-1377551714922

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\obrcw018.default-1377551714922

0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.17

E638C845403AB63112673A0C72C07789 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit)

0C316A33BBE35CD1097936393A177656 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit)

09B4E13D25623D879D35286E2D29FF13 - C:\Users\Mark\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

jbolfgndggfhhpbnkgnpjkfhinclbigj - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[16-05-2013 00:50]

jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\Exts\Chrome.crx[31-05-2013 03:49]

nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[26-07-2013 16:31]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://downloads.phpnuke.org/nl/index.php?rvs=google"

"Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_m5811&r=17360710cn16974554f35jx541wl47"

"Search Page"="http://downloads.phpnuke.org/nl/index.php?rvs=google"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://downloads.phpnuke.org/nl/index.php?rvs=google"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Search Page"="http://downloads.phpnuke.org/nl/index.php?rvs=google"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{B047CFC0-E395-47A5-AE03-5EE77247ABFF}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B047CFC0-E395-47A5-AE03-5EE77247ABFF}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1611534024-1097244977-3060432490-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully

==== Deleting CLSID Registry Values ======================

==== shortcuts on Users Desktops ======================

C:\Users\Mark\Desktop\Computer - Snelkoppeling.lnk -

C:\Users\Mark\Desktop\HD Tune.lnk - C:\Program Files (x86)\HD Tune\HDTune.exe

C:\Users\Mark\Desktop\Image Grabber II - Snelkoppeling.lnk - C:\Users\Mark\Downloads\Image_Grabber_II.NET_2.2.0\Image Grabber II.exe

C:\Users\Mark\Desktop\Mark - Snelkoppeling.lnk - C:\Users\Mark

C:\Users\Mark\Desktop\Muziek - Snelkoppeling.lnk - C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms

C:\Users\Mark\Desktop\SABnzbd.lnk - C:\Program Files (x86)\SABnzbd\SABnzbd.exe

C:\Users\Mark\Desktop\Start Tor Browser - Snelkoppeling (2).lnk - C:\Users\Mark\Saved Games\Tor Browser\Start Tor Browser.exe

C:\Users\Mark\Desktop\WonderFox Video to GIF Converter.lnk - C:\Program Files (x86)\WonderFox Video to GIF Converter\Video to GIF.exe

C:\Users\Mark\Desktop\Music\Mark\Oud\Sample Music.lnk - C:\Users\Public\Music\Sample Music

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Bigasoft Total Video Converter.lnk - C:\Program Files (x86)\Bigasoft\Total Video Converter\videoconverter.exe

C:\Users\Public\Desktop\Boilsoft Video Joiner.lnk - C:\Program Files (x86)\Boilsoft\Boilsoft Video Joiner\EZMerge.exe

C:\Users\Public\Desktop\Lightroom 4.3 64-bit.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 4.3\lightroom.exe

C:\Users\Public\Desktop\Norton 360.lnk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\uistub.exe

C:\Users\Public\Desktop\Profotonet Album Designer.lnk - C:\Program Files (x86)\Profotonet Album Designer\Profotonet Album Designer.exe

C:\Users\Public\Desktop\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe

C:\Users\Public\Desktop\µTorrent.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SABnzbd\SABnzbd - SafeMode.lnk - C:\Program Files (x86)\SABnzbd\SABnzbd.exe --server 127.0.0.1:8080 -b1 --no-login -t Plush

C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SABnzbd\SABnzbd.lnk - C:\Program Files (x86)\SABnzbd\SABnzbd.exe

C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SABnzbd\Uninstall.lnk - C:\Program Files (x86)\SABnzbd\Uninstall.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Check for Updates.lnk - C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe /start=update

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Codec Settings.lnk - C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe /start=decoder

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Converter.lnk - C:\Program Files (x86)\DivX\DivX Plus Converter\DivXConverterLauncher.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Player.lnk - C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Support.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Register.lnk - C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe /start=registration

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune Manual.lnk - C:\Program Files (x86)\HD Tune\hdtune.html

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune on the Web.lnk - C:\Program Files (x86)\HD Tune\HDTune.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune.lnk - C:\Program Files (x86)\HD Tune\HDTune.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\Uninstall HD Tune.lnk - C:\Program Files (x86)\HD Tune\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewsLeecher\NewsLeecher.lnk - C:\Program Files (x86)\NewsLeecher\newsLeecher.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Profotonet Album Designer\Profotonet Album Designer.lnk - C:\Program Files (x86)\Profotonet Album Designer\Profotonet Album Designer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Profotonet Album Designer\Uninstall.lnk - C:\Program Files (x86)\Profotonet Album Designer\uninstall.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Uninstall Speccy.lnk - C:\Program Files\Speccy\uninst.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt\TrueCrypt.lnk - C:\Program Files\TrueCrypt\TrueCrypt.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt\Uninstall TrueCrypt.lnk - C:\Program Files\TrueCrypt\TrueCrypt Setup.exe /u

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bigasoft Total Video Converter.lnk - C:\Program Files (x86)\Bigasoft\Total Video Converter\videoconverter.exe

C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KeePass.lnk - C:\Program Files (x86)\KeePass Password Safe\KeePass.exe

C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\NewsLeecher.lnk - C:\Program Files (x86)\NewsLeecher\newsLeecher.exe

C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -

C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = This message is from the Microsoft Safety & Security Center

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Mark\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FlipShare Service - Unknown owner - C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: TurboBoost - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Mark\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mark\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mark\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Mark\AppData\Local\Mozilla\Firefox\Profiles\obrcw018.default-1377551714922\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Mark\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Mark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on do 29-08-2013 at 8:34:33,24 ======================

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.