Ga naar inhoud

Zelf pc samengesteld


Aanbevolen berichten

Hoi,

Zelf samengesteld.

Besturingssysteem

Windows 7 Ultimate 64-bit SP1

Processor

AMD A10-6800K 56 °C

Richland 32nm Technologie

RAM

16,0GB Dual-Kanaal DDR3 @ 665MHz (9-9-9-24)

Moederbord

ASRock FM2A88X Extreme6+ (CPUSocket) 28 °C

Grafisch

Targa Visiona (1280x960@1Hz)

ATI video (ASRock)

Harde schijven

112GB Samsung SSD 840 EVO 120GB ATA Device (SSD) 24 °C

233GB Seagate ST3250823AS ATA Device (SATA) 32 °C

932GB SAMSUNG HD103UJ ATA Device (SATA) 21 °C

Optische schijven

HL-DT-ST BD-RE BH10LS30 ATA Device

Geluid

High Definition Audio-apparaat

Wat programs gedownload.

Maar wil zeker zijn dat er geen virussen in zit.

Gr,Martco.

Ps

Alle filmpjes schokken wel een beetje (slechte codecs)?

Link naar reactie
Delen op andere sites

Hier een logje,

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 13:21:18, on 4-1-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

C:\Program Files (x86)\MyImageConverter_8j\bar\1.bin\8jbrmon.exe

D:\Program Files\OpenOffice.org 3\program\soffice.exe

D:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Users\Administrator\AppData\Local\Temp\GPUTemp.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Spotnet\Spotnet.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

D:\Program Files\NewsLeecher\_newsLeecher.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Users\Administrator\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {261c67f2-64cd-4696-9821-612409b649d5} - C:\Program Files (x86)\MyImageConverter_8j\bar\1.bin\8jSrcAs.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Search Assistant BHO - {5bc83983-5708-4ac5-b263-59bbfaf85a86} - C:\Program Files (x86)\MyImageConverter_8j\bar\1.bin\8jSrcAs.dll

O2 - BHO: Jump Flip - {6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} - C:\Program Files (x86)\Jump Flip\JumpFlipbho.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Toolbar BHO - {9fea7743-7c8b-4d4d-9b54-a088eb853287} - C:\PROGRA~2\MYIMAG~2\bar\1.bin\8jbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3 - Toolbar: MyImageConverter - {4a8a0b3b-eeb7-4e90-b359-3e01b2c15e82} - C:\Program Files (x86)\MyImageConverter_8j\bar\1.bin\8jbar.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MyImageConverter EPM Support] "C:\PROGRA~2\MYIMAG~2\bar\1.bin\8jmedint.exe" T8EPMSUP.DLL,S

O4 - HKLM\..\Run: [MyImageConverter Search Scope Monitor] "C:\PROGRA~2\MYIMAG~2\bar\1.bin\8jsrchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [MyImageConverter_8j Browser Plugin Loader] C:\Program Files (x86)\MyImageConverter_8j\bar\1.bin\8jbrmon.exe

O4 - HKLM\..\Run: [MyImageConverter_8j Browser Plugin Loader 64] C:\Program Files (x86)\MyImageConverter_8j\bar\1.bin\8jbrmon64.exe

O4 - HKLM\..\Run: [GPUTemp] "C:\Users\ADMINI~1\AppData\Local\Temp\GPUTemp.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [AVG-Secure-Search-Update_1213b] C:\Users\Administrator\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=3c7d5e7f552847d393296d16b233bf5e-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=1213b

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user')

O4 - Startup: AutoStarter.lnk = VSO.ConvertXtoDVD.v5.1.0.2.Cracked-F4CG\VSO.ConvertXtoDVD.v5.1.0.2.Cracked-F4CG.exe

O4 - Startup: OpenOffice.org 3.1 .lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone

O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone

O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone

O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone

O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MyImageConverterService (MyImageConverter_8jService) - COMPANYVERS_NAME - C:\PROGRA~2\MYIMAG~2\bar\1.bin\8jbarsvc.exe

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Unknown owner - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Update Jump Flip - Jump Flip - C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10614 bytes

Link naar reactie
Delen op andere sites

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {261c67f2-64cd-4696-9821-612409b649d5};c
 C:\Program Files (x86)\MyImageConverter_8j;fs
 {5bc83983-5708-4ac5-b263-59bbfaf85a86};c
 {4a8a0b3b-eeb7-4e90-b359-3e01b2c15e82};c
 MyImageConverter EPM Support;s
 MyImageConverter Search Scope Monitor;s
 MyImageConverter_8j Browser Plugin Loader;s
 MyImageConverter_8j Browser Plugin Loader 64;s
 AVG-Secure-Search-Update_1213b;s
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Hier het logje...

Ik had gisteren ook een sabamvirus ik zou 100€ moeten betalen hebben.

Dan maar de herstelfunctie gebruikt.

Zoek.exe v5.0.0.0 Updated 05-Januari-2014

Tool run by Administrator on zo 05-01-2014 at 10:10:06,08.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Administrator\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

5-1-2014 10:11:44 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\ProgramData\Canon IJ Network Tool deleted successfully

C:\ProgramData\CanonEPP deleted successfully

C:\ProgramData\CanonIJEPPEX2 deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\ProgramData\Real deleted successfully

C:\Users\Administrator\AppData\Roaming\ArcSoft deleted successfully

C:\Users\Administrator\AppData\Roaming\Mozilla deleted successfully

C:\Users\Administrator\AppData\Roaming\Real deleted successfully

C:\Users\Administrator\AppData\Local\Real deleted successfully

==== Creating Sample_05-01-2014_1016.zip ======================

Process iexplore.exe killed

Copied file C:\Users\Administrator\AppData\Local\AnyProtectScannerSetup.exe to sample\AnyProtectScannerSetup.exe

sample\AnyProtectScannerSetup.exe renamed to A01071CDEFBD57DEEE784D9F8B06DFDC

C:\Users\Public\Desktop\sample_05-01-2014_1016.zip created successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Jump Flip deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Jump Flip deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util Jump Flip deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util Jump Flip deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Jump Flip deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Jump Flip deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update Jump Flip deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update Jump Flip deleted successfully

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\MyImageConverter_8j not found

C:\ProgramData\APN deleted

C:\Users\Administrator\AppData\Local\AnyProtectScannerSetup.exe deleted

"C:\PROGRA~2\Jump Flip\updateJumpFlip.exe" deleted

"C:\PROGRA~2\Jump Flip\updateJumpFlip.exe" deleted

"C:\PROGRA~2\Jump Flip\bin\utilJumpFlip.exe" deleted

"C:\PROGRA~2\Jump Flip\bin\utilJumpFlip.exe" deleted

"C:\PROGRA~2\Jump Flip" not deleted

"C:\PROGRA~2\Jump Flip" not deleted

"C:\PROGRA~2\Jump Flip\bin" not deleted

"C:\PROGRA~2\Jump Flip\bin" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\ADMINI~1\AppData\Local\Temp ====

2014-01-04 22:08:43 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Administrator\AppData\Local\Temp\ESGScanner.sys

2014-01-04 22:08:13 8C24311EC0A970BE2F451A66A8DD7FE3 46777424 ----a-w- C:\Users\Administrator\AppData\Local\Temp\SHSetup.exe

2014-01-04 20:01:37 C8916A11BF6BBCC8EB5DE8DC6E4DA4C7 184320 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\isasc.dll

2014-01-04 20:01:37 BC5666D95A54C5FB93334E1D71DBEF71 69632 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\DTACL.dll

2014-01-04 20:01:37 968051D64B5F696C23C2ED2AA29D2376 49237 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\SetKey.exe

2014-01-04 20:01:37 9412F120DF0795C44858BE254DC51973 39424 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\MyDevCon32.exe

2014-01-04 20:01:37 92848A11AB83A6B84B80F22B38AF1506 45056 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\RegSetKeyValue64.dll

2014-01-04 20:01:37 85D01A854DE82A4FF113C76046D585C1 12288 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\_isuser.dll

2014-01-04 20:01:37 739D86549F70529FDAF03DC77561C837 71680 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\MyDevCon64.exe

2014-01-04 20:01:37 580C872EE181ED368D83E8E5B5D467C6 602208 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\setup.exe

2014-01-04 20:01:37 5180EDACF7A3AE37C82894DD5300E7F2 401408 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\_isres.dll

2014-01-04 20:01:37 2A276BA2B7782476302C59D0F760F4BC 117560 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\ISBEW64.exe

2014-01-04 20:01:37 0F68D760FB480A1B039CA7D6B877D24C 223024 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\ISRT.dll

2014-01-04 20:01:36 603BB648353EB46CC7A5AC4959157C0B 3070273 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{E216E7B7-CE8C-4242-B0AE-595AB0F3DC47}\ISSetup.dll

2014-01-04 20:01:36 580C872EE181ED368D83E8E5B5D467C6 602208 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{E216E7B7-CE8C-4242-B0AE-595AB0F3DC47}\setup.exe

2014-01-04 19:57:55 ACBAE5356BC1C05E406B699D0C9220CB 58774520 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX3\Update.exe

2014-01-04 19:57:55 41366F7E9D7F47C66A1A022A5BF6AA03 613785 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX3\up.exe

2014-01-04 19:56:49 D629CBFD76FEB936466DB0A97D48B7C5 614039 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX2\arc.exe

2014-01-04 19:56:49 08381176DACB19EEF2D4F76D017CE206 65059472 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX2\totalmediatheatre5.exe

2014-01-04 19:43:57 ACBAE5356BC1C05E406B699D0C9220CB 58774520 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX1\Update.exe

2014-01-04 19:43:57 41366F7E9D7F47C66A1A022A5BF6AA03 613785 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX1\up.exe

2014-01-04 19:42:54 D629CBFD76FEB936466DB0A97D48B7C5 614039 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX0\arc.exe

2014-01-04 19:42:54 08381176DACB19EEF2D4F76D017CE206 65059472 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX0\totalmediatheatre5.exe

2014-01-03 23:31:47 C2A25A5AE6E51DAF34B165EE1D28E616 7473312 ----a-w- C:\Users\Administrator\AppData\Local\Temp\6_Offer_11.exe

2014-01-03 22:11:09 7E7EB7AFF595774E5E500B34058CC1A7 192512 ----a-w- C:\Users\Administrator\AppData\Local\Temp\sfamcc00001.dll

2014-01-03 22:04:08 974A4FBA0FFBF10FAEECE714017DF617 163744 ----a-w- C:\Users\Administrator\AppData\Local\Temp\SCC.dll

2014-01-03 22:04:06 D0F25E1B717EE325780B5C5A014F9623 166224 ----a-w- C:\Users\Administrator\AppData\Local\Temp\SymCCIS.dll

2014-01-03 19:37:49 2FD7026B8E009E8768CB99576419BA89 3583608 ----a-w- C:\Users\Administrator\AppData\Local\Temp\is82122515\36809667_stp.EXE

2014-01-03 19:35:20 1DDA0D2E7EBA291193E192675A9DF11D 1305312 ----a-w- C:\Users\Administrator\AppData\Local\Temp\GPUTemp.exe

2014-01-03 19:35:16 E9667145D20830BF97894A27BEC7EC0F 1264352 ----a-w- C:\Users\Administrator\AppData\Local\Temp\Setup1.exe

2014-01-03 19:35:15 A371BEE57BFBFA2D73DA79AA1A752A3F 57960 ----a-w- C:\Users\Administrator\AppData\Local\Temp\OpenCL.dll

2014-01-03 19:34:59 2062A9C3CFBA829BBC5503218518C6D3 578896 ----a-w- C:\Users\Administrator\AppData\Local\Temp\ICReinstall_nsa3B3D.tmp.exe

2014-01-03 19:33:55 2FD7026B8E009E8768CB99576419BA89 3583608 ----a-w- C:\Users\Administrator\AppData\Local\Temp\is45637729\36575527_stp.EXE

2014-01-02 18:53:21 B91FE1536AB4D680DDD77469EA3FD4BF 24097311 ----a-w- C:\Users\Administrator\AppData\Local\Temp\vlc-2.1.2-win32.exe

2014-01-01 19:07:05 780D14604D49E3C634200C523DEF8351 9728 ----a-w- C:\Users\Administrator\AppData\Local\Temp\bassmod.dll

2013-12-30 18:35:00 A01071CDEFBD57DEEE784D9F8B06DFDC 1005472 ------w- C:\Users\Administrator\AppData\Local\Temp\is82122515\36809530_stp\AnyProtectScannerSetup.exe

2013-12-30 18:35:00 A01071CDEFBD57DEEE784D9F8B06DFDC 1005472 ------w- C:\Users\Administrator\AppData\Local\Temp\is82122515\36654476_stp\AnyProtectScannerSetup.exe

2013-12-27 08:09:26 6F5BD679880773A7AB5C6B4BCA91BA4D 7668784 ------w- C:\Users\Administrator\AppData\Local\Temp\is45637729\36734440_stp\ClickMeInSetup.exe

2013-12-27 08:09:26 6F5BD679880773A7AB5C6B4BCA91BA4D 7668784 ------w- C:\Users\Administrator\AppData\Local\Temp\is45637729\36575252_stp\ClickMeInSetup.exe

2013-12-27 08:08:12 53527A992CC1A9471E52E3885875E561 62792 ------w- C:\Users\Administrator\AppData\Local\Temp\is45637729\36734440_stp\ManualRegister.exe

2013-12-27 08:08:12 53527A992CC1A9471E52E3885875E561 62792 ------w- C:\Users\Administrator\AppData\Local\Temp\is45637729\36575252_stp\ManualRegister.exe

2013-12-23 13:58:48 4CD979C7CCE0AFC132ED70E982B3CB8B 1175552 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\clipartpack\nero.clipartpack.msi

2013-12-23 13:58:47 5617AC141EEF6B81037ED056695EFD0A 1163776 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\menutemplatepack1\nero.menutemplatepack1.msi

2013-12-23 13:58:47 51898754006386967B30133E89A99DF1 1433088 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\menutemplatepack2\nero.menutemplatepack2.msi

2013-12-23 13:58:47 39C04A9A723027BE69AD429CB7950E7D 1217536 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\effectsbasic\nero.effectsbasic.msi

2013-12-23 13:58:46 A3A276E783DF6E5025F5DC7E7B849EE3 1163264 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\moviethemebase\nero.moviethemebase.msi

2013-12-23 13:58:46 7977BDAD11388FB6BF3BA3DEAD059869 1253888 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\moviethemepack4paid\nero.moviethemepack4paid.msi

2013-12-23 13:58:46 54E23063B1F300443D7C9219EE746433 1188864 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\menutemplatepack3\nero.menutemplatepack3.msi

2013-12-23 13:58:46 22926A6CEC0A1A4B3730284A8E122714 1238528 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\moviethemepack2\nero.moviethemepack2.msi

2013-12-23 13:58:46 130A0992D9A6C2D84F109D88AF6A4ACE 1148416 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\moviethemepack1\nero.moviethemepack1.msi

2013-12-23 13:58:46 0E84BE0F4832F2A07BF2E6E0C182FEC6 1145856 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\menutemplatepackbasic\nero.menutemplatepackbasic.msi

2013-12-23 13:58:46 0618B1F4888B35CFB57CB57D8740BB36 1305088 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\moviethemepack3\nero.moviethemepack3.msi

2013-12-23 13:58:45 DCF07996347AE673AED11350505B7E7C 1164800 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\prerequisites\nero.prerequisites.msi

2013-12-23 13:58:45 CEDE02D7AF62449A2C38C49ABECC0CD3 4995416 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\ISSetupPrerequisites\microsoftVcRedist2010Sp1X86\vcredist_x86.exe

2013-12-23 13:58:45 CD4D9B65A7A190A1E862388580BA6D39 1219072 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\pipfxbasic\nero.pipfxbasic.msi

2013-12-23 13:58:45 C43AFE95B892BCFE28409CB1556815C7 1142784 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\transitionpack1\nero.transitionpack1.msi

2013-12-23 13:58:45 BCD7225A988C7437B78009F2D2065EED 725296 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\setup.exe

2013-12-23 13:58:45 B632F265AF1745A79FF5CF5BEB10F273 165648 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\ISSetupPrerequisites\systemRequirementValidator\PRQStarter-1.exe

2013-12-23 13:58:45 B632F265AF1745A79FF5CF5BEB10F273 165648 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\ISSetupPrerequisites\rebootValidator\PRQStarter-1.exe

2013-12-23 13:58:45 B632F265AF1745A79FF5CF5BEB10F273 165648 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\ISSetupPrerequisites\msi4.5ForWindowsxpX86\PRQStarter-1.exe

2013-12-23 13:58:45 B632F265AF1745A79FF5CF5BEB10F273 165648 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\ISSetupPrerequisites\msi4.5ForWindows6.0X86\PRQStarter-1.exe

2013-12-23 13:58:45 B632F265AF1745A79FF5CF5BEB10F273 165648 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\ISSetupPrerequisites\msi4.5ForWindows6.0X64\PRQStarter-1.exe

2013-12-23 13:58:45 B632F265AF1745A79FF5CF5BEB10F273 165648 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\ISSetupPrerequisites\microsoftVcRedist2010Sp1X86\PRQStarter-1.exe

2013-12-23 13:58:45 9ED8105C2796039158B3212561B964B6 2519040 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\nero.nero2014contentpack.msi

2013-12-23 13:58:45 484FFB097DA921660C64E414549043FD 1291776 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\update\Nero.Update.msi

2013-12-23 13:58:45 448447E0BA4560CD558EDDB5F5B0809E 3327000 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\ISSetupPrerequisites\msi4.5ForWindowsxpX86\WindowsXP-KB942288-v3-x86.exe

2013-12-23 13:58:45 3FCCD20F89D4D186890128EF3F878366 2566416 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\ISSetupPrerequisites\systemRequirementValidator\NeroOSValidator.exe

2013-12-23 13:58:45 35ADD2CDD6E15CB356529C063510B960 1128960 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\samplevideos\nero.samplevideos.msi

2013-12-23 13:58:45 20D10FBDA613C04F9BD915B96D0B877E 1233408 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\platinumeffects12\nero.platinumeffects12.msi

2013-12-23 13:58:45 0D5A00FA5BE5BE07AB80FA0CBE64A593 1317376 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\moviethemepack5\nero.moviethemepack5.msi

2013-12-23 13:58:45 0D2701EA1B7529060476B8002A0FB7B1 1190400 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\pipfxpack1\nero.pipfxpack1.msi

2013-12-23 13:58:45 06494EA4B56E7FD0FFF6356448AD307D 1185280 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInstallFiles\NERO20130906112647123\applications\sampleimagepack\nero.sampleimagepack.msi

2013-12-23 13:55:30 32E26A5C7B6601C4DD861EBDBFD5B8C0 800265168 ----a-w- C:\Users\Administrator\AppData\Local\Temp\NeroInst.EXE

====== Java Cache =====

2013-12-25 16:07:22 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-41508554

2013-12-25 16:07:07 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-32679c41

2013-12-25 16:07:07 32C84F23C4D685937C4817131AC832C3 99 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap

2013-12-25 16:07:06 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\34e05d1f-5188c732

2013-12-25 16:07:07 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-6e0113e5

2013-12-15 09:59:01 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-7064abcb

====== C:\Windows\SysWOW64 =====

2014-01-04 00:30:53 7B2220EC183EE8C019017E3EB5E67481 218200 ----a-w- C:\Windows\SysWOW64\unrar.dll

2014-01-03 22:11:00 A4001C78F2806662B3BD91ACB44E6330 45 ----a-w- C:\Windows\SysWOW64\initdebug.nfo

2014-01-01 19:03:35 D04F7AACA2319A3BCDB2C5D5DD6F6026 487424 ----a-w- C:\Windows\SysWOW64\msvcp70.dll

2014-01-01 19:03:34 9972A6ED4F2388DBFA8E0A96F6F3FDF1 344064 ----a-w- C:\Windows\SysWOW64\msvcr70.dll

2014-01-01 19:03:34 5FEFD614BBD3FFA3712B172F70B1FDE2 24576 ----a-w- C:\Windows\SysWOW64\msxml3a.dll

2014-01-01 19:03:34 4D328694BB516E46D2D184950D94433F 1700352 ----a-w- C:\Windows\SysWOW64\GdiPlus.dll

2014-01-01 19:03:34 09AEF167EB1531E965053D0DCF6CC573 974848 ----a-w- C:\Windows\SysWOW64\mfc70.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-01-04 22:06:37 64E22B8022FF7B598B715DF0C69F9A1E 10540 ----a-w- C:\Windows\Sysnative\avgrep.txt

====== C:\Windows\Sysnative\drivers =====

2014-01-04 22:08:43 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\Sysnative\drivers\EsgScanner.sys

2013-12-22 16:20:04 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2013-12-12 12:40:22 B3EB502D2C3F47C47415F85387DFAEF1 57840 ----a-w- C:\Windows\Sysnative\drivers\fssfltr.sys

2013-12-12 11:04:33 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys

2013-12-12 11:04:33 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys

2013-12-12 11:04:33 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys

2013-12-12 11:04:33 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys

2013-12-12 11:04:33 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys

2013-12-12 11:04:33 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys

2013-12-12 11:04:33 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys

2013-12-12 10:13:43 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys

2013-12-12 10:13:43 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys

2013-12-12 10:13:43 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys

2013-12-12 10:13:42 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-12-12 10:13:40 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys

2013-12-12 10:13:39 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-12-12 10:13:39 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys

2013-12-12 10:13:39 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys

2013-12-12 10:13:38 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys

2013-12-12 10:13:38 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

2013-12-12 10:13:38 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys

2013-12-12 10:13:38 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys

2013-12-12 10:13:37 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys

2013-12-12 10:13:37 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys

2013-12-12 10:13:37 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

====== C:\Windows\Tasks ======

2014-01-03 19:38:39 BDB5A88E1F9DE1E35FC54A270198E6DF 3176 ----a-w- C:\Windows\Sysnative\Tasks\APSnotifierCA

2014-01-03 19:38:38 A44F0E73BB5F15B7604EE21A749AA5FF 378 ----a-w- C:\Windows\Tasks\APSnotifierCA.job

2013-12-23 13:29:58 -------- d-----w- C:\Windows\Sysnative\Tasks\Nero

2013-12-12 10:43:08 9B7DD89F133CA1BD9830886D99F9EC12 3230 ----a-w- C:\Windows\Sysnative\Tasks\SidebarExecute

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-04 22:08:41 -------- d-----w- C:\Program Files\Enigma Software Group

2014-01-04 20:20:01 -------- d-----w- C:\Program Files\CPUID

2014-01-03 22:05:06 -------- d-----w- C:\Program Files\Core Temp

2014-01-03 19:13:13 -------- d-----w- C:\Program Files\Speccy

2013-12-15 09:59:43 -------- d-----w- C:\Program Files\Microsoft Silverlight

2013-12-12 17:30:15 -------- d-----w- C:\Program Files\Common Files\CANON

2013-12-12 17:28:31 -------- d-----w- C:\Program Files\Canon

2013-12-12 17:27:14 -------- d--h--w- C:\Program Files\CanonBJ

2013-12-12 12:40:21 -------- d-----w- C:\Program Files\Windows Live

======= C:\PROGRA~2 =====

2014-01-04 22:49:59 859720 ----a-w- C:\PROGRA~2\8jUninstall MyImageConverter.dll

2014-01-04 22:49:59 189832 ----a-w- C:\PROGRA~2\8jres.dll

2014-01-04 22:08:28 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard

2014-01-04 20:13:03 -------- d-----w- C:\PROGRA~2\Real Alternative

2014-01-04 19:43:53 -------- d--h--w- C:\PROGRA~2\InstallShield Installation Information

2014-01-04 00:30:50 -------- d-----w- C:\PROGRA~2\K-Lite Codec Pack

2014-01-03 22:11:00 -------- d-----w- C:\PROGRA~2\SpeedFan

2014-01-03 19:34:22 -------- d-----w- C:\PROGRA~2\Jump Flip

2014-01-01 22:03:18 -------- d-----w- C:\PROGRA~2\DVD-RB PRO

2014-01-01 22:02:07 -------- d-----w- C:\PROGRA~2\AviSynth 2.5

2014-01-01 19:03:33 -------- d-----w- C:\PROGRA~2\COMMON~1\AVSMedia

2014-01-01 19:03:33 -------- d-----w- C:\PROGRA~2\AVS4YOU

2014-01-01 12:10:16 -------- d-----w- C:\PROGRA~2\VSO

2013-12-23 13:26:05 -------- d-----w- C:\PROGRA~2\COMMON~1\Nero

2013-12-18 18:24:33 -------- d-----w- C:\PROGRA~2\ImgBurn

2013-12-18 18:18:36 -------- d-----w- C:\PROGRA~2\SMA

2013-12-17 15:49:25 -------- d-----w- C:\PROGRA~2\Nero

2013-12-17 15:44:46 -------- d-----w- C:\PROGRA~2\MSXML 4.0

2013-12-17 15:44:40 -------- d-----w- C:\PROGRA~2\COMMON~1\LightScribe

2013-12-17 15:32:09 -------- d-----w- C:\PROGRA~2\Belarc

2013-12-15 19:22:27 -------- d-----w- C:\PROGRA~2\7-Zip

2013-12-15 18:26:26 -------- d-----w- C:\PROGRA~2\QuickPar

2013-12-15 09:59:43 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight

2013-12-14 16:13:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe

2013-12-14 16:13:41 -------- d-----w- C:\PROGRA~2\Adobe

2013-12-12 17:05:45 -------- d-----w- C:\PROGRA~2\Canon

2013-12-12 16:12:57 -------- d-----w- C:\PROGRA~2\FileZilla FTP Client

2013-12-12 14:37:30 -------- d-----w- C:\PROGRA~2\Spotnet

2013-12-12 12:40:33 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server Compact Edition

2013-12-12 12:40:11 -------- d-----w- C:\PROGRA~2\Windows Live

2013-12-12 12:39:24 -------- d-----w- C:\PROGRA~2\Microsoft SkyDrive

2013-12-12 12:38:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Windows Live

2013-12-12 10:42:43 -------- d-----w- C:\PROGRA~2\AVG

2013-12-12 10:15:58 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

======= C: =====

2013-12-12 16:05:20 1AEDE0D8BFB65C79A31CDA22F6B04D9A 372219 --sh--r- C:\JGNMX

2013-12-12 15:55:57 474DA62A92C4393A4AACC8BE2E325893 8192 --sha-r- C:\BOOTSECT.BAK

2013-12-12 15:55:56 259525CFB422E6AC8E87BC9777B1DF73 383786 --sha-r- C:\bootmgr

====== C:\Users\Administrator\AppData\Roaming ======

2014-01-04 22:08:41 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter

2014-01-04 19:42:56 -------- d-----w- C:\Users\Administrator\AppData\Local\Downloaded Installations

2014-01-04 00:32:19 -------- d-----w- C:\Users\Administrator\AppData\Roaming\MPC-HC

2014-01-04 00:02:04 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Shark007

2014-01-03 22:11:01 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan

2014-01-02 19:07:16 -------- d-----w- C:\Users\Administrator\AppData\Roaming\dvdcss

2014-01-01 22:05:49 -------- d-----w- C:\Users\Administrator\AppData\Local\DVD-RB Pro

2014-01-01 22:02:07 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5

2014-01-01 19:04:24 -------- d-----w- C:\Users\Administrator\AppData\Roaming\AVS4YOU

2014-01-01 12:10:21 AF7CE12C4F3DC8CB2B07685C916BBCFE 82816 ----a-w- C:\Users\Administrator\AppData\Roaming\pcouffin.sys

2014-01-01 12:10:21 7F13C6D2AE5F9D8B41E9D7D6CAD16EAA 1167 ----a-w- C:\Users\Administrator\AppData\Roaming\pcouffin.inf

2014-01-01 12:10:21 1E7BDB2AC98BCE13AE85C0F6DB1ECCB8 7859 ----a-w- C:\Users\Administrator\AppData\Roaming\pcouffin.cat

2014-01-01 12:10:21 16E53BFC96CE14021C0E07EB1C198478 99384 ----a-w- C:\Users\Administrator\AppData\Roaming\inst.exe

2014-01-01 12:10:21 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Vso

2014-01-01 12:09:45 -------- d-----w- C:\Users\Administrator\AppData\Local\Programs

2013-12-31 11:14:08 -------- d-----w- C:\Users\Administrator\AppData\Local\Nero_AG

2013-12-25 18:22:11 -------- d-----w- C:\Users\Administrator\AppData\Local\Nero

2013-12-20 09:25:26 -------- d-----w- C:\Users\Administrator\AppData\Local\ElevatedDiagnostics

2013-12-17 15:50:06 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Nero

2013-12-17 14:37:43 -------- d-----w- C:\Users\Administrator\AppData\Roaming\OpenOffice.org

2013-12-15 19:54:44 -------- d-----w- C:\Users\Administrator\AppData\Roaming\ImgBurn

2013-12-15 19:12:56 -------- d-----w- C:\Users\Administrator\AppData\Roaming\FileZilla

2013-12-15 18:29:04 -------- d-----w- C:\Users\Administrator\AppData\Roaming\WinRAR

2013-12-15 18:28:39 -------- d-----w- C:\Users\Administrator\AppData\Local\QuickPar

2013-12-15 18:26:26 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar

2013-12-15 18:13:14 -------- d-----w- C:\Users\Administrator\AppData\Locallow\Adobe

2013-12-15 18:13:14 -------- d-----w- C:\Users\Administrator\AppData\Local\Adobe

2013-12-15 17:56:56 -------- d-----w- C:\Users\Administrator\AppData\Roaming\NewsLeecher

2013-12-15 16:54:56 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Windows Live Writer

2013-12-15 16:54:56 -------- d-----w- C:\Users\Administrator\AppData\Local\Windows Live Writer

2013-12-15 16:51:13 -------- d-----w- C:\Users\Administrator\AppData\Local\Collectorz.com

2013-12-15 16:48:44 -------- d-----w- C:\Users\Administrator\AppData\Local\Spotnet

2013-12-15 16:47:48 -------- d-----w- C:\Users\Administrator\AppData\Local\Geckofx

2013-12-15 16:46:59 -------- d-----w- C:\Users\Administrator\AppData\Roaming\SMA

2013-12-15 16:33:32 -------- dc----w- C:\Users\Administrator\AppData\Local\MigWiz

2013-12-15 09:58:49 -------- d-----w- C:\Users\Administrator\AppData\Locallow\Sun

2013-12-15 08:17:39 D2183E6221E954BE47A041AE9E6D94D3 58424 ----a-w- C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2013-12-15 08:15:31 -------- d-----w- C:\Users\Administrator\AppData\Roaming\AVG2014

2013-12-15 08:15:31 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Adobe

2013-12-15 08:15:30 -------- d-----w- C:\Users\Administrator\AppData\Local\Avg2014

2013-12-15 08:15:26 -------- d-----r- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-12-15 08:15:24 -------- d-s---w- C:\Users\Administrator\AppData\Locallow\Microsoft

2013-12-15 08:15:19 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Identities

2013-12-15 08:15:15 -------- d-s---w- C:\Users\Administrator\AppData\Roaming\Microsoft

2013-12-15 08:15:15 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Media Center Programs

2013-12-15 08:15:15 -------- d-----w- C:\Users\Administrator\AppData\Local\Temp

2013-12-15 08:15:15 -------- d-----w- C:\Users\Administrator\AppData\Local\Microsoft

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-12-12 21:15:10 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm

2013-12-12 21:14:37 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking

2013-12-12 16:05:28 -------- d-----w- C:\Users\Marc\AppData\Roaming\Microsoft

2013-12-12 16:05:28 -------- d-----w- C:\Users\Marc\AppData\Local\Microsoft

2013-12-12 10:43:08 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014

2013-12-12 10:42:58 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014

2013-12-12 10:42:43 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014

====== C:\Users\Administrator ======

2014-01-04 20:20:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID

2014-01-04 19:43:55 -------- d-----w- C:\ProgramData\ArcSoft

2014-01-04 00:30:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack

2014-01-03 23:30:58 578261C61197D06FDD24A0D86EB8B111 599823 ----a-w- C:\Users\Administrator\Desktop\Media_Player_Classic.exe

2014-01-03 22:11:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan

2014-01-03 19:13:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

2014-01-01 22:02:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5

2014-01-01 19:03:50 -------- d-----w- C:\ProgramData\AVS4YOU

2014-01-01 16:26:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO

2014-01-01 13:15:50 -------- d-----w- C:\ProgramData\vsosdk

2014-01-01 12:10:16 -------- d-----w- C:\ProgramData\VSO

2014-01-01 12:01:37 -------- d-----w- C:\ProgramData\DVD Shrink

2013-12-23 13:26:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero

2013-12-17 15:50:28 -------- d-----w- C:\ProgramData\LightScribe

2013-12-17 15:47:41 -------- d-----w- C:\ProgramData\Nero

2013-12-17 15:44:40 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling

2013-12-15 19:22:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2013-12-15 18:26:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar

2013-12-15 10:00:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2013-12-15 08:15:26 -------- d-----r- C:\Users\Administrator\Searches

2013-12-15 08:15:18 -------- d-----r- C:\Users\Administrator\Contacts

2013-12-15 08:15:15 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Administrator\ntuser.ini

2013-12-15 08:15:15 -------- d--h--w- C:\Users\Administrator\AppData

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\Videos

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\Saved Games

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\Pictures

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\Music

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\Links

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\Favorites

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\Downloads

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\Documents

2013-12-15 08:15:15 -------- d-----r- C:\Users\Administrator\Desktop

2013-12-14 16:13:42 -------- d-----w- C:\ProgramData\Adobe

2013-12-12 17:56:35 -------- d--h--w- C:\ProgramData\CanonIJSolutionMenuEX

2013-12-12 17:56:34 -------- d--h--w- C:\ProgramData\CanonIJMyPrinter

2013-12-12 17:55:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities

2013-12-12 17:55:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gebruikersregistratie voor Canon MG5200 series

2013-12-12 17:55:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series

2013-12-12 17:40:39 -------- d-----w- C:\ProgramData\CanonIJPLM

2013-12-12 17:30:24 -------- d-----w- C:\ProgramData\CanonIJMSetup

2013-12-12 17:30:08 -------- d-----w- C:\ProgramData\CanonIJWSpt

2013-12-12 17:29:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint

2013-12-12 17:28:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities

2013-12-12 17:28:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series Manual

2013-12-12 16:56:52 -------- d--h--w- C:\ProgramData\CanonBJ

2013-12-12 16:12:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client

2013-12-12 16:05:28 -------- d--h--w- C:\Users\Marc\AppData

2013-12-12 14:37:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotnet

2013-12-12 14:09:45 -------- d-----w- C:\ProgramData\SMA

2013-12-12 12:40:22 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

2013-12-12 12:39:18 -------- d-----w- C:\ProgramData\Microsoft SkyDrive

2013-12-12 11:22:25 -------- d-----w- C:\ProgramData\Spotnet

2013-12-12 10:42:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2013-12-12 10:42:53 -------- d-----w- C:\ProgramData\AVG2014

2013-12-12 10:41:07 -------- d--h--w- C:\ProgramData\Common Files

2013-12-12 10:15:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==

2014-01-04 22:08:41 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{CD09642E-061D-4844-BA37-ED1480916404}\IconF7A21AF7.exe

2014-01-04 22:08:41 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{CD09642E-061D-4844-BA37-ED1480916404}\IconD7F16134.exe

2014-01-04 22:08:41 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Administrator\AppData\Roaming\Microsoft\Installer\{CD09642E-061D-4844-BA37-ED1480916404}\Icon1226A4C5.exe

2014-01-04 22:08:29 15E51E8ADDED68AE73CD46AE671923E2 190437 ----a-w- C:\Windows\CD09642E061D4844BA37ED1480916404.TMP\WiseCustomCalla36.exe

2014-01-04 22:08:13 8C24311EC0A970BE2F451A66A8DD7FE3 46777424 ----a-w- C:\Users\Administrator\AppData\Local\Temp\SHSetup.exe

2014-01-04 20:01:37 968051D64B5F696C23C2ED2AA29D2376 49237 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\SetKey.exe

2014-01-04 20:01:37 9412F120DF0795C44858BE254DC51973 39424 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\MyDevCon32.exe

2014-01-04 20:01:37 739D86549F70529FDAF03DC77561C837 71680 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\MyDevCon64.exe

2014-01-04 20:01:37 580C872EE181ED368D83E8E5B5D467C6 602208 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\setup.exe

2014-01-04 20:01:37 2A276BA2B7782476302C59D0F760F4BC 117560 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{0B234488-5EB6-4E98-89A6-F20DF7044E2A}\ISBEW64.exe

2014-01-04 20:01:36 580C872EE181ED368D83E8E5B5D467C6 602208 ----a-w- C:\Users\Administrator\AppData\Local\Temp\{E216E7B7-CE8C-4242-B0AE-595AB0F3DC47}\setup.exe

2014-01-04 20:01:19 6352D38478C40C06CA439C3A05E3ABF9 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-75301139-4282853885-4281358664-500\$ITU7ZOE.exe

2014-01-04 19:57:55 ACBAE5356BC1C05E406B699D0C9220CB 58774520 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX3\Update.exe

2014-01-04 19:57:55 41366F7E9D7F47C66A1A022A5BF6AA03 613785 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX3\up.exe

2014-01-04 19:56:49 D629CBFD76FEB936466DB0A97D48B7C5 614039 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX2\arc.exe

2014-01-04 19:56:49 08381176DACB19EEF2D4F76D017CE206 65059472 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX2\totalmediatheatre5.exe

2014-01-04 19:44:12 BC49243557991AC42FCC01B8E3BB05D2 393216 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{E8660A3A-8207-42F6-B755-E68EBA657582}\setup.exe

2014-01-04 19:43:57 ACBAE5356BC1C05E406B699D0C9220CB 58774520 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX1\Update.exe

2014-01-04 19:43:57 41366F7E9D7F47C66A1A022A5BF6AA03 613785 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX1\up.exe

2014-01-04 19:42:54 D629CBFD76FEB936466DB0A97D48B7C5 614039 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX0\arc.exe

2014-01-04 19:42:54 08381176DACB19EEF2D4F76D017CE206 65059472 ----a-w- C:\Users\Administrator\AppData\Local\Temp\RarSFX0\totalmediatheatre5.exe

2014-01-04 00:30:54 84551CD8625713FEEDFEBC769562A67D 443392 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\SetACL_x64.exe

2014-01-04 00:30:54 567BEFCC4CAF8EE4C1F68DED96562727 301056 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\SetACL_x86.exe

2014-01-04 00:30:53 AD937F57725167E2D5D7BE534FEED706 1048576 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe

2014-01-04 00:30:53 A7FEC52B4853ADC49678C5D4CBE17DD8 4104704 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext.exe

2014-01-04 00:30:53 572D5FF7864560896B63588ADA04A3C7 5334528 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext64.exe

2014-01-04 00:30:50 E4A2856522E6A817E3F0EDD2677FA647 1171456 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe

2014-01-04 00:30:50 8E621B684F94E8B9B7D37970C2BA2963 1332139 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe

2014-01-04 00:30:50 3D7ADAFC4686B588593D2863E2A751E3 5842432 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe

2014-01-04 00:11:46 30FADBA93E9430A63F19DA9935DE4369 4411392 ----a-w- C:\classic\mplayerc.exe

2014-01-03 23:31:47 C2A25A5AE6E51DAF34B165EE1D28E616 7473312 ----a-w- C:\Users\Administrator\AppData\Local\Temp\6_Offer_11.exe

2014-01-03 23:30:58 578261C61197D06FDD24A0D86EB8B111 599823 ----a-w- C:\Users\Administrator\Desktop\Media_Player_Classic.exe

2014-01-03 22:11:01 3CA9655CFEEEB1B341A247EDC1678C01 36867 ----a-w- C:\Program Files (x86)\SpeedFan\uninstall.exe

2014-01-03 19:37:49 2FD7026B8E009E8768CB99576419BA89 3583608 ----a-w- C:\Users\Administrator\AppData\Local\Temp\is82122515\36809667_stp.EXE

2014-01-03 19:35:20 1DDA0D2E7EBA291193E192675A9DF11D 1305312 ----a-w- C:\Users\Administrator\AppData\Local\Temp\GPUTemp.exe

2014-01-03 19:35:16 E9667145D20830BF97894A27BEC7EC0F 1264352 ----a-w- C:\Users\Administrator\AppData\Local\Temp\Setup1.exe

2014-01-03 19:34:59 2062A9C3CFBA829BBC5503218518C6D3 578896 ----a-w- C:\Users\Administrator\AppData\Local\Temp\ICReinstall_nsa3B3D.tmp.exe

2014-01-03 19:33:55 2FD7026B8E009E8768CB99576419BA89 3583608 ----a-w- C:\Users\Administrator\AppData\Local\Temp\is45637729\36575527_stp.EXE

2014-01-03 19:12:21 A0E9A27B051ACEB918F7DBB88BBF3DB3 5552488 ----a-w- C:\$Recycle.Bin\S-1-5-21-75301139-4282853885-4281358664-500\$RTU7ZOE.exe

2014-01-02 18:53:21 B91FE1536AB4D680DDD77469EA3FD4BF 24097311 ----a-w- C:\Users\Administrator\AppData\Local\Temp\vlc-2.1.2-win32.exe

2014-01-01 22:22:22 EB6652312EA5BDE4465342D009AE4BB3 204112 ----a-w- C:\BD_Rebuilder\Tools\MediaInfo.exe

2014-01-01 22:22:22 C98A9CC811881935CD1125BAD787EDBD 441344 ----a-w- C:\BD_Rebuilder\Tools\SetACL_x64.exe

2014-01-01 22:22:22 A701286880A6803A5EAC49DCA852DD6F 226816 ----a-w- C:\BD_Rebuilder\Tools\tsmuxer.exe

2014-01-01 22:22:22 77539E162B7F703C4F067E5DAA6E396F 17408 ----a-w- C:\BD_Rebuilder\Tools\wavi.exe

2014-01-01 22:22:22 5A14C3EA32D4873C323057C9C92EB3F6 8376846 ----a-w- C:\BD_Rebuilder\Tools\mkvmerge.exe

2014-01-01 22:22:22 57E4EF9BDFEC8631C4711CF75AD43730 8663552 ----a-w- C:\BD_Rebuilder\Tools\x264-64.exe

2014-01-01 22:22:22 4F0C4E8C93855DBF06E12920B6FD56A0 6310414 ----a-w- C:\BD_Rebuilder\Tools\mkvextract.exe

2014-01-01 22:22:22 30FADBA93E9430A63F19DA9935DE4369 4411392 ----a-w- C:\BD_Rebuilder\Tools\MPC\mplayerc.exe

2014-01-01 22:22:22 2FA5372D8728A4ABF8053682F3220E10 8173568 ----a-w- C:\BD_Rebuilder\Tools\x264.exe

2014-01-01 22:22:22 2E5A7D12C3170F61A08866600E74075B 303616 ----a-w- C:\BD_Rebuilder\Tools\SetACL_x86.exe

2014-01-01 22:22:22 16D26114D2726B6FE900C8558CFEEEE4 69632 ----a-w- C:\BD_Rebuilder\Tools\split.exe

2014-01-01 22:22:22 02ED66B5B82700E2A610A9107E97B52F 166400 ----a-w- C:\BD_Rebuilder\Tools\MP4BOX\MP4Box.exe

2014-01-01 22:22:21 ED2693BF7F9A9D2EE1DB4BE6247239A8 746511 ----a-w- C:\BD_Rebuilder\BDRB.exe

2014-01-01 22:22:21 D97E3C60F6F748AEBBD569472A2D9111 240919 ----a-w- C:\BD_Rebuilder\Tools\aften2.exe

2014-01-01 22:22:21 C9746C877BC58AE849FD206E441A8E52 373248 ----a-w- C:\BD_Rebuilder\Tools\faad.exe

2014-01-01 22:22:21 C65C6655C01A6473238DB371322CF0B9 272896 ----a-w- C:\BD_Rebuilder\Tools\aften.exe

2014-01-01 22:22:21 B0D09B81E29AD21A0789AA7E3A5E9E92 184832 ----a-w- C:\BD_Rebuilder\Tools\lame.exe

2014-01-01 22:22:21 AD03F33B1F1E139F74581E00E6099AAC 65536 ----a-w- C:\BD_Rebuilder\Inspect.exe

2014-01-01 22:22:21 A5B64E0BB8F78BF984EE3BDE0BAE5CA5 61440 ----a-w- C:\BD_Rebuilder\Tools\dvdauthor\Sup2Png.exe

2014-01-01 22:22:21 9EF5DBA728C4A595BE032DA477C98528 1061376 ----a-w- C:\BD_Rebuilder\Tools\dvdauthor\spumux.exe

2014-01-01 22:22:21 9CEFD98416930E025F6822D11AD7C192 120832 ----a-w- C:\BD_Rebuilder\Tools\dvdauthor\growisofs.exe

2014-01-01 22:22:21 8D027CFD4795DA6F835ADE1CD8312AAE 2011136 ----a-w- C:\BD_Rebuilder\Tools\HCencoder.exe

2014-01-01 22:22:21 4609C0594793D9B4080E3F93D715BDCA 1116160 ----a-w- C:\BD_Rebuilder\Tools\dvdauthor\dvdauthor.exe

2014-01-01 22:22:21 4249143F4023F044A79AE53286465476 344064 ----a-w- C:\BD_Rebuilder\Tools\dvdauthor\mkisofs.exe

2014-01-01 22:22:21 305A8B585BB46465EB87B503DB589A7D 46080 ----a-w- C:\BD_Rebuilder\Tools\dvdauthor\bmp2png.exe

2014-01-01 22:22:21 226F1F1D0E92F2E05D74CAF1703EA5F0 188928 ----a-w- C:\BD_Rebuilder\Tools\dvdauthor\mplex.exe

2014-01-01 22:22:21 11C2EEAE6C6CD1C9C4B4EB5682DC1D89 399872 ----a-w- C:\BD_Rebuilder\Tools\faac.exe

2014-01-01 22:02:07 473EFB4E31467CF639287F7830001F51 36271 ----a-w- C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe

2014-01-01 22:00:55 3435740EB8366730D83EFF0027C6AABA 73728 ----a-w- C:\Program Files (x86)\DVD-RB PRO\11 DVD Rebuilder Pro v 1.28.2 KeyGen.exe

2014-01-01 19:06:25 B549B3ADF2B4A2093BBA346DC1DF3E0C 1571840 ----a-w- C:\Program Files (x86)\AVS4YOU\avs4you.all.products.activator.2011.(v1.1)-mpt.exe

2014-01-01 16:26:23 C39955E5A6B1802A38BB3C088013F4CF 6249752 ----a-w- C:\ProgramData\VSO\ConvertXToDVD\5\Lang\EditLoc_online.exe

2014-01-01 16:26:23 9E43A79CC356159F4F518D93BEB974A6 24368432 ----a-w- C:\Program Files (x86)\VSO\ConvertX\5\ConvertXtoDvd.exe

2014-01-01 16:26:23 9D2D33DED816FCDACD14C4CBA9DE65A6 2280280 ----a-w- C:\Program Files (x86)\VSO\pcsetup\PcSetup.exe

2014-01-01 16:26:21 8B57FCD40426920C389DB6DFA1CFF857 1176904 ----a-w- C:\Program Files (x86)\VSO\ConvertX\5\unins000.exe

2014-01-01 12:10:21 16E53BFC96CE14021C0E07EB1C198478 99384 ----a-w- C:\Users\Administrator\AppData\Roaming\inst.exe

2014-01-01 12:10:17 DC14972F6C25CE8D38E6777D3801857A 1985848 ----a-w- C:\Program Files (x86)\VSO\common\VsoRep\vsorep.exe

2013-12-30 18:35:00 A01071CDEFBD57DEEE784D9F8B06DFDC 1005472 ------w- C:\Users\Administrator\AppData\Local\Temp\is82122515\36809530_stp\AnyProtectScannerSetup.exe

2013-12-30 18:35:00 A01071CDEFBD57DEEE784D9F8B06DFDC 1005472 ------w- C:\Users\Administrator\AppData\Local\Temp\is82122515\36654476_stp\AnyProtectScannerSetup.exe

=== C: other files ==

2014-01-05 09:16:50 7F3A0426659E3B184E7BE4336E6D0712 975814 ----a-w- C:\Users\Public\Desktop\sample_05-01-2014_1016.zip

2014-01-05 09:09:31 1D2ECF3937C7B1D8AB9201848BD60254 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-75301139-4282853885-4281358664-500\$IC2V0P2.zip

2014-01-05 09:08:46 3E02820FF89462348EF711F79FB726D9 4079821 ----a-w- C:\$Recycle.Bin\S-1-5-21-75301139-4282853885-4281358664-500\$RC2V0P2.zip

2014-01-04 22:08:43 7D032FD5E20DBE5DBCD91B076EB1B9D2 7530368 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SH4.com

2014-01-04 22:08:43 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys

2014-01-04 22:08:43 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Administrator\AppData\Local\Temp\ESGScanner.sys

2014-01-04 13:05:54 28468AF53CA6CFE77D80288C724B6AC3 648 ----a-w- C:\Users\Administrator\AppData\Roaming\OpenOffice.org\3\user\temp\Feedback\OOoImprove-2013-12-25T16_17_39.zip

2014-01-01 22:22:21 8EC2707D630C2515967FE24AB646934A 156 ----a-w- C:\BD_Rebuilder\REG_MSCOMCTL.BAT

2014-01-01 12:10:21 AF7CE12C4F3DC8CB2B07685C916BBCFE 82816 ----a-w- C:\Users\Administrator\AppData\Roaming\pcouffin.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-75301139-4282853885-4281358664-500\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"AVG-Secure-Search-Update_1213b"="C:\Users\Administrator\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=3c7d5e7f552847d393296d16b233bf5e-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=1213b"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"

"CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon"

"IJNetworkScanUtility"="C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"MyImageConverter_8j Browser Plugin Loader 64"="C:\Program Files (x86)\MyImageConverter_8j\bar\1.bin\8jbrmon64.exe"

"GPUTemp"="C:\Users\ADMINI~1\AppData\Local\Temp\GPUTemp.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"AVG-Secure-Search-Update_1213b"="C:\Users\Administrator\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=3c7d5e7f552847d393296d16b233bf5e-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=1213b"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"

==== Startup Folders ======================

2014-01-01 15:48:45 1077 ----a-w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk

2013-12-17 14:38:28 851 ----a-w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1 .lnk

2013-07-08 15:09:36 289 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD

2013-07-08 15:09:36 289 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD

==== Task Scheduler Jobs ======================

C:\Windows\tasks\APSnotifierCA.job --a------ C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\APSnotifierCA" [C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-75301139-4282853885-4281358664-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} deleted successfully

HKEY_USERS\S-1-5-21-75301139-4282853885-4281358664-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=13 folders=5 2906037 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Administrator\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\ADMINI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Jump Flip" not found

"C:\PROGRA~2\Jump Flip" not found

==== EOF on zo 05-01-2014 at 10:27:40,78 ======================

Gr,Martco.

Link naar reactie
Delen op andere sites

Download 52147fb3b2536-AdwCleaner_99_3_16x16x32.pngAdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op de knop Scan.
  • Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  • Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  • Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  • Plaats dit logbestand in het volgende bericht.

Link naar reactie
Delen op andere sites

Hier is ie..

# AdwCleaner v3.016 - Report created 05/01/2014 at 13:22:29

# Updated 23/12/2013 by Xplode

# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

# Username : Administrator - MARC-PC

# Running from : C:\Users\Administrator\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyImageConverter_8j Browser Plugin Loader 64]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\powerpack

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\Software\InstallIQ

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

*************************

AdwCleaner[R0].txt - [1799 octets] - [05/01/2014 12:50:37]

AdwCleaner[s0].txt - [1559 octets] - [05/01/2014 13:22:29]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1619 octets] ##########

Gr,Martco.

Link naar reactie
Delen op andere sites

Dan zal je inderdaad op het vlak van de codecs moeten zoeken. De malware is alvast verwijderd van de PC. Toch wel vreemd dat je bij een nieuwe installatie al onmiddellijk zoveel rotzooi hebt binnengehaald. Je downloadbronnen zullen niet meteen betrouwbaar geweest zijn :dong:

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Link naar reactie
Delen op andere sites

Oke thx.

Ik heb alles gedaan wat je gezegd hebt.

Die nieuwe installatie is niet nieuw maar heb de c schijf gekopieerd naar een SSD en ingebouwd in de nieuwe pc.

Nu ga ik een nieuwe topic openen voor het afspelen van videoarchief zonder schokken.

Gr,Martco.

aangepast door Martco
Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.