Ga naar inhoud

Aanbevolen berichten

  • Reacties 47
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Geplaatst:

DownloadMBAM(Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma teinstalleren.

Zorg ervoor dat er een vinkje geplaatst is voor UpdateMalwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op"Voltooien".

Indien een update gevonden werd, zal die gedownload engeïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer danin het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "BekijkResultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op:Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagdworden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen teherstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkitverwijderen.

Het log wordt automatisch bewaard door MBAM en kan jeterugvinden door op de "Logs" tab te klikken in het programma.

Geplaatst:

Malwarebytes Anti-Malware 1.75.0.1300

Malwarebytes : Free Anti-Malware

Databaseversie: v2014.02.19.10

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16518

Koen :: KOEN-PC [administrator]

19-2-2014 20:25:00

mbam-log-2014-02-19 (20-25-00).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 217370

Verstreken tijd: 1 minuut/minuten, 54 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 1

C:\Users\Koen\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.

Registersleutels gedetecteerd: 6

HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Koen\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 2

C:\Users\Koen\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.

C:\Users\Koen\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.

Bestanden gedetecteerd: 7

C:\Users\Koen\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.

C:\Users\Koen\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Koen\AppData\Roaming\PowerISO\Upgrade\PowerISO5.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Koen\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Koen\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Koen\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.

(einde)

Geplaatst:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Koen at 2014-02-21 05:38:03

Microsoft Windows 7 Ultimate Service Pack 1

System drive C: has 6 GB (10%) free of 61 GB

Total RAM: 16332 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 5:38:07, on 21-2-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16518)

Boot mode: Normal

Running processes:

C:\Windows\SysWOW64\HsMgr.exe

C:\Program Files\ASUS Xonar DGX Audio\Customapp\ASUSAUDIOCENTER.EXE

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe

C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe

C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe

C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\SLSTaskbar.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

E:\Steam\Steam.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Koen.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo Zoeken - zoeken op het web

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [Grid] "C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\HYDRAVISION\HYDRAGRD.EXE"

O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.clonewarsadventures.com

O15 - Trusted Zone: *.freerealms.com

O15 - Trusted Zone: *.soe.com

O15 - Trusted Zone: *.sony.com

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - E:\Hi-Rez Studios Games\HiPatchService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Saitek DirectOutput (SaiDOutput) - Saitek - C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11206 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=0716ff4a-5234-446a-8116-98105c2ffe1b /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\dba47874-00ef-4355-b345-2d4cbff78526-214-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"

winlogon.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

atieclxx

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"taskhost.exe"

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"

"C:\Program Files\Bonjour\mDNSResponder.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files\Intel\iCLS Client\HeciServer.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"

"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"

C:\Windows\SysWOW64\PnkBstrA.exe

"C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe"

"C:\Windows\SysWOW64\HsMgr.exe" Envoke

"C:\Windows\system\HsMgr64.exe" Envoke

"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe" 72648 "C:\ProgramData\AVG SafeGuard toolbar\Logger\logger.properties"

\??\C:\Windows\system32\conhost.exe "-14934515331829066075129851276295984748-4893247111330267090-123236279718803248

"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s

"C:\Program Files\ASUS Xonar DGX Audio\Customapp\ASUSAUDIOCENTER.EXE"

"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized

"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe"

"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow

HydraDM64.exe -h:262198 "Maximaliseren tot volledig bureaublad" "Maximaliseren tot volledig venster" "Bureaublad herstellen"

Grid64.exe -h:66406 -t:0 "&Bevestigen aan raster" "&Loshalen van raster" "Raster bewerken..."

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\SLSTaskbar.exe" -l -e

SLSTaskbar64.exe -l -e

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

taskeng.exe {60D98E07-D292-4268-84E8-43056C214317}

"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe" /SkipUac

"taskhost.exe"

"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding

"E:\Hi-Rez Studios Games\HiPatchService.exe"

"E:\Steam\Steam.exe"

"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService

C:\Windows\system32\AUDIODG.EXE 0xa5c

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6708.0.1474705874\1632972617" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27 --gpu-vendor-id=0x1002 --gpu-device-id=0x6798 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.251.0.0 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_RestoreNavsuggestControl_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group8 pct:10h stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_75/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="6708.2.2045863718\672005494" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_RestoreNavsuggestControl_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group8 pct:10h stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_75/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="6708.3.498015106\268029266" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_RestoreNavsuggestControl_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group8 pct:10h stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_75/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="6708.4.1652110979\1111647751" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin/ASCPlugin_Protect.dll" --lang=nl --channel="6708.6.1841206825\1547304717" /prefetch:-390060480

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/Postperiod_RestoreNavsuggestControl_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group8 pct:10h stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_75/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="6708.8.1293270651\1572673070" /prefetch:673131151

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe32_ Global\UsGthrCtrlFltPipeMssGthrPipe32 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528

"C:\Users\Koen\Downloads\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Driver Booster Update.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Koen\AppData\Roaming\Mozilla\Firefox\Profiles\kcxxxmrh.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 10.1 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=E:\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]

"Description"=

"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]

"Description"=ESN Sonar browser plugin

"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.1]

"Description"=

"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.2]

"Description"=

"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]

"Description"=Intel IPT WebApi plugin

"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]

"Description"=This plugin updates Intel WebAPI component

"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]

"Description"=This plugin detects and launches Pando Media Booster

"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]

"Description"=VLC Multimedia Plugin

"Path"=E:\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]

"Description"=VLC Multimedia Plugin

"Path"=E:\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]

"Description"=VLC Multimedia Plugin

"Path"=E:\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

C:\Users\Koen\AppData\Roaming\Mozilla\Firefox\Profiles\kcxxxmrh.default\extensions\

ascsurfingprotection@iobit.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-02-09 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-20 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-20 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll [2014-02-05 3401752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]

Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll [2014-02-05 3401752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-27 170264]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-27 398616]

"Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-27 440600]

"Cmaudio8788"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]

"Cmaudio8788GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]

"Cmaudio8788GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]

"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2013-04-16 454144]

"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2013-04-16 158208]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-02-16 7506136]

"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-11-14 8292120]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-12-09 2285344]

"Grid"=C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\HYDRAVISION\HYDRAGRD.EXE [2013-08-30 401408]

"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2013-08-30 389120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Grid]

c:\program files (x86)\ati technologies\hydravision\hydragrd.exe [2013-08-30 401408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager]

c:\program files (x86)\ati technologies\hydravision\hydradm.exe [2013-08-30 389120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

e:\itunes\ituneshelper.exe [2014-02-06 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5]

c:\program files (x86)\msi\live update 5\bootstartliveupdate.exe [2012-01-30 315392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]

e:\poweriso\pwrisovm.exe [2013-07-22 337432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]

c:\program files\realtek\audio\hda\rtkngui64.exe [2014-02-16 7506136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger]

c:\program files (x86)\msi\super-charger\super-charger.exe [2012-01-03 502288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON]

c:\program files (x86)\intel\intel® usb 3.0 extensible host controller driver\application\iusb3mon.exe [2012-01-26 291608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]

c:\program files (x86)\avg safeguard toolbar\vprot.exe [2014-02-05 2535448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-01-22 4962320]

"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2013-12-13 1573184]

"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-12-06 766208]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2012-01-18 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux2"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux3"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-02-21 05:38:03 ----D---- C:\rsit

2014-02-21 05:38:03 ----D---- C:\Program Files\trend micro

2014-02-20 19:49:15 ----D---- C:\Users\Koen\AppData\Roaming\GameRanger

2014-02-20 15:54:25 ----D---- C:\Windows\SYSWOW64\Macromed

2014-02-20 15:39:57 ----D---- C:\Users\Koen\AppData\Roaming\Awesomium

2014-02-20 15:39:43 ----D---- C:\ProgramData\Hi-Rez Studios

2014-02-19 20:24:48 ----D---- C:\Users\Koen\AppData\Roaming\Malwarebytes

2014-02-19 20:24:40 ----D---- C:\ProgramData\Malwarebytes

2014-02-19 20:24:40 ----A---- C:\Windows\system32\drivers\mbam.sys

2014-02-19 18:27:14 ----D---- C:\Users\Koen\AppData\Roaming\Facepunch

2014-02-18 13:26:37 ----A---- C:\Windows\SYSWOW64\javaws.exe

2014-02-18 13:26:35 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

2014-02-18 13:26:35 ----A---- C:\Windows\SYSWOW64\javaw.exe

2014-02-18 13:26:35 ----A---- C:\Windows\SYSWOW64\java.exe

2014-02-18 13:26:32 ----D---- C:\Program Files (x86)\Java

2014-02-17 12:55:01 ----D---- C:\ProgramData\LogiShrd

2014-02-17 12:54:58 ----D---- C:\Users\Koen\AppData\Roaming\Leadertech

2014-02-17 12:54:43 ----A---- C:\Windows\system32\drivers\LNonPnP.sys

2014-02-17 12:54:38 ----D---- C:\Program Files\Logitech Gaming Software

2014-02-17 12:54:14 ----D---- C:\Users\Koen\AppData\Roaming\Logitech

2014-02-17 12:54:14 ----D---- C:\Users\Koen\AppData\Roaming\Logishrd

2014-02-17 11:40:01 ----D---- C:\ProgramData\ATI

2014-02-17 11:40:00 ----D---- C:\Program Files (x86)\AMD AVT

2014-02-17 11:38:41 ----A---- C:\Windows\SYSWOW64\mstscax.dll

2014-02-17 11:38:41 ----A---- C:\Windows\system32\mstscax.dll

2014-02-17 11:37:46 ----D---- C:\AMD

2014-02-16 23:00:05 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll

2014-02-16 23:00:04 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll

2014-02-16 23:00:04 ----A---- C:\Windows\SYSWOW64\tsgqec.dll

2014-02-16 23:00:04 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll

2014-02-16 23:00:04 ----A---- C:\Windows\SYSWOW64\mstsc.exe

2014-02-16 23:00:04 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll

2014-02-16 23:00:04 ----A---- C:\Windows\system32\wksprtPS.dll

2014-02-16 23:00:04 ----A---- C:\Windows\system32\wksprt.exe

2014-02-16 23:00:04 ----A---- C:\Windows\system32\TSWbPrxy.exe

2014-02-16 23:00:04 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2014-02-16 23:00:04 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2014-02-16 23:00:04 ----A---- C:\Windows\system32\tsgqec.dll

2014-02-16 23:00:04 ----A---- C:\Windows\system32\rdvidcrl.dll

2014-02-16 23:00:04 ----A---- C:\Windows\system32\mstsc.exe

2014-02-16 23:00:04 ----A---- C:\Windows\system32\MsRdpWebAccess.dll

2014-02-16 23:00:04 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys

2014-02-16 23:00:00 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll

2014-02-16 22:59:59 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll

2014-02-16 22:59:59 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys

2014-02-16 22:59:59 ----A---- C:\Windows\system32\drivers\terminpt.sys

2014-02-16 22:59:59 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys

2014-02-16 22:59:58 ----A---- C:\Windows\system32\rdpudd.dll

2014-02-16 22:59:58 ----A---- C:\Windows\system32\rdpendp_winip.dll

2014-02-16 22:59:58 ----A---- C:\Windows\system32\rdpcorets.dll

2014-02-16 22:59:32 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll

2014-02-16 22:59:32 ----A---- C:\Windows\system32\TSWorkspace.dll

2014-02-16 13:40:45 ----D---- C:\Windows\rescache

2014-02-16 12:16:37 ----A---- C:\Windows\system32\RtkAPO64.dll

2014-02-16 12:16:37 ----A---- C:\Windows\system32\RCoInstII64.dll

2014-02-16 12:16:37 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys

2014-02-16 12:16:37 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT

2014-02-16 12:16:36 ----A---- C:\Windows\system32\MBWrp64.dll

2014-02-15 21:48:49 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-02-15 21:48:49 ----A---- C:\Windows\system32\vbscript.dll

2014-02-15 21:48:31 ----A---- C:\Windows\SYSWOW64\msrating.dll

2014-02-15 21:48:31 ----A---- C:\Windows\system32\msrating.dll

2014-02-15 21:48:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-02-15 21:48:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-02-15 21:48:30 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-02-15 21:48:30 ----A---- C:\Windows\system32\msfeeds.dll

2014-02-15 21:48:30 ----A---- C:\Windows\system32\jsproxy.dll

2014-02-15 21:48:30 ----A---- C:\Windows\system32\ieui.dll

2014-02-15 21:48:30 ----A---- C:\Windows\system32\iernonce.dll

2014-02-15 21:48:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-02-15 21:48:30 ----A---- C:\Windows\system32\ie4uinit.exe

2014-02-15 21:48:29 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2014-02-15 21:48:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-02-15 21:48:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2014-02-15 21:48:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2014-02-15 21:48:29 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2014-02-15 21:48:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2014-02-15 21:48:29 ----A---- C:\Windows\system32\mshtml.dll

2014-02-15 21:48:29 ----A---- C:\Windows\system32\jscript9diag.dll

2014-02-15 21:48:29 ----A---- C:\Windows\system32\ieUnatt.exe

2014-02-15 21:48:29 ----A---- C:\Windows\system32\iesetup.dll

2014-02-15 21:48:29 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-02-15 21:48:29 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-02-15 21:48:29 ----A---- C:\Windows\system32\ieapfltr.dll

2014-02-15 21:48:28 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-02-15 21:48:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-02-15 21:48:28 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-02-15 21:48:28 ----A---- C:\Windows\system32\wininet.dll

2014-02-15 21:48:28 ----A---- C:\Windows\system32\urlmon.dll

2014-02-15 21:48:28 ----A---- C:\Windows\system32\iertutil.dll

2014-02-15 21:48:28 ----A---- C:\Windows\system32\ieframe.dll

2014-02-15 21:48:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-02-15 21:48:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-02-15 21:48:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-02-15 21:48:26 ----A---- C:\Windows\system32\jscript9.dll

2014-02-15 07:42:28 ----A---- C:\Windows\SYSWOW64\msxml3r.dll

2014-02-15 07:42:28 ----A---- C:\Windows\SYSWOW64\msxml3.dll

2014-02-15 07:42:28 ----A---- C:\Windows\system32\msxml3r.dll

2014-02-15 07:42:28 ----A---- C:\Windows\system32\msxml3.dll

2014-02-15 07:42:25 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll

2014-02-15 07:42:25 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll

2014-02-15 07:42:25 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll

2014-02-15 07:42:25 ----A---- C:\Windows\SYSWOW64\secproc.dll

2014-02-15 07:42:25 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe

2014-02-15 07:42:25 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe

2014-02-15 07:42:25 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe

2014-02-15 07:42:25 ----A---- C:\Windows\SYSWOW64\RMActivate.exe

2014-02-15 07:42:25 ----A---- C:\Windows\SYSWOW64\msdrm.dll

2014-02-15 07:42:25 ----A---- C:\Windows\system32\secproc_ssp_isv.dll

2014-02-15 07:42:25 ----A---- C:\Windows\system32\secproc_ssp.dll

2014-02-15 07:42:25 ----A---- C:\Windows\system32\secproc_isv.dll

2014-02-15 07:42:25 ----A---- C:\Windows\system32\secproc.dll

2014-02-15 07:42:25 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe

2014-02-15 07:42:25 ----A---- C:\Windows\system32\RMActivate_ssp.exe

2014-02-15 07:42:25 ----A---- C:\Windows\system32\RMActivate_isv.exe

2014-02-15 07:42:25 ----A---- C:\Windows\system32\RMActivate.exe

2014-02-15 07:42:25 ----A---- C:\Windows\system32\msdrm.dll

2014-02-15 07:42:24 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll

2014-02-15 07:42:24 ----A---- C:\Windows\SYSWOW64\d2d1.dll

2014-02-15 07:42:24 ----A---- C:\Windows\system32\d3d10warp.dll

2014-02-15 07:42:24 ----A---- C:\Windows\system32\d2d1.dll

2014-02-09 15:11:18 ----D---- C:\Users\Koen\AppData\Roaming\ProductData

2014-02-08 18:12:31 ----DC---- C:\Windows\system32\DRVSTORE

2014-02-08 18:12:31 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys

2014-02-08 18:12:27 ----D---- C:\ProgramData\Apple Computer

2014-02-08 18:12:27 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-02-08 18:12:27 ----D---- C:\Program Files\iTunes

2014-02-08 18:12:27 ----D---- C:\Program Files\iPod

2014-02-08 18:11:47 ----D---- C:\Program Files (x86)\Apple Software Update

2014-02-08 18:11:41 ----D---- C:\Program Files\Common Files\Apple

2014-02-08 18:11:38 ----D---- C:\Program Files\Bonjour

2014-02-08 18:11:38 ----D---- C:\Program Files (x86)\Bonjour

2014-02-08 18:11:34 ----D---- C:\ProgramData\Apple

2014-02-06 16:05:26 ----D---- C:\Users\Koen\AppData\Roaming\Mozilla

2014-02-06 16:05:18 ----D---- C:\ProgramData\Mozilla

2014-02-06 16:05:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2014-02-05 17:25:18 ----D---- C:\Users\Koen\AppData\Roaming\AVG

2014-02-05 17:25:00 ----D---- C:\ProgramData\AVG

2014-02-05 17:24:45 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

2014-02-03 17:06:17 ----A---- C:\extensions.ini

2014-02-03 17:06:06 ----D---- C:\Program Files (x86)\MediaPlayerV1

2014-02-02 16:03:59 ----ASH---- C:\pagefile.sys

2014-01-20 21:40:35 ----A---- C:\Windows\system32\javaws.exe

2014-01-20 21:40:33 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll

2014-01-20 21:40:33 ----A---- C:\Windows\system32\javaw.exe

2014-01-20 21:40:33 ----A---- C:\Windows\system32\java.exe

2014-01-20 21:40:30 ----D---- C:\Program Files\Java

2014-01-20 17:30:37 ----D---- C:\Users\Koen\AppData\Roaming\ftblauncher

2014-01-19 21:42:48 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll

2014-01-19 21:42:48 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys

2014-01-19 21:42:48 ----A---- C:\log.txt

2014-01-19 16:44:18 ----D---- C:\Users\Koen\AppData\Roaming\Screaming Bee

2014-01-19 16:44:15 ----D---- C:\ProgramData\Screaming Bee

2014-01-19 16:26:30 ----D---- C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP

2014-01-19 16:26:30 ----A---- C:\Windows\SYSWOW64\pbsvc_blr.exe

2014-01-19 15:43:56 ----A---- C:\Windows\system32\drivers\sptd.sys

2014-01-19 13:31:18 ----A---- C:\Windows\system32\SmartDefragBootTime.exe

2014-01-19 13:31:11 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll20140119133118.dll

2014-01-19 13:31:11 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll

2014-01-19 13:31:11 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys

2014-01-18 16:40:58 ----D---- C:\Users\Koen\AppData\Roaming\YourFileDownloader

2014-01-18 16:16:42 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll

2014-01-18 16:16:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll

2014-01-18 16:16:42 ----A---- C:\Windows\system32\d3dx10_39.dll

2014-01-18 16:16:42 ----A---- C:\Windows\system32\D3DCompiler_39.dll

2014-01-18 16:16:41 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll

2014-01-18 16:16:41 ----A---- C:\Windows\system32\D3DX9_39.dll

2014-01-18 16:12:33 ----D---- C:\Program Files (x86)\Eagle Dynamics

2014-01-15 22:31:50 ----D---- C:\Windows\Migration

2014-01-15 15:42:17 ----A---- C:\Windows\system32\win32k.sys

2014-01-15 15:42:17 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2014-01-15 15:42:17 ----A---- C:\Windows\system32\drivers\usbport.sys

2014-01-15 15:42:17 ----A---- C:\Windows\system32\drivers\usbohci.sys

2014-01-15 15:42:17 ----A---- C:\Windows\system32\drivers\usbhub.sys

2014-01-15 15:42:17 ----A---- C:\Windows\system32\drivers\usbehci.sys

2014-01-15 15:42:17 ----A---- C:\Windows\system32\drivers\usbd.sys

2014-01-15 15:42:17 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2014-01-15 15:42:16 ----A---- C:\Windows\system32\drivers\netio.sys

2014-01-11 13:37:37 ----A---- C:\Windows\system32\RtNicProp64.dll

2014-01-11 13:37:37 ----A---- C:\Windows\system32\drivers\Rt64win7.sys

2014-01-11 13:37:03 ----D---- C:\Program Files\AMD

2014-01-11 13:36:52 ----A---- C:\Windows\SYSWOW64\OVDecode.dll

2014-01-11 13:36:52 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll

2014-01-11 13:36:52 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll

2014-01-11 13:36:52 ----A---- C:\Windows\SYSWOW64\atiumdva.dll

2014-01-11 13:36:52 ----A---- C:\Windows\SYSWOW64\atiumdag.dll

2014-01-11 13:36:52 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll

2014-01-11 13:36:52 ----A---- C:\Windows\SYSWOW64\atisamu32.dll

2014-01-11 13:36:52 ----A---- C:\Windows\SYSWOW64\atioglxx.dll

2014-01-11 13:36:52 ----A---- C:\Windows\SYSWOW64\atimpc32.dll

2014-01-11 13:36:52 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\OVDecode64.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\OpenVideo64.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\drivers\atikmpag.sys

2014-01-11 13:36:52 ----A---- C:\Windows\system32\coinst_13.251.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\clinfo.exe

2014-01-11 13:36:52 ----A---- C:\Windows\system32\ativvaxy_cik_nd.dat

2014-01-11 13:36:52 ----A---- C:\Windows\system32\ativvaxy_cik.dat

2014-01-11 13:36:52 ----A---- C:\Windows\system32\ativce02.dat

2014-01-11 13:36:52 ----A---- C:\Windows\system32\atitmm64.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\atisamu64.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\atio6axx.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\atimuixx.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\atimpc64.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\amdpcom64.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\OpenCL.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\atigktxx.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\atidxx32.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\aticfx32.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\aticalrt.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\aticaldd.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\aticalcl.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\amdocl.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll

2014-01-11 13:36:51 ----A---- C:\Windows\SYSWOW64\amdave32.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\OpenCL.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\drivers\atikmdag.sys

2014-01-11 13:36:51 ----A---- C:\Windows\system32\drivers\ati2erec.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\atiicdxx.dat

2014-01-11 13:36:51 ----A---- C:\Windows\system32\atiglpxx.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\atig6txx.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\atig6pxx.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\aticalrt64.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\aticaldd64.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\aticalcl64.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\atiapfxx.exe

2014-01-11 13:36:51 ----A---- C:\Windows\system32\amdocl64.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\amdhcp64.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\amdave64.dll

2014-01-10 15:47:15 ----A---- C:\Windows\SYSWOW64\rewire.dll

2014-01-10 15:47:10 ----D---- C:\Users\Koen\AppData\Roaming\Image-Line

2014-01-10 15:47:10 ----D---- C:\Program Files\Image-Line

2014-01-10 15:47:01 ----D---- C:\Users\Koen\AppData\Roaming\FlowStone

2014-01-10 15:47:01 ----D---- C:\Program Files (x86)\DSPRobotics

2014-01-10 15:45:03 ----D---- C:\Program Files (x86)\Image-Line

2014-01-05 16:30:13 ----D---- C:\Users\Koen\AppData\Roaming\vlc

2014-01-04 14:34:13 ----D---- C:\Users\Koen\AppData\Roaming\GoforFiles

2014-01-02 22:09:17 ----D---- C:\Crash

2013-12-27 13:09:03 ----A---- C:\Windows\system32\drivers\HECIx64.sys

2013-12-25 22:41:54 ----D---- C:\Windows\SYSWOW64\directx

2013-12-25 22:08:35 ----D---- C:\ProgramData\WarThunder

2013-12-24 18:37:14 ----D---- C:\Users\Koen\AppData\Roaming\Seeing Machines

2013-12-24 18:37:14 ----D---- C:\ProgramData\Seeing Machines

2013-12-24 18:36:21 ----A---- C:\Windows\system32\drivers\vjoy.sys

2013-12-24 17:58:05 ----D---- C:\Program Files (x86)\Code Laboratories

2013-12-24 17:31:32 ----RA---- C:\Windows\SYSWOW64\MSXML.DLL

2013-12-24 13:33:52 ----D---- C:\ProgramData\AVG Security Toolbar

2013-12-24 13:33:47 ----A---- C:\Windows\system32\drivers\avgtpx64.sys

2013-12-24 13:33:44 ----D---- C:\ProgramData\AVG SafeGuard toolbar

2013-12-24 13:33:44 ----D---- C:\Program Files (x86)\AVG SafeGuard toolbar

2013-12-23 13:31:44 ----D---- C:\ProgramData\Bohemia Interactive Studio

2013-12-23 12:09:34 ----D---- C:\Program Files (x86)\Dotjosh Studios

2013-12-22 19:20:15 ----D---- C:\ProgramData\REVOLT

2013-12-22 13:25:11 ----A---- C:\Windows\system32\drivers\AtihdW76.sys

2013-12-22 13:25:11 ----A---- C:\Windows\system32\DelayAPO.dll

2013-12-22 13:24:36 ----A---- C:\Windows\system32\WavesGUILib64.dll

2013-12-22 13:24:35 ----A---- C:\Windows\system32\SET32DD.tmp

2013-12-22 13:24:35 ----A---- C:\Windows\system32\RtPgEx64.dll

2013-12-22 13:24:35 ----A---- C:\Windows\system32\RtDataProc64.dll

2013-12-22 13:24:35 ----A---- C:\Windows\system32\RTCOM64.dll

2013-12-22 13:24:34 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll

2013-12-22 13:24:34 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll

2013-12-14 11:43:02 ----D---- C:\ProgramData\Codemasters

2013-12-11 22:38:15 ----A---- C:\Windows\SYSWOW64\wmploc.DLL

2013-12-11 22:38:15 ----A---- C:\Windows\SYSWOW64\wmp.dll

2013-12-11 22:38:15 ----A---- C:\Windows\system32\wmploc.DLL

2013-12-11 22:38:14 ----A---- C:\Windows\system32\wmp.dll

2013-12-11 16:07:53 ----A---- C:\Windows\SYSWOW64\tzres.dll

2013-12-11 16:07:53 ----A---- C:\Windows\system32\tzres.dll

2013-12-11 16:07:52 ----A---- C:\Windows\SYSWOW64\msieftp.dll

2013-12-11 16:07:52 ----A---- C:\Windows\system32\msieftp.dll

2013-12-11 16:07:51 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll

2013-12-11 16:07:51 ----A---- C:\Windows\SYSWOW64\imagehlp.dll

2013-12-11 16:07:51 ----A---- C:\Windows\system32\WMPhoto.dll

2013-12-11 16:07:51 ----A---- C:\Windows\system32\imagehlp.dll

2013-12-11 16:07:45 ----A---- C:\Windows\SYSWOW64\wscript.exe

2013-12-11 16:07:45 ----A---- C:\Windows\SYSWOW64\scrrun.dll

2013-12-11 16:07:45 ----A---- C:\Windows\SYSWOW64\cscript.exe

2013-12-11 16:07:45 ----A---- C:\Windows\system32\wscript.exe

2013-12-11 16:07:45 ----A---- C:\Windows\system32\scrrun.dll

2013-12-11 16:07:45 ----A---- C:\Windows\system32\drivers\portcls.sys

2013-12-11 16:07:45 ----A---- C:\Windows\system32\drivers\drmk.sys

2013-12-11 16:07:45 ----A---- C:\Windows\system32\cscript.exe

2013-12-10 20:28:23 ----A---- C:\Windows\system32\IEUDINIT.EXE

2013-12-10 20:26:17 ----A---- C:\Windows\SYSWOW64\elshyph.dll

2013-12-10 20:26:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2013-12-10 20:26:16 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-12-10 20:26:16 ----A---- C:\Windows\SYSWOW64\msls31.dll

2013-12-10 20:26:16 ----A---- C:\Windows\SYSWOW64\jsIntl.dll

2013-12-10 20:26:16 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2013-12-10 20:26:16 ----A---- C:\Windows\system32\elshyph.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\wextract.exe

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\webcheck.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\url.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\pngfilt.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\occache.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\mshtmler.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\mshta.exe

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\licmgr10.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\inseng.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\imgutil.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\iexpress.exe

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\iepeers.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\icardie.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2013-12-10 20:26:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2013-12-10 20:26:15 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2013-12-10 20:26:15 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-12-10 20:26:15 ----A---- C:\Windows\system32\msls31.dll

2013-12-10 20:26:15 ----A---- C:\Windows\system32\msfeedssync.exe

2013-12-10 20:26:15 ----A---- C:\Windows\system32\msfeedsbs.dll

2013-12-10 20:26:15 ----A---- C:\Windows\system32\jsIntl.dll

2013-12-10 20:26:15 ----A---- C:\Windows\system32\IEAdvpack.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\wextract.exe

2013-12-10 20:26:14 ----A---- C:\Windows\system32\webcheck.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\url.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\pngfilt.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\occache.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\mshtmlmedia.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\mshtmler.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\mshtmled.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\MshtmlDac.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\mshta.exe

2013-12-10 20:26:14 ----A---- C:\Windows\system32\licmgr10.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\jscript.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\inseng.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\imgutil.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\iexpress.exe

2013-12-10 20:26:14 ----A---- C:\Windows\system32\iesysprep.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\iepeers.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\iedkcs32.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\ieapfltr.dat

2013-12-10 20:26:14 ----A---- C:\Windows\system32\icardie.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\dxtrans.dll

2013-12-10 20:26:14 ----A---- C:\Windows\system32\dxtmsft.dll

2013-12-09 17:29:47 ----D---- C:\Program Files\SmartTechnology

2013-12-09 17:29:09 ----D---- C:\Program Files\Saitek

2013-12-09 17:29:09 ----D---- C:\Program Files (x86)\Saitek

2013-12-09 17:29:08 ----D---- C:\ProgramData\SmartTechnology

2013-12-08 16:22:41 ----D---- C:\ProgramData\Canneverbe Limited

2013-12-08 16:22:37 ----D---- C:\Users\Koen\AppData\Roaming\Canneverbe Limited

2013-12-06 16:49:18 ----A---- C:\Windows\system32\kdbsdk64.dll

2013-12-06 16:44:26 ----A---- C:\Windows\SYSWOW64\kdbsdk32.dll

2013-11-25 21:47:22 ----A---- C:\Windows\system32\drivers\avgidsha.sys

2013-11-25 21:47:20 ----A---- C:\Windows\system32\drivers\avgidsdrivera.sys

2013-11-25 21:47:20 ----A---- C:\Windows\system32\drivers\avgdiska.sys

======List of files/folders modified in the last 3 months======

2014-02-21 05:38:03 ----RD---- C:\Program Files

2014-02-21 05:30:29 ----D---- C:\Windows\Temp

2014-02-20 23:58:50 ----SHD---- C:\System Volume Information

2014-02-20 21:02:35 ----D---- C:\Windows\system32\config

2014-02-20 20:53:27 ----D---- C:\Windows\System32

2014-02-20 20:53:27 ----D---- C:\Windows\inf

2014-02-20 20:53:27 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-02-20 20:52:45 ----D---- C:\Windows\system32\DriverStore

2014-02-20 20:52:45 ----D---- C:\Windows\system32\drivers

2014-02-20 20:52:45 ----D---- C:\Windows\system32\catroot

2014-02-20 18:41:37 ----D---- C:\Windows\system32\catroot2

2014-02-20 18:41:35 ----D---- C:\ProgramData\MFAData

2014-02-20 15:54:25 ----D---- C:\Windows\SysWOW64

2014-02-20 15:39:43 ----HD---- C:\ProgramData

2014-02-20 15:39:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2014-02-20 13:13:40 ----RSD---- C:\Windows\assembly

2014-02-20 13:13:40 ----D---- C:\Windows\Logs

2014-02-20 13:13:38 ----D---- C:\Windows

2014-02-20 12:52:32 ----A---- C:\Windows\SYSWOW64\log.txt

2014-02-19 20:47:22 ----D---- C:\Users\Koen\AppData\Roaming\uTorrent

2014-02-19 20:30:20 ----D---- C:\Windows\system32\Tasks

2014-02-19 20:27:12 ----D---- C:\Windows\Tasks

2014-02-19 20:02:00 ----SHD---- C:\Windows\Installer

2014-02-19 19:57:09 ----RD---- C:\Program Files (x86)

2014-02-19 18:28:06 ----D---- C:\ProgramData\Package Cache

2014-02-19 16:12:10 ----D---- C:\Users\Koen\AppData\Roaming\.minecraft

2014-02-18 13:26:50 ----D---- C:\ProgramData\Oracle

2014-02-18 13:26:38 ----D---- C:\Program Files (x86)\Common Files

2014-02-17 20:55:08 ----D---- C:\ProgramData\ProductData

2014-02-17 13:08:47 ----D---- C:\Users\Koen\AppData\Roaming\IObit

2014-02-17 13:08:47 ----D---- C:\Program Files (x86)\IObit

2014-02-17 13:05:54 ----D---- C:\Windows\debug

2014-02-17 13:03:30 ----D---- C:\ProgramData\PMB Files

2014-02-17 12:54:37 ----D---- C:\Windows\winsxs

2014-02-17 12:34:42 ----D---- C:\Windows\Microsoft.NET

2014-02-17 11:40:01 ----D---- C:\ProgramData\AMD

2014-02-17 11:39:50 ----D---- C:\Program Files\ATI Technologies

2014-02-16 23:00:22 ----D---- C:\Windows\SYSWOW64\wbem

2014-02-16 23:00:22 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-02-16 23:00:22 ----D---- C:\Windows\SYSWOW64\en-US

2014-02-16 23:00:22 ----D---- C:\Windows\system32\wbem

2014-02-16 23:00:22 ----D---- C:\Windows\system32\nl-NL

2014-02-16 23:00:22 ----D---- C:\Windows\system32\en-US

2014-02-16 23:00:22 ----D---- C:\Windows\system32\drivers\nl-NL

2014-02-16 23:00:22 ----D---- C:\Windows\system32\drivers\en-US

2014-02-16 23:00:22 ----D---- C:\Windows\PolicyDefinitions

2014-02-16 22:59:57 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2014-02-16 22:42:29 ----D---- C:\Windows\system32\MRT

2014-02-16 22:41:28 ----A---- C:\Windows\system32\MRT.exe

2014-02-16 13:46:25 ----D---- C:\Windows\SoftwareDistribution

2014-02-16 12:16:56 ----D---- C:\Windows\SYSWOW64\RTCOM

2014-02-16 12:13:09 ----D---- C:\Program Files\Internet Explorer

2014-02-16 12:13:09 ----D---- C:\Program Files (x86)\Internet Explorer

2014-02-09 21:58:39 ----D---- C:\ProgramData\Origin

2014-02-09 21:51:31 ----D---- C:\Program Files (x86)\Google

2014-02-09 21:49:44 ----D---- C:\ProgramData\IObit

2014-02-09 15:12:02 ----D---- C:\Users\Koen\AppData\Roaming\Origin

2014-02-08 18:12:59 ----D---- C:\Users\Koen\AppData\Roaming\Apple Computer

2014-02-08 18:11:41 ----D---- C:\Program Files\Common Files

2014-02-08 18:08:17 ----D---- C:\Windows\system32\drivers\UMDF

2014-02-06 13:49:10 ----D---- C:\Program Files (x86)\AVG

2014-02-05 17:30:19 ----SD---- C:\Users\Koen\AppData\Roaming\Microsoft

2014-02-05 17:30:19 ----SD---- C:\ProgramData\Microsoft

2014-02-05 17:25:22 ----D---- C:\Program Files (x86)\Windows Sidebar

2014-02-03 17:06:06 ----HD---- C:\Windows\system32\GroupPolicy

2014-02-03 17:06:06 ----D---- C:\Windows\SYSWOW64\GroupPolicy

2014-02-02 17:54:43 ----D---- C:\Users\Koen\AppData\Roaming\Skype

2014-02-02 12:12:08 ----D---- C:\Program Files\Speccy

2014-02-01 15:17:18 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe

2014-01-19 16:31:53 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe

2014-01-15 22:31:27 ----D---- C:\ProgramData\Microsoft Help

2014-01-11 13:37:37 ----A---- C:\Windows\system32\RTNUninst64.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\atiuxp64.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\atiumd6a.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\atiumd64.dll

2014-01-11 13:36:52 ----A---- C:\Windows\system32\atiu9p64.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\atiesrxx.exe

2014-01-11 13:36:51 ----A---- C:\Windows\system32\atieclxx.exe

2014-01-11 13:36:51 ----A---- C:\Windows\system32\atidxx64.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\atidemgy.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\aticfx64.dll

2014-01-11 13:36:51 ----A---- C:\Windows\system32\atiadlxx.dll

2014-01-02 17:42:12 ----D---- C:\Program Files\Windows Media Player

2014-01-02 17:42:12 ----D---- C:\Program Files\Common Files\Microsoft Shared

2014-01-02 17:42:12 ----D---- C:\Program Files (x86)\Windows Media Player

2014-01-02 17:42:12 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8

2013-12-30 15:01:20 ----D---- C:\ProgramData\Skype

2013-12-30 15:01:19 ----RD---- C:\Program Files (x86)\Skype

2013-12-23 14:42:55 ----D---- C:\ProgramData\Orbit

2013-12-22 16:30:00 ----RSD---- C:\Windows\Fonts

2013-12-22 13:24:52 ----A---- C:\Windows\system32\SET62DA.tmp

2013-12-14 11:36:06 ----D---- C:\Windows\Panther

2013-12-11 16:02:48 ----D---- C:\Windows\SYSWOW64\migration

2013-12-11 16:02:48 ----D---- C:\Windows\system32\migration

2013-11-28 18:27:14 ----D---- C:\ProgramData\EA Logs

2013-11-28 15:57:12 ----D---- C:\Program Files (x86)\Battlelog Web Plugins

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-11-25 196376]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544]

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 21184]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-01-19 871408]

R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-25 150808]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 243480]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-10-31 212280]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-12-24 46368]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]

R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-07-22 126872]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-01-11 13207552]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-01-11 626176]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-12-22 94208]

R3 cmudaxp;ASUS Xonar DGX Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys [2011-12-20 2727936]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-02-16 3771352]

R3 ISCT;Intel® Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2013-01-19 46568]

R3 iusb3hub;Intel® USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120]

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]

R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 64280]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]

R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]

R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-01-19 99800]

R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]

R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-01-11 888536]

R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2013-04-30 25120]

R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2013-04-30 52640]

S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]

S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-18 14658688]

S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []

S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]

S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]

S3 NTIOLib_1_0_6;NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7756v1C0\NTIOLib_X64.sys [2011-01-06 11888]

S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]

S3 SaiH0762;SaiH0762; C:\Windows\system32\DRIVERS\SaiH0762.sys [2008-02-15 178304]

S3 SaiK0762;SaiK0762; C:\Windows\system32\DRIVERS\SaiK0762.sys [2013-04-30 181024]

S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]

S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]

S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]

S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-09-17 42184]

S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]

S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2013-03-18 54784]

S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []

S3 vhidmini;VJoy Virtual Joystick; C:\Windows\system32\DRIVERS\vjoy.sys [2012-10-15 15104]

S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]

S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-01-11 239616]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-01-22 3788816]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; E:\Hi-Rez Studios Games\HiPatchService.exe [2014-02-03 9216]

R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-11 341824]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-01-10 627936]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-01-20 161560]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-01-20 277784]

R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-01-03 138768]

R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-01-19 76888]

R2 SaiDOutput;Saitek DirectOutput; C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe [2013-04-16 233984]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-01-20 363800]

R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-01-06 1771544]

R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-20 569024]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 116648]

S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-02-09 2151744]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-12-23 49152]

S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-01-27 276248]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 116648]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]

S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-06 641352]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-28 118896]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-18 1255736]

S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {95B7759C-8C7F-4BF1-B163-73684A933233};c
 C:\Program Files (x86)\AVG SafeGuard toolbar;fs
 C:\Windows\tasks\Driver Booster Update.job;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}];r64
 C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308};fs
 C:\Program Files (x86)\MediaPlayerV1;fs
 C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP;f
 C:\ProgramData\AVG Security Toolbar;fs
 C:\ProgramData\AVG SafeGuard toolbar;fs
 C:\Windows\system32\SET62DA.tmp:f
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Geplaatst:

Zoek.exe v5.0.0.0 Updated 19-February-2014

Tool run by Koen on zo 23-02-2014 at 19:20:07,00.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Koen\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-02-23-181653.log 1346 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3336958952-2252018688-810193478-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-3336958952-2252018688-810193478-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-3336958952-2252018688-810193478-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-3336958952-2252018688-810193478-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

HKEY_USERS\S-1-5-21-3336958952-2252018688-810193478-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5F24D9EB-B6FF-424E-9342-8551AA804F8F} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.3.0 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater17.3.0 deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

==== Deleting Files \ Folders ======================

C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found

C:\Program Files (x86)\MediaPlayerV1 not found

C:\Program Files (x86)\AVG SafeGuard toolbar deleted

C:\ProgramData\AVG Security Toolbar deleted

C:\ProgramData\AVG SafeGuard toolbar deleted

C:\Users\Koen\daemonprocess.txt deleted

C:\Users\Koen\.android deleted

C:\PROGRA~2\COMMON~1\Spigot deleted

C:\PROGRA~2\COMMON~1\AVG Secure Search deleted

C:\extensions.sqlite deleted

C:\extensions.ini deleted

C:\PROGRA~3\ProductData deleted

C:\PROGRA~3\Package Cache deleted

C:\Users\Koen\AppData\Local\AVG SafeGuard toolbar deleted

C:\Users\Koen\AppData\Local\Mobogenie deleted

C:\Users\Koen\AppData\Local\cache deleted

C:\Users\Koen\AppData\Local\SwvUpdater deleted

C:\Windows\SysNative\roboot64.exe deleted

C:\Users\Koen\AppData\LocalLow\AVG SafeGuard toolbar deleted

C:\Users\Koen\AppData\LocalLow\ADSRemoval deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted

C:\Windows\SysWow64\AI_RecycleBin deleted

C:\Users\Koen\Documents\Mobogenie deleted

"C:\Windows\tasks\Driver Booster Update.job" deleted

"C:\Users\Koen\AppData\Local\LumaEmu" deleted

"C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP\WiseCustomCalla.dll" deleted

"C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Koen\AppData\Local\Temp ====

2014-02-20 14:53:57 5A017B268EFD4EFE45B04BB28F5AF4C1 1171224 ----a-w- C:\Users\Koen\AppData\Local\Temp\Epic-bd7751f2-2a92-463b-b685-ba36a3360aee\Binaries\UnSetup.exe

2014-02-17 11:55:07 A08A025915883515BDCFED506774B467 433144 ----a-w- C:\Users\Koen\AppData\Local\Temp\lu\1_lgs7_c06b_G700.exe

2014-02-17 11:54:49 208C100DF3914382A70E4AA97E15CED0 188928 ----a-w- C:\Users\Koen\AppData\Local\Temp\LGS-8.51. 5\Upgrade.msi

2014-02-17 11:54:33 EC711A2FEE688DA5B3646BDEA8F0072C 272896 ----a-w- C:\Users\Koen\AppData\Local\Temp\LGS-8.51. 5\LGS_Hlpr2.dll

2014-02-17 11:54:33 4674FB08E0C776CA3C775F8D24241B01 226384 ----a-w- C:\Users\Koen\AppData\Local\Temp\LGS-8.51. 5\LGSHlpr.dll

2014-02-17 11:54:33 40395C175553CB14D2050888EFCCDF00 4961800 ----a-w- C:\Users\Koen\AppData\Local\Temp\LGS-8.51. 5\vcredist.exe

2014-02-17 11:54:32 64A25BA47D2C504ECFF2349D162BAFD6 50007407 ----a-w- C:\Users\Koen\AppData\Local\Temp\LGS-8.51. 5\LGS-8.51. 5.exe

2014-02-16 13:40:45 DF463B4C69C1531D1DA7DA3E30E7F8B5 24677393 ----a-w- C:\Users\Koen\AppData\Local\Temp\vlc-2.1.3-win32.exe

====== Java Cache =====

2014-02-18 12:27:20 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Koen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-6542afab

2014-02-18 12:27:05 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Koen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-562b31aa

2014-02-18 12:27:05 0633235EA8B626939B82AF0D6F3D4B6E 99 ----a-w- C:\Users\Koen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap

2014-02-18 12:27:04 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Koen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-1bee62c9

2014-02-18 12:27:05 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Koen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-70da0445

====== C:\Windows\SysWOW64 =====

2014-02-20 14:54:25 CE517C148FB9E1BD20663A4665E1C5D3 404640 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-02-18 12:26:37 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2014-02-18 12:26:35 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe

2014-02-18 12:26:35 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-02-18 12:26:35 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe

2014-02-17 10:38:41 5CFA81C05054018FC91F75C6AABB7EE8 5693440 ----a-w- C:\Windows\SysWOW64\mstscax.dll

2014-02-16 22:00:04 AB5EFB103DB01C1912C9D2F545EA5621 17920 ----a-w- C:\Windows\SysWOW64\wksprtPS.dll

2014-02-16 22:00:04 8DEEE20D8D30E9B0FBDCA31E58A027BD 53248 ----a-w- C:\Windows\SysWOW64\tsgqec.dll

2014-02-16 22:00:04 5E676B296B762E211D83B87635F2C330 855552 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll

2014-02-16 22:00:04 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\SysWOW64\mstsc.exe

2014-02-16 22:00:04 2EFB1279E7BEA7D12D9F4D6508D27880 50176 ----a-w- C:\Windows\SysWOW64\MsRdpWebAccess.dll

2014-02-16 21:59:59 8999F18D38D55E34D356796507FFD639 192000 ----a-w- C:\Windows\SysWOW64\rdpendp_winip.dll

2014-02-16 21:59:32 AAB5D8C5ABE71873DC19ED004EF25009 792576 ----a-w- C:\Windows\SysWOW64\TSWorkspace.dll

2014-02-15 20:48:49 3D485254E43EF4E4F707346B5731EA9A 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-02-15 20:48:31 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-02-15 20:48:31 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-02-15 20:48:30 C9D1131E2163CE932DF3EAAF0EEA3673 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-02-15 20:48:30 85AC8EB265EDCAD86D651D45C5E3AB83 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-02-15 20:48:30 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-02-15 20:48:29 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-02-15 20:48:29 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-02-15 20:48:29 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-02-15 20:48:29 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-02-15 20:48:29 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-02-15 20:48:29 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-02-15 20:48:28 9C89246184979A070B0C6CCF61C68136 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-02-15 20:48:28 5D9DC6332A4FC66388B09BBE7CF53750 1156096 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-02-15 20:48:28 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-02-15 20:48:28 34CBED7698D557DDB43F8732FBC2ACB9 2168320 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-02-15 20:48:27 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-02-15 20:48:27 99280392987A1A96C756A9F38C4CE396 4244480 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-02-15 20:48:27 79FA7D8B488F90EDE325963379A6F738 11266048 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-02-15 06:42:28 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\SysWOW64\locale.nls

2014-02-15 06:42:28 E4561704CBFA193761743E5AF746C669 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll

2014-02-15 06:42:28 17B06F23237FCD731FA2E10ECD6EDFE1 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll

2014-02-15 06:42:25 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe

2014-02-15 06:42:25 BBCE3E9E74C7CEA47FA4115B360AC2C6 423936 ----a-w- C:\Windows\SysWOW64\secproc_isv.dll

2014-02-15 06:42:25 9158DBE2F8483434FC72F320690C9DB8 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp_isv.dll

2014-02-15 06:42:25 7FA485555BF802FE3DB5598004DBDFAC 390144 ----a-w- C:\Windows\SysWOW64\msdrm.dll

2014-02-15 06:42:25 6142C5540C8D2764D59CBC11AF4A5900 572416 ----a-w- C:\Windows\SysWOW64\RMActivate.exe

2014-02-15 06:42:25 58712A48D31B40EBCB35B47205F87771 87040 ----a-w- C:\Windows\SysWOW64\secproc_ssp.dll

2014-02-15 06:42:25 12A9F24DC9F465DA79AC2272D829A81E 428032 ----a-w- C:\Windows\SysWOW64\secproc.dll

2014-02-15 06:42:25 0F5FEF37588AF457E02125674F171A4F 508928 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2014-02-15 06:42:25 08D323750350A8A29611D1004C0CF319 510976 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe

2014-02-15 06:42:24 D96106CF60505734B14F6AE80AAA4B07 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll

2014-02-15 06:42:24 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-02-17 10:38:41 8F273C46BF2261BB872B3766521C9C2A 6573056 ----a-w- C:\Windows\Sysnative\mstscax.dll

2014-02-16 22:00:05 DDED7C5558B3AE09F568945281A9A6D1 44544 ----a-w- C:\Windows\Sysnative\TsUsbGDCoInstaller.dll

2014-02-16 22:00:04 FEC6178962DFF33074D39CA907971405 12800 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll

2014-02-16 22:00:04 A4420969E5AB94856E5C0C02E6099D3F 1057280 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll

2014-02-16 22:00:04 8E75B1112C374EBDF18FD640DA2F0655 1147392 ----a-w- C:\Windows\Sysnative\mstsc.exe

2014-02-16 22:00:04 7BD2E6E2458A5B95F8341244C7FC7DD4 18944 ----a-w- C:\Windows\Sysnative\wksprtPS.dll

2014-02-16 22:00:04 79EE5ECB4BE89343E4CF1E48F7769F59 420864 ----a-w- C:\Windows\Sysnative\wksprt.exe

2014-02-16 22:00:04 5289A00E2D21BB3A7D6761646543ED5C 62976 ----a-w- C:\Windows\Sysnative\tsgqec.dll

2014-02-16 22:00:04 149A388C17F04AD1F99B477A43BE1A9F 56832 ----a-w- C:\Windows\Sysnative\MsRdpWebAccess.dll

2014-02-16 22:00:04 108C257D765AAD2E6EC46557DA0B02BD 13824 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe

2014-02-16 22:00:04 0D2C2FAC4F29B5868D39B7267058CFEF 83968 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe

2014-02-16 22:00:00 E9A0777DCA9148157E0EF9B71D7DE353 15360 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll

2014-02-16 21:59:58 D346E07D62E3D4BEAB040939744EC31B 228864 ----a-w- C:\Windows\Sysnative\rdpendp_winip.dll

2014-02-16 21:59:58 AD4D0AEDB5993EDA31EB80A54EDBC344 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll

2014-02-16 21:59:58 8F69EE5E0EB0779DC3E90DFD8D8E8683 3174912 ----a-w- C:\Windows\Sysnative\rdpcorets.dll

2014-02-16 21:59:32 9E2EDE952A3EC44754A829F048CE93A0 1030144 ----a-w- C:\Windows\Sysnative\TSWorkspace.dll

2014-02-16 11:16:37 F0D94C5786977B4C44A914683DEBAA9A 1958616 ----a-w- C:\Windows\Sysnative\RTSnMg64.cpl

2014-02-16 11:16:37 A501B35471810628A9263E966FBCB362 153304 ----a-w- C:\Windows\Sysnative\RCoInstII64.dll

2014-02-16 11:16:37 6090C634C996CBA3DEB6A4A18ED91345 2588888 ----a-w- C:\Windows\Sysnative\RtkAPO64.dll

2014-02-16 11:16:36 AFC0794ABE84EA81F8B886F21A7858F4 397592 ----a-w- C:\Windows\Sysnative\MBWrp64.dll

2014-02-15 20:48:49 F67C7D80745379DC4C5332EFFE5AC696 548864 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-02-15 20:48:31 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-02-15 20:48:31 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-02-15 20:48:30 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-02-15 20:48:30 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-02-15 20:48:30 CDE728C8FB1D6E132CED44835FA44C87 627200 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-02-15 20:48:30 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-02-15 20:48:30 63B5E990896BA81D604032A48CC80A5C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-02-15 20:48:30 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-02-15 20:48:29 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-02-15 20:48:29 F348B2D0983C91392632B4291C517AA4 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-02-15 20:48:29 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-02-15 20:48:29 D016F5092E4FFC41147E8555A71D2DDE 23170048 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-02-15 20:48:29 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-02-15 20:48:29 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-02-15 20:48:29 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-02-15 20:48:28 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-02-15 20:48:28 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-02-15 20:48:28 6300AD525D639CECBB3D144B6D7B30F9 2765824 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-02-15 20:48:28 263B6E451526A90FF8B1CEC759F22956 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-02-15 20:48:28 22874047B810B5B174C68ACD7C0B6510 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-02-15 20:48:26 5922EEA922D3AD686342F866CAEE851F 5768704 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-02-15 06:42:28 EA093130471090037BB70A4AF86FAD1B 420008 ----a-w- C:\Windows\Sysnative\locale.nls

2014-02-15 06:42:28 CD2C20CC3B385A32701F78C0ACBBE9F3 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll

2014-02-15 06:42:28 0D298133C359AB8CB9EB4FA178BF3947 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll

2014-02-15 06:42:25 DC6DD779F35BB42E2E76FDFEC565C251 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp_isv.dll

2014-02-15 06:42:25 C6AC2C91541D24F9E236A670C0CA793D 528384 ----a-w- C:\Windows\Sysnative\msdrm.dll

2014-02-15 06:42:25 B41B1FEDEBBD955B4E25676B42087885 123392 ----a-w- C:\Windows\Sysnative\secproc_ssp.dll

2014-02-15 06:42:25 5693212AB2EBCACBBE05EC3A642113E2 485888 ----a-w- C:\Windows\Sysnative\secproc_isv.dll

2014-02-15 06:42:25 399FC1B75790EE606A6FD9F2FB4C891C 488448 ----a-w- C:\Windows\Sysnative\secproc.dll

2014-02-15 06:42:25 297926B15AE5390409F1007EB28A8EFB 552960 ----a-w- C:\Windows\Sysnative\RMActivate_ssp_isv.exe

2014-02-15 06:42:25 1B3741488AA7E237961A29D1E7A44C0A 626176 ----a-w- C:\Windows\Sysnative\RMActivate.exe

2014-02-15 06:42:25 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 ----a-w- C:\Windows\Sysnative\RMActivate_isv.exe

2014-02-15 06:42:25 03F8F411F118CFDA508E77C747BB05EA 553984 ----a-w- C:\Windows\Sysnative\RMActivate_ssp.exe

2014-02-15 06:42:24 E8710B5DDA963E6BA198DF5FB209E72A 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll

2014-02-15 06:42:24 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll

====== C:\Windows\Sysnative\drivers =====

2014-02-19 19:24:40 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2014-02-17 11:54:43 64AEB5790901EA8854884981F104CAA6 18960 ----a-w- C:\Windows\Sysnative\drivers\LNonPnP.sys

2014-02-16 22:00:04 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys

2014-02-16 21:59:59 EF4469AB69EB15E5D3754E6AEAFBCD3D 29696 ----a-w- C:\Windows\Sysnative\drivers\terminpt.sys

2014-02-16 21:59:59 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys

2014-02-16 21:59:59 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys

2014-02-16 11:16:37 8AD236A88D274D688105C23679723581 693385 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT

2014-02-16 11:16:37 69976169745EDFB3225D9ABEB5E91155 3771352 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys

2014-02-08 17:12:31 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\Windows\Sysnative\drivers\GEARAspiWDM.sys

2014-02-08 17:08:18 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

====== C:\Windows\Tasks ======

2014-02-09 20:51:26 FCEAD4BC232C2F642254AC58383E1337 894 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-09 20:51:26 D0662927D3F1FC1502332B849EE6524E 890 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-09 20:51:26 21AD266332FFECC5E449F78AE33D21D5 3638 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore

2014-02-09 20:51:26 213EA5F999A0F628FAEBCD3E16EADCBB 3890 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA

2014-02-09 14:11:16 6610A7EB54B4517994DF6B205B932282 2884 ----a-w- C:\Windows\Sysnative\Tasks\Uninstaller_SkipUac_Administrator

2014-02-08 17:11:48 -------- d-----w- C:\Windows\Sysnative\Tasks\Apple

2014-02-08 10:34:18 72D845F7FDB17227CB014E5F61D6A7FA 3950 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{34ED106D-5863-4B67-9031-F8B8FC561614}

2014-02-05 16:27:30 997E4EE08F75AB3D2490882015030E0B 3704 ----a-w- C:\Windows\Sysnative\Tasks\Java Update Scheduler

2014-01-29 19:01:22 153E46D9A723FC11B0DD12BC4B279BC6 2926 ----a-w- C:\Windows\Sysnative\Tasks\{FEC0F298-7DC4-444F-86D9-767205B4630F}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-02-21 04:38:03 -------- d-----w- C:\Program Files\trend micro

2014-02-08 17:12:27 -------- d-----w- C:\Program Files\iTunes

2014-02-08 17:12:27 -------- d-----w- C:\Program Files\iPod

2014-02-08 17:11:41 -------- d-----w- C:\Program Files\Common Files\Apple

2014-02-08 17:11:38 -------- d-----w- C:\Program Files\Bonjour

======= C:\PROGRA~2 =====

2014-02-18 12:26:38 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

2014-02-18 12:26:32 -------- d-----w- C:\PROGRA~2\Java

2014-02-17 10:40:00 -------- d-----w- C:\PROGRA~2\AMD AVT

2014-02-08 17:11:47 -------- d-----w- C:\PROGRA~2\Apple Software Update

2014-02-08 17:11:38 -------- d-----w- C:\PROGRA~2\Bonjour

2014-02-08 17:11:34 -------- d-----w- C:\PROGRA~2\COMMON~1\Apple

2014-02-06 15:05:18 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service

======= C: =====

2014-02-19 21:05:42 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\asc_rdflag

====== C:\Users\Koen\AppData\Roaming ======

2014-02-20 18:49:15 -------- d-----w- C:\Users\Koen\AppData\Roaming\GameRanger

2014-02-19 17:27:14 -------- d-----w- C:\Users\Koen\AppData\Roaming\Facepunch

2014-02-18 13:52:52 -------- d-----w- C:\Users\Koen\AppData\Local\The Witcher 2

2014-02-17 11:54:58 -------- d-----w- C:\Users\Koen\AppData\Roaming\Leadertech

2014-02-16 11:33:17 -------- d-----w- C:\Users\Koen\AppData\Local\Warframe

2014-02-09 14:11:18 -------- d-----w- C:\Users\Koen\AppData\Roaming\ProductData

2014-02-08 17:12:33 -------- d-----w- C:\Users\Koen\AppData\Local\Apple Computer

2014-02-08 17:11:48 -------- d-----w- C:\Users\Koen\AppData\Local\Apple

2014-02-08 17:11:44 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Apple Computer

2014-02-06 15:48:34 -------- d-----w- C:\Users\Koen\AppData\Local\Skyrim

2014-02-06 15:05:26 -------- d-----w- C:\Users\Koen\AppData\Roaming\Mozilla

2014-02-06 15:05:26 -------- d-----w- C:\Users\Koen\AppData\Local\Mozilla

2014-02-05 16:25:18 -------- d-----w- C:\Users\Koen\AppData\Roaming\AVG

2014-01-29 19:04:00 -------- d-----w- C:\Users\Koen\AppData\Locallow\Red Dot Games

====== C:\Users\Koen ======

2014-02-20 14:39:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios

2014-02-20 14:39:43 -------- d-----w- C:\ProgramData\Hi-Rez Studios

2014-02-20 12:13:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive

2014-02-19 17:28:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rust

2014-02-17 12:08:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Assistant

2014-02-17 10:40:01 -------- d-----w- C:\ProgramData\ATI

2014-02-17 10:39:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2014-02-09 20:51:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-02-09 14:11:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller

2014-02-08 17:12:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-02-08 17:12:27 -------- d-----w- C:\ProgramData\Apple Computer

2014-02-08 17:12:27 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-02-08 17:11:34 -------- d-----w- C:\ProgramData\Apple

2014-02-06 15:05:18 -------- d-----w- C:\ProgramData\Mozilla

2014-02-05 16:25:00 -------- d-----w- C:\ProgramData\AVG

2014-02-03 16:06:06 E5093D6A9B3BB122186EAEB6C21652FE 396 --sha-r- C:\ProgramData\ntuser.pol

====== C: exe-files ==

2014-02-21 20:53:12 EF6C867CC32BB1495BD663B23632CA7F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$IT0BU21.exe

2014-02-21 20:53:12 D062EFA1097DB84A025B3C98B6D1FE69 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$I1POBB9.exe

2014-02-21 20:53:12 AC19FD3B02C11F471EA7349DB5D7B016 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$IYKWGDN.exe

2014-02-21 20:53:12 A5DBC69D98FF2123E6454EC2D00EA35B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$I0CGZDS.exe

2014-02-21 20:53:12 95AD13B48614018148BFB63157F2712F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$IFXJHKR.exe

2014-02-21 20:53:12 91EFF03E135FD1DE3EA679EDBB31DBB9 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$IAJKISJ.exe

2014-02-21 20:53:12 8FE459589DC7D37FFBC885FC697F6393 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$IVYE1M9.exe

2014-02-21 20:53:12 67695352F848443373D4FDC3F8C7F77B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$I204DFP.exe

2014-02-21 20:53:12 5ADBD1919353067D999418F132AE913D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$I8BETSJ.exe

2014-02-21 20:53:12 57ECF956D8BD8887BBF8884BAD1C66C5 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$ID3PFOL.exe

2014-02-21 20:53:12 56D8E2DF3012F2C411AD13D42FCD1978 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$ISO1802.exe

2014-02-21 20:53:12 383DCF4E011F7864C0CCA6D170EEBBFD 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$I18TT0V.exe

2014-02-21 20:53:12 0177741AFB30A7197A07E90210070237 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$IMSQ786.exe

2014-02-21 04:38:03 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Koen.exe

2014-02-21 04:37:45 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$R1POBB9.exe

2014-02-21 03:06:05 A4F0C36642681927FA53CD6A90CA2975 7620312 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.117\33.0.1750.117_32.0.1700.107_chrome_updater.exe

2014-02-20 21:13:51 A9A23CA73D0E1F59CF70612FB046E9FD 1800352 ----a-w- C:\Users\Koen\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe

2014-02-20 18:48:55 7F4C3472EFCBE0D231DD5C5305FE6DB6 114352 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$R8BETSJ.exe

2014-02-20 14:53:57 5A017B268EFD4EFE45B04BB28F5AF4C1 1171224 ----a-w- C:\Users\Koen\AppData\Local\Temp\Epic-bd7751f2-2a92-463b-b685-ba36a3360aee\Binaries\UnSetup.exe

2014-02-20 14:39:31 BCA487E2F033F116CE066AE7F5F0C743 821760 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}\setup.exe

2014-02-20 14:38:00 09C67E8D8B8B1DC6D2B60612E99DD94D 39915619 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$R204DFP.exe

2014-02-19 19:24:05 A66B365579D8CEBD7F1D4D6B6F7F9373 10284816 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$RMSQ786.exe

2014-02-19 18:57:07 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe

2014-02-19 18:57:07 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe

2014-02-19 18:57:07 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe

2014-02-19 18:56:59 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe

2014-02-19 18:56:59 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

2014-02-19 18:56:59 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe

2014-02-19 18:56:58 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe

2014-02-18 12:26:37 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2014-02-18 12:26:35 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe

2014-02-18 12:26:35 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe

2014-02-18 12:26:33 FBC27FD8E76C53E6E8066944BBE2BF73 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe

2014-02-18 12:26:33 F4BA3A5D5FDE0A321CD7C4A74749CE5B 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe

2014-02-18 12:26:33 ED1F5F1906F8D963612A4831CDB331D6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe

2014-02-18 12:26:33 EBAB810C999D8C31F0D5D8B28B3EEDD1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe

2014-02-18 12:26:33 E9BFEA5B2F3F7598DA990F9728768790 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe

2014-02-18 12:26:33 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe

2014-02-18 12:26:33 C422AF851B98378A39B51D99FE707E64 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe

2014-02-18 12:26:33 B9436A665A8621073A12338B16D7BFD4 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe

2014-02-18 12:26:33 ACA236A716C2291E40ED069F2CBB3D35 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe

2014-02-18 12:26:33 A8F2A6D5782AA0166D8367FF674DDF77 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe

2014-02-18 12:26:33 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe

2014-02-18 12:26:33 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe

2014-02-18 12:26:33 762E372DCFDAE32FAE52C1A50A0029C2 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe

2014-02-18 12:26:33 6EEAD2C8A5CAC1F0F2066ABD77BA9092 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe

2014-02-18 12:26:33 6E2BECF6E17FF8DC850C058A38A50C4F 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe

2014-02-18 12:26:33 6E1B0EEBF3D1CC7ECF4104E1473900FF 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe

2014-02-18 12:26:33 5877E6618DA03EE8E7A869F57EE6ACE5 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe

2014-02-18 12:26:33 49A5F3169A23C00F9F2023DFE04D7AF6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe

2014-02-18 12:26:33 397A6EA17BB97800939DE44D7BFEEC04 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe

2014-02-18 12:26:33 18BC25C50200C3DD4E67611D2467DAA2 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe

2014-02-18 12:26:33 0E37C7C174521E16CEA0A6BC46F03BCD 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe

2014-02-18 12:25:31 5C68A2107DBD9B08CACE3130FE55B062 921000 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$RAJKISJ.exe

2014-02-18 12:19:06 5C68A2107DBD9B08CACE3130FE55B062 921000 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$RT0BU21.exe

2014-02-18 12:17:28 5C68A2107DBD9B08CACE3130FE55B062 921000 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$R18TT0V.exe

2014-02-17 12:08:47 EB1A31E31E9DD9A6D6A522F3E5893E8C 4641616 ----a-w- C:\Program Files (x86)\IObit\Game Assistant\GameAssistant.exe

2014-02-17 12:08:47 CE37330D1AFC320C7E260BAFCFA6110D 1988944 ----a-w- C:\Program Files (x86)\IObit\Game Assistant\ScreenShot.exe

2014-02-17 12:08:47 790E31FA42D5BFE1CFD675A63D9FA2C0 1613681 ----a-w- C:\Program Files (x86)\IObit\Game Assistant\unins000.exe

2014-02-17 12:08:47 231F859516872E3F3DDD2F4ACDB1FF0A 2129232 ----a-w- C:\Program Files (x86)\IObit\Game Assistant\UninstallPromote.exe

2014-02-17 12:08:47 212BE2D49E56332EBEBFFD5EFF55646A 1514320 ----a-w- C:\Program Files (x86)\IObit\Game Assistant\GASendBugReport.exe

2014-02-17 12:08:45 59581F33E5863AC831935F14BE68D904 4093800 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\game-assistant.exe

2014-02-17 11:55:07 A08A025915883515BDCFED506774B467 433144 ----a-w- C:\Users\Koen\AppData\Local\Temp\lu\1_lgs7_c06b_G700.exe

2014-02-17 11:54:33 40395C175553CB14D2050888EFCCDF00 4961800 ----a-w- C:\Users\Koen\AppData\Local\Temp\LGS-8.51. 5\vcredist.exe

2014-02-17 11:54:32 64A25BA47D2C504ECFF2349D162BAFD6 50007407 ----a-w- C:\Users\Koen\AppData\Local\Temp\LGS-8.51. 5\LGS-8.51. 5.exe

2014-02-17 11:53:35 BEB0F2FE3B2B7615B38ED72F77ED2A66 56601328 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$RYKWGDN.exe

2014-02-17 10:37:17 333A7BD4376B884C5F0A3E01C0878DA8 212753896 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$RD3PFOL.exe

2014-02-16 22:00:04 8E75B1112C374EBDF18FD640DA2F0655 1147392 ----a-w- C:\Windows\System32\mstsc.exe

2014-02-16 22:00:04 79EE5ECB4BE89343E4CF1E48F7769F59 420864 ----a-w- C:\Windows\System32\wksprt.exe

2014-02-16 22:00:04 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\SysWOW64\mstsc.exe

2014-02-16 22:00:04 108C257D765AAD2E6EC46557DA0B02BD 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe

2014-02-16 22:00:04 0D2C2FAC4F29B5868D39B7267058CFEF 83968 ----a-w- C:\Windows\System32\TSWbPrxy.exe

=== C: other files ==

2014-02-21 20:53:12 660F77CDB9CE09F228406328D6BDA656 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$IS9855H.zip

2014-02-21 20:53:12 0F0A0890D6EBA53E70FD184E8E7053A2 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$IW7VLHB.zip

2014-02-21 20:53:12 032726C14DB734B5A3535943184BEB50 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$IB75XVV.zip

2014-02-21 20:52:33 85E7E0FDBFD9EC0916446D760FC31EF8 4972114 ----a-w- C:\Users\Koen\Downloads\Mando Missile ArmA for Arma 2.zip

2014-02-21 20:51:47 3D3F8E5FF925E306B90067C52B1657E0 111322537 ----a-w- C:\Users\Koen\Downloads\F A-18 Super Hornet.zip

2014-02-19 19:24:40 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-02-18 21:29:13 71469FFEC11B39C123E39E7786BA5CFA 1678803 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$RS9855H.zip

2014-02-18 12:26:33 863EB6802B1C3B7630290871599BE0BD 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip

2014-02-17 19:59:44 82DFC11C183F3F531A7A51068038DB90 19224 ----a-w- C:\$Recycle.Bin\S-1-5-21-3336958952-2252018688-810193478-1001\$RW7VLHB.zip

2014-02-17 11:54:43 64AEB5790901EA8854884981F104CAA6 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys

2014-02-16 22:00:04 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys

2014-02-16 21:59:59 EF4469AB69EB15E5D3754E6AEAFBCD3D 29696 ----a-w- C:\Windows\System32\drivers\terminpt.sys

2014-02-16 21:59:59 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys

2014-02-16 21:59:59 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3336958952-2252018688-810193478-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"Grid"="C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\HYDRAVISION\HYDRAGRD.EXE"

"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"

"IObit Malware Fighter"="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"Grid"="C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\HYDRAVISION\HYDRAGRD.EXE"

"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"Cmaudio8788"="C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd"

"Cmaudio8788GX"="C:\Windows\syswow64\HsMgr.exe Envoke"

"Cmaudio8788GX64"="C:\Windows\system\HsMgr64.exe Envoke"

"ProfilerU"="C:\Program Files\SmartTechnology\Software\ProfilerU.exe"

"SaiMfd"="C:\Program Files\SmartTechnology\Software\SaiMfd.exe"

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"command"="c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe"

"hkey"="HKLM"

"item"="Adobe ARM"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Grid]

"command"="c:\\program files (x86)\\ati technologies\\hydravision\\hydragrd.exe"

"hkey"="HKCU"

"item"="Grid"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HydraVisionDesktopManager]

"command"="c:\\program files (x86)\\ati technologies\\hydravision\\hydradm.exe"

"hkey"="HKCU"

"item"="HydraVisionDesktopManager"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"command"="e:\\itunes\\ituneshelper.exe"

"hkey"="HKLM"

"item"="iTunesHelper"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Live Update 5]

"command"="c:\\program files (x86)\\msi\\live update 5\\bootstartliveupdate.exe /reminder"

"hkey"="HKLM"

"item"="Live Update 5"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE]

"command"="e:\\poweriso\\pwrisovm.exe -startup"

"hkey"="HKLM"

"item"="PWRISOVM.EXE"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]

"command"="\"c:\\program files\\realtek\\audio\\hda\\rtkngui64.exe\" -s"

"hkey"="HKLM"

"item"="RTHDVCPL"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Super-Charger]

"command"="c:\\program files (x86)\\msi\\super-charger\\super-charger.exe"

"hkey"="HKLM"

"item"="Super-Charger"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USB3MON]

"command"="c:\\program files (x86)\\intel\\intel® usb 3.0 extensible host controller driver\\application\\iusb3mon.exe"

"hkey"="HKLM"

"item"="USB3MON"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vProt]

"command"="c:\\program files (x86)\\avg safeguard toolbar\\vprot.exe"

"hkey"="HKLM"

"item"="vProt"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09-02-2014 21:51]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ASC7_SkipUac_Koen" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]

"C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe]

"C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{34ED106D-5863-4B67-9031-F8B8FC561614}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\{FEC0F298-7DC4-444F-86D9-767205B4630F}" [E:\Downloads\CarMechanic\cms.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"avg@toolbar"="C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Koen\AppData\Roaming\Mozilla\Firefox\Profiles\kcxxxmrh.default

- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF

- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

==== Firefox Plugins ======================

Profilepath: C:\Users\Koen\AppData\Roaming\Mozilla\Firefox\Profiles\kcxxxmrh.default

49CFBB2130C682FFDF2CEBEE9A2D556E - E:\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

0CA4180B21C6B728578F3B0433BB740E - E:\VLC\npvlc.dll - VLC Web Plugin

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx[]

icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.2.crx[]

mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[]

ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.3.1.204\avg.crx[]

nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12-10-2013 13:04]

pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[]

Last updated at time on date - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Advanced SystemCare Surfing Protection - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

Downloads - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi

Google Wallet - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Black & Gray - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\opngpggidjbhmmlapgcmcedfgblofagi

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://nl.search.yahoo.com/?type=198484&fr=spigot-yhp-ie"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{5F24D9EB-B6FF-424E-9342-8551AA804F8F}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{5F24D9EB-B6FF-424E-9342-8551AA804F8F} Yahoo Url="http://nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Koen\AppData\Local\Mozilla\Firefox\Profiles\kcxxxmrh.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1118 folders=410 110574506 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Koen\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Koen\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 23-02-2014 at 19:29:20,61 ======================

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.