Ga naar inhoud

Grondige opschoning laptop


Aanbevolen berichten

Ik heb de laptop van een collega op bezoek voor een grondige opschoning ... hieronder vinden jullie het RSIT-logje.

Alvast bedankt collega's ! ;-)

Logfile of random's system information tool 1.10 (written by random/random)

Run by Gregory at 2014-06-13 17:11:17

Microsoft Windows 7 Ultimate Service Pack 1

System drive C: has 7 GB (9%) free of 80 GB

Total RAM: 4094 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:11:35, on 13/06/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16518)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1\Volume Panel\VolPanlu.exe

C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe

C:\Program Files\trend micro\Gregory.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1\Volume Panel\VolPanlu.exe" /r

O4 - HKLM\..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [F-Secure Hoster (44163)] "C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe" -app -hosterid:1

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN337134390602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [uTorrent] "C:\Users\Gregory\AppData\Local\Temp\utt5D35.tmp.exe" /MINIMIZED

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe -update plugin

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Reputation\fsorsp.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10726 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"taskhost.exe"

"C:\Windows\System32\rundll32.exe" sbavmon.dll,SBAVMonitor

"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming

"C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN337134390602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1

"C:\Program Files\Bonjour\mDNSResponder.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe" -hosterid:0

"C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Reputation\fsorsp.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Photosmart 5520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN337134390602;CONNECTION=NW;MONITOR=1;

KHALMNPR.EXE /API

"C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1\Volume Panel\VolPanlu.exe" /r

"C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRun

WLIDSvcM.exe 2588

"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe" -app -hosterid:1

"C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE" /splash

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding

"C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSMA32.EXE"

oid 1.3.6.1.4.1.2213.11.1.27.64 HosterGroupType 0

"C:\Program Files\iPod\bin\iPodService.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" -Embedding

"C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe"

C:\Windows\servicing\TrustedInstaller.exe

"taskhost.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled

"C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE" /service /stopevent=592 /ipcexch=2264

"C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\fssm32.exe" 3 844 860 856

C:\Windows\System32\svchost.exe -k swprv

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Windows\system32\wuauclt.exe" /RunHandlerComServer

"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3716.1757a340.732601859 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3716 "\\.\pipe\gecko-crash-server-pipe.3716" plugin

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --proxy-stub-channel=Flash3660.67556010.14189 --host-broker-channel=Flash3660.67556010.553 --host-pid=3660 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll"

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --channel=5036.002CF1B0.38101174 --proxy-stub-channel=Flash3660.67556010.14189 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" --host-npapi-version=27 --type=renderer

C:\Windows\system32\sppsvc.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\msiexec.exe /V

"C:\Users\Gregory\Desktop\RSITx64.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

C:\Windows\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\Communicator.exe --auto

=========Mozilla firefox=========

ProfilePath - C:\Users\Gregory\AppData\Roaming\Mozilla\Firefox\Profiles\mz05bcs5.default

prefs.js - "browser.search.suggest.enabled" - false

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 13.0.0.214 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]

"Description"=A component of your photo software powered by RocketLife

"Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 13.0.0.214 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\components\

nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\

np-mswmp.dll

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

QuickTimePlugin.class

WMP Firefox Plugin License.rtf

WMP Firefox Plugin RelNotes.txt

C:\Users\Gregory\AppData\Roaming\Mozilla\Firefox\Profiles\mz05bcs5.default\searchplugins\

Startpins.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-21 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-21 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Creative SB Monitoring Utility"=RunDll32 sbavmon.dll,SBAVMonitor []

"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1744152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HP Photosmart 5520 series (NET)"=C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]

"uTorrent"=C:\Users\Gregory\AppData\Local\Temp\utt5D35.tmp.exe [2014-04-12 1268816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [2014-06-11 847536]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"VolPanel"=C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1\Volume Panel\VolPanlu.exe [2008-11-24 237693]

"Module Loader"=C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [2007-07-23 57344]

"NPSStartup"= []

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]

"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]

""= []

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

"F-Secure Hoster (44163)"=C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe [2013-01-18 188400]

"F-Secure Manager"=C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE [2013-08-20 310208]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]

C:\Users\Gregory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]

c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 68376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"ConsentPromptBehaviorUser"=0

"EnableLUA"=0

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=0

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-06-13 17:11:18 ----D---- C:\Program Files\trend micro

2014-06-13 17:11:17 ----D---- C:\rsit

2014-06-11 20:05:14 ----D---- C:\Program Files\DIFX

2014-06-11 20:03:46 ----D---- C:\Ross-Tech

2014-06-11 18:34:25 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-04-06 13:25:22 ----A---- C:\AVScanner.ini

2014-03-31 22:46:48 ----A---- C:\Windows\SYSWOW64\MSSTDFMT.DLL

======List of files/folders modified in the last 3 months======

2014-06-13 17:11:18 ----RD---- C:\Program Files

2014-06-13 17:11:07 ----D---- C:\Windows\winsxs

2014-06-13 17:09:59 ----SHD---- C:\Windows\Installer

2014-06-13 17:09:57 ----HD---- C:\Config.Msi

2014-06-13 17:09:57 ----D---- C:\Windows\Temp

2014-06-13 17:09:51 ----D---- C:\ProgramData\Microsoft Help

2014-06-13 17:09:46 ----D---- C:\Program Files (x86)\Common Files

2014-06-13 17:07:36 ----D---- C:\Windows\SysWOW64

2014-06-13 17:06:52 ----D---- C:\Windows\Microsoft.NET

2014-06-13 17:02:39 ----SHD---- C:\System Volume Information

2014-06-13 17:01:43 ----D---- C:\Windows\Prefetch

2014-06-11 20:06:30 ----D---- C:\Windows\system32\drivers

2014-06-11 20:06:30 ----D---- C:\Windows\System32

2014-06-11 20:06:30 ----D---- C:\Windows\inf

2014-06-11 20:05:14 ----D---- C:\Windows\system32\catroot

2014-06-11 20:05:12 ----D---- C:\Windows\system32\DriverStore

2014-06-11 20:04:20 ----D---- C:\Windows

2014-06-11 19:48:40 ----RD---- C:\Program Files (x86)

2014-06-11 19:39:59 ----D---- C:\Windows\system32\catroot2

2014-06-11 17:43:43 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-04-14 18:00:42 ----D---- C:\Windows\system32\MRT

2014-04-14 17:58:29 ----A---- C:\Windows\system32\MRT.exe

2014-04-14 17:56:35 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-04-12 19:39:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2014-04-12 18:41:32 ----RSD---- C:\Windows\assembly

2014-04-12 18:23:43 ----D---- C:\Users\Gregory\AppData\Roaming\uTorrent

2014-04-06 13:25:29 ----HD---- C:\ProgramData

2014-03-26 18:44:51 ----D---- C:\Program Files\Microsoft Silverlight

2014-03-26 18:44:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2014-03-26 18:40:00 ----D---- C:\Windows\system32\config

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2013-09-05 56016]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]

R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2014-06-11 69960]

R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2013-08-20 13248]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2006-11-18 55296]

R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2014-06-11 203304]

R3 fsni;fsni; \??\C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Scanning\fsni64.sys [2013-04-25 80832]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 netw5v64;Stuurprogramma voor Intel® Wireless WiFi Link 5000 Series-adapter voor 64-bits Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]

R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288]

S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]

S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

S3 ksaud;Creative USB Audio Driver; C:\Windows\system32\drivers\ksaud.sys [2009-08-05 1134208]

S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]

S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]

S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2011-09-02 42776]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]

S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

S3 RT-USB;Ross-Tech USB driver; C:\Windows\system32\drivers\RT-USB64.SYS [2010-06-16 70984]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]

S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]

S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]

S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2010-04-27 128000]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]

S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []

S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 fshoster;F-Secure Dll Hoster; C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe [2013-01-18 188400]

R2 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Reputation\fsorsp.exe [2013-09-04 60352]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]

R3 FSMA;F-Secure Management Agent; C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSMA32.EXE [2013-08-20 207808]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-11 257712]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-09-18 79360]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]

S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 359192]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-11 119408]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Zoveel te poetsen valt er niet meteen te doen ... maar er zitten wel torrent-programma's op:-)

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
 ""=-;r64
 C:\Users\Gregory\AppData\Roaming\Mozilla\Firefox\Profiles\mz05bcs5.default\searchplugins\Startpins.xml;f
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Zoveel te poetsen valt er niet meteen te doen ... maar er zitten wel torrent-programma's op:-)

Dat zou wel eens kunnen, ja: mijn collega is dan ook mateloos geïnteresseerd in Linux-distributies, de snelste manier om deze te downloaden is dan ook via Torrents ... xD

Het downloaden van zoek.exe op deze laptop lukt helaas niet: er verschijnt telkens een nieuw scherm met reclame, dit zowel in IE als in FF.

Download ik zoek.exe op een cleane laptop en breng ik hem via stick over of volg ik een andere piste ? ...

Link naar reactie
Delen op andere sites

Ondertussen staat zoek.exe op het bureaublad, maar het tooltje opstarten lukt echter niet ... :dong:

Door problemen op HijackThis.nl werkte Zoek.exe tijdelijk niet, bepaalde componenten konden niet gedownload worden.

Dit probleem is inmiddels verholpen en Zoek.exe zou nu weer zonder problemen moeten opstarten.

Link naar reactie
Delen op andere sites

MBAM had ik gerund, maar deze vond niets ... zoek.exe doet het nu wél met volgend resultaat:

Zoek.exe v5.0.0.0 Updated 02-June-2014

Tool run by Gregory on za 14/06/2014 at 12:32:54,85.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Gregory\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

14/06/2014 12:41:21 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully

C:\PROGRA~2\McAfee Security Scan deleted successfully

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\Program Files\HitmanPro deleted successfully

C:\PROGRA~3\Oracle deleted successfully

C:\Users\Gregory\AppData\Roaming\Media Player Classic deleted successfully

C:\Users\Gregory\AppData\Roaming\Samsung deleted successfully

C:\Users\Gregory\AppData\Roaming\Vso deleted successfully

C:\Users\Gregory\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

""=-

==== Deleting Files \ Folders ======================

C:\Users\Gregory\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk deleted

C:\PROGRA~3\InstallMate deleted

C:\Users\Gregory\AppData\Local\BearShare deleted

C:\Windows\wininit.ini deleted

C:\Windows\Syswow64\tmp62C8.tmp deleted

C:\Windows\Syswow64\tmp62C9.tmp deleted

"C:\Users\Gregory\AppData\Roaming\Mozilla\Firefox\Profiles\mz05bcs5.default\searchplugins\Startpins.xml" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Gregory\AppData\Local\Temp ====

2014-06-13 21:14:49 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2014-06-13 15:32:04 7413397B938C6578D064CD72BF4308A9 81533904 ----a-w- C:\Users\Gregory\AppData\Local\Temp\lu\1_spp_setpointp.exe

====== Java Cache =====

2014-06-14 06:33:43 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Gregory\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-12c07596

2014-06-14 06:33:35 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Gregory\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6282fbe6

2014-06-14 06:33:35 1B11CF30E566BC6862EF826629E47106 425 ----a-w- C:\Users\Gregory\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap

2014-06-14 06:33:33 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Gregory\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\34e05d1f-50c59ed0

2014-06-14 06:33:36 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Gregory\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-7d9edb09

====== C:\Windows\SysWOW64 =====

2014-06-14 05:54:56 FDEF330575C8C8EAD815F58BB7A93ED3 53248 ----a-w- C:\Windows\SysWOW64\CSVer.dll

2014-06-14 05:50:21 B78ADF467A1AEAE2CD5BE9E2F1394FEF 1081112 ----a-w- C:\Windows\SysWOW64\nvspcap.dll

2014-06-14 05:45:45 EF6C4490EE227790858CB779DDBE2838 16003912 ----a-w- C:\Windows\SysWOW64\nvwgf2um.dll

2014-06-14 05:45:45 0D1767721D4E041A46147BE6FD431E1F 9697640 ----a-w- C:\Windows\SysWOW64\nvopencl.dll

2014-06-14 05:45:44 DFD9E5B415FDE7762D5E308AB079213B 24025376 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll

2014-06-14 05:45:43 E0BAE9963FDFC7EE0F094CC21ACEDCB2 2412376 ----a-w- C:\Windows\SysWOW64\nvcuvenc.dll

2014-06-14 05:45:43 D4A967290B64B6B27DBABD196B56E88B 2953672 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll

2014-06-14 05:45:43 9264218461CD5C794E79F09869D91BFA 14434704 ----a-w- C:\Windows\SysWOW64\nvd3dum.dll

2014-06-14 05:45:43 20C5BAC1AD34F2DE9218ED02452C1F75 9735256 ----a-w- C:\Windows\SysWOW64\nvcuda.dll

2014-06-14 05:45:43 07B32718763940B2E3E07C9239BCE27D 867784 ----a-w- C:\Windows\SysWOW64\NvIFR.dll

2014-06-14 05:45:43 0268BC34A712C7F8A0319588EF72EABD 861128 ----a-w- C:\Windows\SysWOW64\NvFBC.dll

2014-06-14 05:45:42 4116D4B396B81F660A0C295AC3DE2570 2730208 ----a-w- C:\Windows\SysWOW64\nvapi.dll

2014-06-14 05:45:42 2A908765AEC390E043DC3BB70E830431 17561544 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll

2014-06-14 05:43:57 74673E3D9BF4A1614C82D8B7D3C0113F 34760 ----a-w- C:\Windows\SysWOW64\nvaudcap32v.dll

2014-06-13 17:05:33 204882085A7D984D455AA4DE7B7074C6 5694464 ----a-w- C:\Windows\SysWOW64\mstscax.dll

2014-06-13 15:55:49 AB5EFB103DB01C1912C9D2F545EA5621 17920 ----a-w- C:\Windows\SysWOW64\wksprtPS.dll

2014-06-13 15:55:49 8DEEE20D8D30E9B0FBDCA31E58A027BD 53248 ----a-w- C:\Windows\SysWOW64\tsgqec.dll

2014-06-13 15:55:49 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\SysWOW64\mstsc.exe

2014-06-13 15:55:49 2EFB1279E7BEA7D12D9F4D6508D27880 50176 ----a-w- C:\Windows\SysWOW64\MsRdpWebAccess.dll

2014-06-13 15:55:48 5E676B296B762E211D83B87635F2C330 855552 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll

2014-06-13 15:53:47 8999F18D38D55E34D356796507FFD639 192000 ----a-w- C:\Windows\SysWOW64\rdpendp_winip.dll

2014-06-13 15:51:41 33B26FA5DBEB69FFAB703EDCB4E6DE4A 514560 ----a-w- C:\Windows\SysWOW64\qdvd.dll

2014-06-13 15:51:35 AAB5D8C5ABE71873DC19ED004EF25009 792576 ----a-w- C:\Windows\SysWOW64\TSWorkspace.dll

2014-06-13 15:43:17 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2014-06-13 15:43:09 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe

2014-06-13 15:43:09 8C7C6D494D86307CDCF63E0478767C16 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-06-13 15:43:09 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\SysWOW64\java.exe

2014-06-11 17:43:34 E9D88493FBDB36D4B65C6F2F7F122C95 12874240 ----a-w- C:\Windows\SysWOW64\shell32.dll

2014-06-11 17:43:32 A5F833506BF6A1B5D693E1499DEE2444 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll

2014-06-11 17:43:27 E227B810296AA27E6C69307A7B6456E5 1389056 ----a-w- C:\Windows\SysWOW64\msxml6.dll

2014-06-11 17:43:26 8B8D1CEF498678CAB9DF17145D34BC64 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll

2014-06-11 17:43:26 2E673E776136354ECFB57BFD62E7EC3D 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll

2014-06-11 17:43:26 0789F82BAE171323F74B8F175D406AB8 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll

2014-06-11 17:42:26 BB9BADED14F0963498855AC28446CED5 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-11 17:42:26 7E27FB6AB8976897A530FB30F5FF7691 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2014-06-11 17:42:26 6D8E6A9A524FFAAFA4D2F6C8EF38D0BB 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-06-11 17:42:25 C1F5812F355D0C9495C1B2E7165DA2AF 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-11 17:42:25 0AFCE8EEF3751810FE2101FD608FB8B3 1143296 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-06-11 17:42:24 8DF06ACA017949D37C38B6A0EF747D4E 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-06-11 17:42:24 017B99D09904DCA35D5F66AD79084B5F 368128 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2014-06-11 17:42:21 D5ECBB3BFDC73A59440D9CA79AB3A342 17271296 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-06-11 17:42:19 D9F5B424C307B195E16A9B0A21E53BCC 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-06-11 17:42:18 C69FDD49AB9E8BCF2BAAC469CE0CC756 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-06-11 17:42:18 9EAAB4305536829D6B7D9C3A47E92861 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-06-11 17:42:16 E0EA58834CD19FDFCD1BC37B22E1D3D8 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-06-11 17:42:16 D36574C287D0764C95AC777DFF367715 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-06-11 17:42:16 5B5815477A53ED92B89955FFE7EDCB2E 242688 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2014-06-11 17:42:15 814E0D53EF020BD93097F26B53B573F0 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-06-11 17:42:14 688227D38A6FF6403B293D0C50B454B9 11725312 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-06-11 17:42:13 4D3074AA172DCFD5D56BE764B671085A 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-06-11 17:42:10 CC0077F9C7ACD7E97707DFC763A4EA99 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-06-11 17:42:10 0AC4E3C93D49E37D5B008ED99092115C 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-11 17:42:09 C58E97EEB1CB80CE91D5E7FD5E78794F 4244992 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-06-11 17:42:09 09771ABC896D2A88370F3AB8BADC242E 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-06-11 17:42:08 771CDBC3D62437D6DB070820BB1EDCCF 1790976 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-06-11 17:42:08 22D7FFA4B94916F18EB1F1D107B86839 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-06-11 17:42:07 EB960643DC62832C88272573204B6DBA 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-06-11 17:41:26 9DE19EA21DF99AF15BA5A947E5317F9E 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll

2014-06-11 17:41:26 4D59F470985D08139E42D15842816C47 3969984 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2014-06-11 17:41:26 31FA2485DFC773F1E718A4D19F443FA9 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2014-06-11 17:41:25 ED195AC76E10F17F6DD60C49666F2A83 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll

2014-06-11 17:41:22 995B39A08421C7725D1DF8DACEBBFC89 538112 ----a-w- C:\Windows\SysWOW64\objsel.dll

2014-06-11 17:41:21 541BB9B4C899ADCC5D3DB89208C1F409 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll

2014-06-11 17:41:21 461B713DE7F353C6447B744F1A049930 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll

2014-06-11 17:41:21 3A1ABE045A3E30799576E83A2D012B43 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll

2014-06-11 17:41:20 62C0798CC68EBF42F29C92E6CD6DC3D6 36864 ----a-w- C:\Windows\SysWOW64\dimsroam.dll

2014-06-11 17:41:19 FBC78B5D12A4F5A62D9C91E0E0E46D46 49664 ----a-w- C:\Windows\SysWOW64\adprovider.dll

2014-06-11 17:41:19 834A859BB331B0B2CCAE25BB1986F80D 47616 ----a-w- C:\Windows\SysWOW64\dpapiprovider.dll

2014-06-11 17:41:19 828185688FDAAE6C7959B884ABED1766 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll

2014-06-11 17:41:19 38A30B8E4216BE24D30F766EF3BAC2C7 48128 ----a-w- C:\Windows\SysWOW64\capiprovider.dll

2014-06-11 17:41:19 335FA669FC952BC4888CEDBDB42607E2 51200 ----a-w- C:\Windows\SysWOW64\cngprovider.dll

2014-06-11 17:41:18 5E11C55CC4D9330E55CCB22B1F20BB33 35328 ----a-w- C:\Windows\SysWOW64\wincredprovider.dll

2014-06-11 17:41:17 C94CE65AE7701E9FDBA889045543E27C 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll

2014-06-11 17:41:17 2A86C18CE6869C77FCEB62F3B47D4D5B 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll

2014-06-11 17:41:16 75878492F2B33405EEF900F8C16C6D08 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-06-14 05:50:21 89923E0A5DF33927E176E0D9B7F1297D 1225920 ----a-w- C:\Windows\Sysnative\nvspcap64.dll

2014-06-14 05:48:52 F4BB9F1BA2D8E32354C672D6409FF103 3514144 ----a-w- C:\Windows\Sysnative\nvsvc64.dll

2014-06-14 05:48:52 C135A25E8CF21EB631AB041ABB1F73EA 927520 ----a-w- C:\Windows\Sysnative\nvvsvc.exe

2014-06-14 05:48:52 9FA44E747737A8E1C78F32D3B31EB7E2 3774821 ----a-w- C:\Windows\Sysnative\nvcoproc.bin

2014-06-14 05:48:52 6F1DD7C0127CB2B970327E2E154CCF6A 62808 ----a-w- C:\Windows\Sysnative\nvshext.dll

2014-06-14 05:48:52 4EB7B017BAEE7E33FCBD4BDB6C6AAD22 6769096 ----a-w- C:\Windows\Sysnative\nvcpl.dll

2014-06-14 05:48:52 385CB7AE58B68C01FB9C832A4D3F50E1 2560968 ----a-w- C:\Windows\Sysnative\nvsvcr.dll

2014-06-14 05:48:52 32CD7C66D24EAB22CA97D1B7F952CA89 387528 ----a-w- C:\Windows\Sysnative\nvmctray.dll

2014-06-14 05:45:45 5BEEDA0A0E4571C0DE73E83FAC89CE0A 11599072 ----a-w- C:\Windows\Sysnative\nvopencl.dll

2014-06-14 05:45:45 1EC221E8FC1F4F76A3C8AFA0CCA8E0E8 18531568 ----a-w- C:\Windows\Sysnative\nvwgf2umx.dll

2014-06-14 05:45:44 17F006163CF374A8B27B88391622F268 31387936 ----a-w- C:\Windows\Sysnative\nvoglv64.dll

2014-06-14 05:45:43 E61317028214F13D5EB9440A3CE1719C 3141976 ----a-w- C:\Windows\Sysnative\nvcuvid.dll

2014-06-14 05:45:43 D631134BA685804BEA61AB742A1AA434 1541576 ----a-w- C:\Windows\Sysnative\nvdispgenco6433788.dll

2014-06-14 05:45:43 C9A04E3D28DBE8D1F61739D79B24CE58 11644928 ----a-w- C:\Windows\Sysnative\nvcuda.dll

2014-06-14 05:45:43 B487782FB98ABBD99B10752A98B80165 2785568 ----a-w- C:\Windows\Sysnative\nvcuvenc.dll

2014-06-14 05:45:43 B31922D7C20D6858C699EA064F0AD64A 17480432 ----a-w- C:\Windows\Sysnative\nvd3dumx.dll

2014-06-14 05:45:43 9AE38F27CE70EABB2638DD3FADB68BA7 1889112 ----a-w- C:\Windows\Sysnative\nvdispco6433788.dll

2014-06-14 05:45:43 8B208DB0322F8879A62B53DF03BF5DEF 26069 ----a-w- C:\Windows\Sysnative\nvinfo.pb

2014-06-14 05:45:43 3A069A3F0FBDDE18410998025D4D4D31 892704 ----a-w- C:\Windows\Sysnative\NvFBC64.dll

2014-06-14 05:45:43 0A307EB9B264EE47C25323C29968F38F 895776 ----a-w- C:\Windows\Sysnative\NvIFR64.dll

2014-06-14 05:45:42 FC77C38B638CEBBAB8225683219FFEEB 3109248 ----a-w- C:\Windows\Sysnative\nvapi64.dll

2014-06-14 05:45:42 CCB066BDA9C55558D4B46C70C9348C56 25256224 ----a-w- C:\Windows\Sysnative\nvcompiler.dll

2014-06-14 05:43:57 9156467C3BEF1820A8ADF6A02D755927 37320 ----a-w- C:\Windows\Sysnative\nvaudcap64v.dll

2014-06-13 17:05:32 879A3F94118D686E63041A386FE91EBE 6574592 ----a-w- C:\Windows\Sysnative\mstscax.dll

2014-06-13 16:32:16 2147C5330F983D76A36B73F4A804F778 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll

2014-06-13 16:32:15 EF2D8BBA6E077559B675513BC0EE5FC2 3178496 ----a-w- C:\Windows\Sysnative\rdpcorets.dll

2014-06-13 15:55:51 DDED7C5558B3AE09F568945281A9A6D1 44544 ----a-w- C:\Windows\Sysnative\TsUsbGDCoInstaller.dll

2014-06-13 15:55:50 FEC6178962DFF33074D39CA907971405 12800 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll

2014-06-13 15:55:50 5289A00E2D21BB3A7D6761646543ED5C 62976 ----a-w- C:\Windows\Sysnative\tsgqec.dll

2014-06-13 15:55:50 108C257D765AAD2E6EC46557DA0B02BD 13824 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe

2014-06-13 15:55:49 8E75B1112C374EBDF18FD640DA2F0655 1147392 ----a-w- C:\Windows\Sysnative\mstsc.exe

2014-06-13 15:55:49 7BD2E6E2458A5B95F8341244C7FC7DD4 18944 ----a-w- C:\Windows\Sysnative\wksprtPS.dll

2014-06-13 15:55:49 79EE5ECB4BE89343E4CF1E48F7769F59 420864 ----a-w- C:\Windows\Sysnative\wksprt.exe

2014-06-13 15:55:49 149A388C17F04AD1F99B477A43BE1A9F 56832 ----a-w- C:\Windows\Sysnative\MsRdpWebAccess.dll

2014-06-13 15:55:49 0D2C2FAC4F29B5868D39B7267058CFEF 83968 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe

2014-06-13 15:55:48 A4420969E5AB94856E5C0C02E6099D3F 1057280 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll

2014-06-13 15:53:47 AD4D0AEDB5993EDA31EB80A54EDBC344 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll

2014-06-13 15:53:46 D346E07D62E3D4BEAB040939744EC31B 228864 ----a-w- C:\Windows\Sysnative\rdpendp_winip.dll

2014-06-13 15:51:40 973131EB99BE1E19DAC502CB724E72A5 366592 ----a-w- C:\Windows\Sysnative\qdvd.dll

2014-06-13 15:51:36 9E2EDE952A3EC44754A829F048CE93A0 1030144 ----a-w- C:\Windows\Sysnative\TSWorkspace.dll

2014-06-11 17:43:36 427015D56DF17241F634611557146C57 14175744 ----a-w- C:\Windows\Sysnative\shell32.dll

2014-06-11 17:43:32 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 801280 ----a-w- C:\Windows\Sysnative\usp10.dll

2014-06-11 17:43:28 0E3A7EC2B9590EA7767BBB1823630DEA 2002432 ----a-w- C:\Windows\Sysnative\msxml6.dll

2014-06-11 17:43:27 ECA6AC33BD9E441F7B47D173D715D268 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll

2014-06-11 17:43:26 3408DD8081DC22858AE2E6ABD2594C02 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll

2014-06-11 17:43:26 0465A8CFDDB4FFDB569802A70B9443D5 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll

2014-06-11 17:42:25 DA7AAB5D4E5F7160E906C0D2EB9A2B9F 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2014-06-11 17:42:25 3ED5C9055F7A635399FC12892F565287 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-06-11 17:42:19 D5C446B14DC667B7B9FBB30EA1701D92 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-06-11 17:42:18 3A1AB9DE852F2BC1ECE6403BDD01B9F0 1398272 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-06-11 17:42:16 DFD834E89B819B5ECE8E251C56B5A3CE 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-06-11 17:42:16 BFD3178735D97C858FFA467F8199700C 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-06-11 17:42:15 867DD52B23D3B0390B88F3D7AD1E600C 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-06-11 17:42:15 12BA419E27DBC5DBF9262C8A885FA361 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2014-06-11 17:42:13 EAAA62F272858695814A1F42D5E59BD3 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-06-11 17:42:13 B34D3F303769E65CE7EFBD4E6FB62B25 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-06-11 17:42:12 3FC3828E8820D1C93DBFBAD4BE456D85 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-06-11 17:42:11 063EF4239479F52DAF9F4849B0B304F1 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-06-11 17:42:08 CE6109C73C3A04CC2B8C6110B0F0FEF9 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-06-11 17:42:08 790FD40601502C5FE8213D4F335DA0BD 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-06-11 17:42:06 CB8A91074AE1B5051E240B50A328DCF5 295424 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2014-06-11 17:42:05 B2C037F50A02D6C057B1E0791BBF41A5 574976 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-06-11 17:42:05 2DBB9127794BC30BC31D26FA088F8BAB 13522944 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-06-11 17:42:04 CC603EF96BA456D4BCD9FF849ED07A2A 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2014-06-11 17:42:04 A4A58E3171C03A1145D1C3EC488D1B4F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2014-06-11 17:42:04 770F067D833DC017CEB8A36A2A1EC942 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-06-11 17:42:03 AB3FA3D9B1F1D0571CBC43D1487CCD6F 5782528 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-06-11 17:42:03 6B9925F498D4E91FB57576CC3776D428 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-06-11 17:42:02 9013D5BBE1B6D3A060F54B4B5BB2C3A3 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-06-11 17:42:02 40BFD9D6EC8E174145F012246CA73CCD 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-06-11 17:42:02 2F474D40626B0C694400589F3FBB9AA9 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-06-11 17:42:01 8E3C6008250A904C06943BCEA585E344 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-06-11 17:42:00 F343ECB3C683EBD7E3990C03AD680855 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2014-06-11 17:41:59 56803B20D168C1B740D12CE0BE4588F5 23414784 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-06-11 17:41:29 9358149234A4F3FE00CF5C2096DC1652 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll

2014-06-11 17:41:27 B19C8390A1D641B9AC4490D4828A7B5E 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll

2014-06-11 17:41:25 E2A483E796D5FC7E447725FD01D98FA0 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll

2014-06-11 17:41:25 89EF1CE0CE43AB8F55247D746739A321 722944 ----a-w- C:\Windows\Sysnative\objsel.dll

2014-06-11 17:41:24 6B47CF5C27865DDF6680E4D834FBE34F 5550016 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe

2014-06-11 17:41:22 B6D8C1202DACA028AD94BDA2795CBBE9 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll

2014-06-11 17:41:22 851BB346CD59D9B3BC8854384C7DD5C3 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll

2014-06-11 17:41:21 26AF184300C0868D854D5A3092234E24 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll

2014-06-11 17:41:20 CF13522172342AD8196B329C15D68E23 44544 ----a-w- C:\Windows\Sysnative\dimsroam.dll

2014-06-11 17:41:20 9D942180B5B6CE1C882B9CC54EA1F275 57344 ----a-w- C:\Windows\Sysnative\cngprovider.dll

2014-06-11 17:41:20 692E9886B2A475684F7E3294BF66E97D 56832 ----a-w- C:\Windows\Sysnative\adprovider.dll

2014-06-11 17:41:20 481F70241D4EA038BB02590A30F15A23 340992 ----a-w- C:\Windows\Sysnative\schannel.dll

2014-06-11 17:41:19 BDA8B14AFE99A0C52BFEA64C5AC62171 52736 ----a-w- C:\Windows\Sysnative\dpapiprovider.dll

2014-06-11 17:41:19 4959DE74643CBC4B83E5BC99486A4FC9 53760 ----a-w- C:\Windows\Sysnative\capiprovider.dll

2014-06-11 17:41:18 C072064F95579C0D6D86AF5B3DC53192 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll

2014-06-11 17:41:18 9A3C6D8593F29A9F66744A3D4E6309B2 39936 ----a-w- C:\Windows\Sysnative\wincredprovider.dll

2014-06-11 17:41:18 204F3F58212B3E422C90BD9691A2DF28 31232 ----a-w- C:\Windows\Sysnative\lsass.exe

2014-06-11 17:41:17 82A72E99AA1CF0B04D3B9843CBA3AEC1 22016 ----a-w- C:\Windows\Sysnative\credssp.dll

2014-06-11 17:41:17 8098627D0AA1706D69C5AF3F74332ABB 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll

2014-06-11 17:41:17 39312B37C5FE5138F99680A49ACD3AEA 28160 ----a-w- C:\Windows\Sysnative\secur32.dll

====== C:\Windows\Sysnative\drivers =====

2014-06-14 05:45:43 0AC797F70F2F3E5B69A34FF2F63496F3 12688328 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys

2014-06-14 05:44:07 75034A4D7C02327D150B617571D4196A 40392 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys

2014-06-13 15:55:50 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys

2014-06-13 15:53:49 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys

2014-06-11 17:43:24 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2014-06-11 17:43:23 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS

2014-06-11 17:41:21 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys

2014-06-11 17:41:18 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-06-13 17:08:35 -------- d-----w- C:\Program Files\Speccy

2014-06-13 15:11:18 -------- d-----w- C:\Program Files\trend micro

2014-06-11 18:05:14 -------- d-----w- C:\Program Files\DIFX

======= C:\PROGRA~2 =====

2014-06-14 05:54:56 -------- d-----w- C:\PROGRA~2\Intel

2014-06-14 05:49:07 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation

2014-06-14 02:46:23 -------- d-----w- C:\PROGRA~2\HD Tune

2014-06-13 15:43:29 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

2014-06-13 15:09:46 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER

======= C: =====

2014-06-13 19:42:47 355148CDF4D29A2AE47E9F551681000F 3560 ------w- C:\bootsqm.dat

====== C:\Users\Gregory\AppData\Roaming ======

2014-06-14 05:58:04 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps

2014-06-14 05:50:21 -------- d-----w- C:\Users\Gregory\AppData\Local\NVIDIA Corporation

2014-06-14 05:50:20 -------- d-----w- C:\Users\Gregory\AppData\Local\NVIDIA

2014-06-13 16:59:27 -------- d-sh--w- C:\Users\Gregory\AppData\Local\EmieUserList

2014-06-13 16:59:27 -------- d-sh--w- C:\Users\Gregory\AppData\Local\EmieSiteList

====== C:\Users\Gregory ======

2014-06-14 08:16:27 -------- d-----w- C:\ProgramData\HitmanPro

2014-06-14 05:53:17 004A6766D056B49D3DAE2CF72D0790C6 26314800 ----a-w- C:\Users\Gregory\Downloads\Wireless_15.3.1_Ds64.exe

2014-06-14 05:49:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2014-06-14 05:48:08 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2014-06-14 02:46:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune

2014-06-13 17:08:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

2014-06-13 15:42:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-06-13 15:06:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gregory\Desktop\RSITx64.exe

2014-06-11 18:05:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VCDS

====== C: exe-files ==

2014-06-14 10:28:56 9651F0C4547A252C6323C84809712BB2 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-136703795-294117615-3202624164-1001\$I6EVTEB.exe

2014-06-14 05:53:17 004A6766D056B49D3DAE2CF72D0790C6 26314800 ----a-w- C:\Users\Gregory\Downloads\Wireless_15.3.1_Ds64.exe

2014-06-14 05:51:09 E4E6BA571D120BD6DE4101ADB5C06799 30322144 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\GeForce_Experience_Update_v2.1.0.0.exe

2014-06-14 05:51:03 CF685CFAA19710BBAAFCFAF838F4D323 384248 ----a-w- C:\Users\Gregory\AppData\Local\NVIDIA\NvBackend\Packages\00005bd3\updatus.18586353_RUNASUSER.exe

2014-06-14 05:51:00 3FE7DA3C5B62024BB0D85AE6ED424C12 308840 ----a-w- C:\Users\Gregory\AppData\Local\NVIDIA\NvBackend\Packages\00005bd0\drsupdate.18582501_RUNASUSER.exe

2014-06-14 05:50:41 14913A236B5050038198605D25A02210 3603960 ----a-w- C:\Users\Gregory\AppData\Local\NVIDIA\NvBackend\Packages\00005bbc\DAO.18564880.exe

2014-06-14 05:50:21 2D926E94F486D4AE37F7AB0B078D0028 1845192 ----a-w- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe

2014-06-14 05:50:20 80040D0825AC3DF09E6CA2941B128083 128456 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedVisualizer.exe

2014-06-14 05:50:20 13C7676555EAF680618C42D9C35100A8 87328 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe

2014-06-14 05:50:16 175F2340C461C2A0601E62C2E76CC9BE 638752 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe

2014-06-14 05:50:15 A04DB12D6EFE73798B9978BB822F54F3 21007192 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

2014-06-14 05:50:15 0D5FFF3EC68C15A0FCFD63C2F4799EDD 5011912 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

2014-06-14 05:49:33 55EC605950AF6AD0523B957E533080D5 3823448 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

2014-06-14 05:49:32 391A15C882E971FE25B1A561B98E9917 596768 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\7z.exe

2014-06-14 05:49:29 44FE94FCDF97E574B6986C5A81758628 2199840 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

2014-06-14 05:49:29 2C0763F604E5AD693C1D1234E7E17685 196440 ----a-w- C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe

2014-06-14 05:49:07 C22ADABFABBC2B7AC189C87D87B1ABD6 1617696 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

2014-06-14 05:48:52 C135A25E8CF21EB631AB041ABB1F73EA 927520 ----a-w- C:\Windows\System32\nvvsvc.exe

2014-06-14 05:48:52 AD8F7B302F13621D7EAAF991B7F9BC83 63264 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe

2014-06-14 05:48:52 AC388220C3842410DA03B1240A669F78 64456 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe

2014-06-14 05:48:52 5205174059DCA6ACFADA3C67211BF3D0 1203488 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

2014-06-14 05:48:52 21504D9D71CF63CE05C870BEAD0B72D8 2448840 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

2014-06-14 05:48:51 F807C4A1D0CD324E3342B4FED66BAC9B 3420104 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\NvGpuUtilization.exe

2014-06-14 05:48:51 86B33FEEFAB542275B5A1D555BE1C61C 6867912 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe

2014-06-14 05:48:47 9B8AC3773D9B6867DDC0535EFED519B8 413472 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC22ED9A-F742-4BA1-BA46-04AF093B059E}\setup.exe

2014-06-14 05:48:47 5205174059DCA6ACFADA3C67211BF3D0 1203488 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC22ED9A-F742-4BA1-BA46-04AF093B059E}\nvxdsync.exe

2014-06-14 05:48:42 C135A25E8CF21EB631AB041ABB1F73EA 927520 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC22ED9A-F742-4BA1-BA46-04AF093B059E}\nvvsvc.exe

2014-06-14 05:48:41 F807C4A1D0CD324E3342B4FED66BAC9B 3420104 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC22ED9A-F742-4BA1-BA46-04AF093B059E}\NvGpuUtilization.exe

2014-06-14 05:48:41 AD8F7B302F13621D7EAAF991B7F9BC83 63264 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC22ED9A-F742-4BA1-BA46-04AF093B059E}\nvSmartMaxapp.exe

2014-06-14 05:48:41 AC388220C3842410DA03B1240A669F78 64456 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC22ED9A-F742-4BA1-BA46-04AF093B059E}\nvSmartMaxapp64.exe

2014-06-14 05:48:41 21504D9D71CF63CE05C870BEAD0B72D8 2448840 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC22ED9A-F742-4BA1-BA46-04AF093B059E}\NvTray.exe

2014-06-14 05:48:40 86B33FEEFAB542275B5A1D555BE1C61C 6867912 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC22ED9A-F742-4BA1-BA46-04AF093B059E}\nvcplui.exe

2014-06-14 05:48:38 9B8AC3773D9B6867DDC0535EFED519B8 413472 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{6AA66201-5AE8-4E93-A664-AB4A9B376C65}\setup.exe

2014-06-14 05:45:43 BA58A0864BBC7BCA449A36A176B9AEF0 224032 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvdebugdump.exe

2014-06-14 05:45:43 83E896976EB26907E4A0697F60F10FE9 329672 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvidia-smi.exe

2014-06-14 05:45:42 DA79D3DADC7139C0F8BC47A7CDB89349 843720 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\MCU.exe

2014-06-14 05:45:42 D7B05022A40A82CC349C233B31D4DB60 440152 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{2887FA7E-B774-40C3-9305-159EC9D24082}\dbInstaller.exe

2014-06-14 05:45:42 D7B05022A40A82CC349C233B31D4DB60 440152 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe

2014-06-14 05:45:42 7DC401750B3E600ABDE44D6911DC6068 82894768 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{2887FA7E-B774-40C3-9305-159EC9D24082}\NvCplSetupInt.exe

2014-06-14 05:44:09 54992AEB1CD0BFCA54DB55F5BAD8E970 415176 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{61A3C548-7B4D-42BA-A88A-AF5A6DE69F4B}\setup.exe

2014-06-14 02:46:23 F8FC2D14DF813CC920A39B3CB7E59CBC 401408 ----a-w- C:\Program Files (x86)\HD Tune\HDTune.exe

2014-06-14 02:46:23 CEFC20D14D9940D53505E9B9769139E7 682266 ----a-w- C:\Program Files (x86)\HD Tune\unins000.exe

2014-06-13 21:14:49 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2014-06-13 18:01:36 352E8561E633B17ED22012366721FFDC 1285120 ----a-w- C:\$Recycle.Bin\S-1-5-21-136703795-294117615-3202624164-1001\$R6EVTEB.exe

2014-06-13 16:03:11 08B1DBBDB57D47522022FFE4B0331136 407328 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{87536724-6C00-4D0E-A431-B4A86D9E155E}\setup.exe

2014-06-13 15:55:50 108C257D765AAD2E6EC46557DA0B02BD 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe

2014-06-13 15:55:49 8E75B1112C374EBDF18FD640DA2F0655 1147392 ----a-w- C:\Windows\System32\mstsc.exe

2014-06-13 15:55:49 79EE5ECB4BE89343E4CF1E48F7769F59 420864 ----a-w- C:\Windows\System32\wksprt.exe

2014-06-13 15:55:49 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\SysWOW64\mstsc.exe

2014-06-13 15:55:49 0D2C2FAC4F29B5868D39B7267058CFEF 83968 ----a-w- C:\Windows\System32\TSWbPrxy.exe

2014-06-13 15:43:17 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2014-06-13 15:43:09 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe

2014-06-13 15:43:09 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\SysWOW64\java.exe

2014-06-13 15:40:29 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Gregory\AppData\LocalLow\Sun\Java\jre1.7.0_60\lzma.exe

2014-06-13 15:32:04 7413397B938C6578D064CD72BF4308A9 81533904 ----a-w- C:\Users\Gregory\AppData\Local\Temp\lu\1_spp_setpointp.exe

2014-06-13 15:11:29 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gregory.exe

2014-06-13 15:06:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gregory\Desktop\RSITx64.exe

2014-06-11 18:05:22 3566936859BAD856999F425082BD3233 78408 ----a-w- C:\Ross-Tech\VCDS\UnInstall.exe

2014-06-11 18:05:14 BE3C79033FA8302002D9D3A6752F2263 1050104 ----a-w- C:\Program Files\DIFX\4A7292F75FEBBD3C\DPInst.exe

2014-06-11 17:42:26 4F2AA3E7BD7257E4937E071E3700819E 810200 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-06-11 17:42:26 4AFAE8BAF6E85311AD78395C47351A1D 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2014-06-11 17:42:20 60F88F6CA6303E8273AF7AAA9AAFECAC 812248 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-06-11 17:42:19 50989AAF09CDCEBC0FD8EB0FE79C2A98 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-06-11 17:42:19 4076E62E061769E42186AE860007FA08 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-06-11 17:42:16 BFD3178735D97C858FFA467F8199700C 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-06-11 17:42:13 EAAA62F272858695814A1F42D5E59BD3 608768 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-06-11 17:42:12 159C5979C61F51EEFC84D9AB17C4E0E7 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-06-11 17:42:10 CC0077F9C7ACD7E97707DFC763A4EA99 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-06-11 17:42:04 770F067D833DC017CEB8A36A2A1EC942 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-06-11 17:42:00 F343ECB3C683EBD7E3990C03AD680855 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-06-11 17:41:26 4D59F470985D08139E42D15842816C47 3969984 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2014-06-11 17:41:26 31FA2485DFC773F1E718A4D19F443FA9 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2014-06-11 17:41:24 6B47CF5C27865DDF6680E4D834FBE34F 5550016 ----a-w- C:\Windows\System32\ntoskrnl.exe

2014-06-11 17:41:18 204F3F58212B3E422C90BD9691A2DF28 31232 ----a-w- C:\Windows\System32\lsass.exe

=== C: other files ==

2014-06-14 10:31:01 D229B94E80CFD2D7CF0E23DBA46CD8A2 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-136703795-294117615-3202624164-1001\$IGRV6RY.zip

2014-06-14 10:29:43 63A9E8A7CB614C7008E295E6AD1906DB 4095664 ----a-w- C:\$Recycle.Bin\S-1-5-21-136703795-294117615-3202624164-1001\$RGRV6RY.zip

2014-06-14 05:50:15 A88135181D776F8C18550A589A9CAF2D 18776 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys

2014-06-14 05:48:41 EA31EB3A4ACCDD61B3A0738D18EB6FCB 15648 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC22ED9A-F742-4BA1-BA46-04AF093B059E}\NVI2SystemService32.sys

2014-06-14 05:48:41 7D8D077E6F60948FA4D637BC5C27FAE9 17864 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC22ED9A-F742-4BA1-BA46-04AF093B059E}\NVI2SystemService64.sys

2014-06-14 05:45:43 0AC797F70F2F3E5B69A34FF2F63496F3 12688328 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys

2014-06-14 05:44:07 75034A4D7C02327D150B617571D4196A 40392 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys

2014-06-13 21:14:48 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\TDL4.bat

2014-06-13 21:14:48 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\medfos.bat

2014-06-13 21:14:48 A87CD1BAC46CAC0EEEDB571F07077032 8104 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\modules.bat

2014-06-13 21:14:48 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\searchlnk.bat

2014-06-13 21:14:48 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\firefox.bat

2014-06-13 21:14:48 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\ev_clear.bat

2014-06-13 21:14:48 7D8282EB94B5D639B7378811C1924A8F 9516 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\runvalues.bat

2014-06-13 21:14:48 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\delorphans.bat

2014-06-13 21:14:48 5B92615B0CEA08D6BA1217C08CBB1443 15919 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\get.bat

2014-06-13 21:14:48 5B71358F97544D9DE58A9A0893079506 39458 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\prelim.bat

2014-06-13 21:14:48 53B191266B30D57F2F835ABBF54C68C5 13963 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\chrome.bat

2014-06-13 21:14:48 3BC04DEBBE9027060D51901133F60101 154678 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\misc.bat

2014-06-13 21:14:48 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\ask.bat

2014-06-13 21:14:48 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\iexplore.bat

2014-06-13 21:14:48 2F80D807DB405C8F6E0F3706B9FED710 10161 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\JRT.bat

2014-06-13 21:14:48 0D08FBD2E6F6C6AC6A504712C4CE6CE3 1226 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\FWPolicy.bat

2014-06-13 21:14:48 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Gregory\AppData\Local\Temp\jrt\delfolders.bat

2014-06-13 16:04:13 6C1E27A52FCACBE347AE22B5E56C94B6 450848 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{5B54C2FC-89B0-4FE8-A1EC-1B12691DEBB5}\nvstusb64.sys

2014-06-13 16:04:13 24CCD6E1D5FD8D27C65961EBCDC9AAF1 434592 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{5B54C2FC-89B0-4FE8-A1EC-1B12691DEBB5}\nvstusb32.sys

2014-06-13 16:04:12 FBEC0FD36ED61EFEE1E3063281EAB984 161056 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{D6E6963E-9B3D-4E64-813E-5D1C3031B6EF}\nvhda32v.sys

2014-06-13 16:04:12 EFC9A7307691E3C3DB8D2AA81A778356 128672 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{D6E6963E-9B3D-4E64-813E-5D1C3031B6EF}\nvhda32.sys

2014-06-13 16:04:12 916F3222ADCB635B64660FA235502A51 162592 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{D6E6963E-9B3D-4E64-813E-5D1C3031B6EF}\nvhda64.sys

2014-06-13 16:04:12 554964B900AE2954B8B589B6287034AC 196384 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{D6E6963E-9B3D-4E64-813E-5D1C3031B6EF}\nvhda64v.sys

2014-06-13 15:55:50 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys

2014-06-13 15:53:49 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys

2014-06-11 17:43:24 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2014-06-11 17:43:23 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2014-06-11 17:41:21 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2014-06-11 17:41:18 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-136703795-294117615-3202624164-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"HP Photosmart 5520 series (NET)"="C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe -deviceID CN337134390602:NW -scfn HP Photosmart 5520 series (NET) -AutoStart 1"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"VolPanel"="C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1\Volume Panel\VolPanlu.exe /r"

"Module Loader"="C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HP Photosmart 5520 series (NET)"="C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe -deviceID CN337134390602:NW -scfn HP Photosmart 5520 series (NET) -AutoStart 1"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"

"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\F-Secure Hoster (44163)]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="F-Secure Hoster (44163)"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Telenet Security Pack\\fshoster32.exe\" -app -hosterid:1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\F-Secure Manager]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="F-Secure Manager"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Telenet Security Pack\\apps\\ComputerSecurity\\Common\\FSM32.EXE\" /splash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="uTorrent"

"hkey"="HKCU"

"command"="\"C:\\Users\\Gregory\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED"

==== Startup Folders ======================

2013-07-21 14:53:03 1948 ----a-w- C:\Users\Gregory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/06/2014 17:43]

C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [20/09/2011 11:11]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe]

"C:\Windows\SysNative\tasks\HPCustParticipation HP Photosmart 5520 series" ["C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe"]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [13/06/2014 17:36]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Gregory\AppData\Roaming\Mozilla\Firefox\Profiles\mz05bcs5.default

A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash

F4D52B252DA08B647F2BD5379191A741 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{85E925E2-6429-4A08-8589-B70F64BCB3C4} Google Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A6E446E-2A35-4DB6-AF5D-6217F18D6698} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gregory\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gregory\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=83 folders=10 70595914 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Gregory\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Gregory\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 14/06/2014 at 13:13:20,34 ======================

Link naar reactie
Delen op andere sites

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Resultaat van AdwCleaner:

# AdwCleaner v3.212 - Rapport aangemaakt 14/06/2014 op 15:57:39

# Laatste Update 05/06/2014 door Xplode

# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (64 bits)

# Gebruikersnaam : Gregory - GREGORY-PC

# Gestart vanuit : C:\Users\Gregory\Desktop\AdwCleaner.exe

# Optie : Verwijderen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\Users\Gregory\AppData\Local\PackageAware

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Mozilla Firefox v30.0 (nl)

[ Bestand : C:\Users\Gregory\AppData\Roaming\Mozilla\Firefox\Profiles\mz05bcs5.default\prefs.js ]

*************************

AdwCleaner[R1].txt - [868 octets] - [14/06/2014 15:57:10]

AdwCleaner[s1].txt - [795 octets] - [14/06/2014 15:57:39]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [854 octets] ##########

*************************************************************************

*************************************************************************

Resultaat van JRT (gisterenavond nog uitgevoerd):

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Ultimate x64

Ran by Gregory on vr 13/06/2014 at 23:15:12,88

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2A6FB00E-729C-4F55-86CA-2772CDCC321D}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2A6FB00E-729C-4F55-86CA-2772CDCC321D}

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{00033C9F-73A9-4924-8374-22F0DDA24B7F}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{04DE2D00-89C3-4623-B92E-E60E9CB5117B}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{09FC932F-D100-480B-8E8C-EE5EDD760673}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{166D61E4-0543-4670-863A-39DB69A5773A}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{179EDF45-C34E-4708-ADE1-07027BB45F57}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{17E5C0BB-7947-4DF1-B56A-F8A7F9B65035}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{18112C7E-3009-484A-9590-C6DCF8D4132F}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{1D9A396D-74E4-42C2-BA35-AB863D4B6826}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{1EDBC021-F774-4986-B45C-96072AD255A3}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{2217B9A7-DB13-4B6A-B42F-0A926ABCA15E}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{23A85047-A61A-4E13-8C32-91B7A529D149}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{2690D2B3-2C11-47B2-8ADD-A2DA853063CD}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{26B164EC-E999-4F72-B61D-A8EF8C4AAEB1}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{3A8D0BCD-9EE7-4354-9A6A-97F019C73035}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{410CBA20-348F-4F5F-8EE1-28642E1B8C20}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{42A038A3-58B0-4F10-8845-211373799B59}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{4351D1EA-D268-4734-B69D-5C8C08D8073D}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{46B37F67-DFE3-428C-B540-F2E7AF700AE4}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{4B8E7F7D-33AE-4C0E-B3DD-3845347FEA56}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{4E24E798-7207-46CE-8948-55AC37FB91D2}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{4F22B785-3626-40E6-92B9-B877E09AA47E}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{51F903B2-B281-4D11-9F84-DEA662D5A860}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{54E78D72-78EF-4CE8-BFB2-2ADCAABDEEAE}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{587FE930-4D10-4586-9705-15079C34AC01}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{5DCF6D51-10B4-4D75-9F48-9FC3752FE184}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{5F699009-2709-4EC6-8A4A-05DDA339FFF1}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{6015FB96-16C0-4654-8C62-F2B1227DB98D}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{618812B6-6AAA-45C7-922A-8F40AE60200A}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{6281F1DD-1126-4202-AFE3-78F34747E6B2}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{675D87E1-ED02-42C9-898C-5E3E36C9297E}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{6A5D091A-D353-4030-9ED0-120829ABABB5}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{6B5978DA-CDDB-499A-9AE3-C0C6A33EA27E}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{6C8AC89B-F42F-4ABD-8A20-F0A9FA753360}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{6C9259B5-5724-4A48-BA17-CE4681E05D9E}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{6EAB8F79-8B6F-44C0-A0AF-E0C2CF8D9583}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{70BE1038-FB9B-4833-8930-2E655B16066F}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{7362F9B3-3288-41E5-8241-EA20BE2C8A79}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{73CE3321-6F83-40A4-A4B9-81355D954EFD}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{73EBD016-B1C1-49B4-A558-CCC0BBFBB099}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{74FA8860-B901-42D3-AE29-59CCF4F816C6}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{75B94EB9-DDB4-4348-99EA-3CFF19BA5BDA}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{76AFA70D-F90C-45F3-96F3-8D2F0E86ED71}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{784F7AF4-3359-40CF-BB52-DB8AE71612A6}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{796E805E-DDA6-4861-9F4D-E33323C275BD}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{7BB8AAE7-A2E7-4EDA-9EB2-6C832A29E57F}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{7C2DB8F7-6950-49CA-8420-AF659495FBF4}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{7FEBE3EB-C408-4C63-B76E-AB9DAAB07E33}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{83AE1312-68F6-4268-BA7A-27782BCDC0A4}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{8622CD10-0A79-4EC6-B9D9-6B5A41EC1551}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{8AA3E66C-432B-48DA-B8AE-5A95A1F04D67}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{8D20B1F9-A0C1-478A-B8AB-905D02694808}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{914254CC-5639-4E39-8F32-3AABEED5EF38}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{97709C6E-30E4-4DD9-9CE3-0765811BBF1E}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{978E461B-9F85-436A-8169-362AE4A0AE94}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{99E901AE-236C-43FE-B9CD-040E2D0848BE}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{9FEB7629-0724-4755-9223-46683CC61CDE}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{A2791211-B38D-4129-BED2-D9AB6EE3F818}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{A43F240C-0102-47F8-803B-E5DC4E71CB0B}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{AA133119-DE8D-4AF2-A304-3C70A5A3AE0A}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{AA13F187-3519-4F5C-A8BE-080F0D6CF400}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{AA2BE663-BA57-4FCC-9EC7-4624E1EDE63B}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{AD35087A-C439-4800-A2EB-B5A4913590F0}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{AE138253-F7F7-4678-900D-B86354D6B359}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{AF13FB43-13DD-4929-B907-EDA437AAF5A1}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{B1994C0E-04F3-4A96-B63E-D0A5CBE92078}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{B1FACF9F-72A0-41E9-BEC2-DAF76998FABB}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{B6C59EED-56C6-472E-8339-491B2E4856E9}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{B9087FDE-80A7-45C8-A8C3-9252AB2E022C}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{BE1BF71D-8599-444D-AB8E-9DE10400A334}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{BE330CED-7338-4DD5-8BF3-0A44CDF44A2E}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{C1ACDCE4-2E6E-484F-8A06-057BF4246135}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{C2ECF627-3C41-4C49-A377-5E28776B1B82}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{C8D0C6A1-3A26-445E-9CDF-C75D1D84998E}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{CC4054D7-408F-4E65-89EC-060C9AD994C5}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{CC885BB7-C090-4F62-85AE-A735B7217D61}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{CE608DE2-B985-4FF3-9341-EA93EC1752A1}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{CE75E57A-3FBE-4396-B319-AC7E59E4574C}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{D04BF2DE-A5EB-4C70-8E47-9C9C11161C99}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{D0E1AFA0-9EB0-4992-8247-74C197325ACA}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{D30EFB10-FB80-40E9-BDA8-257DCF2931B7}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{D6107A98-7ED9-42C1-A349-43435CF07EB1}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{D885117C-C067-4E6F-85B9-D2A8A0DE409A}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{D904FC80-41F4-47A2-9EF5-EB916E1B03FD}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{DA14F1DA-BEF5-4FF2-8000-E44F0B5C9280}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{E483EB8B-FC7F-4BB2-AC44-1031BC37BD30}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{E5643248-175B-422A-98D0-E36CB0524157}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{E5A0D757-89BA-45DC-8AFB-9D4EF36F705F}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{E87C9614-3A39-4D17-9114-FF30F1AFDB96}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{EA6AFF26-9FD5-42FF-A10A-70EA22A3A53F}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{EA99B6F7-B213-4DED-9449-C8BE9D6806C1}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{EB9FED2F-2A7C-4C7D-9EDE-462BBE48EF75}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{EE748D93-08F2-4760-BE1E-75C321FE5B0F}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{F3317246-472A-461D-A8DC-520FBFA3C500}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{F5A9A082-525B-44ED-911D-A38DEAA1182A}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{F6DCE5F9-26A2-455C-B900-1E0A67E3CA46}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{F72190FF-074F-40CD-89AB-811292FBCE25}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{FB069748-BD25-44D8-AC08-B1980BDFE3B9}

Successfully deleted: [Empty Folder] C:\Users\Gregory\appdata\local\{FC4D6723-E51D-4731-95E4-3FE65941B7E7}

~~~ FireFox

Successfully deleted the following from C:\Users\Gregory\AppData\Roaming\mozilla\firefox\profiles\mz05bcs5.default\prefs.js

user_pref("browser.search.defaultengine", "Privitize VPN");

user_pref("browser.search.order.1", "Privitize VPN");

Emptied folder: C:\Users\Gregory\AppData\Roaming\mozilla\firefox\profiles\mz05bcs5.default\minidumps [83 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on vr 13/06/2014 at 23:37:05,04

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.