Ga naar inhoud

Aanbevolen berichten

  • Reacties 32
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA};c
C:\Program Files\McAfee Security Scan;fs
McComponentHostService;s
chromelook;
firefoxlook;
emptyfolderscheck;delete
startupall;
filesrcm;
  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
     
  • Do a Deep Scan
  • Installed Programs
  • Auto Clean
     
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Geplaatst:

Hoi

 

het duurde even ,maar dit is de log:

 

Zoek.exe v5.0.0.0 Updated 02-April-2015
Tool run by User on za 04-04-2015 at 11:11:21,97.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

4-4-2015 11:13:33 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\Users\User\AppData\Roaming\StormFall deleted successfully
C:\Users\User\AppData\Local\CyberLink deleted successfully
C:\Users\User\AppData\Local\Downloaded Installations deleted successfully
C:\Users\User\AppData\Local\Pirates deleted successfully
C:\Users\User\AppData\Local\Sparta deleted successfully
C:\Users\User\AppData\Local\StormFall deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1122152388-3520125672-414077326-1002\Software\Microsoft\Internet Explorer\SearchScopes\{908C053A-9A40-4C19-999A-F2E70C8873E6} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

æTorrent  
ActiveX-kontroll f”r fj„rranslutningar f”r Windows Live Mesh  
Adobe AIR  
Adobe Flash Player 16 ActiveX  
Adobe Flash Player 16 NPAPI  
Adobe Reader X (10.1.13) MUI  
Adobe Shockwave Player 11.6  
Ashampoo Photo Commander  
Ashampoo Photo Optimizer  
Ashampoo Snap  
Asmedia ASM104x USB 3.0 Host Controller Driver  
Avast Free Antivirus  
Control ActiveX de Windows Live Mesh para conexiones remotas  
Contr“le ActiveX Windows Live Mesh pour connexions … distance  
Controlo ActiveX do Windows Live Mesh para Liga‡äes Remotas  
Corel Graphics - Windows Shell Extension  
Corel Graphics - Windows Shell Extension 64 Bit  
Corel Graphics Suite 11  
CorelDRAW Essentials X5 - Common  
CorelDRAW Essentials X5 - Connect  
CorelDRAW Essentials X5 - Custom Data  
CorelDRAW Essentials X5 - DE  
CorelDRAW Essentials X5 - Draw  
CorelDRAW Essentials X5 - EN  
CorelDRAW Essentials X5 - ES  
CorelDRAW Essentials X5 - Extra Content  
CorelDRAW Essentials X5 - Filters  
CorelDRAW Essentials X5 - FR  
CorelDRAW Essentials X5 - IPM  
CorelDRAW Essentials X5 - IT  
CorelDRAW Essentials X5 - PHOTO-PAINT  
CorelDRAW Essentials X5 - Redist  
CorelDRAW Essentials X5 - Setup Files  
CorelDRAW Essentials X5 - WT  
CorelDRAW Essentials X5  
D3DX10  
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych  
Fotogalerija Windows Live  
Galeria de Fotografias do Windows Live  
Galer¡a fotogr fica de Windows Live  
Galeria fotografii uslugi Windows Live  
Galerie de photos Windows Live  
Intel® Management Engine Components  
Intel® Rapid Storage Technology  
Java 8 Update 40  
Java Auto Updater  
Junk Mail filter update  
McAfee Security Scan Plus  
Mesh Runtime  
Microsoft .NET Framework 4.5.1  
Microsoft Application Error Reporting  
Microsoft Silverlight  
Microsoft SQL Server 2005 Compact Edition [ENU]  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Mozilla Firefox 36.0.4 (x86 nl)  
Mozilla Maintenance Service  
MSVCRT  
MSVCRT_amd64  
NVIDIA-configuratiescherm 337.88  
NVIDIA 3D Vision controllerstuurprogramma 337.88  
NVIDIA 3D Vision stuurprogramma 337.88  
NVIDIA Grafisch stuurprogramma 337.88  
NVIDIA HD Audio Driver 1.2.24.0  
NVIDIA Install Application  
NVIDIA Network Service  
NVIDIA PhysX  
NVIDIA PhysX systeemsoftware 9.13.1220  
NVIDIA Stereoscopic 3D Driver  
NVIDIA Update 12.4.67  
NVIDIA Update Core  
NVIDIA Virtual Audio 1.2.23  
OpenOffice.org 3.4.1  
PlayReady PC Runtime amd64  
Poczta uslugi Windows Live  
Podstawowe programy Windows Live  
Posta Windows Live  
Raccolta foto di Windows Live  
Realtek High Definition Audio Driver  
S?????? f?t???af??? t?? Windows Live  
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)  
Spelling Dictionaries Support For Adobe Reader X  
swMSM  
VLC media player  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live Fotogalerie  
Windows Live Fotogalleri  
Windows Live Fotograf Galerisi  
Windows Live Fot¢t r  
Windows Live ID Sign-in Assistant  
Windows Live Installer  
Windows Live Language Selector  
Windows Live Mail  
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen  
Windows Live Mesh ActiveX control for remote connections  
Windows Live Mesh ActiveX Control for Remote Connections  
Windows Live Messenger  
Windows Live MIME IFilter  
Windows Live Movie Maker  
Windows Live Photo Common  
Windows Live Photo Gallery  
Windows Live PIMT Platform  
Windows Live Remote Client  
Windows Live Remote Client Resources  
Windows Live Remote Service  
Windows Live Remote Service Resources  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live Temel Par‡alar  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Windows Live Writer  
Windows Live Writer Resources  
Windows Liven asennusty”kalu  
Windows Liven s„hk”posti  
Windows Liven valokuvavalikoima  

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McComponentHostService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McComponentHostService deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s7kel7ai.default

user.js not found
---- Lines astrmndasr removed from prefs.js ----
user_pref("extensions.astrmndasr.AL", 4);
user_pref("extensions.astrmndasr.aflt", "ast_mp3_14_43_ff");
user_pref("extensions.astrmndasr.appId", "{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}");
user_pref("extensions.astrmndasr.cd", "2XzuyEtN2Y1L1QzuyEtDyCtCzzyCyB0A0E0C0CyCtA0C0CtDtN0D0Tzu0StCtDtByDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1
user_pref("extensions.astrmndasr.cr", "606429980");
user_pref("extensions.astrmndasr.data.1475e97c0146bfb1c490339546d9e72ee", "1");
user_pref("extensions.astrmndasr.data._dy", "20141021");
user_pref("extensions.astrmndasr.data.a2._dy", "20141021");
user_pref("extensions.astrmndasr.data.a2.aliveDate", "20141021");
user_pref("extensions.astrmndasr.data.a2.instlDate", "20141021");
user_pref("extensions.astrmndasr.data.cc", "nl");
user_pref("extensions.astrmndasr.data.ccfc1eb13092ea34473c169417eefd00", "1");
user_pref("extensions.astrmndasr.dfltLng", "");
user_pref("extensions.astrmndasr.dfltSrch", true);
user_pref("extensions.astrmndasr.dnsErr", true);
user_pref("extensions.astrmndasr.excTlbr", false);
user_pref("extensions.astrmndasr.general.guid", "7fc9aed6-5844-464d-8589-49491e228e2f");
user_pref("extensions.astrmndasr.hmpg", true);
user_pref("extensions.astrmndasr.id", "4061867AECC63CC0");
user_pref("extensions.astrmndasr.instlDay", "16364");
user_pref("extensions.astrmndasr.instlRef", "142905_b");
user_pref("extensions.astrmndasr.prdct", "astrmndasr");
user_pref("extensions.astrmndasr.tlbrId", "");
user_pref("extensions.astrmndasr.vrsn", "");
user_pref("extensions.astrmndasr.vrsni", "");
user_pref("extensions.astrmndasr_i.newTab", true);
user_pref("extensions.astrmndasr_i.smplGrp", "none");
user_pref("extensions.astrmndasr_i.vrsnTs", "19:58:49");
---- Lines srchvstrn removed from prefs.js ----
user_pref("extensions.srchvstrn.aflt", "vst_ggfc_15_03_ff");
user_pref("extensions.srchvstrn.AL", 4);
user_pref("extensions.srchvstrn.appId", "{4CB3598A-82E8-4D1F-983F-061238AE696E}");
user_pref("extensions.srchvstrn.cd", "2XzuyEtN2Y1L1QzuyEtDyCtCzzyCyB0A0E0C0CyCtA0C0CtDtN0D0Tzu0StCtCtDzytN1L2XzutAtFyBtFtCtFyEtN1L1CzutCyEtBzytDyD1V1B
user_pref("extensions.srchvstrn.cr", "506314414");
user_pref("extensions.srchvstrn.dfltSrch", true);
user_pref("extensions.srchvstrn.dnsErr", true);
user_pref("extensions.srchvstrn.hmpg", true);
user_pref("extensions.srchvstrn.id", "4061867AECC63CC0");
user_pref("extensions.srchvstrn.instlDay", "16449");
user_pref("extensions.srchvstrn.instlRef", "142905_s4");
user_pref("extensions.srchvstrn.prdct", "srchvstrn");
user_pref("extensions.srchvstrn.vrsn", "");
user_pref("extensions.srchvstrn.vrsni", "");
user_pref("extensions.srchvstrn_i.newTab", true);
user_pref("extensions.srchvstrn_i.vrsnTs", "12:57:43");
---- Lines ffxtbr removed from prefs.js ----
user_pref("extensions.1gffxtbr@InboxAce_1g.com.install-event-fired", true);
user_pref("extensions.8hffxtbr@Allin1Convert_8h.com.install-event-fired", true);
---- FireFox user.js and prefs.js backups ----

prefs_04-04-2015_1136_.backup

ProfilePath: C:\Users\User\AppData\Roaming\Thunderbird\Profiles\i60y7nsd.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_04-04-2015_1136_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\Program Files\McAfee Security Scan deleted
C:\Users\User\AppData\Roaming\sparta111 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4024 MB
CPU Info: Intel® Core i3 CPU         530  @ 2.93GHz
CPU Speed: 3005,7 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek HDMI Output (Realtek Hi |
Display Adapters: NVIDIA GeForce GT 330 | NVIDIA GeForce GT 330 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH22NS50
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C:  880,4GB | D:  50,0GB
Hard Disks - Free: C:  761,6GB | D:  17,2GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 04/25/11 | MEDION - 20110425
Time Zone: West-Europa (standaardtijd)
Motherboard *: MEDIONPC MS-7616
Country: Nederland
Language: NLD

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Default Browser: Firefox    36.0.4
Internet Explorer Version: 11.0.9600.17691
Mozilla Firefox version: 36.0.4 (x86 nl)
Adobe Reader version: 10.1.13.16
Sun Java version: 1.8.0_40 (32-bit)
Sun Java version: 1.8.0_40 (64-bit)
Flash Player version: 16.0.0.305
Shockwave Player version: 11.6.1r629

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\User\AppData\Local\Temp ====
2015-04-01 11:31:47    EDEAA9C2EFC6DFE47CF633D50E06AE6F    951712    ----a-w-    C:\Users\User\AppData\Local\Temp\A4CEF65E-22FB-4494-9EF8-B43237D3B955\Setup.exe
2015-04-01 11:31:47    CA00C0941605E13ED59677BB57CD771C    8552    ----a-w-    C:\Users\User\AppData\Local\Temp\A4CEF65E-22FB-4494-9EF8-B43237D3B955\DRPCUNLR.DLL
2015-04-01 11:31:47    36F4B829AA7AAAF68EF48AD6B68AA01D    284064    ----a-w-    C:\Users\User\AppData\Local\Temp\A4CEF65E-22FB-4494-9EF8-B43237D3B955\SetupXML.dll
2015-04-01 11:31:47    047E7361EF21078FD1052016BABF4113    337312    ----a-w-    C:\Users\User\AppData\Local\Temp\A4CEF65E-22FB-4494-9EF8-B43237D3B955\Script.dll
2015-04-01 11:31:47    02F9A4B1D8C45C74C8A96E3AF36CE5BF    324968    ----a-w-    C:\Users\User\AppData\Local\Temp\A4CEF65E-22FB-4494-9EF8-B43237D3B955\SerChckv2.dll
2015-04-01 11:31:24    EDEAA9C2EFC6DFE47CF633D50E06AE6F    951712    ----a-w-    C:\Users\User\AppData\Local\Temp\D2287D36-7438-44A2-B76C-05AD13155023\Setup.exe
2015-04-01 11:31:24    CA00C0941605E13ED59677BB57CD771C    8552    ----a-w-    C:\Users\User\AppData\Local\Temp\D2287D36-7438-44A2-B76C-05AD13155023\DRPCUNLR.DLL
2015-04-01 11:31:24    36F4B829AA7AAAF68EF48AD6B68AA01D    284064    ----a-w-    C:\Users\User\AppData\Local\Temp\D2287D36-7438-44A2-B76C-05AD13155023\SetupXML.dll
2015-04-01 11:31:24    047E7361EF21078FD1052016BABF4113    337312    ----a-w-    C:\Users\User\AppData\Local\Temp\D2287D36-7438-44A2-B76C-05AD13155023\Script.dll
2015-04-01 11:31:24    02F9A4B1D8C45C74C8A96E3AF36CE5BF    324968    ----a-w-    C:\Users\User\AppData\Local\Temp\D2287D36-7438-44A2-B76C-05AD13155023\SerChckv2.dll
====== Java Cache =====
2015-04-01 11:39:53    C1BBA7F1278F193AB584FFF460DB5E2A    17878    ----a-w-    C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-23741574
2015-04-01 11:39:25    415FC9732A3F4D89A0E01251CD66E136    646    ----a-w-    C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-541a159b
2015-04-01 11:39:25    4DCAEA9A6596C47A115CAC1C67D1953D    100    ----a-w-    C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2015-04-01 11:39:24    415FC9732A3F4D89A0E01251CD66E136    646    ----a-w-    C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-756f7f98
2015-04-01 11:39:25    34FA8033B50A3F99D3AB8209C72C0ABA    6860    ----a-w-    C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-20258186
====== C:\Windows\SysWOW64 =====
2015-04-01 11:38:24    7A76F83B4DCA86B5DB17D43A5820CF40    98216    ----a-w-    C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-01 09:42:25    B80ED6FE45B2BF16DFFF7FB1E1267189    601432    ----a-w-    C:\Windows\SysWOW64\nvStreaming.exe
2015-04-01 09:39:31    E0BAE9963FDFC7EE0F094CC21ACEDCB2    2412376    ----a-w-    C:\Windows\SysWOW64\nvcuvenc.dll
2015-04-01 09:39:31    DFD9E5B415FDE7762D5E308AB079213B    24025376    ----a-w-    C:\Windows\SysWOW64\nvoglv32.dll
2015-04-01 09:39:31    D4A967290B64B6B27DBABD196B56E88B    2953672    ----a-w-    C:\Windows\SysWOW64\nvcuvid.dll
2015-04-01 09:39:31    9264218461CD5C794E79F09869D91BFA    14434704    ----a-w-    C:\Windows\SysWOW64\nvd3dum.dll
2015-04-01 09:39:31    4116D4B396B81F660A0C295AC3DE2570    2730208    ----a-w-    C:\Windows\SysWOW64\nvapi.dll
2015-04-01 09:39:31    2A908765AEC390E043DC3BB70E830431    17561544    ----a-w-    C:\Windows\SysWOW64\nvcompiler.dll
2015-04-01 09:39:31    20C5BAC1AD34F2DE9218ED02452C1F75    9735256    ----a-w-    C:\Windows\SysWOW64\nvcuda.dll
2015-04-01 09:39:31    0D1767721D4E041A46147BE6FD431E1F    9697640    ----a-w-    C:\Windows\SysWOW64\nvopencl.dll
2015-04-01 09:39:31    07B32718763940B2E3E07C9239BCE27D    867784    ----a-w-    C:\Windows\SysWOW64\NvIFR.dll
2015-04-01 09:39:31    0268BC34A712C7F8A0319588EF72EABD    861128    ----a-w-    C:\Windows\SysWOW64\NvFBC.dll
2015-04-01 09:37:47    74673E3D9BF4A1614C82D8B7D3C0113F    34760    ----a-w-    C:\Windows\SysWOW64\nvaudcap32v.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-04-01 09:39:31    E61317028214F13D5EB9440A3CE1719C    3141976    ----a-w-    C:\Windows\Sysnative\nvcuvid.dll
2015-04-01 09:39:31    D631134BA685804BEA61AB742A1AA434    1541576    ----a-w-    C:\Windows\Sysnative\nvdispgenco6433788.dll
2015-04-01 09:39:31    CCB066BDA9C55558D4B46C70C9348C56    25256224    ----a-w-    C:\Windows\Sysnative\nvcompiler.dll
2015-04-01 09:39:31    C9A04E3D28DBE8D1F61739D79B24CE58    11644928    ----a-w-    C:\Windows\Sysnative\nvcuda.dll
2015-04-01 09:39:31    B487782FB98ABBD99B10752A98B80165    2785568    ----a-w-    C:\Windows\Sysnative\nvcuvenc.dll
2015-04-01 09:39:31    B31922D7C20D6858C699EA064F0AD64A    17480432    ----a-w-    C:\Windows\Sysnative\nvd3dumx.dll
2015-04-01 09:39:31    9AE38F27CE70EABB2638DD3FADB68BA7    1889112    ----a-w-    C:\Windows\Sysnative\nvdispco6433788.dll
2015-04-01 09:39:31    5BEEDA0A0E4571C0DE73E83FAC89CE0A    11599072    ----a-w-    C:\Windows\Sysnative\nvopencl.dll
2015-04-01 09:39:31    3A069A3F0FBDDE18410998025D4D4D31    892704    ----a-w-    C:\Windows\Sysnative\NvFBC64.dll
2015-04-01 09:39:31    17F006163CF374A8B27B88391622F268    31387936    ----a-w-    C:\Windows\Sysnative\nvoglv64.dll
2015-04-01 09:39:31    0A307EB9B264EE47C25323C29968F38F    895776    ----a-w-    C:\Windows\Sysnative\NvIFR64.dll
2015-04-01 09:37:47    9156467C3BEF1820A8ADF6A02D755927    37320    ----a-w-    C:\Windows\Sysnative\nvaudcap64v.dll
2015-03-25 09:10:16    EBDE90C94A0671F05AAA0DF2A2139F43    227328    ----a-w-    C:\Windows\Sysnative\aepdu.dll
2015-03-25 09:10:16    EBDBE8037B0BE75B05CBC5DEEE49BA90    677888    ----a-w-    C:\Windows\Sysnative\generaltel.dll
2015-03-25 09:10:16    E82D241A892C15FB42AB0A3D83C01ACA    414720    ----a-w-    C:\Windows\Sysnative\devinv.dll
2015-03-25 09:10:16    B3B9C29F90A10216F13113757BCACAD8    1107456    ----a-w-    C:\Windows\Sysnative\aeinv.dll
2015-03-25 09:10:16    82009026471290E8A512D1FE2442FDFC    760832    ----a-w-    C:\Windows\Sysnative\invagent.dll
2015-03-25 09:10:16    75A43F9EA79BF721DC6D94980F85F87D    943616    ----a-w-    C:\Windows\Sysnative\appraiser.dll
2015-03-25 09:10:16    4BA77DD4E4894EAF2BCB2D3E0A0B6F7A    30720    ----a-w-    C:\Windows\Sysnative\acmigration.dll
2015-03-25 09:10:16    1C11E0739B2B354647D292FCDCB7AF8E    192000    ----a-w-    C:\Windows\Sysnative\aepic.dll
====== C:\Windows\Sysnative\drivers =====
2015-04-01 09:39:31    0AC797F70F2F3E5B69A34FF2F63496F3    12688328    ----a-w-    C:\Windows\Sysnative\drivers\nvlddmkm.sys
2015-04-01 09:37:54    75034A4D7C02327D150B617571D4196A    40392    ----a-w-    C:\Windows\Sysnative\drivers\nvvad64v.sys
2015-03-11 10:45:32    ED6E75158D28D33A2E2A020AC5B2B59D    663552    ----a-w-    C:\Windows\Sysnative\drivers\PEAuth.sys
2015-03-11 10:45:14    87BCD1034CBF33537D4D4C251D39BA26    94656    ----a-w-    C:\Windows\Sysnative\drivers\mountmgr.sys
2015-03-11 10:45:00    90C53BD47979FB8814F465A08B885102    61440    ----a-w-    C:\Windows\Sysnative\drivers\appid.sys
2015-03-11 10:42:53    8BA90F480705D7153AD0060CCA62222A    155576    ----a-w-    C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-03-11 10:42:53    27667A788130A7F7A5858DE27572E6D7    459336    ----a-w-    C:\Windows\Sysnative\drivers\cng.sys
2015-03-11 10:42:52    56ED3EE5FED6BF2FC1305CF872042868    95680    ----a-w-    C:\Windows\Sysnative\drivers\ksecdd.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-04-01 11:38:33    --------    d-----w-    C:\PROGRA~2\COMMON~1\Java
2015-04-01 11:37:41    --------    d-----w-    C:\PROGRA~2\Java
======= C: =====
====== C:\Users\User\AppData\Roaming ======
2015-04-01 09:49:30    --------    d-----w-    C:\Users\User\AppData\Local\NVIDIA
====== C:\Users\User ======
2015-04-01 11:38:05    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-01 11:37:46    --------    d-----w-    C:\ProgramData\Oracle
2015-04-01 09:42:56    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

====== C: exe-files ==
2015-04-04 01:30:47    A6C3E3120AC125BABE410959083A0108    459264    ----a-w-    C:\Windows\System32\GWX\GWX.exe
2015-04-04 01:30:47    86345D30828786E1CC6AF12DF769D136    392704    ----a-w-    C:\Windows\SysWOW64\GWX\GWX.exe
2015-04-04 01:30:47    771215B601C7D7E88D015D974AF7BEC7    393216    ----a-w-    C:\Windows\System32\GWX\GWXUX.exe
2015-04-04 01:30:47    29038FF696BB007224872DA9645EA324    353048    ----a-w-    C:\Windows\System32\GWX\GWXUXWorker.exe
2015-04-04 01:30:46    E32AAB3E477398B78E9D8F2418D1989C    658944    ----a-w-    C:\Windows\System32\GWX\GWXConfigManager.exe
2015-04-03 13:00:35    554D0E50BFE40D6B633392A03077C046    446584    ----a-w-    C:\Users\User\AppData\Local\NVIDIA\NvBackend\Packages\0000731e\CoProc update.19457567.exe
2015-04-03 13:00:28    9E6A68C67250872F32B226E8D023F4E6    5347536    ----a-w-    C:\Users\User\AppData\Local\NVIDIA\NvBackend\Packages\00007313\DAO.19457206.exe
2015-04-02 13:00:03    D47FE68361CF5D73E4E5202B4E570F22    5320744    ----a-w-    C:\Users\User\AppData\Local\NVIDIA\NvBackend\Packages\000072fd\DAO.19453620.exe
2015-04-02 11:49:14    895411AF4EB208C1D61484B783C24152    675256    ----a-w-    C:\Users\User\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-04-02 11:49:10    B7358DA2B84CA224A6BC86D9BBCEC32E    172984    ----a-w-    C:\Users\User\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-04-01 11:38:06    A07427A93E1133A7F0F4691CC54B9294    0    ----a-we    C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-04-01 11:38:06    94017ABBDE345580542D8301793EFF7A    0    ----a-we    C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-04-01 11:38:05    30E9397C2F0C8FF128219D6A25E172BB    0    ----a-we    C:\ProgramData\Oracle\Java\javapath\java.exe
2015-04-01 11:37:56    F95C5163F6D8955BEF59A896C7F7112D    159656    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\unpack200.exe
2015-04-01 11:37:55    DFB1F31DD4A08FA5892886DC7117064A    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmid.exe
2015-04-01 11:37:55    AF28DAA2B4EB3AD87203202264A2491C    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\klist.exe
2015-04-01 11:37:55    A29B7A1BAD1A1EB608ACF7684F1F1E37    16296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\tnameserv.exe
2015-04-01 11:37:55    946FD6292EAE3FBB93CC3BB01BA8763D    76712    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2launcher.exe
2015-04-01 11:37:55    7833052815087E5BF9346AC78FDCED68    51112    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssvagent.exe
2015-04-01 11:37:55    751E8649890CC42727D80F8D6DE1F1CB    16296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\servertool.exe
2015-04-01 11:37:55    7162180C98D1BE5D1315FC05B3C91E9D    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\pack200.exe
2015-04-01 11:37:55    689916BDF4F58C7F7AD25F8B3ABB783A    16296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmiregistry.exe
2015-04-01 11:37:55    32700B34EE49959FAF64EC46D96B3630    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\ktab.exe
2015-04-01 11:37:55    1FA2D0F07730F502A857BFC63DA6C193    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\kinit.exe
2015-04-01 11:37:55    0A9C7408BADBA5D2C841817C22ACBF07    16296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\policytool.exe
2015-04-01 11:37:55    08363434BEC1B0AE6420C77820BC12E9    16296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\orbd.exe
2015-04-01 11:37:55    042B789E469D238D5FA9DEC4241CE3FD    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\keytool.exe
2015-04-01 11:37:54    A07427A93E1133A7F0F4691CC54B9294    272296    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaws.exe
2015-04-01 11:37:54    94017ABBDE345580542D8301793EFF7A    191400    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaw.exe
2015-04-01 11:37:54    79B6403F5BD398BB9880F00FAF7C69DA    68520    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe
2015-04-01 11:37:54    6031BACB59D93E5ECB4ACDE6E12565EA    30632    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\jabswitch.exe
2015-04-01 11:37:54    3DB4CD42B36FD2C98E9B51E3CBC1670E    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\jjs.exe
2015-04-01 11:37:54    30E9397C2F0C8FF128219D6A25E172BB    190888    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\java.exe
2015-04-01 11:37:54    2794D464D89260B0316C16A9FE24C660    15784    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\bin\java-rmi.exe
2015-04-01 11:31:47    EDEAA9C2EFC6DFE47CF633D50E06AE6F    951712    ----a-w-    C:\Users\User\AppData\Local\Temp\A4CEF65E-22FB-4494-9EF8-B43237D3B955\Setup.exe
2015-04-01 11:31:24    EDEAA9C2EFC6DFE47CF633D50E06AE6F    951712    ----a-w-    C:\Users\User\AppData\Local\Temp\D2287D36-7438-44A2-B76C-05AD13155023\Setup.exe
2015-04-01 11:23:05    45A11C9C96AB08DDEA7172C53452E447    561064    ----a-w-    C:\Downloads\jxpiinstall.exe
2015-04-01 09:53:52    091D04129C8DA68A6563364EF0E509D8    36672136    ----a-w-    C:\ProgramData\NVIDIA Corporation\NetService\GeForce_Experience_Update_v2.4.1.21.exe
2015-04-01 09:53:40    2E036D90308CA91B86291AE7A8D53FB8    5319392    ----a-w-    C:\Users\User\AppData\Local\NVIDIA\NvBackend\Packages\000072d7\DAO.19449842.exe
2015-04-01 09:53:35    DD370F1BC3A887A0D7193E4A834B1DF5    443776    ----a-w-    C:\Users\User\AppData\Local\NVIDIA\NvBackend\Packages\000072d3\CoProc update.19449754.exe
2015-04-01 09:53:30    4411D9FE435927C153DD4C349E774D8A    329984    ----a-w-    C:\Users\User\AppData\Local\NVIDIA\NvBackend\Packages\000063ee\DRS update.18673252.exe
2015-04-01 09:43:13    55EC605950AF6AD0523B957E533080D5    3823448    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
2015-04-01 09:43:13    391A15C882E971FE25B1A561B98E9917    596768    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\7z.exe
2015-04-01 09:43:12    44FE94FCDF97E574B6986C5A81758628    2199840    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2015-04-01 09:43:12    2C0763F604E5AD693C1D1234E7E17685    196440    ----a-w-    C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe
2015-04-01 09:42:26    4F4D683F5E67589F3B008D7F8A81F5B2    8343384    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe
2015-04-01 09:42:25    EE44067F1F70F82D567F6E19216949DA    897312    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe
2015-04-01 09:42:25    EB760DD274DB5AEB1051B98D21EF7456    2597376    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe
2015-04-01 09:42:25    CD4BFFA8BD1D3C672D67429F57BC6C22    822216    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe
2015-04-01 09:42:25    B80ED6FE45B2BF16DFFF7FB1E1267189    601432    ----a-w-    C:\Windows\SysWOW64\nvStreaming.exe
2015-04-01 09:42:25    718D79F2E7EC3AFFD3661DA81F93BBEA    413128    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2015-04-01 09:42:25    5425CBD3B8105F14E0409E02205D2224    1093464    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe
2015-04-01 09:42:25    2AD57033D1C85D1CCC8905AA1DEE0508    1893720    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
2015-04-01 09:42:25    1DFBEB805F5FD9D4F65AF2E95E1D7E66    438560    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe
2015-04-01 09:42:21    C22ADABFABBC2B7AC189C87D87B1ABD6    1617696    ----a-w-    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
2015-04-01 09:41:48    F807C4A1D0CD324E3342B4FED66BAC9B    3420104    ----a-w-    C:\Program Files\NVIDIA Corporation\Control Panel Client\NvGpuUtilization.exe
2015-04-01 09:41:48    AD8F7B302F13621D7EAAF991B7F9BC83    63264    ----a-w-    C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe
2015-04-01 09:41:48    AC388220C3842410DA03B1240A669F78    64456    ----a-w-    C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe
2015-04-01 09:41:43    9B8AC3773D9B6867DDC0535EFED519B8    413472    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{A76065C5-7B85-4CCC-901A-16AA8ABACE35}\setup.exe
2015-04-01 09:41:43    5205174059DCA6ACFADA3C67211BF3D0    1203488    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{A76065C5-7B85-4CCC-901A-16AA8ABACE35}\nvxdsync.exe
2015-04-01 09:41:42    C135A25E8CF21EB631AB041ABB1F73EA    927520    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{A76065C5-7B85-4CCC-901A-16AA8ABACE35}\nvvsvc.exe
2015-04-01 09:41:42    21504D9D71CF63CE05C870BEAD0B72D8    2448840    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{A76065C5-7B85-4CCC-901A-16AA8ABACE35}\NvTray.exe
2015-04-01 09:41:39    F807C4A1D0CD324E3342B4FED66BAC9B    3420104    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{A76065C5-7B85-4CCC-901A-16AA8ABACE35}\NvGpuUtilization.exe
2015-04-01 09:41:39    AD8F7B302F13621D7EAAF991B7F9BC83    63264    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{A76065C5-7B85-4CCC-901A-16AA8ABACE35}\nvSmartMaxapp.exe
2015-04-01 09:41:39    AC388220C3842410DA03B1240A669F78    64456    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{A76065C5-7B85-4CCC-901A-16AA8ABACE35}\nvSmartMaxapp64.exe
2015-04-01 09:41:38    86B33FEEFAB542275B5A1D555BE1C61C    6867912    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{A76065C5-7B85-4CCC-901A-16AA8ABACE35}\nvcplui.exe
2015-04-01 09:41:31    9B8AC3773D9B6867DDC0535EFED519B8    413472    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\installer.{CBC697A5-8EAC-4459-BBFA-DAE2D9B9DF02}\setup.exe
2015-04-01 09:39:31    DA79D3DADC7139C0F8BC47A7CDB89349    843720    ----a-w-    C:\Program Files\NVIDIA Corporation\NVSMI\MCU.exe
2015-04-01 09:39:31    D7B05022A40A82CC349C233B31D4DB60    440152    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{9970CC8E-9717-4F25-B488-24C36AA564BD}\dbInstaller.exe
2015-04-01 09:39:31    D7B05022A40A82CC349C233B31D4DB60    440152    ----a-w-    C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe
2015-04-01 09:39:31    BA58A0864BBC7BCA449A36A176B9AEF0    224032    ----a-w-    C:\Program Files\NVIDIA Corporation\NVSMI\nvdebugdump.exe
2015-04-01 09:39:31    83E896976EB26907E4A0697F60F10FE9    329672    ----a-w-    C:\Program Files\NVIDIA Corporation\NVSMI\nvidia-smi.exe
2015-04-01 09:39:31    7DC401750B3E600ABDE44D6911DC6068    82894768    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{9970CC8E-9717-4F25-B488-24C36AA564BD}\NvCplSetupInt.exe
2015-04-01 09:39:31    1176A9794E0937337ACB3E7F364CCFCD    18736904    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{DE7B6458-DE03-459C-A4FF-F39D4C40734E}\3DVision.exe
2015-04-01 09:37:55    54992AEB1CD0BFCA54DB55F5BAD8E970    415176    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\installer.{D1E77C7D-2856-4815-B07E-7C88E020DD75}\setup.exe
2015-04-01 09:37:46    FDF98AA9AFB8372B6541A8B5EC14924F    479520    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\Display.NView\nvTaskBar.exe
2015-04-01 09:37:46    E53E407A3BA0EB78D66BD977D6F888DF    2728736    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\Display.NView\nwiz.exe
2015-04-01 09:37:46    54992AEB1CD0BFCA54DB55F5BAD8E970    415176    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\setup.exe
2015-04-01 09:37:46    2C0763F604E5AD693C1D1234E7E17685    196440    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\Update.Core\WLMerger.exe
2015-04-01 09:37:45    CE4EF54DD0B8074AA23F863A720904C6    19702048    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe
2015-04-01 09:37:45    A04DB12D6EFE73798B9978BB822F54F3    21007192    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe
2015-04-01 09:37:45    7E6527734E2DB3506C5AB851F071EA90    3821912    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
2015-04-01 09:37:45    0D5FFF3EC68C15A0FCFD63C2F4799EDD    5011912    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
2015-04-01 09:37:44    C22ADABFABBC2B7AC189C87D87B1ABD6    1617696    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\Network.Service\NVNetworkService.exe
2015-04-01 09:37:44    80040D0825AC3DF09E6CA2941B128083    128456    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedVisualizer.exe
2015-04-01 09:37:44    7FF9266C0D6F7433FB323661C116A7AB    1532704    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps.exe
2015-04-01 09:37:44    2D926E94F486D4AE37F7AB0B078D0028    1845192    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps64.exe
2015-04-01 09:37:44    175F2340C461C2A0601E62C2E76CC9BE    638752    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2015-04-01 09:37:44    13C7676555EAF680618C42D9C35100A8    87328    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedServiceHost.exe
2015-04-01 09:37:37    82D2911D63319E3E061D7631F12F38AC    744736    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\Display.NView\nvAppBar.exe
2015-04-01 09:37:37    7DC401750B3E600ABDE44D6911DC6068    82894768    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\Display.Driver\NvCplSetupInt.exe
2015-04-01 09:37:37    55EC605950AF6AD0523B957E533080D5    3823448    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\GFExperience\GFExperience.exe
2015-04-01 09:37:37    44FE94FCDF97E574B6986C5A81758628    2199840    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\Update.Core\NvBackend.exe
2015-04-01 09:37:36    571C71865C8F3C3133D631FF6B229CBD    541640    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\ShadowPlay\DXSETUP.exe
2015-04-01 09:37:32    53406E9988306CBD4537677C5336ABA4    889416    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\MS.NET\dotNetFx40_Full_setup.exe
2015-04-01 09:37:32    251743DFD3FDA414570524BAC9E55381    50449456    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\MS.NET\dotNetFx40_SA_Full_x86_x64.exe
2015-04-01 09:37:31    D7B05022A40A82CC349C233B31D4DB60    440152    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\Display.Driver\dbInstaller.exe
2015-04-01 09:37:31    391A15C882E971FE25B1A561B98E9917    596768    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\GFExperience\7z.exe
2015-04-01 09:37:30    1176A9794E0937337ACB3E7F364CCFCD    18736904    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\NV3DVision\3DVision.exe
2015-04-01 09:27:52    F426828D3FC9B7CD37FDCFF53A9AB743    283376896    ----a-w-    C:\Downloads\341.44-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-03-31 22:13:54    516A5FCE06BB388499238A5F9286CB74    96768    ----a-w-    C:\Windows\Temp\07671A85-66F2-4AB8-809F-7F0AD380E618\DismHost.exe
2015-03-30 12:42:41    678AB0E8665345E72D11149A36F965BE    5127432    ----a-w-    C:\Downloads\spsetup128.exe
=== C: other files ==
2015-04-01 11:37:56    9DCBFF045A2A43212A4763C3461A50B9    14130    ----a-w-    C:\Program Files (x86)\Java\jre1.8.0_40\lib\deploy\ffjcext.zip
2015-04-01 09:41:39    EA31EB3A4ACCDD61B3A0738D18EB6FCB    15648    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{A76065C5-7B85-4CCC-901A-16AA8ABACE35}\NVI2SystemService32.sys
2015-04-01 09:41:39    7D8D077E6F60948FA4D637BC5C27FAE9    17864    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{A76065C5-7B85-4CCC-901A-16AA8ABACE35}\NVI2SystemService64.sys
2015-04-01 09:39:31    B412100DEC0BE654893AF4801593845D    434264    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{5B5AF644-2DC4-4CCF-AC4F-F42356DD90ED}\nvstusb32.sys
2015-04-01 09:39:31    6E41DCD4CA35F3102BDC34E9C5E383CC    451872    ----a-w-    C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{5B5AF644-2DC4-4CCF-AC4F-F42356DD90ED}\nvstusb64.sys
2015-04-01 09:39:31    0AC797F70F2F3E5B69A34FF2F63496F3    12688328    ----a-w-    C:\Windows\System32\drivers\nvlddmkm.sys
2015-04-01 09:37:54    FA3B7E6BD974251CE1160A471B497072    34080    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\NvVAD\nvvad32v.sys
2015-04-01 09:37:54    F4992A26D629288ADBBDC3A715629FA1    163104    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\HDAudio\nvhda64.sys
2015-04-01 09:37:54    E366A5681C50785D4ED04FCFD65C3415    197408    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\HDAudio\nvhda64v.sys
2015-04-01 09:37:54    B412100DEC0BE654893AF4801593845D    434264    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb32.sys
2015-04-01 09:37:54    B16B44B59EA852884153286997609046    17864    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService64.sys
2015-04-01 09:37:54    A88135181D776F8C18550A589A9CAF2D    18776    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys
2015-04-01 09:37:54    9F8EE4948B7ADD9D12F778F61A2758A4    162592    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\HDAudio\nvhda32v.sys
2015-04-01 09:37:54    75034A4D7C02327D150B617571D4196A    40392    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2015-04-01 09:37:54    75034A4D7C02327D150B617571D4196A    40392    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\NvVAD\nvvad64v.sys
2015-04-01 09:37:54    6E41DCD4CA35F3102BDC34E9C5E383CC    451872    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb64.sys
2015-04-01 09:37:54    47FEB587AAE06F6717FCABF8BCF184FD    129312    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\HDAudio\nvhda32.sys
2015-04-01 09:37:54    20555DC91CF6952BBFDFFB1773147137    15648    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService32.sys
2015-04-01 09:37:54    048B39EAAAE3A5FDCD7F3B35868298A0    17240    ----a-w-    C:\NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1122152388-3520125672-414077326-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

==== Startup Folders ======================

2012-10-01 20:15:44    1239    ----a-w-    C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05-02-2015 18:47]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\{2F9ECE8B-A960-4810-8D5D-F2AACB2F733A}" [C:\Downloads\ffdshow_rev4532_20140717_clsid.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s7kel7ai.default
user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "https://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=667671&p=");

==== Firefox Proxy Settings ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s7kel7ai.default
user_pref("network.proxy.type", 4);

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [27-01-2015 15:19]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s7kel7ai.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

ProfilePath: C:\Users\User\AppData\Roaming\Thunderbird\Profiles\i60y7nsd.default
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s7kel7ai.default
87132527E2256CF6683A18C4EB34DD3B    - C:\Windows\system32\Wat\npWatWeb.dll -    Windows Activation Technologies
F475DAA3CF6D19DA49BE7BAC0A966DB3    - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll -    Shockwave for Director / Shockwave for Director
C62322C77D1AAB77B1CF1130FCC3673A    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll -    Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02-12-2014 11:27]

Google Docs - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{908C053A-9A40-4C19-999A-F2E70C8873E6}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{908C053A-9A40-4C19-999A-F2E70C8873E6}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google  Url="https://www.google.com/search?trackid=sp-006&q={searchTerms}"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1122152388-3520125672-414077326-1002\Software\mozilla\Firefox\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8} deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JE0JUB7C will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\s7kel7ai.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=44 folders=7 17048936 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JE0JUB7C" not found

==== EOF on za 04-04-2015 at 11:47:51,27 ======================
 

 

 

Geplaatst:

Hoi Waar kijk je precies naar? of Wat is het dat je zoekt?

 

 

Wil je wel laten weten dat na de installatie van de nvidea driver de processor zo stil is dat ik me soms afvraag of het niet te stil is.

Maarja,zoalng alles werkt,werkt t!

Geplaatst:

We zoeken vooral naar overbodige zaken die een veiligheidsrisico vormen.

En het valt best mee :)

 

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi;f
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions];r
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"=-;r
{e4f94d1e-2f53-401e-8885-681602c0ddd8};c
autoclean;
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Geplaatst:

Zoek.exe v5.0.0.0 Updated 02-April-2015
Tool run by User on za 04-04-2015 at 13:47:12,65.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Downloads\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2015-04-04-094751.log    56877 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s7kel7ai.default

user.js not found
---- Lines {e4f94d1e-2f53-401e-8885-681602c0ddd8} removed from prefs.js ----
user_pref("extensions.{e4f94d1e-2f53-401e-8885-681602c0ddd8}.install-event-fired", true);
---- FireFox user.js and prefs.js backups ----

prefs_04-04-2015_1415_.backup

ProfilePath: C:\Users\User\AppData\Roaming\Thunderbird\Profiles\i60y7nsd.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_04-04-2015_1415_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"=-

==== Deleting Files \ Folders ======================

"C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" not found

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s7kel7ai.default
user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.selectedEngine", "Yahoo!");
user_pref("keyword.URL", "https://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=667671&p=");

==== Firefox Proxy Settings ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s7kel7ai.default
user_pref("network.proxy.type", 4);

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [27-01-2015 15:19]

==== Firefox Extensions ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s7kel7ai.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

ProfilePath: C:\Users\User\AppData\Roaming\Thunderbird\Profiles\i60y7nsd.default
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s7kel7ai.default
87132527E2256CF6683A18C4EB34DD3B    - C:\Windows\system32\Wat\npWatWeb.dll -    Windows Activation Technologies
F475DAA3CF6D19DA49BE7BAC0A966DB3    - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll -    Shockwave for Director / Shockwave for Director
C62322C77D1AAB77B1CF1130FCC3673A    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll -    Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02-12-2014 11:27]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google  Url="https://www.google.com/search?trackid=sp-006&q={searchTerms}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AKUMQC1N will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\s7kel7ai.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=46 folders=7 17072959 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AKUMQC1N" not found

==== EOF on za 04-04-2015 at 14:44:15,01 ======================
 

Geplaatst:

Is het normaal dat de zoek.exe zichzelf eenmalig anabied,en na gebruik zichzelf verwijdert?

 

 

Ik moest bij de 2e maal zoek.exe weer opnieuw installeren,en bij acceptatie kreeg ik geen "dit bestand bestaat al, wilt u het vervangen"optie.

Geplaatst:

Zoek.exe verwijderd zichzelf normaal niet na gebruik.

 

Download adwcleaner.png AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).
 

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean (Engelse versie)of Verwijderen (Nederlandse versie).
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Voeg dit logje toe aan je volgend bericht.
Anders is het hier terug te vinden C:\\AdwCleaner\\AdwCleaner[s0].txt.

 

Meer informatie vind je in de handleiding.

Geplaatst:

Hoi Beetje de pasen overleefd? is er in belgie ook de traditie van een paasvuur?

 

 

OK terug naar pc zaken.

 

Ik heb de adwcleaner geinstalleerd en de scan gedaan,maar er was geen enkel resultaat.Er viel niets te "cleanen"

 

dit is de (heel korte) log

 

 

# AdwCleaner v4.200 - Logbestand aangemaakt 06/04/2015 op 17:40:32
# Laatste update 29/03/2015 door Xplode
# Database : 2015-03-29.1 [server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : User - USER-PC
# Gestart vanuit : C:\Downloads\adwcleaner_4.200.exe
# Optie : Scannen

***** [ Services ] *****


***** [ Bestanden / Mappen ] *****


***** [ Geplande taken ] *****


***** [ Snelkoppelingen ] *****


***** [ Register ] *****

Sleutel Gevonden : HKLM\SOFTWARE\SPPDCOM

***** [ Webbrowsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v37.0.1 (x86 nl)


-\\ Google Chrome v


*************************

AdwCleaner[R5].txt - [708 bytes] - [06/04/2015 17:40:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [766 bytes] ##########
 

Geplaatst:

OK,nieuwe informatie.

 

Ik dacht dat de scan lang zou duren,en ben dus iets anders gaan doen. Ik zie nu dat er wel iets gevonden is, die sleutel hk...maar toen ik keek stond er dus echt niets in het lijstje met `gevonden malware`

 

Houd dat in dat als het maar lang genoeg duurt,zoiets zichzelf weer uit die lijst kan halen= hoe gek dat ook klinkt!!

BIj de 2e keer scannen zag ik t wel staan,en heb m direct verwijdert.

 

En daarvan is hier de log.

 

# AdwCleaner v4.200 - Logbestand aangemaakt 06/04/2015 op 17:59:53
# Laatste update 29/03/2015 door Xplode
# Database : 2015-03-29.1 [server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : User - USER-PC
# Gestart vanuit : C:\Downloads\adwcleaner_4.200.exe
# Optie : Verwijderen

***** [ Services ] *****


***** [ Bestanden / Mappen ] *****


***** [ Geplande taken ] *****


***** [ Snelkoppelingen ] *****


***** [ Register ] *****

Sleutel Verwijderd : HKLM\SOFTWARE\SPPDCOM

***** [ Webbrowsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v37.0.1 (x86 nl)


-\\ Google Chrome v


*************************

AdwCleaner[R5].txt - [844 bytes] - [06/04/2015 17:40:32]
AdwCleaner[R6].txt - [902 bytes] - [06/04/2015 17:56:53]
AdwCleaner[s5].txt - [830 bytes] - [06/04/2015 17:59:53]

########## EOF - C:\AdwCleaner\AdwCleaner[s5].txt - [888  bytes] ##########
 

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.