adriano-010
-
Items
14 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door adriano-010
-
-
Logfile of random's system information tool 1.09 (written by random/random)
Run by Adilson Adriano Cruz at 2013-11-08 21:51:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 369 GB (63%) free of 588 GB
Total RAM: 5883 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:31, on 8-11-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
H:\Programs\iTunes\iTunesHelper.exe
H:\Programs\PowerISO\PWRISOVM.EXE
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Adilson Adriano Cruz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sign In
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iME JPN 2007 Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
O4 - HKLM\..\Run: [Korean IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [iTunesHelper] "H:\Programs\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] H:\Programs\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\RunOnce: "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll",DllRegisterServer
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DS3 Tool] C:\Program Files (x86)\MotioninJoy\ds3\DS3_Tool.exe -mini
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Adilson Adriano Cruz\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [spotify] "C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Adilson Adriano Cruz\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://G:\Windows7\Dingen\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\Windows7\Dingen\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 1296206901 (.1296206901) - Unknown owner - C:\Program Files (x86)\1296206901\Adilson Adriano Cruz1296206901L.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-Win32 - C:\Windows\system32\libusbd-nt.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17356 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 39369840
\??\C:\Windows\system32\conhost.exe "-93390103710539517411450720864465970584910221442-6688042111873782944-381422330
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
WLIDSvcM.exe 2404
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
notepad zoek-results.txt
taskeng.exe {BFB1764A-0313-41B4-BA12-59C256C58917}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\MotioninJoy\ds3\DS3_Tool.exe" -mini
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe" /auto
"C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe"
"C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"H:\Programs\iTunes\iTunesHelper.exe"
"H:\Programs\PowerISO\PWRISOVM.EXE" -startup
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" view=SYSTRAY
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskeng.exe {1A9E8E02-6695-4BB9-B6B9-080ABE40A53D}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\taskmgr.exe" /4
taskeng.exe {C6A1622B-C7AE-4243-AFB5-AA59E4511FA7}
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\Adilson Adriano Cruz\Documents\Mijn Ontvangen Bestanden\alles\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3530028588-1603670836-2555211703-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3530028588-1603670836-2555211703-1000UA.job
C:\Windows\tasks\HPCeeScheduleForAdilson Adriano Cruz.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.kpnvandaag.nl|www.voetbalzone.nl"
prefs.js - "extensions.enabledItems" - "firefox@tvunetworks.com:2, 5, 3, 1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=H:\Programs\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]
"Description"=Yahoo Messenger State Plugin
"Path"=C:\Program Files (x86)\Yahoo!\Shared\npYState.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/wpi,version=1.3]
"Description"=
"Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=G:\Windows7\Dingen\Programma's\TVUPlayer\npTVUAx.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rim.com/npappworld]
"Description"=
"Path"=C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin]
"Description"=Skype Web Plugin
"Path"=C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/wpi,version=1.3]
"Description"=
"Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default\extensions\
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default\searchplugins\
youtube.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-10-02 5748928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-28 2096424]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-06-09 487424]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2010-01-20 611896]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-06-18 8192]
"IME JPN 2007 Migration"=C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE [2011-05-26 119664]
"Korean IME Migration"=C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE [2006-10-26 43808]
"Microsoft Pinyin IME Migration"=C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE [2011-05-26 59248]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 1356240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-09 1712184]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-05-19 2736128]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 9728]
"DS3 Tool"=C:\Program Files (x86)\MotioninJoy\ds3\DS3_Tool.exe [2011-10-25 112400]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20472992]
"Google Update"=C:\Users\Adilson Adriano Cruz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-29 116648]
"Spotify"=C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Spotify.exe [2013-10-16 4752384]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-10-30 1820584]
"uTorrent"=C:\Users\Adilson Adriano Cruz\AppData\Roaming\uTorrent\uTorrent.exe [2013-10-27 902736]
"Spotify Web Helper"=C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-10-16 1140736]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe []
"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"IME JPN 2007 Migration"=C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE [2011-09-19 63856]
"Korean IME Migration"=C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE [2006-10-26 26400]
"Microsoft Pinyin IME Migration"=C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE [2011-05-31 32112]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-04-06 641664]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208]
""= []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"KPN Assistent"=C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe [2013-06-12 38142582]
"WD Drive Unlocker"=C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [2012-09-06 1688008]
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2013-08-14 5537136]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2011-06-14 587320]
"iTunesHelper"=H:\Programs\iTunes\iTunesHelper.exe [2011-06-07 421160]
"PWRISOVM.EXE"=H:\Programs\PowerISO\PWRISOVM.EXE [2013-07-22 337432]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"B Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll"=C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-11-08 21:51:19 ----D---- C:\Program Files\trend micro
2013-11-08 21:51:18 ----D---- C:\rsit
2013-11-08 21:44:02 ----SHD---- C:\$RECYCLE.BIN
2013-11-08 21:31:26 ----A---- C:\Windows\zoek-delete.exe
2013-11-08 21:31:25 ----D---- C:\Windows\Temp
2013-11-08 20:48:28 ----D---- C:\zoek_backup
2013-11-08 17:51:29 ----D---- C:\ProgramData\SecTaskMan
2013-11-08 17:51:24 ----D---- C:\Program Files (x86)\Security Task Manager
2013-11-07 19:42:06 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-11-07 19:42:02 ----D---- C:\Program Files\Microsoft Security Client
2013-11-06 01:52:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-10-25 10:58:58 ----A---- C:\Windows\SYSWOW64\WDPABKP.dat
2013-10-18 11:25:20 ----D---- C:\Program Files (x86)\QuickTime
2013-10-18 11:15:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-18 11:14:53 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-18 11:14:53 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-18 11:14:53 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-09 01:21:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-09 01:21:04 ----A---- C:\Windows\system32\ieui.dll
2013-10-09 01:21:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-09 01:21:03 ----A---- C:\Windows\system32\iesetup.dll
2013-10-09 01:21:03 ----A---- C:\Windows\system32\iernonce.dll
2013-10-09 01:21:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-09 01:21:01 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-09 01:21:00 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-09 01:20:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-09 01:20:59 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 01:20:59 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-09 01:20:59 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-09 01:20:58 ----A---- C:\Windows\system32\iertutil.dll
2013-10-09 01:20:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-09 01:20:51 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-09 01:20:50 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-09 01:20:50 ----A---- C:\Windows\system32\jscript.dll
2013-10-09 01:20:49 ----A---- C:\Windows\system32\jscript9.dll
2013-10-09 01:20:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-09 01:20:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-09 01:20:46 ----A---- C:\Windows\system32\urlmon.dll
2013-10-09 01:20:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-09 01:20:44 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-09 01:20:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-09 01:20:43 ----A---- C:\Windows\system32\wininet.dll
2013-10-09 01:20:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-09 01:20:40 ----A---- C:\Windows\system32\ieframe.dll
2013-10-09 01:20:38 ----A---- C:\Windows\system32\mshtml.dll
2013-10-09 01:20:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
======List of files/folders modified in the last 1 month======
2013-11-08 21:51:19 ----RD---- C:\Program Files
2013-11-08 21:47:30 ----D---- C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify
2013-11-08 21:46:13 ----D---- C:\Users\Adilson Adriano Cruz\AppData\Roaming\Skype
2013-11-08 21:45:46 ----D---- C:\Users\Adilson Adriano Cruz\AppData\Roaming\uTorrent
2013-11-08 21:45:10 ----D---- C:\Program Files (x86)\Steam
2013-11-08 21:43:43 ----D---- C:\Windows\SysWOW64
2013-11-08 21:43:28 ----D---- C:\Windows\system32\config
2013-11-08 21:42:59 ----D---- C:\Windows
2013-11-08 21:22:02 ----SHD---- C:\System Volume Information
2013-11-08 21:18:22 ----HD---- C:\ProgramData
2013-11-08 21:18:19 ----D---- C:\ProgramData\Uniblue
2013-11-08 21:18:17 ----RD---- C:\Program Files (x86)
2013-11-08 21:01:07 ----D---- C:\Program Files (x86)\Common Files
2013-11-08 20:49:13 ----D---- C:\Windows\system32\Tasks
2013-11-08 17:01:07 ----D---- C:\Windows\System32
2013-11-08 17:01:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-08 03:55:26 ----D---- C:\Users\Adilson Adriano Cruz\AppData\Roaming\vlc
2013-11-08 03:12:05 ----SHD---- C:\Windows\Installer
2013-11-08 03:12:03 ----SHD---- C:\Config.Msi
2013-11-08 02:02:53 ----D---- C:\Users\Adilson Adriano Cruz\AppData\Roaming\HpUpdate
2013-11-07 22:55:50 ----D---- C:\Windows\system32\wbem
2013-11-07 22:54:56 ----D---- C:\JRT
2013-11-07 22:54:45 ----D---- C:\Windows\Tasks
2013-11-07 22:54:45 ----D---- C:\Windows\system32\DriverStore
2013-11-07 22:54:45 ----D---- C:\Windows\system32\drivers
2013-11-07 22:54:45 ----D---- C:\Windows\system32\catroot2
2013-11-07 22:54:45 ----D---- C:\Windows\inf
2013-11-07 22:54:44 ----D---- C:\Windows\registration
2013-11-07 22:38:10 ----D---- C:\Windows\system32\catroot
2013-11-07 19:17:23 ----D---- C:\Windows\Prefetch
2013-11-02 18:43:10 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-10-16 20:34:30 ----RSD---- C:\Windows\assembly
2013-10-16 20:32:39 ----D---- C:\Windows\Logs
2013-10-11 23:52:41 ----D---- C:\Windows\SYSWOW64\drivers
2013-10-11 23:44:40 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2013-10-10 19:50:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-09 23:01:13 ----D---- C:\ProgramData\Skype
2013-10-09 23:01:08 ----RD---- C:\Program Files (x86)\Skype
2013-10-09 17:53:15 ----D---- C:\Windows\rescache
2013-10-09 16:55:13 ----D---- C:\Windows\Microsoft.NET
2013-10-09 10:54:02 ----D---- C:\Windows\winsxs
2013-10-09 10:48:34 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-09 10:48:31 ----D---- C:\Program Files\Internet Explorer
2013-10-09 10:48:24 ----D---- C:\Windows\AppPatch
2013-10-09 10:48:17 ----D---- C:\Windows\system32\nl-NL
2013-10-09 01:25:17 ----D---- C:\ProgramData\Microsoft Help
2013-10-09 01:18:17 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-09 01:18:17 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 01:05:33 ----D---- C:\Windows\system32\MRT
2013-10-09 00:55:03 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-07-22 126872]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-16 6403584]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-16 188928]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-08 95760]
R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-11-01 3063360]
R3 clwvd;HP Webcam Splitter; C:\Windows\system32\DRIVERS\clwvd.sys [2010-06-24 32880]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2011-10-25 117520]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2011-07-20 44032]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-06-09 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-28 320560]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2012-09-06 14464]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-10 342056]
S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2010-06-10 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-06-10 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-10 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-10 21544]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\Windows\system32\drivers\libusb0.sys []
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-07-25 74752]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-09 239136]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-11-28 295424]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-16 202752]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-05 361984]
R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 Bonjour Service;Bonjour-service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-08 952096]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-05-21 103992]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 30520]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-06-14 26680]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 23808]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2010-06-09 258048]
R2 WDBackup;WD Backup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-08-14 1042808]
R2 WDDriveService;WD Drive Manager; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-08-14 270704]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2012-08-10 1001376]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 934176]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-30 566696]
S2 .1296206901;1296206901; C:\Program Files (x86)\1296206901\Adilson Adriano Cruz1296206901L.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1; C:\Windows\syswow64\libusbd-nt.exe [2005-03-09 18944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-04-04 246520]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 366600]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-29 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
-
Zoek.exe Version 4.0.0.5 Updated 05-November-2013
Tool run by Adilson Adriano Cruz on vr 08-11-2013 at 20:51:43,30.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Adilson Adriano Cruz\Desktop\zoek\zoek.scr [script inserted]
==== System Restore Info ======================
8-11-2013 20:55:26 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Monitor {7842554E-6BED-11D2-8CDB-B05550C10000} C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\ProgramData\PCSettings deleted successfully
C:\Users\Adilson Adriano 2\AppData\Roaming\hpqLog deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Electronic Arts deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Adilson Adriano 2\AppData\Local\KPN deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\eSupport.com deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\HP MediaSmart Video deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\kpn deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\PackageAware deleted successfully
C:\Users\Gast\AppData\Local\VirtualStore deleted successfully
==== Creating Sample_08-11-2013_2116.zip ======================
Process rundll32.exe killed
Copied file C:\Users\Adilson Adriano Cruz\AppData\Local\hlh.exe to sample\hlh.exe
sample\hlh.exe renamed to 234A775E4BE3D63FC28003AE7B632D0D
C:\Users\Public\Desktop\sample_08-11-2013_2116.zip created successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3530028588-1603670836-2555211703-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FEE80F40-C72C-4FA6-A4DD-0A7B3C7C39F4} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Mozilla Firefox\searchplugins\avg-secure-search.xml deleted
C:\PROGRA~2\BitLord 1.2 deleted
C:\Users\Adilson Adriano Cruz\AppData\Roaming\BitLord deleted
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Registry Mechanic deleted
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Research In Motion deleted
C:\ProgramData\Uniblue\DriverScanner deleted
C:\ProgramData\Package Cache deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Users\Adilson Adriano Cruz\AppData\Local\hlh.exe deleted
"C:\Users\Adilson Adriano Cruz\AppData\Local\728sw542r556r75p701mhj84c4o8ky70" deleted
"C:\ProgramData\728sw542r556r75p701mhj84c4o8ky70" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\ADILSO~1\AppData\Local\Temp ====
====== Java Cache =====
2013-10-11 22:42:47 ECC768E49B49F329AB30FCE7E0A12621 354375 ----a-w- C:\Users\Adilson Adriano Cruz\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\1f3e00ea-4008674c
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2013-11-08 19:49:13 3F5FDDEDD49E037086A5A8E1FADCEB12 3252 ----a-w- C:\Windows\Sysnative\Tasks\{975713E3-4C91-4526-B4CF-E0F31D7ED2FA}
2013-10-26 16:16:46 EEDC68E52A13B1D1CA94997E4B5625A1 3276 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForAdilson Adriano Cruz
2013-10-26 16:16:45 3A6D8792C7EDBBCE3B8677C8554DC9CB 392 ----a-w- C:\Windows\Tasks\HPCeeScheduleForAdilson Adriano Cruz.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2013-10-18 10:25:20 -------- d-----w- C:\PROGRA~2\QuickTime
2013-10-18 10:15:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Adilson Adriano Cruz\AppData\Roaming ======
2013-11-07 22:08:53 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps
2013-10-31 21:07:35 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps
====== C:\Users\Adilson Adriano Cruz ======
2013-11-08 16:51:29 -------- d-----w- C:\ProgramData\SecTaskMan
2013-10-18 10:25:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2013-10-18 10:23:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2013-10-18 10:14:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
====== C: exe-files ==
=== C: other files ==
==== Folders in C:\ProgramData 0-6 Months Old ======================
2013-08-18 22:36:53 -------- dc-h--w- C:\ProgramData\{BCD5E71D-D7DA-44D2-8786-C12CCD8F1E3A}
2013-09-05 09:40:56 -------- d-----w- C:\ProgramData\Western Digital
2013-09-06 12:10:23 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-09-06 21:58:22 -------- d-----w- C:\ProgramData\Apple Computer
2013-11-08 16:51:29 -------- d-----w- C:\ProgramData\SecTaskMan
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5" [14-06-2012 00:46]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"magicplayer@torrentstream.org"="C:\Users\Adilson Adriano Cruz\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org" [06-09-2013 15:44]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Adilson Adriano 2\AppData\Roaming\Mozilla\Firefox\Profiles\muguicvk.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default
- TS Magic Player - C:\Users\Adilson Adriano Cruz\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
- TVU Web Player - %ProfilePath%\extensions\firefox@tvunetworks.com
- MAFIAAFire: ThePirateBay Dancing - %ProfilePath%\extensions\thepiratebay@mafiaafire.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default
C2321043FA2CA4C32FF449DE6116B5D9 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll - Shockwave for Director / Shockwave for Director
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Users\Adilson Adriano Cruz\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update
60B64FCCE4860BA26211ED9A2CEFB982 - C:\Users\Adilson Adriano Cruz\AppData\Roaming\TorrentStream\player\npts.dll - Torrent Stream P2P Multimedia Plug-in
3D3AF7420B5B01F591163BB3CEA89877 - C:\Users\Adilson Adriano Cruz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
7F8AEFD3BBC0F30C42C59FD27A828DCF - H:\Programs\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
4579E331B8A2926E3A1DBE0F23B7758F - C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll - WPI Detector 1.3
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12-12-2011 14:13]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
ochbjojkpcmlfeagbaahkofepalngihg - C:\Users\Adilson Adriano Cruz\AppData\Roaming\TorrentStream\extensions\chrome\magicplayer.crx[05-09-2013 16:44]
YouTube - Adilson Adriano Cruz - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Adilson Adriano Cruz - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Adilson Adriano Cruz - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
DivX Plus Web Player HTML5 \u003Cvideo\u003E - Adilson Adriano Cruz - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm
TS Magic Player - Adilson Adriano Cruz - Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg
Gmail - Adilson Adriano Cruz - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hotmail.com/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hotmail.com/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{CCD0FF1D-744B-4D7F-BFD3-8BAD6F9EBBAD}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{AAE37EAB-513B-4C6F-9D01-2E2B81FD5C6E} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"
{CCD0FF1D-744B-4D7F-BFD3-8BAD6F9EBBAD} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox"
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adilson Adriano 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adilson Adriano 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2APO6EEX will be deleted at reboot
C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82UTULUA will be deleted at reboot
C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0W5OECV will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Adilson Adriano 2\AppData\Local\Mozilla\Firefox\Profiles\muguicvk.default\Cache emptied successfully
C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\eji5ukat.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Adilson Adriano Cruz\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\ADILSO~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2APO6EEX" not found
"C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82UTULUA" not found
"C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0W5OECV" not found
==== EOF on vr 08-11-2013 at 21:43:56,49 ======================
-
ComboFix 13-11-19.01 - Adilson Adriano Cruz 21-11-2013 19:37:06.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.5883.3744 [GMT 1:00]
Gestart vanuit: c:\users\Adilson Adriano Cruz\Documents\Mijn Ontvangen Bestanden\alles\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-10-21 to 2013-11-21 ))))))))))))))))))))))))))))))
.
.
2013-11-21 18:51 . 2013-11-21 18:51 -------- d-----w- c:\users\Gast\AppData\Local\temp
2013-11-21 18:51 . 2013-11-21 18:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-21 18:51 . 2013-11-21 18:51 -------- d-----w- c:\users\Adilson Adriano 2\AppData\Local\temp
2013-11-21 18:17 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F0A5328-1B8A-45CE-B904-12C2B3391BC1}\mpengine.dll
2013-11-20 17:59 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-19 11:34 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-19 11:23 . 2013-11-19 11:23 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-19 11:23 . 2013-11-19 11:23 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-13 14:07 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 14:06 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-11-13 14:06 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-13 14:06 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-13 14:06 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-11-13 14:06 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-10 23:17 . 2013-11-10 23:19 -------- d-----w- c:\users\Adilson Adriano Cruz\AppData\Roaming\Research In Motion
2013-11-08 20:51 . 2013-11-08 20:51 -------- d-----w- c:\program files\trend micro
2013-11-08 20:44 . 2013-11-08 20:44 -------- d-----w- c:\users\Adilson Adriano Cruz\AppData\Local\KPN
2013-11-08 20:31 . 2013-10-18 00:11 24064 ----a-w- c:\windows\zoek-delete.exe
2013-11-08 20:31 . 2013-11-21 18:51 -------- d-----w- c:\users\Adilson Adriano Cruz\AppData\Local\Temp
2013-11-08 19:48 . 2013-11-08 20:18 -------- d-----w- C:\zoek_backup
2013-11-08 16:51 . 2013-11-08 17:34 -------- d-----w- c:\programdata\SecTaskMan
2013-11-08 16:51 . 2013-11-08 16:51 -------- d-----w- c:\program files (x86)\Security Task Manager
2013-11-07 18:48 . 2013-11-07 18:48 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A234100C-60B4-42DE-9B3E-3D69F5FBFD33}\gapaengine.dll
2013-11-07 18:42 . 2013-11-19 01:56 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-11-07 18:42 . 2013-11-19 01:56 -------- d-----w- c:\program files\Microsoft Security Client
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-16 10:10 . 2012-08-08 18:11 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-16 10:10 . 2012-08-08 18:11 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-18 10:14 . 2013-10-18 10:14 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-08 02:03 . 2013-10-08 17:51 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-08-29 01:51 . 2013-10-08 17:51 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-08 17:51 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-08 17:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-08 17:51 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-08 17:51 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-08 17:51 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 00:49 . 2013-10-08 17:51 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-08 17:51 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-08 17:51 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-08 17:51 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-09 1712184]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]
"DS3 Tool"="c:\program files (x86)\MotioninJoy\ds3\DS3_Tool.exe" [2011-10-25 112400]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-21 20549280]
"Spotify"="c:\users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Spotify.exe" [2013-11-14 5955072]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-10-30 1820584]
"uTorrent"="c:\users\Adilson Adriano Cruz\AppData\Roaming\uTorrent\uTorrent.exe" [2013-11-16 900440]
"Spotify Web Helper"="c:\users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-11-14 1168896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"IME JPN 2007 Migration"="c:\progra~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE" [2011-09-19 63856]
"Korean IME Migration"="c:\progra~2\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE" [2006-10-26 26400]
"Microsoft Pinyin IME Migration"="c:\progra~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2011-05-31 32112]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"KPN Assistent"="c:\program files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe" [2013-06-12 38142582]
"WD Drive Unlocker"="c:\program files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe" [2012-09-06 1688008]
"WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2013-08-14 5537136]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-06-14 587320]
"iTunesHelper"="h:\programs\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"PWRISOVM.EXE"="h:\programs\PowerISO\PWRISOVM.EXE" [2013-07-22 337432]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804]
IME File REG_SZ IMSC12.IME
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200411]
Ime File REG_SZ imjp12.ime
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200412]
Ime File REG_SZ IMKR12.IME
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="g:\samsung\Programs\Itunes\iTunesHelper.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe;c:\windows\SYSNATIVE\libusbd-nt.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 .1296206901;1296206901;c:\program files (x86)\1296206901\Adilson Adriano Cruz1296206901L.exe;c:\program files (x86)\1296206901\Adilson Adriano Cruz1296206901L.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 09:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-11-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-08 10:10]
.
2013-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3530028588-1603670836-2555211703-1000Core.job
- c:\users\Adilson Adriano Cruz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-29 11:53]
.
2013-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3530028588-1603670836-2555211703-1000UA.job
- c:\users\Adilson Adriano Cruz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-29 11:53]
.
2013-11-21 c:\windows\Tasks\HPCeeScheduleForAdilson Adriano Cruz.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-09 487424]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
"IME JPN 2007 Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE" [2011-05-26 119664]
"Korean IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE" [2006-10-26 43808]
"Microsoft Pinyin IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2011-05-26 59248]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-11-05 21720]
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.hotmail.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Verzenden naar OneNote - g:\windows7\Dingen\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - g:\windows7\Dingen\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.254
FF - ProfilePath - c:\users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.kpnvandaag.nl|Voetbalzone - Meepraten over voetbal.
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2011-06-20 00:48; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS VERWIJDERD - - - -
.
Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ffdshow_is1 - g:\samsung\Programs\ffdshow\unins000.exe
AddRemove-SopCast - g:\samsung\Programs\SopCast\uninst.exe
AddRemove-{01b19ee2-f793-4fda-8aab-60fa495c4869} - c:\programdata\Package Cache\{01b19ee2-f793-4fda-8aab-60fa495c4869}\WD SmartWare Installer.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
AddRemove-EA SPORTS Gameface Browser Plugin - c:\users\Adilson Adriano Cruz\AppData\Roaming\Electronic Arts\Game Face\uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-3530028588-1603670836-2555211703-1000\Software\G*e*n*i*e*"!\FM Genie Scout 11]
"GameDir"="c:\\Users\\Adilson Adriano Cruz\\Documents\\Sports Interactive\\Football Manager 2011\\games"
"ShortlistDir"=""
"FMPath"=""
"ScreenshotsDir"="c:\\Users\\Adilson Adriano Cruz\\Documents\\Sports Interactive\\Football Manager 2011"
"SaveDir"="c:\\Users\\Adilson Adriano Cruz\\Documents\\Sports Interactive\\Football Manager 2011\\"
"HistoryDir"="c:\\FM Genie Scout 11\\History Points"
"LangDB"="c:\\FM Genie Scout 11\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="PSV Eindhoven"
"LastUpdateCheck"=dword:00009efb
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:0000007f
"UniqueID"="54-F365-2523"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
[HKEY_USERS\S-1-5-21-3530028588-1603670836-2555211703-1000\Software\G*e*n*i*e*"!\FM Genie Scout 11g]
"PicturesNumber"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-11-21 19:55:57
ComboFix-quarantined-files.txt 2013-11-21 18:55
.
Pre-Run: 405.968.334.848 bytes beschikbaar
Post-Run: 405.645.811.712 bytes beschikbaar
.
- - End Of File - - 391EDD18DEC5DB31B30A49DDBDCFF1FC
E67E7B78C1435694C0127F2B086797EF
-
mijn shockwave player of adobe flash player loopt telkens vast bij het bekijken van films en series en youtube muziek via mozilla firefox of google chrome. Adobe flash player loopt telkens vast en als ik muziekclips beluister via youtube dan loopt het om de paar seconden vast ik krijg dan te lezen dat adobe flash player vast gelopen is en dat ik het kan stoppen door op een knop te drukken maar dat kan niet de bedoeling zijn. Ik wil gewoon normaal gebruik kunnen maken van youtube zonder dat het vast loopt of tijdens het bekijken van series en films via internet kan iemand mij hiermee helpen aub. Mocht het zijn dat ik bij het verkeerde forum zit dan sorry daarvoor alvast bedankt en ik wacht op reactie.
-
ik heb momenteel nergens last van meer dus ik denk dat de problemen wel verholpen zijn bedankt voor uw hulp.
-
Oke bedankt ik heb me pc laten scannen met delfix het is inmiddels gebeurd het volgende is alleen gedelete: Deleted : C:\JRT
Deleted : C:\RSIT
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Adilson Adriano Cruz\Desktop\JRT.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
jammer genoeg is er verder niks gevonden maar iedergeval bedankt voor alles
-
Ik had niet echt klachten me pc doet het gewoon maar ik vind dat het alleen beetje verdacht dat er nu onbekende processen in taakbeheer zijn moet ik nu weer iets downloaden of is dit alles ?
alvast bedankt voor al uw hulp
-
# AdwCleaner v3.011 - Report created 09/11/2013 at 18:46:47
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Adilson Adriano Cruz - ADILSONDACRUZPC
# Running from : C:\Users\Adilson Adriano Cruz\Documents\Mijn Ontvangen Bestanden\alles\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_debut-video-capture_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_debut-video-capture_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\Uniblue\DriverScanner
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16720
-\\ Mozilla Firefox v25.0 (nl)
[ File : C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default\prefs.js ]
[ File : C:\Users\Adilson Adriano 2\AppData\Roaming\Mozilla\Firefox\Profiles\muguicvk.default\prefs.js ]
[ File : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\eji5ukat.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Adilson Adriano Cruz\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3767 octets] - [09/11/2013 18:44:44]
AdwCleaner[s0].txt - [3728 octets] - [09/11/2013 18:46:47]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3788 octets] ##########
-
Ik heb niet echt ergens last van eigenlijk ik had het politievirus zelf al gestopt maar ik zag opeens allemaal rare processen in taakbeheer staan die ik nooit gezien heb hiervoor en ik zocht op google naar die namen van die processen en er stond dat het best wel een virus zou kunnen zijn dus toen raakten ik in paniek. Maar is er dan wat gevonden op mijn pc wat verwijderd is ofzoiets?
-
Oke heb ik gedaan de link is: sample_08-11-2013_2116.zip downloaden hoop dat dit goed is.
-
Zoek.exe Version 4.0.0.5 Updated 05-November-2013
Tool run by Adilson Adriano Cruz on vr 08-11-2013 at 20:51:43,30.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Adilson Adriano Cruz\Desktop\zoek\zoek.scr [script inserted]
==== System Restore Info ======================
8-11-2013 20:55:26 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Monitor {7842554E-6BED-11D2-8CDB-B05550C10000} C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\ProgramData\PCSettings deleted successfully
C:\Users\Adilson Adriano 2\AppData\Roaming\hpqLog deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Electronic Arts deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Adilson Adriano 2\AppData\Local\KPN deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\eSupport.com deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\HP MediaSmart Video deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\kpn deleted successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\PackageAware deleted successfully
C:\Users\Gast\AppData\Local\VirtualStore deleted successfully
==== Creating Sample_08-11-2013_2116.zip ======================
Process rundll32.exe killed
Copied file C:\Users\Adilson Adriano Cruz\AppData\Local\hlh.exe to sample\hlh.exe
sample\hlh.exe renamed to 234A775E4BE3D63FC28003AE7B632D0D
C:\Users\Public\Desktop\sample_08-11-2013_2116.zip created successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3530028588-1603670836-2555211703-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FEE80F40-C72C-4FA6-A4DD-0A7B3C7C39F4} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Mozilla Firefox\searchplugins\avg-secure-search.xml deleted
C:\PROGRA~2\BitLord 1.2 deleted
C:\Users\Adilson Adriano Cruz\AppData\Roaming\BitLord deleted
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Registry Mechanic deleted
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Research In Motion deleted
C:\ProgramData\Uniblue\DriverScanner deleted
C:\ProgramData\Package Cache deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Users\Adilson Adriano Cruz\AppData\Local\hlh.exe deleted
"C:\Users\Adilson Adriano Cruz\AppData\Local\728sw542r556r75p701mhj84c4o8ky70" deleted
"C:\ProgramData\728sw542r556r75p701mhj84c4o8ky70" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\ADILSO~1\AppData\Local\Temp ====
====== Java Cache =====
2013-10-11 22:42:47 ECC768E49B49F329AB30FCE7E0A12621 354375 ----a-w- C:\Users\Adilson Adriano Cruz\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\1f3e00ea-4008674c
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2013-11-08 19:49:13 3F5FDDEDD49E037086A5A8E1FADCEB12 3252 ----a-w- C:\Windows\Sysnative\Tasks\{975713E3-4C91-4526-B4CF-E0F31D7ED2FA}
2013-10-26 16:16:46 EEDC68E52A13B1D1CA94997E4B5625A1 3276 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForAdilson Adriano Cruz
2013-10-26 16:16:45 3A6D8792C7EDBBCE3B8677C8554DC9CB 392 ----a-w- C:\Windows\Tasks\HPCeeScheduleForAdilson Adriano Cruz.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2013-10-18 10:25:20 -------- d-----w- C:\PROGRA~2\QuickTime
2013-10-18 10:15:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Adilson Adriano Cruz\AppData\Roaming ======
2013-11-07 22:08:53 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps
2013-10-31 21:07:35 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps
====== C:\Users\Adilson Adriano Cruz ======
2013-11-08 16:51:29 -------- d-----w- C:\ProgramData\SecTaskMan
2013-10-18 10:25:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2013-10-18 10:23:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2013-10-18 10:14:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
====== C: exe-files ==
=== C: other files ==
==== Folders in C:\ProgramData 0-6 Months Old ======================
2013-08-18 22:36:53 -------- dc-h--w- C:\ProgramData\{BCD5E71D-D7DA-44D2-8786-C12CCD8F1E3A}
2013-09-05 09:40:56 -------- d-----w- C:\ProgramData\Western Digital
2013-09-06 12:10:23 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-09-06 21:58:22 -------- d-----w- C:\ProgramData\Apple Computer
2013-11-08 16:51:29 -------- d-----w- C:\ProgramData\SecTaskMan
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5" [14-06-2012 00:46]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"magicplayer@torrentstream.org"="C:\Users\Adilson Adriano Cruz\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org" [06-09-2013 15:44]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Adilson Adriano 2\AppData\Roaming\Mozilla\Firefox\Profiles\muguicvk.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default
- TS Magic Player - C:\Users\Adilson Adriano Cruz\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
- TVU Web Player - %ProfilePath%\extensions\firefox@tvunetworks.com
- MAFIAAFire: ThePirateBay Dancing - %ProfilePath%\extensions\thepiratebay@mafiaafire.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default
C2321043FA2CA4C32FF449DE6116B5D9 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll - Shockwave for Director / Shockwave for Director
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Users\Adilson Adriano Cruz\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update
60B64FCCE4860BA26211ED9A2CEFB982 - C:\Users\Adilson Adriano Cruz\AppData\Roaming\TorrentStream\player\npts.dll - Torrent Stream P2P Multimedia Plug-in
3D3AF7420B5B01F591163BB3CEA89877 - C:\Users\Adilson Adriano Cruz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
7F8AEFD3BBC0F30C42C59FD27A828DCF - H:\Programs\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
4579E331B8A2926E3A1DBE0F23B7758F - C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll - WPI Detector 1.3
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12-12-2011 14:13]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
ochbjojkpcmlfeagbaahkofepalngihg - C:\Users\Adilson Adriano Cruz\AppData\Roaming\TorrentStream\extensions\chrome\magicplayer.crx[05-09-2013 16:44]
YouTube - Adilson Adriano Cruz - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Adilson Adriano Cruz - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Adilson Adriano Cruz - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
DivX Plus Web Player HTML5 \u003Cvideo\u003E - Adilson Adriano Cruz - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm
TS Magic Player - Adilson Adriano Cruz - Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg
Gmail - Adilson Adriano Cruz - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hotmail.com/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hotmail.com/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{CCD0FF1D-744B-4D7F-BFD3-8BAD6F9EBBAD}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{AAE37EAB-513B-4C6F-9D01-2E2B81FD5C6E} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"
{CCD0FF1D-744B-4D7F-BFD3-8BAD6F9EBBAD} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox"
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adilson Adriano 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adilson Adriano 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2APO6EEX will be deleted at reboot
C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82UTULUA will be deleted at reboot
C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0W5OECV will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Adilson Adriano 2\AppData\Local\Mozilla\Firefox\Profiles\muguicvk.default\Cache emptied successfully
C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\eji5ukat.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Adilson Adriano Cruz\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\ADILSO~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2APO6EEX" not found
"C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82UTULUA" not found
"C:\Users\Adilson Adriano Cruz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0W5OECV" not found
==== EOF on vr 08-11-2013 at 21:43:56,49 ======================
-
Hi alvast bedankt voor uw snelle reactie ik heb de volgende dingen gedaan zoek.zip en RSIT 64 bit ik weet niet precies hoe deze site werkt dus ik heb allebei de logs hierin geplakt in plaats van als bijlage want ik weet niet hoe ik dat moet doen hierzo hier komt eerst de zoek.zip log en vervolgens RSIT 64 bit:
Zoek.zip
Logfile of random's system information tool 1.09 (written by random/random)
Run by Adilson Adriano Cruz at 2013-11-08 21:51:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 369 GB (63%) free of 588 GB
Total RAM: 5883 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:31, on 8-11-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
H:\Programs\iTunes\iTunesHelper.exe
H:\Programs\PowerISO\PWRISOVM.EXE
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Adilson Adriano Cruz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sign In
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iME JPN 2007 Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
O4 - HKLM\..\Run: [Korean IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [iTunesHelper] "H:\Programs\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] H:\Programs\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\RunOnce: "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll",DllRegisterServer
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DS3 Tool] C:\Program Files (x86)\MotioninJoy\ds3\DS3_Tool.exe -mini
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Adilson Adriano Cruz\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [spotify] "C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Adilson Adriano Cruz\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://G:\Windows7\Dingen\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\Windows7\Dingen\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 1296206901 (.1296206901) - Unknown owner - C:\Program Files (x86)\1296206901\Adilson Adriano Cruz1296206901L.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-Win32 - C:\Windows\system32\libusbd-nt.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17356 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 39369840
\??\C:\Windows\system32\conhost.exe "-93390103710539517411450720864465970584910221442-6688042111873782944-381422330
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
WLIDSvcM.exe 2404
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
notepad zoek-results.txt
taskeng.exe {BFB1764A-0313-41B4-BA12-59C256C58917}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\MotioninJoy\ds3\DS3_Tool.exe" -mini
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe" /auto
"C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe"
"C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"H:\Programs\iTunes\iTunesHelper.exe"
"H:\Programs\PowerISO\PWRISOVM.EXE" -startup
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" view=SYSTRAY
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskeng.exe {1A9E8E02-6695-4BB9-B6B9-080ABE40A53D}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\taskmgr.exe" /4
taskeng.exe {C6A1622B-C7AE-4243-AFB5-AA59E4511FA7}
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\Adilson Adriano Cruz\Documents\Mijn Ontvangen Bestanden\alles\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3530028588-1603670836-2555211703-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3530028588-1603670836-2555211703-1000UA.job
C:\Windows\tasks\HPCeeScheduleForAdilson Adriano Cruz.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.kpnvandaag.nl|www.voetbalzone.nl"
prefs.js - "extensions.enabledItems" - "firefox@tvunetworks.com:2, 5, 3, 1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=H:\Programs\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]
"Description"=Yahoo Messenger State Plugin
"Path"=C:\Program Files (x86)\Yahoo!\Shared\npYState.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/wpi,version=1.3]
"Description"=
"Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=G:\Windows7\Dingen\Programma's\TVUPlayer\npTVUAx.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rim.com/npappworld]
"Description"=
"Path"=C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin]
"Description"=Skype Web Plugin
"Path"=C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/wpi,version=1.3]
"Description"=
"Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default\extensions\
C:\Users\Adilson Adriano Cruz\AppData\Roaming\Mozilla\Firefox\Profiles\8c0wfocf.default\searchplugins\
youtube.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-10-02 5748928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-28 2096424]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-06-09 487424]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2010-01-20 611896]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-06-18 8192]
"IME JPN 2007 Migration"=C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE [2011-05-26 119664]
"Korean IME Migration"=C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE [2006-10-26 43808]
"Microsoft Pinyin IME Migration"=C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE [2011-05-26 59248]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 1356240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-09 1712184]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-05-19 2736128]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 9728]
"DS3 Tool"=C:\Program Files (x86)\MotioninJoy\ds3\DS3_Tool.exe [2011-10-25 112400]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20472992]
"Google Update"=C:\Users\Adilson Adriano Cruz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-29 116648]
"Spotify"=C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Spotify.exe [2013-10-16 4752384]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-10-30 1820584]
"uTorrent"=C:\Users\Adilson Adriano Cruz\AppData\Roaming\uTorrent\uTorrent.exe [2013-10-27 902736]
"Spotify Web Helper"=C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-10-16 1140736]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe []
"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"IME JPN 2007 Migration"=C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE [2011-09-19 63856]
"Korean IME Migration"=C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE [2006-10-26 26400]
"Microsoft Pinyin IME Migration"=C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE [2011-05-31 32112]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-04-06 641664]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208]
""= []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"KPN Assistent"=C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe [2013-06-12 38142582]
"WD Drive Unlocker"=C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [2012-09-06 1688008]
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2013-08-14 5537136]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2011-06-14 587320]
"iTunesHelper"=H:\Programs\iTunes\iTunesHelper.exe [2011-06-07 421160]
"PWRISOVM.EXE"=H:\Programs\PowerISO\PWRISOVM.EXE [2013-07-22 337432]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"B Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll"=C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-11-08 21:51:19 ----D---- C:\Program Files\trend micro
2013-11-08 21:51:18 ----D---- C:\rsit
2013-11-08 21:44:02 ----SHD---- C:\$RECYCLE.BIN
2013-11-08 21:31:26 ----A---- C:\Windows\zoek-delete.exe
2013-11-08 21:31:25 ----D---- C:\Windows\Temp
2013-11-08 20:48:28 ----D---- C:\zoek_backup
2013-11-08 17:51:29 ----D---- C:\ProgramData\SecTaskMan
2013-11-08 17:51:24 ----D---- C:\Program Files (x86)\Security Task Manager
2013-11-07 19:42:06 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-11-07 19:42:02 ----D---- C:\Program Files\Microsoft Security Client
2013-11-06 01:52:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-10-25 10:58:58 ----A---- C:\Windows\SYSWOW64\WDPABKP.dat
2013-10-18 11:25:20 ----D---- C:\Program Files (x86)\QuickTime
2013-10-18 11:15:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-18 11:14:53 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-18 11:14:53 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-18 11:14:53 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-09 01:21:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-09 01:21:04 ----A---- C:\Windows\system32\ieui.dll
2013-10-09 01:21:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-09 01:21:03 ----A---- C:\Windows\system32\iesetup.dll
2013-10-09 01:21:03 ----A---- C:\Windows\system32\iernonce.dll
2013-10-09 01:21:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-09 01:21:01 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-09 01:21:00 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-09 01:20:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-09 01:20:59 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 01:20:59 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-09 01:20:59 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-09 01:20:58 ----A---- C:\Windows\system32\iertutil.dll
2013-10-09 01:20:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-09 01:20:51 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-09 01:20:50 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-09 01:20:50 ----A---- C:\Windows\system32\jscript.dll
2013-10-09 01:20:49 ----A---- C:\Windows\system32\jscript9.dll
2013-10-09 01:20:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-09 01:20:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-09 01:20:46 ----A---- C:\Windows\system32\urlmon.dll
2013-10-09 01:20:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-09 01:20:44 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-09 01:20:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-09 01:20:43 ----A---- C:\Windows\system32\wininet.dll
2013-10-09 01:20:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-09 01:20:40 ----A---- C:\Windows\system32\ieframe.dll
2013-10-09 01:20:38 ----A---- C:\Windows\system32\mshtml.dll
2013-10-09 01:20:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
======List of files/folders modified in the last 1 month======
2013-11-08 21:51:19 ----RD---- C:\Program Files
2013-11-08 21:47:30 ----D---- C:\Users\Adilson Adriano Cruz\AppData\Roaming\Spotify
2013-11-08 21:46:13 ----D---- C:\Users\Adilson Adriano Cruz\AppData\Roaming\Skype
2013-11-08 21:45:46 ----D---- C:\Users\Adilson Adriano Cruz\AppData\Roaming\uTorrent
2013-11-08 21:45:10 ----D---- C:\Program Files (x86)\Steam
2013-11-08 21:43:43 ----D---- C:\Windows\SysWOW64
2013-11-08 21:43:28 ----D---- C:\Windows\system32\config
2013-11-08 21:42:59 ----D---- C:\Windows
2013-11-08 21:22:02 ----SHD---- C:\System Volume Information
2013-11-08 21:18:22 ----HD---- C:\ProgramData
2013-11-08 21:18:19 ----D---- C:\ProgramData\Uniblue
2013-11-08 21:18:17 ----RD---- C:\Program Files (x86)
2013-11-08 21:01:07 ----D---- C:\Program Files (x86)\Common Files
2013-11-08 20:49:13 ----D---- C:\Windows\system32\Tasks
2013-11-08 17:01:07 ----D---- C:\Windows\System32
2013-11-08 17:01:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-08 03:55:26 ----D---- C:\Users\Adilson Adriano Cruz\AppData\Roaming\vlc
2013-11-08 03:12:05 ----SHD---- C:\Windows\Installer
2013-11-08 03:12:03 ----SHD---- C:\Config.Msi
2013-11-08 02:02:53 ----D---- C:\Users\Adilson Adriano Cruz\AppData\Roaming\HpUpdate
2013-11-07 22:55:50 ----D---- C:\Windows\system32\wbem
2013-11-07 22:54:56 ----D---- C:\JRT
2013-11-07 22:54:45 ----D---- C:\Windows\Tasks
2013-11-07 22:54:45 ----D---- C:\Windows\system32\DriverStore
2013-11-07 22:54:45 ----D---- C:\Windows\system32\drivers
2013-11-07 22:54:45 ----D---- C:\Windows\system32\catroot2
2013-11-07 22:54:45 ----D---- C:\Windows\inf
2013-11-07 22:54:44 ----D---- C:\Windows\registration
2013-11-07 22:38:10 ----D---- C:\Windows\system32\catroot
2013-11-07 19:17:23 ----D---- C:\Windows\Prefetch
2013-11-02 18:43:10 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-10-16 20:34:30 ----RSD---- C:\Windows\assembly
2013-10-16 20:32:39 ----D---- C:\Windows\Logs
2013-10-11 23:52:41 ----D---- C:\Windows\SYSWOW64\drivers
2013-10-11 23:44:40 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2013-10-10 19:50:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-09 23:01:13 ----D---- C:\ProgramData\Skype
2013-10-09 23:01:08 ----RD---- C:\Program Files (x86)\Skype
2013-10-09 17:53:15 ----D---- C:\Windows\rescache
2013-10-09 16:55:13 ----D---- C:\Windows\Microsoft.NET
2013-10-09 10:54:02 ----D---- C:\Windows\winsxs
2013-10-09 10:48:34 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-09 10:48:31 ----D---- C:\Program Files\Internet Explorer
2013-10-09 10:48:24 ----D---- C:\Windows\AppPatch
2013-10-09 10:48:17 ----D---- C:\Windows\system32\nl-NL
2013-10-09 01:25:17 ----D---- C:\ProgramData\Microsoft Help
2013-10-09 01:18:17 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-09 01:18:17 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 01:05:33 ----D---- C:\Windows\system32\MRT
2013-10-09 00:55:03 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-07-22 126872]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-04-16 6403584]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-16 188928]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-08 95760]
R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-11-01 3063360]
R3 clwvd;HP Webcam Splitter; C:\Windows\system32\DRIVERS\clwvd.sys [2010-06-24 32880]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2011-10-25 117520]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2011-07-20 44032]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-06-09 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-28 320560]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2012-09-06 14464]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-10 342056]
S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2010-06-10 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-06-10 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-10 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-10 21544]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\Windows\system32\drivers\libusb0.sys []
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-07-25 74752]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-09 239136]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-11-28 295424]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-16 202752]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-05 361984]
R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 Bonjour Service;Bonjour-service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-08 952096]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-05-21 103992]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 30520]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-06-14 26680]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 23808]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2010-06-09 258048]
R2 WDBackup;WD Backup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-08-14 1042808]
R2 WDDriveService;WD Drive Manager; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-08-14 270704]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2012-08-10 1001376]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 934176]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-30 566696]
S2 .1296206901;1296206901; C:\Program Files (x86)\1296206901\Adilson Adriano Cruz1296206901L.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1; C:\Windows\syswow64\libusbd-nt.exe [2005-03-09 18944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-04-04 246520]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 366600]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-29 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
RSIT 64 bit
info.txt logfile of random's system information tool 1.09 2013-11-08 21:51:34
======Uninstall list======
Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->"C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Club Penguin\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Dark Orbit\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Habbo Hotel\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Seafight\Uninstall.exe"
-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall
-->"C:\Program Files (x86)\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->C:\ProgramData\{BCD5E71D-D7DA-44D2-8786-C12CCD8F1E3A}\KPN Assistent.exe
64 Bit HP CIO Components Installer-->MsiExec.exe /I{FF21C3E6-97FD-474F-9518-8DCBE94C2854}
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -maintain plugin
Adobe Reader XI - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001}
Adobe Shockwave Player 11.5-->MsiExec.exe /X{9ECF7817-DB11-4FBA-9DF1-296A578D513A}
Adobe Shockwave Player 12.0-->"C:\Windows\SysWOW64\Adobe\Shockwave 12\uninstaller.exe"
Agatha Christie - Death on the Nile-->"C:\Program Files (x86)\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{E4490157-303F-F06F-FB6E-D2053A43A182} REBOOT=ReallySuppress
AMD USB Filter Driver-->MsiExec.exe /X{987B04C4-B5AC-4AD6-A7E9-8D681085B850}
Apple Application Support-->MsiExec.exe /I{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}
Apple Mobile Device Support-->MsiExec.exe /I{439760BC-7737-4386-9B1D-A90A3E8A22EA}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Bejeweled 2 Deluxe-->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
BlackBerry App World Browser Plugin-->MsiExec.exe /X{A21CC8D4-7BA8-4AA9-9F2E-EEF54D5F7E71}
BlackBerry Desktop Software 6.1-->MsiExec.exe /I{75157F34-02C6-4831-BD66-3BC49E7A8394}
BlackBerry Desktop Software 7.1-->C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\InstallerUtils\InstallerUtils.exe /UninstallDesktop
BlackBerry Desktop Software 7.1-->MsiExec.exe /I{7A3E6E1C-CF5A-4CE9-B8D6-A2F9B7BA18FC}
BlackBerry Device Manager 6.1-->MsiExec.exe /X{B768E610-7C54-4BA8-A184-B4683515D1EF}
BlackBerry Device Manager 6.1-->MsiExec.exe /X{B768E610-7C54-4BA8-A184-B4683515D1EF}
BlackBerry Device Software Updater-->MsiExec.exe /X{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}
Blackhawk Striker 2-->"C:\Program Files (x86)\HP Games\Blackhawk Striker 2\Uninstall.exe"
Bonjour-->MsiExec.exe /X{0E543634-7E25-4B8F-8D5B-97880E5E5088}
Broadcom 2070 Bluetooth 3.0-->MsiExec.exe /X{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}
Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
Catalyst Control Center - Branding-->MsiExec.exe /I{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Chuzzle Deluxe-->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe"
Contents-->MsiExec.exe /I{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}
ControlMK 0.232-->C:\Program Files (x86)\ControlMK\uninst.exe
Corel PaintShop Photo Pro X3-->c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\Setup\{D1AEB5DB-04FA-489D-94EF-8600898B93EE}\SetupARP.exe /arp
Corel PaintShop Photo Pro X3-->MsiExec.exe /I{DA4BF4BE-3CDC-43B5-BBDA-DDDA73103111}
Corel VideoStudio Pro X3-->c:\Program Files (x86)\Corel\Corel VideoStudio Pro X3\Setup\{F072CA07-A781-45E4-9975-C033A73019CF}\SetupARP.exe /arp
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Debut Video Capture Software-->C:\Program Files (x86)\NCH Software\Debut\uninst.exe
DeviceIO-->MsiExec.exe /I{F4E9851F-765E-40B7-9859-237C2724E62C}
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
Dora's Carnival Adventure-->"C:\Program Files (x86)\HP Games\Dora's Carnival Adventure\Uninstall.exe"
DVD Menu Pack for HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\setup.exe" /z-uninstall
DVD Menu Pack for HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\setup.exe" /z-uninstall /zMS
Energy Star Digital Logo-->MsiExec.exe /I{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
Escape Rosecliff Island-->"C:\Program Files (x86)\HP Games\Escape Rosecliff Island\Uninstall.exe"
ESU for Microsoft Windows 7-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
FATE-->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe"
ffdshow v1.1.3562 [2010-09-07]-->"G:\Samsung\Programs\ffdshow\unins000.exe"
Final Drive Nitro-->"C:\Program Files (x86)\HP Games\Final Drive Nitro\Uninstall.exe"
fmXML version 0.3-->"C:\Program Files (x86)\fmXML\unins000.exe"
Football Manager 2014 Editor-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/242460
Football Manager 2014-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/231670
Hewlett-Packard ACLM.NET v1.2.1.1-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
HP 3D DriveGuard-->MsiExec.exe /X{37851337-DFBF-4FCC-AAEE-F5D1252F6A85}
HP Advisor-->MsiExec.exe /X{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP Customer Participation Program 14.0-->C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Documentation-->MsiExec.exe /X{7D4318AC-9560-46F0-910F-0B38D6CDC009}
HP DVB-T TV Tuner 8.0.64.43-->C:\Program Files (x86)\HP\HP DVB-T TV Tuner\uninst.exe
HP Game Console-->"C:\Program Files (x86)\HP Games\HP Game Console\Uninstall.exe"
HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe"
HP Imaging Device Functions 14.0-->C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall
HP MediaSmart Movies and TV-->MsiExec.exe /X{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}
HP MediaSmart Music-->"C:\Program Files (x86)\InstallShield Installation Information\{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}\setup.exe" /z-uninstall
HP MediaSmart Music-->"C:\Program Files (x86)\InstallShield Installation Information\{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}\setup.exe" /z-uninstall /zMS
HP MediaSmart Photo-->"C:\Program Files (x86)\InstallShield Installation Information\{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}\setup.exe" /z-uninstall
HP MediaSmart Photo-->"C:\Program Files (x86)\InstallShield Installation Information\{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}\setup.exe" /z-uninstall
HP MediaSmart SmartMenu-->MsiExec.exe /X{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}
HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{D12E3E7F-1B13-4933-A915-16C7DD37A095}\setup.exe" /z-uninstall
HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{D12E3E7F-1B13-4933-A915-16C7DD37A095}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7-->C:\Program Files (x86)\HP\Digital Imaging\{59C83C08-63F4-4AEC-81D6-392C5E23B843}\setup\hpzscr40.exe -datfile hposcr47.dat -onestop -forcereboot
HP Power Manager-->MsiExec.exe /I{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}
HP Quick Launch-->MsiExec.exe /I{BB1C717E-376C-4AA1-8940-81BFC38D9778}
HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{72D90DB3-A16A-4545-B555-868471101833}\setup.exe" -l0x9 -removeonly
HP Smart Web Printing 4.60-->C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Software Framework-->MsiExec.exe /X{26AD42DE-B8B7-4169-9421-F73322FA3687}
HP Solution Center 14.0-->C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Update-->MsiExec.exe /X{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}
HP Wireless Assistant-->MsiExec.exe /X{9E3BC5E1-C394-43F9-AA13-25619E396A9B}
ICA-->MsiExec.exe /I{D1AEB5DB-04FA-489D-94EF-8600898B93EE}
ICA-->MsiExec.exe /I{F072CA07-A781-45E4-9975-C033A73019CF}
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
IPM_PSP_Pro-->MsiExec.exe /I{DCD941B6-F2E7-4FAF-B102-F7D4DE5FF99A}
IPM_VS_Pro-->MsiExec.exe /I{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}
ISCOM-->MsiExec.exe /I{D1F80EFD-A032-4E8E-A367-70C44AD4DCE0}
ISCOM-->MsiExec.exe /I{FE661711-E392-4B3F-A4A7-02C747C09134}
iTunes-->MsiExec.exe /I{BCF07271-A853-4D3A-B668-4B752174CAA8}
Java 7 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217045FF}
Jewel Quest - Heritage-->"C:\Program Files (x86)\HP Games\Jewel Quest - Heritage\Uninstall.exe"
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
KPN Assistent-->"C:\ProgramData\{BCD5E71D-D7DA-44D2-8786-C12CCD8F1E3A}\KPN Assistent.exe" REMOVE=TRUE MODIFY=FALSE
KPN Installatie Assistent-->"C:\ProgramData\{8F7DE6E7-8387-49D7-8CB7-D75B3E844EE2}\KPN_Installer.exe" REMOVE=TRUE MODIFY=FALSE
KPN Installatie Assistent-->C:\ProgramData\{8F7DE6E7-8387-49D7-8CB7-D75B3E844EE2}\KPN_Installer.exe
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LibUSB-Win32-0.1.10.1-->"C:\Program Files (x86)\LibUSB-Win32-0.1.10.1\unins000.exe"
LightScribe System Software-->MsiExec.exe /X{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}
Malwarebytes Anti-Malware versie 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{4567EA14-6BCA-3EF9-859B-92CE48B1D704}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended NLD Language Pack-->MsiExec.exe /X{021B6358-4373-3FC0-A0B4-4709B7E0D3E5}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0028-0404-0000-0000000FF1CE} /uninstall {55F3B092-C18B-4E04-9E53-F794641B39F4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0028-0404-1000-0000000FF1CE} /uninstall {490B52AE-965C-460C-9E0F-EE65C96F7AA1}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0028-0411-0000-0000000FF1CE} /uninstall {277B1BCF-97A7-40F2-87A5-3CACB0E9714B}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0028-0411-1000-0000000FF1CE} /uninstall {8A3FCBEB-9029-40E2-8799-2299CBBEF4D8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0028-0412-0000-0000000FF1CE} /uninstall {12D06165-60AA-4402-9834-B5F37221001D}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0028-0412-1000-0000000FF1CE} /uninstall {198C790E-501A-4968-9091-95D84DCA4FD6}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0028-0804-0000-0000000FF1CE} /uninstall {803AB362-E418-4474-84E6-8ABFAF8D3A1E}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0028-0804-1000-0000000FF1CE} /uninstall {2F660432-0FA3-458E-86AB-4880366640B8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office IME (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-0028-0804-0000-0000000FF1CE}
Microsoft Office IME (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-0028-0804-1000-0000000FF1CE}
Microsoft Office IME (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0028-0404-0000-0000000FF1CE}
Microsoft Office IME (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0028-0404-1000-0000000FF1CE}
Microsoft Office IME (Japanese) 2007-->MsiExec.exe /X{90120000-0028-0411-0000-0000000FF1CE}
Microsoft Office IME (Japanese) 2007-->MsiExec.exe /X{90120000-0028-0411-1000-0000000FF1CE}
Microsoft Office IME (Korean) 2007-->MsiExec.exe /X{90120000-0028-0412-0000-0000000FF1CE}
Microsoft Office IME (Korean) 2007-->MsiExec.exe /X{90120000-0028-0412-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Basque) 2007-->MsiExec.exe /X{90120000-001F-042D-0000-0000000FF1CE}
Microsoft Office Proof (Bulgarian) 2007-->MsiExec.exe /X{90120000-001F-0402-0000-0000000FF1CE}
Microsoft Office Proof (Catalan) 2007-->MsiExec.exe /X{90120000-001F-0403-0000-0000000FF1CE}
Microsoft Office Proof (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-001F-0804-0000-0000000FF1CE}
Microsoft Office Proof (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-001F-0404-0000-0000000FF1CE}
Microsoft Office Proof (Croatian) 2007-->MsiExec.exe /X{90120000-001F-041A-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (Danish) 2007-->MsiExec.exe /X{90120000-001F-0406-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (Estonian) 2007-->MsiExec.exe /X{90120000-001F-0425-0000-0000000FF1CE}
Microsoft Office Proof (Finnish) 2007-->MsiExec.exe /X{90120000-001F-040B-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Galician) 2007-->MsiExec.exe /X{90120000-001F-0456-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Greek) 2007-->MsiExec.exe /X{90120000-001F-0408-0000-0000000FF1CE}
Microsoft Office Proof (Gujarati) 2007-->MsiExec.exe /X{90120000-001F-0447-0000-0000000FF1CE}
Microsoft Office Proof (Hebrew) 2007-->MsiExec.exe /X{90120000-001F-040D-0000-0000000FF1CE}
Microsoft Office Proof (Hindi) 2007-->MsiExec.exe /X{90120000-001F-0439-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Japanese) 2007-->MsiExec.exe /X{90120000-001F-0411-0000-0000000FF1CE}
Microsoft Office Proof (Kannada) 2007-->MsiExec.exe /X{90120000-001F-044B-0000-0000000FF1CE}
Microsoft Office Proof (Korean) 2007-->MsiExec.exe /X{90120000-001F-0412-0000-0000000FF1CE}
Microsoft Office Proof (Latvian) 2007-->MsiExec.exe /X{90120000-001F-0426-0000-0000000FF1CE}
Microsoft Office Proof (Lithuanian) 2007-->MsiExec.exe /X{90120000-001F-0427-0000-0000000FF1CE}
Microsoft Office Proof (Marathi) 2007-->MsiExec.exe /X{90120000-001F-044E-0000-0000000FF1CE}
Microsoft Office Proof (Norwegian (Bokmål)) 2007-->MsiExec.exe /X{90120000-001F-0414-0000-0000000FF1CE}
Microsoft Office Proof (Norwegian (Nynorsk)) 2007-->MsiExec.exe /X{90120000-001F-0814-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}
Microsoft Office Proof (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-001F-0816-0000-0000000FF1CE}
Microsoft Office Proof (Punjabi) 2007-->MsiExec.exe /X{90120000-001F-0446-0000-0000000FF1CE}
Microsoft Office Proof (Romanian) 2007-->MsiExec.exe /X{90120000-001F-0418-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007-->MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Serbian (Latin)) 2007-->MsiExec.exe /X{90120000-001F-081A-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proof (Slovenian) 2007-->MsiExec.exe /X{90120000-001F-0424-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proof (Swedish) 2007-->MsiExec.exe /X{90120000-001F-041D-0000-0000000FF1CE}
Microsoft Office Proof (Tamil) 2007-->MsiExec.exe /X{90120000-001F-0449-0000-0000000FF1CE}
Microsoft Office Proof (Telugu) 2007-->MsiExec.exe /X{90120000-001F-044A-0000-0000000FF1CE}
Microsoft Office Proof (Thai) 2007-->MsiExec.exe /X{90120000-001F-041E-0000-0000000FF1CE}
Microsoft Office Proof (Turkish) 2007-->MsiExec.exe /X{90120000-001F-041F-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007-->MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proof (Urdu) 2007-->MsiExec.exe /X{90120000-001F-0420-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Kit 2007-->MsiExec.exe /X{91120000-0103-0000-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {3E8EA473-ECCE-405F-A9CA-59446AEADD3A}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0402-0000-0000000FF1CE} /uninstall {CB0A77FC-E59E-4418-9C1E-82E486C90EA5}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0403-0000-0000000FF1CE} /uninstall {BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0404-0000-0000000FF1CE} /uninstall {E4E8AF9E-0F8C-40E8-950A-CA40B7138049}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0406-0000-0000000FF1CE} /uninstall {8F771259-9037-4097-AA88-8613F3BE5627}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0408-0000-0000000FF1CE} /uninstall {DB0C1C5A-7998-4B95-8BD5-ACACD18B0B53}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040B-0000-0000000FF1CE} /uninstall {C3B4672B-3FE7-4D6F-AFF3-80D290C1131E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040D-0000-0000000FF1CE} /uninstall {51590837-F141-43A8-B0EC-AEF16F1CBE78}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040E-0000-0000000FF1CE} /uninstall {0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {A23BFC95-4A73-410F-9248-4C2B48E38C49}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0411-0000-0000000FF1CE} /uninstall {8B0BBAAA-BB10-41E1-B27E-24CF08CBB253}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0412-0000-0000000FF1CE} /uninstall {2E46C2DF-47D7-4737-BA5C-8746DE103FFC}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0414-0000-0000000FF1CE} /uninstall {F47DC432-9E71-4DC4-A488-9842D767DDDB}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {8A524694-0CA4-476A-9301-B1E9D70FC952}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0418-0000-0000000FF1CE} /uninstall {0E2DB3D7-94EA-4B12-A9C1-D3C52BDE07D8}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0419-0000-0000000FF1CE} /uninstall {EFE123B8-9F0A-4C50-A67B-0BADF3CB00DC}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041A-0000-0000000FF1CE} /uninstall {9DECF714-4963-48E2-924A-B9075485AF6B}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041D-0000-0000000FF1CE} /uninstall {4A960AFC-E28F-4233-953F-1903BE859B79}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041E-0000-0000000FF1CE} /uninstall {E9E01036-7842-437F-B99E-984D738A81DA}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041F-0000-0000000FF1CE} /uninstall {6A61C934-56F9-4AC6-A43B-30E3F9D886F5}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0420-0000-0000000FF1CE} /uninstall {993FF26C-43DC-467C-9ABF-AE9E9829EA20}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0422-0000-0000000FF1CE} /uninstall {E23630A0-8B0D-4145-9CEA-9B4967CDDC0E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0424-0000-0000000FF1CE} /uninstall {8FF4ED5D-9EA1-4EC5-8F10-767E1705310C}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0425-0000-0000000FF1CE} /uninstall {4D7B3A39-E637-4B9C-970D-C06AB960EB90}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0426-0000-0000000FF1CE} /uninstall {FD888746-EF69-4D85-9E6B-5BDDB45A9E37}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0427-0000-0000000FF1CE} /uninstall {C1CD6235-85A4-48EA-9B51-093ADB86C2D2}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-042D-0000-0000000FF1CE} /uninstall {017A6981-5E03-4A97-830A-35FE0927BB7F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0439-0000-0000000FF1CE} /uninstall {4EF953D3-7040-4A7E-B0B3-A33860DE65E5}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0446-0000-0000000FF1CE} /uninstall {9C98BA5F-7C34-4687-8A26-F233D7E563AD}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0447-0000-0000000FF1CE} /uninstall {01C5E251-73B2-4DE0-8C48-78A272DDB6E1}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0449-0000-0000000FF1CE} /uninstall {543343AF-DFAD-4281-872A-83A033DBE59C}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-044A-0000-0000000FF1CE} /uninstall {9718BA87-FBBF-453B-BD3B-43A13C1D7CCF}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-044B-0000-0000000FF1CE} /uninstall {7DA86C45-3502-4C82-AF29-202C7B0382B5}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-044E-0000-0000000FF1CE} /uninstall {92CCDCF1-46B6-4042-ACC0-9269D5317E48}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0456-0000-0000000FF1CE} /uninstall {A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0804-0000-0000000FF1CE} /uninstall {0454BB31-DAD9-400F-9E06-45B36D4BA53B}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0814-0000-0000000FF1CE} /uninstall {67BED6C1-5AE1-45CD-8060-BFFD37ED0DDD}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0816-0000-0000000FF1CE} /uninstall {C8246FCF-12F8-4212-BC89-6ED049BA2FB8}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-081A-0000-0000000FF1CE} /uninstall {82FEB6ED-595A-4873-BD85-0578E83B90BB}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}
Microsoft Office Proofing Tools Kit 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROOFKIT /dll PSETUP.DLL
Microsoft Office ProofMUI (English) 2007-->MsiExec.exe /X{90120000-0048-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (English) 2007-->MsiExec.exe /X{90120000-002A-0409-1000-0000000FF1CE}
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0116-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Security Client-->MsiExec.exe /X{8D26D58C-3464-4C03-BB61-5695F984EFEF}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570-->MsiExec.exe /X{8338783A-0968-3B85-AFC7-BAAE0A63DC50}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Web Platform Installer 3.0-->MsiExec.exe /X{307BFD68-0886-47AD-B461-5607F63B8B42}
MotioninJoy ds3 driver version 0.6.0003-->"C:\Program Files (x86)\MotioninJoy\unins000.exe"
Movie Theme Pack for HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe" /z-uninstall
Movie Theme Pack for HP MediaSmart Video-->"C:\Program Files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe" /z-uninstall /zMS
Mozilla Firefox 25.0 (x86 nl)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
mpegable DS decoder-->C:\Windows\AKDeInstall.exe "/C:\Program Files (x86)\mpegable\"
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
PCStreams-->MsiExec.exe /X{FFFF19AB-1C8D-42BA-A18A-396F06B4F488}
Penguins!-->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe"
PhotoNow!-->"C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
PhotoNow!-->"C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
Plants vs. Zombies-->"C:\Program Files (x86)\HP Games\Plants vs. Zombies\Uninstall.exe"
Poker Superstars III-->"C:\Program Files (x86)\HP Games\Poker Superstars III\Uninstall.exe"
Polar Bowler-->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe"
Polar Golfer-->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe"
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerISO-->"H:\Programs\PowerISO\uninstall.exe"
PSPPContent-->MsiExec.exe /I{DF8B9311-ADE7-4EDE-B121-326CAA3D225D}
PSPPRO_DCRAW-->MsiExec.exe /I{DCF1928A-FC01-48E7-A7E6-4651D42EF6A1}
PureHD-->MsiExec.exe /I{F8423392-2296-4748-9B66-344432459632}
QuickTime-->MsiExec.exe /I{B67BAFBA-4C9F-48FA-9496-933E3B255044}
Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
Recovery Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall
Security Task Manager 1.8g-->C:\Program Files (x86)\Security Task Manager\Uninstal.exe "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E7F6B64E-E11F-3D1C-868D-3F1443DA5A15} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {08BB8EA1-3BA7-3AD5-8A07-22A5EC1F704E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {880A0A36-244B-3C7A-8D6B-56E694CE7883} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9D8496AE-4030-3E92-B44E-4F81051E6C85} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Extended
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E949D8B9-24FD-4AB7-B427-FC42AA8BB2D9}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5}
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4CCE0378-386F-4DC2-9CC1-A3710C77057D}
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {81352C19-97CF-4365-8EAE-205BCC9A2DC8}
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {686630EC-8033-4031-85C5-D8E5CD62A958}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A0E1177-574A-4F26-AD24-B003699C35FA}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {9D689455-5858-4AE4-A3CA-6E4149FE3F70}
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2C57A81A-7534-4DEE-A450-7FBE86F3200D}
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Setup-->MsiExec.exe /I{D1612A3D-0DCC-4055-BB6A-0036F31158A0}
Setup-->MsiExec.exe /I{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}
Share-->MsiExec.exe /I{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}
Share64-->MsiExec.exe /I{F6246243-CF06-4E40-8A37-C3B537695C36}
Shop for HP Supplies-->C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype Web Plugin-->MsiExec.exe /X{6F11BED2-859F-46C4-A9DA-A91AAD5BC849}
Skype™ 6.9-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
SopCast 3.5.0-->G:\Samsung\Programs\SopCast\uninst.exe
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab Detection-->MsiExec.exe /X{A407FC22-36BF-4C82-A516-59D94BC505A9}
System Requirements Lab Test-->MsiExec.exe /I{D62576C2-C084-4698-974A-5BE77714FDDD}
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1043 /parameterfolder ClientLP
Taalpakket voor Microsoft .NET Framework 4 Extended - NLD-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /x64 /lcid 1043 /parameterfolder ExtendedLP
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {EFD73366-C059-3D04-9848-59072A15DB53} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {EFD73366-C059-3D04-9848-59072A15DB53} /parameterfolder Extended
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {91120000-0103-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2597120) 32-Bit Edition-->msiexec /package {90120000-0028-0411-0000-0000000FF1CE} /uninstall {60BE6728-25EB-46D7-801D-3F289171B626}
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {ED38F8A3-4F61-494E-8BCA-E3AC7760C924}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {11C9B057-27FF-4BC1-82F6-DC4B15E70A2E}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
VideoPad Video Editor-->C:\Program Files (x86)\NCH Software\VideoPad\uninst.exe
VIO-->MsiExec.exe /I{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}
Virtual Villagers - The Secret City-->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
VLC media player 2.1.0-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VSClassic-->MsiExec.exe /I{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}
VSPro-->MsiExec.exe /I{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}
WD Drive Utilities-->MsiExec.exe /X{72E40002-8CEC-47C1-A099-83AC8E173BF0}
WD Quick View-->MsiExec.exe /X{455EC32F-4157-438D-9E3A-40E93B09FC3C}
WD Security-->MsiExec.exe /X{83270912-15C7-4336-822E-E8F1B1BBCA60}
WD SmartWare Installer-->"C:\ProgramData\Package Cache\{01b19ee2-f793-4fda-8aab-60fa495c4869}\WD SmartWare Installer.exe" /uninstall
WD SmartWare-->MsiExec.exe /X{232EB8E6-9B8C-4785-A994-B1E5E2376CDC}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{027E5FAB-1476-4C59-AAB4-32EF28520399}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen-->MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F}
Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger-->MsiExec.exe /X{48294D95-EE9A-4377-8213-44FC4265FB27}
Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{C9F05151-95A9-4B9B-B534-1760E2D014A5}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Sync-->MsiExec.exe /X{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
WinRAR 4.20 (64-bit)-->H:\Programs\Winrar\uninstall.exe
Zuma Deluxe-->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe"
======Hosts File======
127.0.0.1 a204-2-160-40.deploy.akamaitechnologies.com
127.0.0.1 symantec.com.102.112.2o7.net
127.0.0.1 a96-7-151-238.deploy.akamaitechnologies.com
======System event log======
Computer Name: AdilsonDaCruzPC
Event Code: 104
Message: Logboekbestand Windows PowerShell is gewist.
Record Number: 1433989
Source Name: Microsoft-Windows-Eventlog
Time Written: 20131107180854.288968-000
Event Type: Informatie
User: AdilsonDaCruzPC\Adilson Adriano Cruz
Computer Name: AdilsonDaCruzPC
Event Code: 104
Message: Logboekbestand Media Center is gewist.
Record Number: 1433988
Source Name: Microsoft-Windows-Eventlog
Time Written: 20131107180854.111958-000
Event Type: Informatie
User: AdilsonDaCruzPC\Adilson Adriano Cruz
Computer Name: AdilsonDaCruzPC
Event Code: 104
Message: Logboekbestand Key Management Service is gewist.
Record Number: 1433987
Source Name: Microsoft-Windows-Eventlog
Time Written: 20131107180853.967949-000
Event Type: Informatie
User: AdilsonDaCruzPC\Adilson Adriano Cruz
Computer Name: AdilsonDaCruzPC
Event Code: 104
Message: Logboekbestand Internet Explorer is gewist.
Record Number: 1433986
Source Name: Microsoft-Windows-Eventlog
Time Written: 20131107180853.781939-000
Event Type: Informatie
User: AdilsonDaCruzPC\Adilson Adriano Cruz
Computer Name: AdilsonDaCruzPC
Event Code: 104
Message: Logboekbestand System is gewist.
Record Number: 1433985
Source Name: Microsoft-Windows-Eventlog
Time Written: 20131107180853.376916-000
Event Type: Informatie
User: AdilsonDaCruzPC\Adilson Adriano Cruz
=====Application event log=====
Computer Name: AdilsonDaCruzPC
Event Code: 1531
Message: De User Profile-service is gestart.
Record Number: 91116
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20131107181556.940065-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
Computer Name: AdilsonDaCruzPC
Event Code: 105
Message:
Record Number: 91115
Source Name: HPSrv
Time Written: 20131107181557.000000-000
Event Type: Informatie
User:
Computer Name: AdilsonDaCruzPC
Event Code: 4625
Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 91114
Source Name: Microsoft-Windows-EventSystem
Time Written: 20131107181557.000000-000
Event Type: Informatie
User:
Computer Name: AdilsonDaCruzPC
Event Code: 1005
Message: Geen toegang tot bestand C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DFDC9A73-3C6D-4A7C-AA5C-F9D0A4A98C3E}\mpengine.dll om een van de volgende redenen: Er is een probleem met de netwerkverbinding, met de schijf waarop het bestand is opgeslagen, met de opslagstuurprogramma's op deze computer, of de schijf ontbreekt. Programma Antimalware Service Executable werd afgesloten vanwege deze fout.
Programma: Antimalware Service Executable
Bestand: C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DFDC9A73-3C6D-4A7C-AA5C-F9D0A4A98C3E}\mpengine.dll
De foutwaarde wordt weergegeven in de sectie Extra gegevens.
Gebruikersactie
1. Open het bestand opnieuw. Mogelijk is dit een tijdelijk probleem dat vanzelf wordt opgelost als het programma opnieuw wordt uitgevoerd.
2. Als toegang tot het bestand nog steeds niet mogelijk is en
- Als het bestand zich in het netwerk bevindt, dient de netwerkbeheerder te controleren of er geen probleem met het netwerk is en dat verbinding met de server kan worden gemaakt.
- Als het bestand zich op een verwisselbare schijf bevindt, zoals een diskette of cd-rom, dient u te controleren of deze schijf correct in het schijfstation is geplaatst.
3. Controleer en repareer het bestandssysteem met CHKDSK. Klik hiervoor op Start, Uitvoeren en typ CMD. Klik OK en typ CHKDSK /F op de opdrachtprompt. Druk vervolgens op ENTER.
4. Als het probleem blijft bestaan, dient u het bestand terug te zetten via een back-upmedium.
5. Bepaal of andere bestanden op dezelfde schijf kunnen worden geopend. Als dit niet zo is, is de schijf beschadigd. Als het een harde schijf is, neemt u contact op met de netwerkbeheerder of hardwareleverancier voor ondersteuning.
Aanvullende gegevens
Foutwaarde: C0000185
Type schijf: 3
Record Number: 91113
Source Name: Application Error
Time Written: 20131107181215.000000-000
Event Type: Fout
User:
Computer Name: AdilsonDaCruzPC
Event Code: 1000
Message: Naam van toepassing met fout: MsMpEng.exe, versie: 4.3.219.0, tijdstempel: 0x52094dc8
Naam van module met fout: mpengine.dll, versie: 1.1.10003.0, tijdstempel: 0x525b98e4
Uitzonderingscode: 0xc0000006
Foutoffset: 0x0000000000456429
Id van proces met fout: 0x19fc
Starttijd van toepassing met fout: 0x01cedbe28a0bdafe
Pad naar toepassing met fout: c:\Program Files\Microsoft Security Client\MsMpEng.exe
Pad naar module met fout: C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DFDC9A73-3C6D-4A7C-AA5C-F9D0A4A98C3E}\mpengine.dll
Rapport-id: 2153f41f-47d8-11e3-aa9e-d8d86269d8a1
Record Number: 91112
Source Name: Application Error
Time Written: 20131107181215.000000-000
Event Type: Fout
User:
=====Security event log=====
Computer Name: AdilsonDaCruzPC
Event Code: 4608
Message: Windows wordt opgestart.
Deze gebeurtenis wordt in het logboek geregistreerd wanneer LSASS.EXE wordt gestart en het subsysteem voor controle wordt geïnitialiseerd.
Record Number: 100130
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131107181537.252831-000
Event Type: Controle geslaagd
User:
Computer Name: AdilsonDaCruzPC
Event Code: 1101
Message: Tijdens het transport zijn controlegebeurtenissen verloren gegaan. 0
Record Number: 100129
Source Name: Microsoft-Windows-Eventlog
Time Written: 20131107181540.294836-000
Event Type: Controle geslaagd
User:
Computer Name: AdilsonDaCruzPC
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 100128
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131107181142.507589-000
Event Type: Controle geslaagd
User:
Computer Name: AdilsonDaCruzPC
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: ADILSONDACRUZPC$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldingstype: 5
Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x284
Naam proces: C:\Windows\System32\services.exe
Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 100127
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131107181142.507589-000
Event Type: Controle geslaagd
User:
Computer Name: AdilsonDaCruzPC
Event Code: 1102
Message: Het controlelogboek is gewist.
Onderwerp:
Beveiligings-id: S-1-5-21-3530028588-1603670836-2555211703-1000
Accountnaam: Adilson Adriano Cruz
Domeinnaam: AdilsonDaCruzPC
Aanmeldings-id: 0xb66268
Record Number: 100126
Source Name: Microsoft-Windows-Eventlog
Time Written: 20131107180852.972892-000
Event Type: Controle geslaagd
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Broadcom\Broadcom 802.11\Driver;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0503
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Pavilion
"asl.log"=Destination=file
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
-----------------EOF-----------------
Alvast bedankt voor uw hulp en ik wacht uw reactie af.
-
Help ik denk dat ik last heb van een of ander virus!!!!
Als ik in windows taakbeheer kijk dan zie ik bij processen rare processen genaamd: atibtmon.exe atieclxx.exe en crss.exe er waren er nog 2 maar die heb ik al beëindigd iets met you cam mirage en die andere weet ik even niet. Volgens mij waren deze processen er in het verleden nooit dus vond ik het raar dat ik ze nu opeens zag. Ik had wat gegoogled en kwam op internet tegen dat dit best wel spyware of malware kon zijn daarom ben ik nu bij jullie terecht gekomen en ik hoop dat iemand mij hiermee kan helpen.
Ik was aan het surfen op internet een paar dagen geleden en toen kwam ik terecht op een site en ik klikten ergens op en opeens had ik het politievirus. Maar in tegenstelling tot het politievirus was mijn pc zelf niet geblokkeerd alleen me browser. Ik had toen het programma JRT gebruikt en toen was het weg maar ik ben bang dat mijn pc nog steeds geïnfecteerd is.
Kan iemand mij aub hierbij helpen en zeggen wat ik moet downloaden zodat we dit stap voor stap samen kunnen oplossen alvast bedankt.
mijn shockwave player of adobe flash player loopt telkens vast.
in Archief Multimedia
Geplaatst:
Dat heb ik inmiddels gedaan ik bekijk het even 2 dagen en als ik nog steeds last heb van dezelfde symptomen dan zal ik een bericht achter laten. Wel raar dat er niks gevonden is ik heb er duidelijk wel last van ik hoop dat het probleem nu verholpen is nadat ik het verwijderd en opnieuw geinstalleerd heb ik hou u op de hoogte en ik zal over 2 dagen vertellen hoe het er voorstaat alvast bedankt.