kceetje

Nee ik zie het nergens meer omhoog komen... Bedankt voor de hulp!!

Hierbij het logje # AdwCleaner v3.216 - Rapport aangemaakt 25/07/2014 op 21:14:56 # Laatste Update 17/07/2014 door Xplode # Besturingssysteem : Windows 8.1 (64 bits) # Gebruikersnaam : thomas - THOMAS # Gestart vanuit : C:\Users\thomas\Desktop\adwcleaner_3.216.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\ProgramData\374311380 Bestand Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk Bestand Verwijderd : C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage Bestand Verwijderd : C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal Bestand Verwijderd : C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage Bestand Verwijderd : C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS Sleutel Verwijderd : HKCU\Software\Optimizer Pro Sleutel Verwijderd : HKCU\Software\systweak Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Sleutel Verwijderd : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Sleutel Verwijderd : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Sleutel Verwijderd : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Sleutel Verwijderd : HKLM\Software\systweak ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17126 -\\ Google Chrome v36.0.1985.125 [ Bestand : C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2327 octets] - [25/07/2014 21:11:57] AdwCleaner[s0].txt - [2182 octets] - [25/07/2014 21:14:56] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2242 octets] ##########

Allereerst bedankt voor de snelle reaktie, en de duidelijke uitleg Hierbij het logje: Zoek.exe v5.0.0.0 Updated 24-07-2014 Tool run by thomas on vr 25-07-2014 at 11:54:03,78. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\thomas\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ===== Runcheck 11:55:16,07 ===== --- Create Environment Variables 11:55:16,66 --- Create System Restore Point 11:55:19,73 --- Checking Input 11:55:35,34 --- Torpig Check 11:55:37,12 --- AU AppData Check 11:55:38,08 --- Remove From Windows Installer 11:55:40,02 --- Empty Folders Check 11:55:53,31 --- IE Startpage Check 11:55:56,67 --- Program Files DB Check 11:56:04,78 --- C:\Users\Administrator\AppData\Roaming DB Check 11:56:29,02 --- C:\Users\Default\AppData\Roaming DB Check 11:56:29,02 --- C:\Users\thomas\AppData\Roaming DB Check 11:56:29,02 --- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming DB Check 11:56:29,02 --- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming DB Check 11:56:29,02 --- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming DB Check 11:56:29,02 - - - Updated - - - Oh ik was te snel Hierbij de juiste: Zoek.exe v5.0.0.0 Updated 24-07-2014 Tool run by thomas on vr 25-07-2014 at 11:54:03,78. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\thomas\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 25-7-2014 11:55:35 Zoek.exe System Restore Point Created Succesfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\Users\thomas\AppData\Local\softthinks deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Users\thomas\AppData\Local\DLCRootRuntime\DLCRootRuntime.exe c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\thomas\AppData\Local\DLCRootRuntime\AddonWin32Windows.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\WINDOWS\SysWOW64\FileMinimalSprite\FileMinimalSprite.exe C:\Program Files\Alienware\Command Center\AlienFusionController.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files (x86)\AlienRespawn\sftservice.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\AlienRespawn\COMPONENTS\DBRUPDATE\DBRUPD.EXE C:\Program Files (x86)\AlienRespawn\TOASTER.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\thomas\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RgFltX64 deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\Users\thomas\AppData\Roaming\Alawar deleted C:\Users\thomas\AppData\Roaming\AlawarEntertainment deleted C:\Users\thomas\AppData\Roaming\Systweak deleted C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Systweak deleted C:\PROGRA~3\Systweak deleted C:\PROGRA~3\Package Cache deleted C:\WINDOWS\SysNative\roboot64.exe deleted C:\Users\thomas\Searches deleted C:\WINDOWS\wininit.ini deleted C:\WINDOWS\SysWow64\AI_RecycleBin deleted "C:\Users\thomas\AppData\Local\DLCRootRuntime\AddonWin32Windows.exe" deleted "C:\Users\thomas\AppData\Local\DLCRootRuntime\DLCRootRuntime.exe" deleted "C:\Users\thomas\AppData\Local\DLCRootRuntime\msvcp100.dll" deleted "C:\Users\thomas\AppData\Local\DLCRootRuntime\msvcr100.dll" not deleted "C:\Users\thomas\AppData\Local\DLCRootRuntime\QtCore4.dll" deleted "C:\Users\thomas\AppData\Local\DLCRootRuntime\QtNetwork4.dll" deleted "C:\WINDOWS\Syswow64\FileMinimalSprite\FileMinimalSprite.exe" deleted "C:\WINDOWS\Syswow64\FileMinimalSprite\msvcp100.dll" deleted "C:\WINDOWS\Syswow64\FileMinimalSprite\msvcr100.dll" not deleted "C:\WINDOWS\Syswow64\FileMinimalSprite\QtCore4.dll" deleted "C:\WINDOWS\Syswow64\FileMinimalSprite\QtNetwork4.dll" deleted "C:\Users\thomas\AppData\Local\DLCRootRuntime" not deleted "C:\WINDOWS\Syswow64\FileMinimalSprite" not deleted "C:\Users\thomas\AppData\Local\DLCRootRuntime\desktop" not deleted "C:\Users\thomas\AppData\Local\DLCRootRuntime\service" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8107 MB CPU Info: Intel® Core i5-4460 CPU @ 3.20GHz CPU Speed: 3205,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | DENON-AVR-4 (NVIDIA High Defini | Display Adapters: NVIDIA GeForce GTX 745 | NVIDIA GeForce GTX 745 | NVIDIA GeForce GTX 745 | Intel® HD Graphics 4600 | Intel® HD Graphics 4600 | Intel® HD Graphics 4600 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe GBE Family Controller | Dell Wireless 1506 802.11b/g/n (2.4GHz) CD / DVD Drives: 2x (D: | F: | ) D: HL-DT-STDVD+-RW GA50N | F: CyberLnkVirtualDrive Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 1853,7GB | E: 465,7GB | X: 750,0MB | Y: 8,0GB Hard Disks - Free: C: 1404,0GB | E: 204,3GB | X: 308,1MB | Y: 749,3MB Manufacturer *: Alienware BIOS Info: AT/AT COMPATIBLE | | ALWARE - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: Alienware 0PGRP5 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 36.0.1985.125 Internet Explorer Version: 11.0.9600.17207 Google Chrome version: 36.0.1985.125 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\thomas\AppData\Local\Temp ==== 2014-07-25 06:13:52 D073EF407FBEF0603C68838A97C922FA 108502671 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\microsoft-office-2010-en.exe 2014-07-25 06:13:35 32D3CBFF8F36368ABF784CD550EAA091 7025480 ----a-w- C:\Users\thomas\AppData\Local\Temp\optprosetup.exe 2014-07-25 06:13:33 3BB5FEE6B8D0F72FCF0E05167DFBA497 7205416 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\OptimizerPro.exe 2014-07-25 06:13:29 62BAFE9A908B1717484D32DE5A54244B 4380069 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\RegClean_0307-7366cb4a.exe 2014-07-25 06:13:23 BA0FAAEDEDAB6E6365A92143B558BD8C 4242370 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\systemsspeedup_0307-cd6becd7.exe 2014-07-25 06:13:12 B16C300A13291FE826BBB59F2E7BFE18 4440864 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\eDeals_2207-a0ba44b9.exe 2014-07-25 06:12:56 F0F3706910D84499E7845934117022BA 55363 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\wajam_2207-6c14163c.exe 2014-07-25 06:12:55 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\FLVMPlayerSetup-c45490cb.exe 2014-07-25 06:12:18 9C12E804C38CBA812DA4C33F5712812A 164352 ----atw- C:\Users\thomas\AppData\Local\Temp\n652\s652.exe 2014-07-24 10:34:56 F3A15497E25BAAA721F96638D7A4D2F8 230529 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libpng14-14.dll 2014-07-24 10:34:56 C9E16CD9B7C0B84DDFE7249A24FE64B3 230457 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libpng12.dll 2014-07-24 10:34:56 989F5B2FC89DE3557307B703CE6A865D 42496 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libusb0.dll 2014-07-24 10:34:56 9469CE468DE91263B73AAC7A3C1CA087 258294 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libcurl-4.dll 2014-07-24 10:34:56 7AD6F303082B382BFF7BAFBAB246C61F 44287 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libgthread-2.0-0.dll 2014-07-24 10:34:56 6891946EF55E211F0B6ABACA235A5160 119296 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libgcc_s_dw2-1.dll 2014-07-24 10:34:56 550B3EC2D6A2DB0036B4E6E057B54768 36878 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libssp-0.dll 2014-07-24 10:34:56 4400DDF68DC5B57F55582CDF3CAC85F8 56832 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\mgwz.dll 2014-07-24 10:34:56 18E88B04DA123BF05B07FF60A4E96654 1242929 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libglib-2.0-0.dll 2014-07-24 10:34:55 F18452737F106A7B8A0BDAE6EA982E69 128254 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\jpeg62.dll 2014-07-24 10:34:55 B82D7190245E19AAA0161CD5FF45B958 27648 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\IPAddressControlLib.dll 2014-07-24 10:34:55 56BA17C77CC27D746B7F52ED2575A804 1237504 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\KMSELDI.exe 2014-07-24 10:34:54 EB2D4C4D4A527BC88A69A16CC99AFCF5 152489 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\intl.dll 2014-07-24 10:34:54 B8D0CCE2CA1CC850C8C6F25A70D855E6 162816 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\fmod.dll 2014-07-24 10:34:53 C5455F06FB5F0182BF01F5AE751CDCF7 638121 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\firewall.exe 2014-07-24 10:34:32 EF8D4CDB4B3CE3B20B6410E73BC7FA69 59904 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\timesync.exe 2014-07-24 10:34:32 D90DAD5EEA33A178BAC56FFF2847D4C2 100352 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\zlib1.dll 2014-07-24 10:34:32 B0C7E94DE4DAD29651316A34ECC816AA 3338240 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\qemu-system-i386.exe 2014-07-24 10:34:32 67ACD10F873A6F1997B17E629E1DBDFE 324096 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\SDL.dll 2014-07-24 10:34:31 CA2F560921B7B8BE1CF555A5A18D54C3 348160 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\msvcr71.dll 2014-07-24 10:34:31 79BF7493F97989E21D0D6BEC2D2934B7 303104 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\PortQry.exe 2014-07-24 10:34:31 60622FE5CD2DECFB12C110E8B2B31893 15960 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\mingwm10.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2014-07-09 12:56:45 374E27295F0A9DCAA8FC96370F9BEEA5 563200 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2014-07-09 12:56:26 1CD3A907D64D08F49208DA00B69BF35E 565576 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-07-25 06:52:01 -------- d-----w- C:\Program Files\trend micro 2014-07-05 10:53:12 -------- d-----w- C:\Program Files\Microsoft Silverlight 2014-06-29 08:06:45 -------- d-----w- C:\Program Files\WinRAR ======= C:\PROGRA~2 ===== 2014-07-21 19:05:47 -------- d-----w- C:\PROGRA~2\TeamSpeak 3 Client 2014-07-05 10:53:12 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight ======= C: ===== ====== C:\Users\thomas\AppData\Roaming ====== 2014-07-25 06:14:47 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft 2014-07-25 06:13:20 -------- d-----w- C:\Users\thomas\AppData\Local\DLCRootRuntime 2014-07-25 06:13:14 -------- d-----w- C:\Users\thomas\AppData\Local\Programs 2014-07-24 12:12:33 -------- d-----w- C:\Users\thomas\AppData\Local\@ByELDI 2014-07-21 19:06:36 -------- d-----w- C:\Users\thomas\AppData\Roaming\TS3Client 2014-07-12 12:16:03 -------- d-----w- C:\Users\thomas\AppData\Roaming\DCC 2014-07-08 07:28:23 -------- d-----w- C:\Users\thomas\AppData\Roaming\ERS Game Studios 2014-07-08 07:25:50 -------- d-----w- C:\Users\thomas\AppData\Roaming\DarkParablesBriarRose_BFG 2014-07-08 07:11:58 -------- d-----w- C:\Users\thomas\AppData\Roaming\Blue Tea Games 2014-07-08 07:06:21 -------- d-----w- C:\Users\thomas\AppData\Roaming\Ph03nixNewMedia 2014-07-08 07:05:01 -------- d-----w- C:\Users\thomas\AppData\Roaming\Vogat Interactive 2014-07-01 16:17:50 -------- d-----w- C:\Users\thomas\AppData\Roaming\Casual Arts 2014-07-01 16:14:07 -------- d-----w- C:\Users\thomas\AppData\Roaming\BloodTies 2014-07-01 14:39:39 -------- d-----w- C:\Users\thomas\AppData\Roaming\HitPoint Studios 2014-07-01 14:33:29 -------- d-----w- C:\Users\thomas\AppData\Roaming\BigFishv1002 2014-07-01 11:27:23 -------- d-----w- C:\Users\thomas\AppData\Roaming\RobinsonCrusoe 2014-07-01 10:07:44 -------- d-----w- C:\Users\thomas\AppData\Roaming\Az-Art 2014-06-29 09:32:22 -------- d-----w- C:\Users\thomas\AppData\Roaming\Boomzap 2014-06-29 09:29:03 -------- d-----w- C:\Users\thomas\AppData\Roaming\PoBros 2014-06-29 08:06:49 -------- d-----w- C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-06-27 22:45:49 -------- d-----w- C:\Users\thomas\AppData\Roaming\dvdcss 2014-06-27 15:05:05 -------- d-----w- C:\Users\thomas\AppData\Roaming\NVIDIA 2014-06-27 15:05:03 -------- d-----w- C:\Users\thomas\AppData\Roaming\Mad Head Games 2014-06-27 14:55:07 -------- d-----w- C:\Users\thomas\AppData\Roaming\Vast Studios 2014-06-27 14:49:54 -------- d-----w- C:\Users\thomas\AppData\Roaming\casualArts 2014-06-26 08:15:10 -------- d-----w- C:\Users\thomas\AppData\Roaming\Elephant Games 2014-06-26 08:12:03 -------- d-----w- C:\Users\thomas\AppData\Roaming\DailyMagic 2014-06-26 07:48:46 -------- d-----w- C:\Users\thomas\AppData\Local\JollyBear 2014-06-26 07:27:01 -------- d-----w- C:\Users\thomas\AppData\Roaming\SMIGames 2014-06-25 16:41:31 -------- d-----w- C:\Users\thomas\AppData\Roaming\PlayFavoriteGames 2014-06-25 16:35:42 -------- d-----w- C:\Users\thomas\AppData\Roaming\EleFun Games 2014-06-25 16:35:07 -------- d-----w- C:\Users\thomas\AppData\Roaming\CyberLink ====== C:\Users\thomas ====== 2014-07-25 06:51:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\thomas\Downloads\RSITx64.exe 2014-07-25 06:18:03 -------- d-----w- C:\ProgramData\374311380 2014-07-25 06:12:15 5D121BFED914E6301C1FC916B753A825 471448 ----a-w- C:\Users\thomas\Downloads\Microsoft Office 2010.exe 2014-07-21 19:05:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-07-16 14:10:30 -------- d-----w- C:\ProgramData\Electronic Arts 2014-07-16 14:10:28 -------- d-----w- C:\ProgramData\Origin 2014-07-16 14:10:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts 2014-07-11 07:42:09 -------- d-----w- C:\ProgramData\HP 2014-07-05 10:53:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-01 16:17:50 -------- d-----w- C:\ProgramData\Casual Arts 2014-07-01 16:15:54 -------- d-----w- C:\ProgramData\Becky Brogan 2014-06-29 09:29:03 -------- d-----w- C:\ProgramData\PoBros 2014-06-29 08:06:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-06-27 14:49:54 -------- d-----w- C:\ProgramData\casualArts 2014-06-26 08:15:10 -------- d-----w- C:\ProgramData\Elephant Games 2014-06-26 08:12:03 -------- d-----w- C:\ProgramData\DailyMagic 2014-06-26 07:48:46 -------- d-----w- C:\ProgramData\JollyBear ====== C: exe-files == 2014-07-25 06:52:01 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\thomas.exe 2014-07-25 06:51:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\thomas\Downloads\RSITx64.exe 2014-07-25 06:13:52 D073EF407FBEF0603C68838A97C922FA 108502671 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\microsoft-office-2010-en.exe 2014-07-25 06:13:35 32D3CBFF8F36368ABF784CD550EAA091 7025480 ----a-w- C:\Users\thomas\AppData\Local\Temp\optprosetup.exe 2014-07-25 06:13:33 3BB5FEE6B8D0F72FCF0E05167DFBA497 7205416 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\OptimizerPro.exe 2014-07-25 06:13:29 62BAFE9A908B1717484D32DE5A54244B 4380069 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\RegClean_0307-7366cb4a.exe 2014-07-25 06:13:23 BA0FAAEDEDAB6E6365A92143B558BD8C 4242370 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\systemsspeedup_0307-cd6becd7.exe 2014-07-25 06:13:12 B16C300A13291FE826BBB59F2E7BFE18 4440864 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\eDeals_2207-a0ba44b9.exe 2014-07-25 06:13:02 89B4EDE91F028F9EB52D03F3538666D9 2382296 ----a-w- C:\Users\thomas\AppData\Local\Microsoft\Windows\INetCache\IE\PBY0RISI\WIE_2.11.2.54[1].exe 2014-07-25 06:12:56 F0F3706910D84499E7845934117022BA 55363 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\wajam_2207-6c14163c.exe 2014-07-25 06:12:55 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\FLVMPlayerSetup-c45490cb.exe 2014-07-25 06:12:18 9C12E804C38CBA812DA4C33F5712812A 164352 ----atw- C:\Users\thomas\AppData\Local\Temp\n652\s652.exe 2014-07-25 06:12:15 5D121BFED914E6301C1FC916B753A825 471448 ----a-w- C:\Users\thomas\Downloads\Microsoft Office 2010.exe 2014-07-24 10:34:55 56BA17C77CC27D746B7F52ED2575A804 1237504 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\KMSELDI.exe 2014-07-24 10:34:53 C5455F06FB5F0182BF01F5AE751CDCF7 638121 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\firewall.exe 2014-07-24 10:34:32 EF8D4CDB4B3CE3B20B6410E73BC7FA69 59904 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\timesync.exe 2014-07-24 10:34:32 B0C7E94DE4DAD29651316A34ECC816AA 3338240 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\qemu-system-i386.exe 2014-07-24 10:34:31 79BF7493F97989E21D0D6BEC2D2934B7 303104 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\PortQry.exe 2014-07-23 15:25:52 A29D17CDEB67522D6822C45153EB79B3 3766008 ----a-w- C:\Users\thomas\AppData\Local\NVIDIA\NvBackend\Packages\00005d75\DAO.18716353.exe 2014-07-21 19:05:49 5F79854614F93158E8F3051965ADFD5E 126283 ----a-w- C:\Program Files (x86)\TeamSpeak 3 Client\Uninstall.exe 2014-07-20 06:43:46 C5D237A3DA4A914D19D825C73FDE4487 8848464 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.125\36.0.1985.125_35.0.1916.153_chrome_updater.exe 2014-07-19 15:22:32 079EDD62B499E926979317E9F88C9E46 3727400 ----a-w- C:\Users\thomas\AppData\Local\NVIDIA\NvBackend\Packages\00005d55\DAO.18705904.exe === C: other files == 2014-07-24 13:13:12 E4118571634DBE57076EB32897E65699 7817000 ----a-w- C:\Users\thomas\Downloads\ABEstimating(Windows) (1).zip 2014-07-23 21:12:48 E4118571634DBE57076EB32897E65699 7817000 ----a-w- C:\Users\thomas\Downloads\ABEstimating(Windows).zip ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX5REC" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60" "Command Center Controllers"="C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17-06-2014 14:38] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17-06-2014 14:38] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\WINDOWS\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\AlienAutopsy\sessionchecker.exe"] "C:\WINDOWS\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\AlienAutopsy\uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2014-06-12 20:36:38 -------- d-----w- C:\PROGRA~3\Intel 2014-06-12 20:40:29 -------- d-----w- C:\PROGRA~3\iolo 2014-06-12 20:43:03 -------- d-----w- C:\PROGRA~3\Dell 2014-06-12 20:45:21 -------- d---a-w- C:\PROGRA~3\Temp 2014-06-12 20:45:24 -------- d-----w- C:\PROGRA~3\CyberLink 2014-06-12 20:45:25 -------- d-----w- C:\PROGRA~3\CLSK 2014-06-12 20:45:41 -------- d-----w- C:\PROGRA~3\install_clap 2014-06-12 20:49:20 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation 2014-06-12 20:49:37 -------- d-----w- C:\PROGRA~3\NVIDIA 2014-06-12 20:51:34 -------- d-----w- C:\PROGRA~3\PC-Doctor for Windows 2014-06-12 20:51:34 -------- d-----w- C:\PROGRA~3\PCDr 2014-06-17 12:34:24 -------- d-sh--we C:\PROGRA~3\Bureaublad 2014-06-17 12:34:24 -------- d-sh--we C:\PROGRA~3\Documenten 2014-06-17 12:34:24 -------- d-sh--we C:\PROGRA~3\Menu Start 2014-06-17 12:34:24 -------- d-sh--we C:\PROGRA~3\Sjablonen 2014-06-17 12:42:38 -------- d-----w- C:\PROGRA~3\softthinks 2014-06-17 15:30:07 -------- d-----w- C:\PROGRA~3\Media Center Programs 2014-06-21 20:56:04 -------- d-----w- C:\PROGRA~3\Spotnet 2014-06-24 08:17:43 -------- d-----w- C:\PROGRA~3\Microsoft SkyDrive 2014-06-26 07:48:46 -------- d-----w- C:\PROGRA~3\JollyBear 2014-06-26 08:12:03 -------- d-----w- C:\PROGRA~3\DailyMagic 2014-06-26 08:15:10 -------- d-----w- C:\PROGRA~3\Elephant Games 2014-06-27 14:49:54 -------- d-----w- C:\PROGRA~3\casualArts 2014-06-29 09:29:03 -------- d-----w- C:\PROGRA~3\PoBros 2014-07-01 16:15:54 -------- d-----w- C:\PROGRA~3\Becky Brogan 2014-07-01 16:17:50 -------- d-----w- C:\PROGRA~3\Casual Arts 2014-07-11 07:42:09 -------- d-----w- C:\PROGRA~3\HP 2014-07-16 14:10:28 -------- d-----w- C:\PROGRA~3\Origin 2014-07-16 14:10:30 -------- d-----w- C:\PROGRA~3\Electronic Arts 2014-07-25 06:18:03 -------- d-----w- C:\PROGRA~3\374311380 ==== Chrome Look ====================== Google Docs - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://dell13.msn.com/?pc=DCJB" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{7DADFD38-0CC6-4FF6-903D-796898E121CA}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://dell13.msn.com/?pc=DCJB" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {7DADFD38-0CC6-4FF6-903D-796898E121CA} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3959895356-1840219888-164995823-1002\Software\Microsoft\Internet Explorer\SearchScopes\{7DADFD38-0CC6-4FF6-903D-796898E121CA} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:21726" "ProxyOverride"="<local>;*origin.com;*ea.com;*akamaihd.net" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (file missing) O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (file missing) O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (file missing) O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (file missing) O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe O23 - Service: AlienFXWindowsService - Alienware - C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: DLCRootRuntime.exe - Unknown owner - C:\Users\thomas\AppData\Local\DLCRootRuntime\DLCRootRuntime.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FileMinimalSprite - Unknown owner - C:\WINDOWS\SysWOW64\FileMinimalSprite\FileMinimalSprite.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: ioloEnergyBooster - iolo technologies, LLC - C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: MSI_ODD_Service - Micro-Star Int'l Co., Ltd. - c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\AlienRespawn\sftservice.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\thomas\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\thomas\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=57 folders=48 37060002 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\thomas\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\thomas\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\thomas\AppData\Local\DLCRootRuntime\msvcr100.dll" not found "C:\WINDOWS\Syswow64\FileMinimalSprite\msvcr100.dll" not found "C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not deleted "C:\Users\thomas\AppData\Local\DLCRootRuntime" not found "C:\WINDOWS\Syswow64\FileMinimalSprite" not found ==== EOF on vr 25-07-2014 at 12:03:18,13 ======================

Hallo allemaal, Ik ben op deze website terecht gekomen omdat ik op google wilde uitvinden hoe ik pirrit suggestor verwijder. Ik heb in een vorig topic al een instructie video bekeken en deze stappen gevolgd. (zie topic www.pc-helpforum.be/f201/last-van-pirritsuggestor-70589/) Hier heb ik dan ook een logje van. (Halleluja dat er een video online stond, ben een echte noob haha) Zijn er hier mensen die mij kunnen helpen Hierbij de log: Logfile of random's system information tool 1.10 (written by random/random) Run by thomas at 2014-07-25 08:57:16 Microsoft Windows 8.1 System drive C: has 1437 GB (76%) free of 1898 GB Total RAM: 8107 MB (55% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 08:57:17, on 25-7-2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Alienware\Command Center\AlienFusionController.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\AlienRespawn\COMPONENTS\DBRUPDATE\DBRUPD.EXE C:\Program Files (x86)\AlienRespawn\TOASTER.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\thomas.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:21726 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (file missing) O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (file missing) O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (file missing) O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (file missing) O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe O23 - Service: AlienFXWindowsService - Alienware - C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FileMinimalSprite - Unknown owner - C:\WINDOWS\SysWOW64\FileMinimalSprite\FileMinimalSprite.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: ioloEnergyBooster - iolo technologies, LLC - C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: MSI_ODD_Service - Micro-Star Int'l Co., Ltd. - c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\AlienRespawn\sftservice.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- End of file - 9933 bytes ======Listing Processes====== wininit.exe C:\WINDOWS\system32\lsass.exe winlogon.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS "dwm.exe" "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\WINDOWS\system32\nvvsvc.exe -session -first C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe" "C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe" dashost.exe {2ea3ce14-eb42-4fa4-b34f0b600d7d3b46} "c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe" "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" C:\WINDOWS\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe taskhostex.exe C:\WINDOWS\Explorer.EXE "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel "C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss fcfb854d-732d-4afe-ad3b-8ec79ca8ec00 1 C:\WINDOWS\system32\SearchIndexer.exe /Embedding \??\C:\WINDOWS\system32\conhost.exe 0x4 C:\Windows\System32\skydrive.exe -Embedding C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d7b7aa3d-3e0f-462d-a74d-14940f3d720b -SystemEventPortName:HostProcess-3e3186a5-127a-4ff8-9917-91483c04cad3 -IoCancelEventPortName:HostProcess-575d5ee3-b3ce-490b-bd47-8b5b5673726b -NonStateChangingEventPortName:HostProcess-8c4a21f5-e013-43d2-ac50-dfac37bdc9bc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7bd89406-89fe-4341-bc75-51579da34bef -DeviceGroupId:WpdFsGroup "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\WINDOWS\system32\conhost.exe 0x4 "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5REC "C:\Windows\system32\igfxsrvc.exe" -Embedding "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Alienware\Command Center\AWCCServiceController.exe" "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe" "C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe" 199436 "C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe" 199436 \??\C:\WINDOWS\system32\conhost.exe 0x4 \??\C:\WINDOWS\system32\conhost.exe 0x4 "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" C:\WINDOWS\system32\DllHost.exe /Processid:{3AD05575-8857-4850-9277-11B85BDB8E09} "C:\Program Files\Alienware\Command Center\AlienFusionService.exe" C:\WINDOWS\SysWOW64\FileMinimalSprite\FileMinimalSprite.exe "C:\Program Files\Alienware\Command Center\AlienFusionController.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" "C:\Program Files (x86)\AlienRespawn\sftservice.exe" "C:\Program Files\Windows Defender\MSASCui.exe" /CleanSystem "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5664.0.922703095\226118530" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,43 --gpu-vendor-id=0x10de --gpu-device-id=0x1382 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.4.1274183476\1963960512" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5664.6.1833652990\521735799" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.9.1535922734\1058139595" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.10.1324278776\1031424543" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.15.252275890\659229581" /prefetch:673131151 "C:\Program Files (x86)\AlienRespawn\COMPONENTS\DBRUPDATE\DBRUPD.EXE" "C:\Program Files (x86)\AlienRespawn\TOASTER.EXE" C:\Users\thomas C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe" \??\C:\WINDOWS\system32\conhost.exe 0x4 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.17.330852199\1116091524" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.22.230658533\1928649588" /prefetch:673131151 "C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\info.txt "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.41.360432757\1747828979" /prefetch:673131151 "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.44.1922267762\114884225" /prefetch:673131151 C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\thomas\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-09-06 7199448] "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-31 1321688] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-30 391152] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-30 771568] "Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-30 770544] "IAStorIcon"=C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-30 36352] ""= [] "Command Center Controllers"=C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [2013-12-06 13840] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072] "ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-05-30 1279480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2014-01-23 624640] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.yuy2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "vidc.yvyu"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "vidc.uyvy"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-07-25 08:52:01 ----D---- C:\rsit 2014-07-25 08:52:01 ----D---- C:\Program Files\trend micro 2014-07-25 08:18:03 ----D---- C:\ProgramData\374311380 2014-07-25 08:13:58 ----D---- C:\ProgramData\Systweak 2014-07-25 08:13:38 ----D---- C:\Users\thomas\AppData\Roaming\Systweak 2014-07-25 08:13:34 ----A---- C:\WINDOWS\system32\roboot64.exe 2014-07-25 08:13:25 ----D---- C:\WINDOWS\SYSWOW64\FileMinimalSprite 2014-07-21 21:06:36 ----D---- C:\Users\thomas\AppData\Roaming\TS3Client 2014-07-21 21:05:47 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client 2014-07-16 16:10:30 ----D---- C:\ProgramData\Electronic Arts 2014-07-16 16:10:28 ----D---- C:\ProgramData\Origin 2014-07-12 14:16:03 ----D---- C:\Users\thomas\AppData\Roaming\DCC 2014-07-11 09:42:09 ----D---- C:\ProgramData\HP 2014-07-09 18:29:52 ----A---- C:\WINDOWS\system32\termsrv.dll 2014-07-09 14:56:45 ----A---- C:\WINDOWS\system32\drivers\afd.sys 2014-07-09 14:56:44 ----A---- C:\WINDOWS\system32\win32k.sys 2014-07-09 14:56:43 ----A---- C:\WINDOWS\SYSWOW64\osk.exe 2014-07-09 14:56:43 ----A---- C:\WINDOWS\system32\osk.exe 2014-07-09 14:56:41 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll 2014-07-09 14:56:41 ----A---- C:\WINDOWS\system32\mshtml.dll 2014-07-09 14:56:41 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2014-07-09 14:56:40 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll 2014-07-09 14:56:36 ----A---- C:\WINDOWS\system32\jscript9.dll 2014-07-09 14:56:36 ----A---- C:\WINDOWS\system32\ieframe.dll 2014-07-09 14:56:35 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll 2014-07-09 14:56:34 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll 2014-07-09 14:56:33 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll 2014-07-09 14:56:33 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll 2014-07-09 14:56:33 ----A---- C:\WINDOWS\system32\wininet.dll 2014-07-09 14:56:33 ----A---- C:\WINDOWS\system32\urlmon.dll 2014-07-09 14:56:33 ----A---- C:\WINDOWS\system32\iertutil.dll 2014-07-09 14:56:33 ----A---- C:\WINDOWS\system32\dxtrans.dll 2014-07-09 14:56:33 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2014-07-09 14:56:32 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll 2014-07-09 14:56:32 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll 2014-07-09 14:56:32 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll 2014-07-09 14:56:32 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll 2014-07-09 14:56:32 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll 2014-07-09 14:56:32 ----A---- C:\WINDOWS\system32\mshtmled.dll 2014-07-09 14:56:32 ----A---- C:\WINDOWS\system32\msfeeds.dll 2014-07-09 14:56:31 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll 2014-07-09 14:56:31 ----A---- C:\WINDOWS\system32\ieapfltr.dll 2014-07-09 14:56:31 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2014-07-09 14:56:27 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll 2014-07-09 14:56:27 ----A---- C:\WINDOWS\system32\qedit.dll 2014-07-09 14:56:26 ----A---- C:\WINDOWS\system32\lsasrv.dll 2014-07-09 14:56:26 ----A---- C:\WINDOWS\system32\drivers\cng.sys 2014-07-09 14:56:26 ----A---- C:\WINDOWS\system32\certcli.dll 2014-07-09 14:56:25 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll 2014-07-09 14:56:25 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll 2014-07-09 14:56:25 ----A---- C:\WINDOWS\system32\adtschema.dll 2014-07-09 14:55:38 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll 2014-07-09 14:55:38 ----A---- C:\WINDOWS\system32\WSShared.dll 2014-07-09 14:55:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-09 14:55:37 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll 2014-07-09 14:55:37 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll 2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\wuaueng.dll 2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\wuauclt.exe 2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\twinui.dll 2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\twinui.appcore.dll 2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll 2014-07-09 14:55:36 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll 2014-07-09 14:55:36 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll 2014-07-09 14:55:36 ----A---- C:\WINDOWS\system32\wudriver.dll 2014-07-09 14:55:36 ----A---- C:\WINDOWS\system32\wuapi.dll 2014-07-09 14:54:23 ----A---- C:\WINDOWS\system32\WSReset.exe 2014-07-08 09:28:23 ----D---- C:\Users\thomas\AppData\Roaming\ERS Game Studios 2014-07-08 09:25:50 ----D---- C:\Users\thomas\AppData\Roaming\DarkParablesBriarRose_BFG 2014-07-08 09:11:58 ----D---- C:\Users\thomas\AppData\Roaming\Blue Tea Games 2014-07-08 09:06:21 ----D---- C:\Users\thomas\AppData\Roaming\Ph03nixNewMedia 2014-07-08 09:05:01 ----D---- C:\Users\thomas\AppData\Roaming\Vogat Interactive 2014-07-05 12:53:12 ----D---- C:\Program Files\Microsoft Silverlight 2014-07-05 12:53:12 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-07-01 18:17:50 ----D---- C:\Users\thomas\AppData\Roaming\Casual Arts 2014-07-01 18:17:50 ----D---- C:\ProgramData\Casual Arts 2014-07-01 18:15:54 ----D---- C:\ProgramData\Becky Brogan 2014-07-01 18:14:07 ----D---- C:\Users\thomas\AppData\Roaming\BloodTies 2014-07-01 16:39:39 ----D---- C:\Users\thomas\AppData\Roaming\HitPoint Studios 2014-07-01 16:33:29 ----D---- C:\Users\thomas\AppData\Roaming\BigFishv1002 2014-07-01 13:29:59 ----D---- C:\Users\thomas\AppData\Roaming\Alawar 2014-07-01 13:27:23 ----D---- C:\Users\thomas\AppData\Roaming\RobinsonCrusoe 2014-07-01 12:07:44 ----D---- C:\Users\thomas\AppData\Roaming\Az-Art 2014-06-29 11:32:22 ----D---- C:\Users\thomas\AppData\Roaming\Boomzap 2014-06-29 11:29:03 ----D---- C:\Users\thomas\AppData\Roaming\PoBros 2014-06-29 11:29:03 ----D---- C:\ProgramData\PoBros 2014-06-29 10:06:45 ----D---- C:\Program Files\WinRAR 2014-06-28 00:45:49 ----D---- C:\Users\thomas\AppData\Roaming\dvdcss 2014-06-27 17:05:05 ----D---- C:\Users\thomas\AppData\Roaming\NVIDIA 2014-06-27 17:05:03 ----D---- C:\Users\thomas\AppData\Roaming\Mad Head Games 2014-06-27 16:55:07 ----D---- C:\Users\thomas\AppData\Roaming\Vast Studios 2014-06-27 16:49:54 ----D---- C:\Users\thomas\AppData\Roaming\casualArts 2014-06-27 16:49:54 ----D---- C:\ProgramData\casualArts 2014-06-26 10:15:10 ----D---- C:\Users\thomas\AppData\Roaming\Elephant Games 2014-06-26 10:15:10 ----D---- C:\ProgramData\Elephant Games 2014-06-26 10:12:03 ----D---- C:\Users\thomas\AppData\Roaming\DailyMagic 2014-06-26 10:12:03 ----D---- C:\ProgramData\DailyMagic 2014-06-26 09:48:46 ----D---- C:\ProgramData\JollyBear 2014-06-26 09:36:10 ----D---- C:\Users\thomas\AppData\Roaming\AlawarEntertainment 2014-06-26 09:27:01 ----D---- C:\Users\thomas\AppData\Roaming\SMIGames ======List of files/folders modified in the last 1 month====== 2014-07-25 08:57:04 ----D---- C:\WINDOWS\Temp 2014-07-25 08:52:11 ----D---- C:\WINDOWS\Prefetch 2014-07-25 08:52:01 ----RD---- C:\Program Files 2014-07-25 08:32:07 ----D---- C:\Program Files (x86)\AlienRespawn 2014-07-25 08:26:29 ----RD---- C:\Program Files (x86) 2014-07-25 08:23:40 ----D---- C:\ProgramData\NVIDIA 2014-07-25 08:18:56 ----D---- C:\WINDOWS\system32\Tasks 2014-07-25 08:18:55 ----D---- C:\WINDOWS\System32 2014-07-25 08:18:03 ----HD---- C:\ProgramData 2014-07-25 08:17:49 ----D---- C:\WINDOWS\Tasks 2014-07-25 08:13:25 ----D---- C:\WINDOWS\SysWOW64 2014-07-25 08:00:00 ----D---- C:\WINDOWS\system32\sru 2014-07-25 04:53:50 ----SHD---- C:\System Volume Information 2014-07-25 04:49:49 ----D---- C:\WINDOWS\Microsoft.NET 2014-07-24 15:28:12 ----D---- C:\WINDOWS\system32\drivers 2014-07-24 10:58:49 ----SHD---- C:\WINDOWS\Installer 2014-07-24 10:57:48 ----D---- C:\WINDOWS\system32\catroot2 2014-07-23 16:42:47 ----D---- C:\Users\thomas\AppData\Roaming\vlc 2014-07-23 10:03:39 ----HD---- C:\Program Files\WindowsApps 2014-07-23 10:03:39 ----D---- C:\WINDOWS\AppReadiness 2014-07-22 10:51:16 ----D---- C:\WINDOWS\Inf 2014-07-16 16:10:03 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-07-16 16:09:19 ----D---- C:\Program Files (x86)\Electronic Arts 2014-07-15 03:20:11 ----D---- C:\WINDOWS\system32\config 2014-07-12 14:14:46 ----AD---- C:\ProgramData\Temp 2014-07-12 10:13:38 ----D---- C:\WINDOWS\rescache 2014-07-12 10:06:43 ----RSD---- C:\WINDOWS\assembly 2014-07-11 14:23:02 ----D---- C:\WINDOWS\WinSxS 2014-07-11 14:21:21 ----RD---- C:\WINDOWS\ToastData 2014-07-11 14:21:21 ----D---- C:\WINDOWS\WinStore 2014-07-11 14:21:21 ----D---- C:\WINDOWS\SYSWOW64\nl-NL 2014-07-11 14:21:21 ----D---- C:\WINDOWS\system32\nl-NL 2014-07-11 14:21:21 ----D---- C:\Program Files\Internet Explorer 2014-07-11 14:21:21 ----D---- C:\Program Files (x86)\Internet Explorer 2014-07-11 05:46:43 ----D---- C:\ProgramData\regid.1991-06.com.microsoft 2014-07-09 18:30:56 ----D---- C:\WINDOWS\CbsTemp 2014-07-09 18:30:48 ----D---- C:\WINDOWS\system32\MRT 2014-07-09 18:30:13 ----A---- C:\WINDOWS\system32\MRT.exe 2014-07-09 18:29:41 ----D---- C:\Program Files\Windows Journal 2014-07-05 13:57:45 ----D---- C:\Program Files\Common Files\microsoft shared 2014-07-05 12:53:16 ----D---- C:\ProgramData\Microsoft 2014-07-04 05:58:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2014-06-29 10:06:56 ----D---- C:\Users\thomas\AppData\Roaming\WinRAR 2014-06-27 18:20:22 ----SD---- C:\Users\thomas\AppData\Roaming\Microsoft 2014-06-26 22:55:30 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe 2014-06-26 16:57:51 ----D---- C:\WINDOWS\system32\wdi ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-29 644968] R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 157016] R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680] R3 athr;@oem11.inf,%ATHR.Service.DispName%;Dell Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-07-15 3837440] R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-23 4221440] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-09-11 3640024] R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-01-23 450520] R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032] R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-02-19 116736] R3 NTIOLib_X64;NTIOLib_X64; \??\C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [2012-11-20 14136] R3 NVHDA;@oem13.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2013-11-28 197408] R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-05-20 12688328] R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256] R3 nvvad_WaveExtensible;@oem18.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-03-31 40392] R3 RTL8168;@oem1.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-22 816344] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864] S3 dg_ssudbus;@oem19.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296] S3 ssudmdm;@oem20.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544] S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2013-08-22 78848] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] R2 AlienFusionService;Alienware Fusion Service; C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2013-12-06 15888] R2 AlienFXWindowsService;AlienFXWindowsService; C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [2013-12-06 14352] R2 FileMinimalSprite;FileMinimalSprite; C:\WINDOWS\SysWOW64\FileMinimalSprite\FileMinimalSprite.exe [2014-07-25 60965] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-30 15720] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2014-02-19 154584] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2014-02-19 398296] R2 MSI_ODD_Service;MSI_ODD_Service; c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe [2012-11-20 83512] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2013-07-30 253776] R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-08-23 289496] R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\AlienRespawn\sftservice.exe [2014-04-05 1915920] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-17 116648] S3 cphs;Intel® Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279024] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-23 43696] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-17 116648] S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232] S3 ioloEnergyBooster;ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [2012-11-01 6145872] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-01 150600] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424] -----------------EOF-----------------