Mededeling

Collapse
No announcement yet.

besmet met sweet page

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • besmet met sweet page

    Hallo,

    na het instelleren van een virtual cd-rom progamma raakte ik besmet met een sweet page browsertoepassing. En daarbij allerlei rommel. Laptop was gelijk trager. Ik heb het meeste nu verwijderd met MBAM, Spybot en Adwcleaner. Echter vraag ik mij af of het nieuw schoon is.
    Ik ben op dit moment nog een volledige scan aan het doen van MBAM. Als die klaar is post ik hem ook wel. Dit zijn in ieder geval de andere logjes.

    alwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2014.01.27.08

    Windows 8 x64 NTFS
    Internet Explorer 11.0.9600.16476
    VERMT :: LAPTOP [administrator]

    27-1-2014 20:14:19
    mbam-log-2014-01-27 (20-14-19).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 234416
    Verstreken tijd: 5 minuut/minuten, 3 seconde(n)

    Geheugenprocessen gedetecteerd: 1
    C:\Program Files (x86)\RightSurf\updateRightSurf.exe (PUP.Optional.RightSurf.A) -> 3452 -> Zal worden verwijderd tijdens het herstarten.

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 16
    HKLM\SYSTEM\CurrentControlSet\Services\Update RightSurf (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\CLSID\{88be1aa9-6740-461c-9e3e-f35eb8fa741c} (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\TypeLib\{a4f32137-598e-41b6-b601-9965084c8f08} (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\Interface\{C64BA349-1F34-4BFC-8D23-A317279D0CB9} (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C} (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C} (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C} (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WPM (PUP.Optional.WpManager.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\Software\RightSurf (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\sweet-pageSoftware (PUP.Optional.SweetPage.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\Software\RightSurf (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 1
    HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0T1F1P1F1C0U2W -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerdata gedetecteerd: 7
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.SweetPage.A) -> Slecht: (http://www.sweet-page.com/?type=hp&t...1A235110451104) Goed: (http://www.google.com) -> Succesvol in quarantaine geplaatst en gerepareerd.
    HKCU\Software\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.SweetPage.A) -> Slecht: (http://www.sweet-page.com/?type=hp&t...1A235110451104) Goed: (http://www.google.com) -> Succesvol in quarantaine geplaatst en gerepareerd.
    HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (PUP.Optional.SweetPage.A) -> Slecht: (C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&t...1A235110451104) Goed: (iexplore.exe) -> Succesvol in quarantaine geplaatst en gerepareerd.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (PUP.Optional.SweetPage.A) -> Slecht: (http://www.sweet-page.com/web/?type=ds&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104&q={searchTerms}) Goed: (http://www.google.com) -> Succesvol in quarantaine geplaatst en gerepareerd.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.SweetPage.A) -> Slecht: (http://www.sweet-page.com/?type=hp&t...1A235110451104) Goed: (http://www.google.com) -> Succesvol in quarantaine geplaatst en gerepareerd.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Slecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Goed: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Succesvol in quarantaine geplaatst en gerepareerd.
    HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.SweetPage.A) -> Slecht: (http://www.sweet-page.com/?type=hp&t...1A235110451104) Goed: (http://www.google.com) -> Succesvol in quarantaine geplaatst en gerepareerd.

    Mappen gedetecteerd: 2
    C:\Program Files (x86)\RightSurf (PUP.Optional.RightSurf.A) -> Zal worden verwijderd tijdens het herstarten.
    C:\Users\VERMT\AppData\Local\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    Bestanden gedetecteerd: 12
    C:\Program Files (x86)\RightSurf\updateRightSurf.exe (PUP.Optional.RightSurf.A) -> Zal worden verwijderd tijdens het herstarten.
    C:\Program Files (x86)\RightSurf\RightSurfBHO.dll (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\VERMT\Documents\Downloads\FlashPlayer__4369_i166423128_il14.exe (PUP.Optional.InstallMonetizer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\VERMT\AppData\Local\Temp\fullpackage_temp1390849516\package1.zip (PUP.Optional.SkyTech.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\VERMT\AppData\Local\Temp\fullpackage_temp1390849516\QQBrowserFrame.dll (PUP.Optional.SkyTech.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\VERMT\Downloads\daemon-tools [1].exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\VERMT\Downloads\daemon-tools.exe (PUP.Optional.ExtendedSetup.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\VERMT\Local Settings\Temporary Internet Files\IE\RP2UNXL2\Setup[1].exe (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\RightSurf\RightSurf.ico (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\RightSurf\RightSurfUninstall.exe (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\RightSurf\updateRightSurf.InstallState (PUP.Optional.RightSurf.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    (einde)

  • #2
    AdwCleaner v3.017 - Report created 27/01/2014 at 20:54:11
    # Updated 12/01/2014 by Xplode
    # Operating System : Windows 8.1 (64 bits)
    # Username : VERMT - LAPTOP
    # Running from : C:\Users\VERMT\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Found C:\Program Files (x86)\SupTab
    Folder Found C:\ProgramData\ParetoLogic
    Folder Found C:\ProgramData\SpeedyPC Software
    Folder Found C:\ProgramData\WPM
    Folder Found C:\Users\VERMT\AppData\Roaming\DriverCure
    Folder Found C:\Users\VERMT\AppData\Roaming\ParetoLogic
    Folder Found C:\Users\VERMT\AppData\Roaming\SpeedyPC Software

    ***** [ Shortcuts ] *****

    Shortcut Found : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104 )
    Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104 )
    Shortcut Found : C:\Users\VERMT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104 )
    Shortcut Found : C:\Users\VERMT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104 )
    Shortcut Found : C:\Users\VERMT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104 )
    Shortcut Found : C:\Users\VERMT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104 )
    Shortcut Found : C:\Users\VERMT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104 )

    ***** [ Registry ] *****

    Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Found : HKCU\Software\Optimizer Pro
    Key Found : HKCU\Software\ParetoLogic
    Key Found : HKCU\Software\Softonic
    Key Found : HKCU\Software\SpeedyPC Software
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Key Found : [x64] HKCU\Software\Optimizer Pro
    Key Found : [x64] HKCU\Software\ParetoLogic
    Key Found : [x64] HKCU\Software\Softonic
    Key Found : [x64] HKCU\Software\SpeedyPC Software
    Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
    Key Found : HKLM\Software\ParetoLogic
    Key Found : HKLM\Software\SupTab
    Key Found : HKLM\Software\supWPM
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16384

    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.sweet-page.com/web/?type=ds&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104&q={searchTerms}
    Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.sweet-page.com/web/?type=ds&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104&q={searchTerms}
    Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.sweet-page.com/?type=hp&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104
    Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.sweet-page.com/?type=hp&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104
    Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.sweet-page.com/web/?type=ds&ts=1390849547&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WX41A235110451104&q={searchTerms}

    -\\ Google Chrome v32.0.1700.76

    [ File : C:\Users\VERMT\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Found : homepage
    Found : search_url
    Found : keyword
    Found : homepage
    Found : search_url
    Found : keyword

    *************************

    AdwCleaner[R0].txt - [5337 octets] - [27/01/2014 20:54:11]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5397 octets] ##########

    Comment


    • #3
      Spreken we hier over dezelfde PC : http://www.nucia.eu/forum/threads/71...l=1#post691765 ?
      Oorspronkelijk geplaatst door vic32 Bekijk Berichten
      sorry voor mijn late bericht, maar alles is opgelost door windows 8 opnieuw te installeren., bedankt voor de hulp
      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

      Comment


      • #4
        Klopt, kort na mijn laatste replay op dat topic hier ging mijn laptop stuk. Moest terug gestuurd worden naar leverancier voor reparatie. Voeding was stuk gegaan. Gelukkig in de garantie. Alles is opnieuw geinstalleerd dus de problemen van windows security zijn opgelost. Nu ben ik alles weer aan het installeren en ging ik dus de mist in met het downloaden van Daemon Tools. Een verkeerde download ben ik bang.

        Comment


        • #5
          Hoi vic32 ,

          Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
          .
          • Log enkel in als beheerder met alle rechten.
          • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
          • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
          • Volg aandachtig de instructies die door mij worden gegeven.
          • Volg enkel het door mij gegeven advies op
          • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
          • Als je iets niet weet of verstaat, vraag het dan even aub.
          • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
          • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
          • Zet je emoticons (Smileys) uit als je logs plaatst aub .
          • De logs niet als bijlage, noch tussen codetags zetten aub.

          .
          Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
          De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

          Stap 1:

          Malware scannen en verwijderen....

          Heb je MBAM reeds op je pc staan, moet je niet downloaden uiteraard.

          Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links: Dubbelklik op mbam-setup.exe om het programma te installeren.

          Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
          Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

          KLIK HIER voor een vergroting! 
          Klik op de foto voor een vergroting...

          Zorg dat er na de installatie een vinkje is geplaatst bij:
          • Update MalwareBytes' Anti-Malware
          • Start MalwareBytes' Anti-Malware
          • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



          Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
          • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
          • Ga naar het tabblad "Updates" en Update MBAM.
          • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
          • Druk vervolgens op "Scannen" om de scan te starten.
          • Het scannen kan een tijdje duren, dus wees geduldig.
          • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
          • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
          • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

          Indien MBAM vraagt om een herstart, doe dit dan ook.
          Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
          In dat geval post je dus de twee logs.

          De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


          Bij problemen!!!

          .___________________________________________________________

          Stap 2:

          Controle op slechte toolbars...

          Download AdwCleaner by Xplode naar je Bureaublad.
          • Sluit alle openstaande vensters
          • Start AdwCleaner
          • Klik op Scan
          • Klik op Clean
          • KLIK HIER voor een vergroting! 

          Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
          Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner\AdwCleaner[xx].txt post de inhoud hier op het Forum.

          Enkel de log na de "clean" optie heb ik nodig.

          Vergeet niet om je "smileys" uit te schakelen.

          Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com
          ___________________________________________________________

          Stap 3:

          Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


          DDS is een diagnosetool en maakt gebruik van scripts.
          Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


          Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
          Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
          Beide logfiles sla je op je bureaublad.

          Post de inhoud van DDS.txt.

          De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.


          ___________________________________________________________

          Stap 4:

          Download Security Check op je bureaublad via hier of hier

          Start Security Check
          Volg de Instructies in het scherm
          Aan het eind verschijnt een log ( checkup.txt )
          Plaats de inhoud ervan in je volgende antwoord.


          In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
          .
          • MBAM
          • AdwCleaner
          • DDS
          • checkup.txt

          .
          Deze logs NIET als bijlage of tussen codetags posten aub.
          (Desnoods in meerdere postingen.)

          Emphyrio
          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

          Comment


          • #6
            ik heb windows 8 dus die DDS hoefde niet toch? die werkt niet volgens mij...

            Comment


            • #7
              Oorspronkelijk geplaatst door vic32 Bekijk Berichten
              ik heb windows 8 dus die DDS hoefde niet toch? die werkt niet volgens mij...
              Je hebt gelijk, W 8.1 gaat niet


              In de plaats:


              Download RSIT van de onderstaande locaties en sla deze op het bureablad op.
              Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

              Dubbelklik op RSIT.exe om de tool te starten.
              • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
              • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
              • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
              • Plaats de inhoud hiervan in het volgende bericht.
              Last edited by Emphyrio; 28-01-14, 09:49.
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                Malwarebytes Anti-Malware 1.75.0.1300
                www.malwarebytes.org

                Databaseversie: v2014.01.27.08

                Windows 8 x64 NTFS
                Internet Explorer 11.0.9600.16476
                VERMT :: LAPTOP [administrator]

                28-1-2014 10:33:13
                mbam-log-2014-01-28 (10-33-13).txt

                Scan type: Volledige scan (C:\|D:\|)
                Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
                Uitgeschakelde scan opties: P2P
                Objecten gescand: 743004
                Verstreken tijd: 58 minuut/minuten, 24 seconde(n)

                Geheugenprocessen gedetecteerd: 0
                (Geen kwaadaardige objecten gedetecteerd)

                Geheugenmodulen gedetecteerd: 0
                (Geen kwaadaardige objecten gedetecteerd)

                Registersleutels gedetecteerd: 0
                (Geen kwaadaardige objecten gedetecteerd)

                Registerwaarden gedetecteerd: 0
                (Geen kwaadaardige objecten gedetecteerd)

                Registerdata gedetecteerd: 0
                (Geen kwaadaardige objecten gedetecteerd)

                Mappen gedetecteerd: 0
                (Geen kwaadaardige objecten gedetecteerd)

                Bestanden gedetecteerd: 0
                (Geen kwaadaardige objecten gedetecteerd)

                (einde)

                Comment


                • #9
                  # AdwCleaner v3.017 - Report created 28/01/2014 at 11:38:21
                  # Updated 12/01/2014 by Xplode
                  # Operating System : Windows 8.1 (64 bits)
                  # Username : VERMT - LAPTOP
                  # Running from : C:\Users\VERMT\Downloads\adwcleaner.exe
                  # Option : Clean

                  ***** [ Services ] *****


                  ***** [ Files / Folders ] *****


                  ***** [ Shortcuts ] *****


                  ***** [ Registry ] *****


                  ***** [ Browsers ] *****

                  -\\ Internet Explorer v11.0.9600.16384


                  -\\ Google Chrome v32.0.1700.76

                  [ File : C:\Users\VERMT\AppData\Local\Google\Chrome\User Data\Default\preferences ]


                  *************************

                  AdwCleaner[R0].txt - [5521 octets] - [27/01/2014 20:54:11]
                  AdwCleaner[R1].txt - [855 octets] - [27/01/2014 22:32:56]
                  AdwCleaner[R2].txt - [914 octets] - [28/01/2014 11:37:50]
                  AdwCleaner[S0].txt - [3988 octets] - [27/01/2014 20:55:23]
                  AdwCleaner[S1].txt - [836 octets] - [28/01/2014 11:38:21]

                  ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [895 octets] ##########

                  Comment


                  • #10
                    info.txt logfile of random's system information tool 1.09 2014-01-28 11:43:10

                    ======Uninstall list======

                    -->"C:\Program Files (x86)\WildGames\Game Explorer Categories - genres\Uninstall.exe"
                    -->MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
                    Adobe Reader X MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
                    Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{01097D6A-8EC6-476D-A336-2B2596C39175}\setup.exe
                    Apple Application Support-->MsiExec.exe /I{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}
                    Apple Mobile Device Support-->MsiExec.exe /I{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}
                    Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
                    ASUS Instant Key-->MsiExec.exe /I{D97A1B80-131F-4692-9543-E652956D8B99}
                    ASUS InstantOn-->MsiExec.exe /I{749F674B-2674-47E8-879C-5626A06B2A91}
                    ASUS Live Update-->MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
                    ASUS N Series Demo-->MsiExec.exe /I{246B4AFF-6540-4B72-93E8-B9EB86D37589}
                    ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
                    ASUS Screen Saver-->MsiExec.exe /I{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
                    ASUS Smart Gesture-->MsiExec.exe /I{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
                    ASUS Splendid Video Enhancement Technology-->MsiExec.exe /X{0969AF05-4FF6-4C00-9406-43599238DE0D}
                    ASUS USB Charger Plus-->MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
                    ASUS Video Magic-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
                    ASUS Video Magic-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
                    ASUS WebStorage Sync Agent-->C:\Program Files (x86)\ASUS\WebStorage Sync Agent\uninst.exe
                    ASUSDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
                    ASUSDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
                    ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
                    avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
                    Azteca-->"C:\Program Files (x86)\WildGames\Azteca\uninstall\uninstaller.exe"
                    Bejeweled 3-->"C:\Program Files (x86)\WildGames\Bejeweled 3\uninstall\uninstaller.exe"
                    Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
                    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
                    Cut the Rope-->"C:\Program Files (x86)\WildGames\Cut the Rope\uninstall\uninstaller.exe"
                    CyberLink MediaEspresso 6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall
                    CyberLink MediaEspresso 6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall
                    CyberLink PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
                    CyberLink PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
                    D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
                    Emsisoft Anti-Malware-->"C:\Program Files (x86)\Emsisoft Anti-Malware\unins000.exe"
                    FM Genie Scout 14 version 1.1 14.2.2-->"C:\FM Genie Scout 14\unins000.exe"
                    Football Manager 2014-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/231670
                    Fotogalerie-->MsiExec.exe /X{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}
                    Galerie de photos-->MsiExec.exe /X{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}
                    Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging
                    Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe" /uninstall
                    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
                    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
                    Google+ Auto Backup-->MsiExec.exe /X{A50DE037-B5C0-4C8A-8049-B0C576B313D1}
                    GrabIt 1.7.2 Beta 6 (build 1008)-->"C:\Program Files (x86)\GrabIt\unins000.exe"
                    HitmanPro 3.7-->"C:\Program Files\HitmanPro\HitmanPro.exe" /uninstall
                    Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
                    Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
                    Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
                    Intel® Trusted Connect Service Client-->MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
                    iTunes-->MsiExec.exe /I{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}
                    Junk Mail filter update-->MsiExec.exe /I{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}
                    LibreOffice 4.1.4.2-->MsiExec.exe /I{94E11973-ED58-47A0-907C-ABF6D95C5DD8}
                    Malwarebytes Anti-Malware versie 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
                    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
                    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
                    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
                    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
                    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
                    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
                    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
                    Movie Maker-->MsiExec.exe /X{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}
                    Movie Maker-->MsiExec.exe /X{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}
                    Movie Maker-->MsiExec.exe /X{45898170-E68C-4F02-AA35-C2186BF347A3}
                    Movie Maker-->MsiExec.exe /X{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}
                    Movie Maker-->MsiExec.exe /X{7693587D-5D66-4208-ABEA-C370217D1D9B}
                    Movie Maker-->MsiExec.exe /X{E169436E-49D8-419B-A5C0-D245EAF99611}
                    MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
                    MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
                    MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
                    MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
                    MyBitCast 2.0-->C:\Program Files (x86)\ASUS\MyBitCast\uninst.exe
                    NVIDIA Grafisch stuurprogramma 331.65-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{64194C28-FCDC-4EDA-8BE0-AE3742532259}\NVI2.DLL",UninstallPackage Display.Driver
                    NVIDIA HD Audio Driver 1.3.18.0-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{8240BCA0-F296-4880-9951-275662A9A4BF}\NVI2.DLL",UninstallPackage HDAudio.Driver
                    NVIDIA PhysX System Software 9.12.1031-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{8240BCA0-F296-4880-9951-275662A9A4BF}\NVI2.DLL",UninstallPackage Display.PhysX
                    NVIDIA PhysX-->MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
                    NVIDIA Update 1.15.2-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{64194C28-FCDC-4EDA-8BE0-AE3742532259}\NVI2.DLL",UninstallPackage Display.Update
                    Online Armor 7.0-->"C:\Program Files (x86)\Online Armor\unins000.exe"
                    Peggle-->"C:\Program Files (x86)\WildGames\Peggle\uninstall\uninstaller.exe"
                    Penguins!-->"C:\Program Files (x86)\WildGames\Penguins!\uninstall\uninstaller.exe"
                    Photo Common-->MsiExec.exe /X{147FBA18-A6BB-4AD5-8F0A-37380AAABD76}
                    Photo Common-->MsiExec.exe /X{49DC9658-D26A-4AAB-A83A-2655B8033056}
                    Photo Common-->MsiExec.exe /X{5C601EA8-D519-4010-8CD0-BD3B94A6DD58}
                    Photo Common-->MsiExec.exe /X{A52DB080-D445-49EB-90D2-03B9CD794511}
                    Photo Common-->MsiExec.exe /X{F875E135-31C5-4C4D-929F-D49E6332E7F1}
                    Photo Gallery-->MsiExec.exe /X{0F929651-F516-4956-90F2-FFBD2CD5D30E}
                    Photo Gallery-->MsiExec.exe /X{2020C08E-74F5-4E9F-BD2A-41F8CB6EBA10}
                    Photo Gallery-->MsiExec.exe /X{C0018D63-C33C-4515-9CE8-3BC8830F79A1}
                    Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
                    Qualcomm Atheros Bluetooth Suite (64)-->MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801}
                    Qualcomm Atheros Client Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -runfromtemp -l0x0409 -removeonly
                    Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -removeonly
                    QuickPar 0.9-->C:\Program Files (x86)\QuickPar\uninst.exe
                    Raccolta foto-->MsiExec.exe /X{FA6BC7A5-85B3-4DC2-825C-D508E386151A}
                    Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
                    Revo Uninstaller 1.95-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
                    Shared C Run-time for x64-->MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054}
                    Spotnet-->"C:\Program Files (x86)\Spotnet\unins000.exe"
                    Spotnet-->msiexec.exe /x {12878924-210B-4A0C-8CA6-6C697756BA32}
                    Spotnet-->MsiExec.exe /X{12878924-210B-4A0C-8CA6-6C697756BA32}
                    Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe"
                    Steam-->C:\Program Files (x86)\Steam\uninstall.exe
                    SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
                    Tales of Lagoona-->"C:\Program Files (x86)\WildGames\Tales of Lagoona\uninstall\uninstaller.exe"
                    Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
                    VLC media player 2.1.2-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
                    WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\asus\Uninstall.exe"
                    WildTangent Games-->"C:\Program Files (x86)\WildGames\Uninstall.exe"
                    Windows Driver Package - ASUS (ATP) Mouse (05/09/2013 1.0.0.173)-->C:\PROGRA~1\DIFX\754107~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\asustp.inf_amd64_e951cd1e8c1a4565\asustp.inf
                    Windows Live Communications Platform-->MsiExec.exe /I{03D562B5-C4E2-4846-A920-33178788BE00}
                    Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
                    Windows Live Essentials-->MsiExec.exe /I{23B93929-FAD4-40E5-96C6-0E977BB87204}
                    Windows Live Essentials-->MsiExec.exe /I{936D4074-6A57-45ED-AF5A-F7CF5A56DE6F}
                    Windows Live Essentials-->MsiExec.exe /I{AA806DB1-E882-4834-8102-B5F256BE9A2F}
                    Windows Live Essentials-->MsiExec.exe /I{EC5E0CAF-BC28-401C-B8BE-89C496D6D66F}
                    Windows Live Installer-->MsiExec.exe /I{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}
                    Windows Live Mail-->MsiExec.exe /I{8BC85D25-AF2D-40DA-BD04-016B64D384BF}
                    Windows Live Mail-->MsiExec.exe /I{BBFCB394-78EB-45D4-BAC6-809AB1DF5F83}
                    Windows Live Mail-->MsiExec.exe /I{D29B0575-C3DE-4746-A893-4FDF0F7D68B2}
                    Windows Live Mail-->MsiExec.exe /I{D604900F-A275-416C-AF9D-CDEDF58B72DB}
                    Windows Live Mail-->MsiExec.exe /I{E13497F0-4C28-47A0-B994-4D5E6D0F64A2}
                    Windows Live Mail-->MsiExec.exe /I{E3E8006D-3DD9-40DF-9171-1EDE1023E57C}
                    Windows Live MIME IFilter-->MsiExec.exe /I{5EEC477F-8E9B-4420-8829-16E7426227DB}
                    Windows Live Photo Common-->MsiExec.exe /X{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}
                    Windows Live PIMT Platform-->MsiExec.exe /I{E3445598-4424-4EE2-B71C-C23325F7FB71}
                    Windows Live SOXE Definitions-->MsiExec.exe /I{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}
                    Windows Live SOXE-->MsiExec.exe /I{6B6923B9-8719-425B-916C-CD2908F31AAF}
                    Windows Live UX Platform Language Pack-->MsiExec.exe /I{10640F6D-6AB0-401E-9FC6-A94D19C580BC}
                    Windows Live UX Platform Language Pack-->MsiExec.exe /I{119A44B5-6237-4D56-8424-5DAE70ED3F4E}
                    Windows Live UX Platform Language Pack-->MsiExec.exe /I{6BA68C11-0B63-4192-B880-0B5E3F7949F9}
                    Windows Live UX Platform Language Pack-->MsiExec.exe /I{BDDC2D1F-092F-476F-A7D7-819AA5F434DF}
                    Windows Live UX Platform Language Pack-->MsiExec.exe /I{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}
                    Windows Live UX Platform-->MsiExec.exe /I{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}
                    Windows Live Writer Resources-->MsiExec.exe /X{22C58DA3-FA02-4DD3-8C5B-23570411E95B}
                    Windows Live Writer Resources-->MsiExec.exe /X{3BD8FD6A-D36D-45D9-BB5C-CD39404C222F}
                    Windows Live Writer Resources-->MsiExec.exe /X{78DF4802-2B2B-4333-99AF-363C2F93D476}
                    Windows Live Writer Resources-->MsiExec.exe /X{F1A79BDD-A47F-441B-954D-EE045C379EBB}
                    Windows Live Writer Resources-->MsiExec.exe /X{FFCF82EC-895F-4AC8-925E-3412FE25EF62}
                    Windows Live Writer-->MsiExec.exe /X{EFBCA571-617D-484A-9ECA-E301BB6D0750}
                    Windows Live-->MsiExec.exe /I{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}
                    WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
                    WinRAR 5.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
                    Wise Care 365 2.93-->"C:\Program Files (x86)\Wise\Wise Care 365\unins000.exe"

                    ======Hosts File======

                    127.0.0.1 www.007guard.com
                    127.0.0.1 007guard.com
                    127.0.0.1 008i.com
                    127.0.0.1 www.008k.com
                    127.0.0.1 008k.com
                    127.0.0.1 www.00hq.com
                    127.0.0.1 00hq.com
                    127.0.0.1 010402.com
                    127.0.0.1 www.032439.com
                    127.0.0.1 032439.com

                    ======System event log======

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 7040
                    Message: Het opstarttype van de service Windows Search is gewijzigd van disabled in auto start.
                    Record Number: 1147
                    Source Name: Service Control Manager
                    Time Written: 20130907214531.412422-000
                    Event Type: Informatie
                    User: LAPTOP\Administrator

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 7040
                    Message: Het opstarttype van de service Windows Search is gewijzigd van auto start in disabled.
                    Record Number: 1146
                    Source Name: Service Control Manager
                    Time Written: 20130907214530.349760-000
                    Event Type: Informatie
                    User: LAPTOP\Administrator

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 104
                    Message: Logboekbestand Setup is gewist.
                    Record Number: 1145
                    Source Name: Microsoft-Windows-Eventlog
                    Time Written: 20130907214524.349140-000
                    Event Type: Informatie
                    User: LAPTOP\Administrator

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 104
                    Message: Logboekbestand Application is gewist.
                    Record Number: 1144
                    Source Name: Microsoft-Windows-Eventlog
                    Time Written: 20130907214524.224093-000
                    Event Type: Informatie
                    User: LAPTOP\Administrator

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 104
                    Message: Logboekbestand System is gewist.
                    Record Number: 1143
                    Source Name: Microsoft-Windows-Eventlog
                    Time Written: 20130907214524.161590-000
                    Event Type: Informatie
                    User: LAPTOP\Administrator

                    =====Application event log=====

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 5001
                    Message:
                    Record Number: 808
                    Source Name: AVLogEvent
                    Time Written: 20130907214533.000000-000
                    Event Type: Informatie
                    User: NT AUTHORITY\SYSTEM

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 6000
                    Message: De kennisgevingssubscriber van winlogon <SessionEnv> was niet beschikbaar om een kennisgevingsgebeurtenis te verwerken.
                    Record Number: 807
                    Source Name: Microsoft-Windows-Winlogon
                    Time Written: 20130907214533.000000-000
                    Event Type: Informatie
                    User:

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 1003
                    Message: De Windows Search-service is gestart.

                    Record Number: 806
                    Source Name: Microsoft-Windows-Search
                    Time Written: 20130907214531.000000-000
                    Event Type: Informatie
                    User:

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 1013
                    Message: De Windows Search-service is normaal gestopt.

                    Record Number: 805
                    Source Name: Microsoft-Windows-Search
                    Time Written: 20130907214530.000000-000
                    Event Type: Informatie
                    User:

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 103
                    Message: SearchIndexer (3892) Windows: De database-engine heeft de sessie (0) stopgezet.

                    Dirty Shutdown: 0

                    Internal Timing Sequence: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.031, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.016, [10] 0.016, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.
                    Record Number: 804
                    Source Name: ESENT
                    Time Written: 20130907214530.000000-000
                    Event Type: Informatie
                    User:

                    =====Security event log=====

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 4672
                    Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

                    Onderwerp:
                    Beveiligings-id: S-1-5-18
                    Accountnaam: SYSTEM
                    Accountdomein: NT AUTHORITY
                    Aanmeldings-id: 0x3E7

                    Bevoegdheden: SeAssignPrimaryTokenPrivilege
                    SeTcbPrivilege
                    SeSecurityPrivilege
                    SeTakeOwnershipPrivilege
                    SeLoadDriverPrivilege
                    SeBackupPrivilege
                    SeRestorePrivilege
                    SeDebugPrivilege
                    SeAuditPrivilege
                    SeSystemEnvironmentPrivilege
                    SeImpersonatePrivilege
                    Record Number: 1289
                    Source Name: Microsoft-Windows-Security-Auditing
                    Time Written: 20130907214525.661797-000
                    Event Type: Controle geslaagd
                    User:

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 4624
                    Message: Er is een account aangemeld.

                    Onderwerp:
                    Beveiligings-id: S-1-5-18
                    Accountnaam: WIN-9GR24T8H04V$
                    Accountdomein: WORKGROUP
                    Aanmeldings-id: 0x3E7

                    Aanmeldingstype: 5

                    Imitatieniveau: Imitatie

                    Nieuwe aanmelding:
                    Beveiligings-id: S-1-5-18
                    Accountnaam: SYSTEM
                    Accountdomein: NT AUTHORITY
                    Aanmeldings-id: 0x3E7
                    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

                    Procesgegevens:
                    Proces-id: 0x304
                    Naam proces: C:\Windows\System32\services.exe

                    Netwerkgegevens:
                    Naam van werkstation:
                    Netwerkadres van bron: -
                    Poort van bron: -

                    Gedetailleerde verificatiegegevens:
                    Aanmeldingsproces: Advapi
                    Verificatiepakket: Negotiate
                    Doorgezette services: -
                    Pakketnaam (alleen NTLM): -
                    Sleutellengte: 0

                    Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

                    De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

                    In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

                    Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

                    In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

                    De velden met authenticatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
                    - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
                    - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
                    - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
                    - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
                    Record Number: 1288
                    Source Name: Microsoft-Windows-Security-Auditing
                    Time Written: 20130907214525.661797-000
                    Event Type: Controle geslaagd
                    User:

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 4672
                    Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

                    Onderwerp:
                    Beveiligings-id: S-1-5-18
                    Accountnaam: SYSTEM
                    Accountdomein: NT AUTHORITY
                    Aanmeldings-id: 0x3E7

                    Bevoegdheden: SeAssignPrimaryTokenPrivilege
                    SeTcbPrivilege
                    SeSecurityPrivilege
                    SeTakeOwnershipPrivilege
                    SeLoadDriverPrivilege
                    SeBackupPrivilege
                    SeRestorePrivilege
                    SeDebugPrivilege
                    SeAuditPrivilege
                    SeSystemEnvironmentPrivilege
                    SeImpersonatePrivilege
                    Record Number: 1287
                    Source Name: Microsoft-Windows-Security-Auditing
                    Time Written: 20130907214525.552321-000
                    Event Type: Controle geslaagd
                    User:

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 4624
                    Message: Er is een account aangemeld.

                    Onderwerp:
                    Beveiligings-id: S-1-5-18
                    Accountnaam: WIN-9GR24T8H04V$
                    Accountdomein: WORKGROUP
                    Aanmeldings-id: 0x3E7

                    Aanmeldingstype: 5

                    Imitatieniveau: Imitatie

                    Nieuwe aanmelding:
                    Beveiligings-id: S-1-5-18
                    Accountnaam: SYSTEM
                    Accountdomein: NT AUTHORITY
                    Aanmeldings-id: 0x3E7
                    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

                    Procesgegevens:
                    Proces-id: 0x304
                    Naam proces: C:\Windows\System32\services.exe

                    Netwerkgegevens:
                    Naam van werkstation:
                    Netwerkadres van bron: -
                    Poort van bron: -

                    Gedetailleerde verificatiegegevens:
                    Aanmeldingsproces: Advapi
                    Verificatiepakket: Negotiate
                    Doorgezette services: -
                    Pakketnaam (alleen NTLM): -
                    Sleutellengte: 0

                    Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

                    De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

                    In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

                    Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

                    In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

                    De velden met authenticatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
                    - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
                    - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
                    - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
                    - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
                    Record Number: 1286
                    Source Name: Microsoft-Windows-Security-Auditing
                    Time Written: 20130907214525.552321-000
                    Event Type: Controle geslaagd
                    User:

                    Computer Name: WIN-9GR24T8H04V
                    Event Code: 1102
                    Message: Het controlelogboek is gewist.
                    Onderwerp:
                    Beveiligings-id: S-1-5-21-3648717069-1626886867-2420045690-500
                    Accountnaam: Administrator
                    Domeinnaam: WIN-9GR24T8H04V
                    Aanmeldings-id: 0x25A86
                    Record Number: 1285
                    Source Name: Microsoft-Windows-Eventlog
                    Time Written: 20130907214524.317848-000
                    Event Type: Controle geslaagd
                    User:

                    ======Environment variables======

                    "FP_NO_HOST_CHECK"=NO
                    "USERNAME"=SYSTEM
                    "ComSpec"=%SystemRoot%\system32\cmd.exe
                    "TMP"=%SystemRoot%\TEMP
                    "OS"=Windows_NT
                    "windir"=%SystemRoot%
                    "PROCESSOR_ARCHITECTURE"=AMD64
                    "TEMP"=%SystemRoot%\TEMP
                    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
                    "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
                    "NUMBER_OF_PROCESSORS"=8
                    "PROCESSOR_LEVEL"=6
                    "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
                    "PROCESSOR_REVISION"=3a09
                    "Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsP owerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
                    "configsetroot"=%SystemRoot%\ConfigSetRoot
                    "asl.log"=Destination=file

                    -----------------EOF-----------------

                    Comment


                    • #11
                      Results of screen317's Security Check version 0.99.79
                      x64 (UAC is enabled)
                      Internet Explorer 11
                      ``````````````Antivirus/Firewall Check:``````````````
                      Windows Firewall Disabled!
                      Windows Defender
                      avast! Antivirus
                      Antivirus up to date!
                      `````````Anti-malware/Other Utilities Check:`````````
                      MVPS Hosts File
                      Spybot - Search & Destroy
                      Google Chrome 32.0.1700.76
                      ````````Process Check: objlist.exe by Laurent````````
                      Spybot Teatimer.exe is disabled!
                      Tall Emu Online Armor OAcat.exe
                      Tall Emu Online Armor oasrv.exe
                      Tall Emu Online Armor oaui.exe
                      Tall Emu Online Armor OAhlp.exe
                      Emsisoft Anti-Malware a2service.exe
                      AVAST Software Avast AvastSvc.exe
                      AVAST Software Avast AvastUI.exe
                      `````````````````System Health check`````````````````
                      Total Fragmentation on Drive C: %
                      ````````````````````End of Log``````````````````````

                      Comment


                      • #12
                        Gelijk een opmerking. Mijn Chrome alsmede IE browser werken erg langzaam bij vlagen. Blijven hangen en openen geen pagina's

                        Comment


                        • #13
                          Mag ik de log van RSIT want dit was de info.txt
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            Logfile of random's system information tool 1.09 (written by random/random)
                            Run by VERMT at 2014-01-28 11:42:43
                            Microsoft Windows 8.1
                            System drive C: has 146 GB (51%) free of 285 GB
                            Total RAM: 6030 MB (67% free)

                            Logfile of Trend Micro HijackThis v2.0.4
                            Scan saved at 11:43:04, on 28-1-2014
                            Platform: Unknown Windows (WinNT 6.02.1008)
                            MSIE: Internet Explorer v11.0 (11.00.9600.16384)
                            Boot mode: Normal

                            Running processes:
                            C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
                            C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
                            C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
                            C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
                            C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
                            C:\Program Files (x86)\Online Armor\oaui.exe
                            C:\Program Files (x86)\Online Armor\OAhlp.exe
                            C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
                            C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
                            C:\Program Files\AVAST Software\Avast\AvastUI.exe
                            C:\Program Files (x86)\iTunes\iTunesHelper.exe
                            C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
                            C:\Program Files\trend micro\VERMT.exe

                            R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
                            R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                            R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vi.nl/
                            R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
                            R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
                            R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
                            R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
                            R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
                            F2 - REG:system.ini: UserInit=userinit.exe,
                            O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
                            O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
                            O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                            O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                            O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
                            O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
                            O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                            O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
                            O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
                            O4 - HKLM\..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
                            O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
                            O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
                            O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
                            O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
                            O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
                            O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
                            O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
                            O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
                            O4 - HKUS\S-1-5-21-3648717069-1626886867-2420045690-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
                            O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
                            O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
                            O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
                            O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
                            O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
                            O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
                            O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
                            O23 - Service: Emsisoft Anti-Malware 8.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
                            O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
                            O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                            O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
                            O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
                            O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
                            O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
                            O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
                            O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
                            O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
                            O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
                            O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
                            O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
                            O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
                            O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
                            O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
                            O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
                            O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
                            O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
                            O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
                            O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
                            O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
                            O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
                            O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                            O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
                            O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
                            O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
                            O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
                            O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files (x86)\Online Armor\OAcat.exe
                            O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
                            O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
                            O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
                            O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
                            O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
                            O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
                            O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
                            O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
                            O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
                            O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
                            O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files (x86)\Online Armor\oasrv.exe
                            O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
                            O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                            O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
                            O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
                            O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
                            O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
                            O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
                            O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
                            O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
                            O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
                            O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
                            O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

                            --
                            End of file - 12050 bytes

                            ======Listing Processes======

                            wininit.exe
                            winlogon.exe
                            C:\WINDOWS\system32\lsass.exe
                            C:\WINDOWS\system32\svchost.exe -k DcomLaunch
                            C:\WINDOWS\system32\svchost.exe -k RPCSS
                            "C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe"
                            "dwm.exe"
                            "C:\WINDOWS\system32\nvvsvc.exe"
                            C:\WINDOWS\system32\nvvsvc.exe -session -first
                            C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
                            C:\WINDOWS\system32\svchost.exe -k netsvcs
                            C:\WINDOWS\system32\svchost.exe -k LocalService
                            "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
                            C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
                            C:\WINDOWS\system32\svchost.exe -k NetworkService
                            "C:\Program Files (x86)\Online Armor\OAcat.exe"
                            "C:\Program Files (x86)\Online Armor\oasrv.exe"
                            C:\WINDOWS\Explorer.EXE
                            C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
                            "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
                            "C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
                            "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
                            "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
                            KBFiltr.exe
                            C:\WINDOWS\System32\spoolsv.exe
                            C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
                            C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
                            taskhostex.exe
                            "C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
                            "C:\Program Files\ASUS\P4G\BatteryLife.exe"
                            "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
                            "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
                            "C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
                            "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
                            "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
                            taskeng.exe {353CBA4E-C17A-474D-875A-99D87933AD15}
                            "C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
                            "C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
                            "C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
                            "C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
                            "C:\Program Files\Bonjour\mDNSResponder.exe"
                            dashost.exe {23cdd0e3-e3d2-4c8e-a57d916ccff5fd5e}
                            "C:\Program Files\Intel\iCLS Client\HeciServer.exe"
                            "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
                            "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
                            "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
                            C:\WINDOWS\system32\svchost.exe -k imgsvc
                            "C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
                            "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
                            C:\WINDOWS\system32\wbem\wmiprvse.exe
                            C:\WINDOWS\system32\wbem\wmiprvse.exe
                            "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
                            C:\WINDOWS\system32\SearchIndexer.exe /Embedding
                            C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
                            C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
                            "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
                            "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
                            "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
                            "C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
                            "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
                            "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
                            "C:\Windows\System32\igfxtray.exe"
                            "C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
                            "C:\Windows\System32\hkcmd.exe"
                            "C:\Windows\System32\igfxpers.exe"
                            "C:\Program Files (x86)\Online Armor\oaui.exe"
                            "C:\Program Files (x86)\Online Armor\OAhlp.exe"
                            "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
                            "C:\WINDOWS\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S1].txt
                            "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                            C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
                            "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
                            "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
                            "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
                            "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
                            "C:\Program Files\iPod\bin\iPodService.exe"
                            "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
                            "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5696.0.1495567355\423196488" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,5,13,23 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --ignored=" --type=renderer " /prefetch:822062411
                            "C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
                            "C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
                            "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group1 pct:10a stablep1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5696.1.2126988338\1431884349" /prefetch:673131151
                            "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group1 pct:10a stablep1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5696.2.665281963\867751604" /prefetch:673131151
                            "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group1 pct:10a stablep1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5696.3.1585485733\1852891540" /prefetch:673131151
                            "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
                            "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group1 pct:10a stablep1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5696.5.1367471265\1232577802" /prefetch:673131151
                            "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
                            "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
                            "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
                            "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
                            C:\WINDOWS\servicing\TrustedInstaller.exe
                            C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16470_none_fa2491fd9b3cfcb2\TiWorker.exe -Embedding
                            "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
                            "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
                            "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
                            "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
                            "C:\Users\VERMT\Downloads\RSITx64.exe"
                            "C:\Program Files\Windows Media Player\wmpnetwk.exe"
                            C:\WINDOWS\System32\svchost.exe -k WerSvcGroup

                            ======Scheduled tasks folder======

                            C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
                            C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
                            C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
                            C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
                            C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
                            C:\WINDOWS\tasks\Wise Care 365.job
                            C:\WINDOWS\tasks\Wise Turbo Checker.job

                            ======Registry dump======

                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
                            CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25 66688]

                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
                            avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-16 1372864]

                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
                            Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-01-16 256080]

                            [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
                            Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

                            [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
                            avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-16 1138536]

                            [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
                            Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-01-16 194128]

                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
                            {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-01-16 256080]
                            {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-16 1372864]

                            [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
                            {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-01-16 194128]
                            {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-16 1138536]

                            [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
                            "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-07-09 13632216]
                            "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-07-04 1321688]
                            "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]
                            "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]
                            "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
                            "@OnlineArmor GUI"=C:\Program Files (x86)\Online Armor\oaui.exe [2013-10-11 7558464]

                            [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
                            "BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

                            [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
                            "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2014-01-16 39408]
                            "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-01-06 6563608]

                            [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
                            "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
                            "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
                            "ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-04-26 3187360]
                            "ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]
                            "ASUS InstantKey"=C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [2013-06-04 13936]
                            "RemoteControl10"=C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2012-07-13 93296]
                            "UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2013-02-05 222504]
                            "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-16 3764024]
                            "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-01-20 152392]
                            "SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2013-07-25 5624784]

                            [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
                            "BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
                            "AppInit_DLLs"="C:\Windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"

                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
                            C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]

                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
                            WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

                            [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
                            "SecurityProviders"=credssp.dll

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SystemEventsBroker]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

                            Comment


                            • #15
                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

                              [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
                              "ConsentPromptBehaviorAdmin"=5
                              "EnableUIADesktopToggle"=0
                              "EnableCursorSuppression"=1
                              "ConsentPromptBehaviorUser"=3
                              "dontdisplaylastusername"=0
                              "legalnoticecaption"=
                              "legalnoticetext"=
                              "shutdownwithoutlogon"=1
                              "undockwithoutlogon"=1
                              "DisableCAD"=1

                              [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
                              "NoDriveTypeAutoRun"=221

                              [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
                              "ForceActiveDesktopOn"=0
                              "NoActiveDesktopChanges"=1
                              "NoActiveDesktop"=1

                              [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
                              "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
                              "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
                              "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
                              "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

                              [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]

                              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
                              "msacm.l3acm"=C:\Windows\System32\l3codeca.acm
                              "VIDC.YUY2"=msyuv.dll
                              "vidc.i420"=iyuv_32.dll
                              "msacm.msgsm610"=msgsm32.acm
                              "msacm.msg711"=msg711.acm
                              "VIDC.YVYU"=msyuv.dll
                              "VIDC.YVU9"=tsbyuv.dll
                              "wavemapper"=msacm32.drv
                              "midimapper"=midimap.dll
                              "VIDC.UYVY"=msyuv.dll
                              "VIDC.IYUV"=iyuv_32.dll
                              "vidc.mrle"=msrle32.dll
                              "msacm.imaadpcm"=imaadp32.acm
                              "msacm.msadpcm"=msadp32.acm
                              "vidc.msvc"=msvidc32.dll
                              "wave"=wdmaud.drv
                              "midi"=wdmaud.drv
                              "mixer"=wdmaud.drv
                              "aux"=wdmaud.drv
                              "wave1"=wdmaud.drv
                              "midi1"=wdmaud.drv
                              "mixer1"=wdmaud.drv
                              "aux1"=wdmaud.drv
                              "MSVideo8"=VfWWDM32.dll
                              "wave2"=wdmaud.drv
                              "midi2"=wdmaud.drv
                              "mixer2"=wdmaud.drv
                              "wave3"=wdmaud.drv
                              "mixer3"=wdmaud.drv
                              "midi3"=wdmaud.drv
                              "wave4"=wdmaud.drv
                              "midi4"=wdmaud.drv
                              "mixer4"=wdmaud.drv

                              ======File associations======

                              .js - edit - C:\Windows\System32\Notepad.exe %1
                              .js - open - C:\Windows\System32\WScript.exe "%1" %*

                              ======List of files/folders created in the last 1 month======

                              2014-01-28 11:42:43 ----D---- C:\rsit
                              2014-01-28 11:42:43 ----D---- C:\Program Files\trend micro
                              2014-01-28 09:58:41 ----D---- C:\WINDOWS\Minidump
                              2014-01-27 22:55:37 ----D---- C:\Users\VERMT\AppData\Roaming\SUPERAntiSpyware.com
                              2014-01-27 22:54:44 ----D---- C:\ProgramData\SUPERAntiSpyware.com
                              2014-01-27 22:54:44 ----D---- C:\Program Files\SUPERAntiSpyware
                              2014-01-27 21:14:39 ----D---- C:\Program Files\HitmanPro
                              2014-01-27 21:14:15 ----D---- C:\ProgramData\HitmanPro
                              2014-01-27 20:54:09 ----D---- C:\AdwCleaner
                              2014-01-27 20:51:28 ----A---- C:\WINDOWS\system32\sdnclean64.exe
                              2014-01-27 20:51:27 ----D---- C:\ProgramData\Spybot - Search & Destroy
                              2014-01-27 20:51:24 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
                              2014-01-27 20:46:54 ----A---- C:\WINDOWS\ntbtlog.txt
                              2014-01-27 20:07:32 ----D---- C:\Users\VERMT\AppData\Roaming\DAEMON Tools Lite
                              2014-01-27 20:06:53 ----D---- C:\ProgramData\DAEMON Tools Lite
                              2014-01-27 20:06:18 ----D---- C:\Users\VERMT\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
                              2014-01-27 00:29:02 ----D---- C:\Users\VERMT\AppData\Roaming\vlc
                              2014-01-27 00:17:53 ----D---- C:\Program Files (x86)\VideoLAN
                              2014-01-27 00:14:55 ----D---- C:\Users\VERMT\AppData\Roaming\MPC-HC
                              2014-01-27 00:10:54 ----A---- C:\WINDOWS\SYSWOW64\unrar.dll
                              2014-01-26 22:29:35 ----D---- C:\ProgramData\Spotnet
                              2014-01-26 22:29:35 ----D---- C:\Program Files (x86)\Spotnet
                              2014-01-26 16:18:04 ----D---- C:\Program Files (x86)\QuickPar
                              2014-01-26 15:13:15 ----D---- C:\Users\VERMT\AppData\Roaming\LibreOffice
                              2014-01-26 15:10:00 ----D---- C:\Program Files (x86)\LibreOffice 4
                              2014-01-26 11:59:40 ----D---- C:\Program Files (x86)\VS Revo Group
                              2014-01-26 11:53:06 ----D---- C:\ProgramData\Microsoft Help
                              2014-01-26 11:43:24 ----D---- C:\Users\VERMT\AppData\Roaming\Apple Computer
                              2014-01-26 11:42:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
                              2014-01-26 11:42:34 ----A---- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
                              2014-01-26 11:41:40 ----D---- C:\Program Files\iPod
                              2014-01-26 11:41:39 ----D---- C:\ProgramData\Apple Computer
                              2014-01-26 11:41:39 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
                              2014-01-26 11:41:39 ----D---- C:\Program Files\iTunes
                              2014-01-26 11:41:39 ----D---- C:\Program Files (x86)\iTunes
                              2014-01-26 11:40:14 ----D---- C:\Program Files (x86)\Apple Software Update
                              2014-01-26 11:40:03 ----D---- C:\Program Files\Common Files\Apple
                              2014-01-26 11:39:45 ----D---- C:\Program Files\Bonjour
                              2014-01-26 11:39:45 ----D---- C:\Program Files (x86)\Bonjour
                              2014-01-26 11:39:26 ----D---- C:\ProgramData\Apple
                              2014-01-26 10:27:16 ----D---- C:\Users\VERMT\AppData\Roaming\WinRAR
                              2014-01-26 10:26:45 ----D---- C:\Program Files\WinRAR
                              2014-01-26 00:03:41 ----RD---- C:\WINDOWS\BrowserChoice
                              2014-01-22 17:09:00 ----D---- C:\Program Files\Microsoft Silverlight
                              2014-01-22 17:09:00 ----D---- C:\Program Files (x86)\Microsoft Silverlight
                              2014-01-21 16:01:30 ----D---- C:\Program Files\Common Files\Atheros
                              2014-01-21 15:58:49 ----A---- C:\WINDOWS\system32\shell32.dll
                              2014-01-21 15:58:48 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
                              2014-01-21 15:58:48 ----A---- C:\WINDOWS\system32\SyncEngine.dll
                              2014-01-21 15:58:48 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
                              2014-01-21 15:58:47 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
                              2014-01-21 15:58:45 ----A---- C:\WINDOWS\system32\combase.dll
                              2014-01-21 15:58:44 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
                              2014-01-21 15:58:43 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
                              2014-01-21 15:58:43 ----A---- C:\WINDOWS\system32\mfcore.dll
                              2014-01-21 15:58:43 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
                              2014-01-21 15:58:42 ----A---- C:\WINDOWS\system32\authui.dll
                              2014-01-21 15:58:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
                              2014-01-21 15:58:41 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
                              2014-01-21 15:58:41 ----A---- C:\WINDOWS\system32\wlansvc.dll
                              2014-01-21 15:58:41 ----A---- C:\WINDOWS\system32\winmde.dll
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\system32\wmpmde.dll
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\system32\win32k.sys
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\system32\ubpm.dll
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\system32\bisrv.dll
                              2014-01-21 15:58:40 ----A---- C:\WINDOWS\system32\audiosrv.dll
                              2014-01-21 15:58:39 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\system32\psmsrv.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\system32\ploptin.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\system32\oleaut32.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\system32\mfds.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\system32\lsasrv.dll
                              2014-01-21 15:58:39 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys
                              2014-01-21 15:58:38 ----AC---- C:\WINDOWS\system32\drivers\BtaMPM.sys
                              2014-01-21 15:58:38 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
                              2014-01-21 15:58:38 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
                              2014-01-21 15:58:38 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
                              2014-01-21 15:58:38 ----A---- C:\WINDOWS\SYSWOW64\msieftp.dll
                              2014-01-21 15:58:38 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
                              2014-01-21 15:58:38 ----A---- C:\WINDOWS\system32\rastls.dll
                              2014-01-21 15:58:38 ----A---- C:\WINDOWS\system32\msieftp.dll
                              2014-01-21 15:58:38 ----A---- C:\WINDOWS\system32\mispace.dll
                              2014-01-21 15:58:38 ----A---- C:\WINDOWS\system32\bi.dll
                              2014-01-21 15:58:37 ----A---- C:\WINDOWS\system32\deviceregistration.dll
                              2014-01-21 15:58:25 ----A---- C:\WINDOWS\system32\winbici.dll
                              2014-01-19 09:58:44 ----D---- C:\Users\VERMT\AppData\Roaming\GrabIt
                              2014-01-19 09:55:28 ----D---- C:\Program Files (x86)\GrabIt
                              2014-01-19 09:52:22 ----D---- C:\NZB
                              2014-01-18 23:36:30 ----D---- C:\FM Genie Scout 14
                              2014-01-18 10:18:09 ----D---- C:\Users\VERMT\AppData\Roaming\Wise Care 365
                              2014-01-18 10:17:48 ----D---- C:\Program Files (x86)\Wise
                              2014-01-18 10:14:30 ----D---- C:\Users\VERMT\AppData\Roaming\Spotnet
                              2014-01-16 22:37:01 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_7.dll
                              2014-01-16 22:37:01 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
                              2014-01-16 22:37:00 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
                              2014-01-16 22:37:00 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_43.dll
                              2014-01-16 22:37:00 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
                              2014-01-16 22:37:00 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
                              2014-01-16 22:36:59 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
                              2014-01-16 22:36:59 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
                              2014-01-16 22:36:58 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_6.dll
                              2014-01-16 22:36:58 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_4.dll
                              2014-01-16 22:36:58 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
                              2014-01-16 22:36:58 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
                              2014-01-16 22:36:57 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_6.dll
                              2014-01-16 22:36:57 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_7.dll
                              2014-01-16 22:36:57 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
                              2014-01-16 22:36:57 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
                              2014-01-16 22:36:56 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_5.dll
                              2014-01-16 22:36:56 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
                              2014-01-16 22:36:55 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_5.dll
                              2014-01-16 22:36:55 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_42.dll
                              2014-01-16 22:36:55 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
                              2014-01-16 22:36:55 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
                              2014-01-16 22:36:54 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_42.dll
                              2014-01-16 22:36:54 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
                              2014-01-16 22:36:53 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_42.dll
                              2014-01-16 22:36:53 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
                              2014-01-16 22:36:52 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_42.dll
                              2014-01-16 22:36:52 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
                              2014-01-16 22:36:52 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
                              2014-01-16 22:36:52 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
                              2014-01-16 22:36:51 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_41.dll
                              2014-01-16 22:36:51 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
                              2014-01-16 22:36:50 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_4.dll
                              2014-01-16 22:36:50 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_3.dll
                              2014-01-16 22:36:50 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_4.dll
                              2014-01-16 22:36:50 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
                              2014-01-16 22:36:50 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
                              2014-01-16 22:36:50 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
                              2014-01-16 22:36:49 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_6.dll
                              2014-01-16 22:36:49 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_40.dll
                              2014-01-16 22:36:49 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_40.dll
                              2014-01-16 22:36:49 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
                              2014-01-16 22:36:49 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
                              2014-01-16 22:36:49 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
                              2014-01-16 22:36:48 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_40.dll
                              2014-01-16 22:36:48 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
                              2014-01-16 22:36:47 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_3.dll
                              2014-01-16 22:36:47 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_2.dll
                              2014-01-16 22:36:47 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
                              2014-01-16 22:36:47 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
                              2014-01-16 22:36:46 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_3.dll
                              2014-01-16 22:36:46 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_5.dll
                              2014-01-16 22:36:46 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
                              2014-01-16 22:36:46 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
                              2014-01-16 22:36:45 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_2.dll
                              2014-01-16 22:36:45 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_1.dll
                              2014-01-16 22:36:45 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
                              2014-01-16 22:36:45 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
                              2014-01-16 22:36:44 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_2.dll
                              2014-01-16 22:36:44 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_39.dll
                              2014-01-16 22:36:44 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_39.dll
                              2014-01-16 22:36:44 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_39.dll
                              2014-01-16 22:36:44 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
                              2014-01-16 22:36:44 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
                              2014-01-16 22:36:44 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
                              2014-01-16 22:36:44 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
                              2014-01-16 22:36:43 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_1.dll
                              2014-01-16 22:36:43 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_0.dll
                              2014-01-16 22:36:43 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
                              2014-01-16 22:36:43 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
                              2014-01-16 22:36:42 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_1.dll
                              2014-01-16 22:36:42 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_4.dll
                              2014-01-16 22:36:42 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
                              2014-01-16 22:36:42 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
                              2014-01-16 22:36:41 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_38.dll
                              2014-01-16 22:36:41 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_38.dll
                              2014-01-16 22:36:41 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
                              2014-01-16 22:36:41 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
                              2014-01-16 22:36:28 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_38.dll
                              2014-01-16 22:36:28 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
                              2014-01-16 22:36:27 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_0.dll
                              2014-01-16 22:36:27 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
                              2014-01-16 22:36:26 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_0.dll
                              2014-01-16 22:36:26 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_3.dll
                              2014-01-16 22:36:26 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_37.dll
                              2014-01-16 22:36:26 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
                              2014-01-16 22:36:26 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
                              2014-01-16 22:36:26 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
                              2014-01-16 22:36:25 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_37.dll
                              2014-01-16 22:36:25 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_37.dll
                              2014-01-16 22:36:25 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
                              2014-01-16 22:36:25 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
                              2014-01-16 22:36:24 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_10.dll
                              2014-01-16 22:36:24 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
                              2014-01-16 22:36:23 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_36.dll
                              2014-01-16 22:36:23 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_36.dll
                              2014-01-16 22:36:23 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_36.dll
                              2014-01-16 22:36:23 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
                              2014-01-16 22:36:23 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
                              2014-01-16 22:36:23 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
                              2014-01-16 22:36:22 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_9.dll
                              2014-01-16 22:36:22 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
                              2014-01-16 22:36:21 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_35.dll
                              2014-01-16 22:36:21 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_35.dll
                              2014-01-16 22:36:21 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_35.dll
                              2014-01-16 22:36:21 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
                              2014-01-16 22:36:21 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
                              2014-01-16 22:36:21 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
                              2014-01-16 22:36:19 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_8.dll
                              2014-01-16 22:36:19 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_2.dll
                              2014-01-16 22:36:19 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_34.dll
                              2014-01-16 22:36:19 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_34.dll
                              2014-01-16 22:36:19 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
                              2014-01-16 22:36:19 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
                              2014-01-16 22:36:19 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
                              2014-01-16 22:36:19 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
                              2014-01-16 22:36:18 ----A---- C:\WINDOWS\SYSWOW64\xinput1_3.dll
                              2014-01-16 22:36:18 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_34.dll
                              2014-01-16 22:36:18 ----A---- C:\WINDOWS\system32\xinput1_3.dll
                              2014-01-16 22:36:18 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
                              2014-01-16 22:36:17 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_7.dll
                              2014-01-16 22:36:17 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_33.dll
                              2014-01-16 22:36:17 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_33.dll
                              2014-01-16 22:36:17 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
                              2014-01-16 22:36:17 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
                              2014-01-16 22:36:17 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
                              2014-01-16 22:36:16 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_33.dll
                              2014-01-16 22:36:16 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
                              2014-01-16 22:36:15 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_6.dll
                              2014-01-16 22:36:15 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
                              2014-01-16 22:36:14 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_5.dll
                              2014-01-16 22:36:14 ----A---- C:\WINDOWS\SYSWOW64\d3dx10.dll
                              2014-01-16 22:36:14 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
                              2014-01-16 22:36:14 ----A---- C:\WINDOWS\system32\d3dx10.dll
                              2014-01-16 22:36:12 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_4.dll
                              2014-01-16 22:36:12 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_1.dll
                              2014-01-16 22:36:12 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_31.dll
                              2014-01-16 22:36:12 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
                              2014-01-16 22:36:12 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
                              2014-01-16 22:36:12 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
                              2014-01-16 22:36:11 ----A---- C:\WINDOWS\SYSWOW64\xinput1_2.dll
                              2014-01-16 22:36:11 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_3.dll
                              2014-01-16 22:36:11 ----A---- C:\WINDOWS\system32\xinput1_2.dll
                              2014-01-16 22:36:11 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
                              2014-01-16 22:36:10 ----A---- C:\WINDOWS\SYSWOW64\xinput1_1.dll
                              2014-01-16 22:36:10 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_2.dll
                              2014-01-16 22:36:10 ----A---- C:\WINDOWS\system32\xinput1_1.dll
                              2014-01-16 22:36:10 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
                              2014-01-16 22:36:09 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_1.dll
                              2014-01-16 22:36:09 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
                              2014-01-16 22:36:02 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_30.dll
                              2014-01-16 22:36:02 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
                              2014-01-16 22:36:01 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_0.dll
                              2014-01-16 22:36:01 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_0.dll
                              2014-01-16 22:36:01 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
                              2014-01-16 22:36:01 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
                              2014-01-16 22:36:00 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_29.dll
                              2014-01-16 22:36:00 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_28.dll
                              2014-01-16 22:36:00 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
                              2014-01-16 22:36:00 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
                              2014-01-16 22:35:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_27.dll
                              2014-01-16 22:35:59 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
                              2014-01-16 22:35:58 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_26.dll
                              2014-01-16 22:35:58 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_25.dll
                              2014-01-16 22:35:58 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
                              2014-01-16 22:35:58 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
                              2014-01-16 22:35:57 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_24.dll
                              2014-01-16 22:35:57 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
                              2014-01-16 22:20:24 ----D---- C:\Program Files (x86)\Steam
                              2014-01-16 22:19:04 ----D---- C:\Users\VERMT\AppData\Roaming\Google
                              2014-01-16 22:08:27 ----D---- C:\Users\VERMT\AppData\Roaming\OnlineArmor
                              2014-01-16 22:08:27 ----D---- C:\ProgramData\OnlineArmor
                              2014-01-16 22:04:29 ----A---- C:\WINDOWS\SYSWOW64\drivers\OAmon.sys
                              2014-01-16 22:04:29 ----A---- C:\WINDOWS\SYSWOW64\drivers\oahlp64.sys
                              2014-01-16 22:04:29 ----A---- C:\WINDOWS\SYSWOW64\drivers\OADriver.sys
                              2014-01-16 22:04:29 ----A---- C:\WINDOWS\system32\drivers\OAnet.sys
                              2014-01-16 22:04:22 ----D---- C:\Program Files (x86)\Online Armor
                              2014-01-16 22:03:08 ----D---- C:\Program Files (x86)\Emsisoft Anti-Malware
                              2014-01-16 22:01:46 ----D---- C:\Users\VERMT\AppData\Roaming\AVAST Software
                              2014-01-16 22:00:05 ----D---- C:\Program Files\Google
                              2014-01-16 21:59:54 ----D---- C:\ProgramData\Google
                              2014-01-16 21:59:37 ----D---- C:\Program Files (x86)\Google
                              2014-01-16 21:59:22 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
                              2014-01-16 21:59:22 ----A---- C:\WINDOWS\system32\drivers\aswstm.sys
                              2014-01-16 21:59:22 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
                              2014-01-16 21:59:22 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
                              2014-01-16 21:59:22 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
                              2014-01-16 21:59:22 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
                              2014-01-16 21:59:22 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
                              2014-01-16 21:59:21 ----A---- C:\WINDOWS\system32\aswBoot.exe
                              2014-01-16 21:59:16 ----A---- C:\WINDOWS\avastSS.scr
                              2014-01-16 21:57:48 ----D---- C:\Program Files\AVAST Software
                              2014-01-16 21:57:10 ----D---- C:\ProgramData\AVAST Software
                              2014-01-16 21:19:14 ----D---- C:\Users\VERMT\AppData\Roaming\Windows Live Writer
                              2014-01-16 21:11:31 ----D---- C:\WINDOWS\nl
                              2014-01-16 21:11:15 ----D---- C:\WINDOWS\de
                              2014-01-16 21:11:11 ----D---- C:\WINDOWS\fr
                              2014-01-16 21:11:07 ----D---- C:\WINDOWS\it
                              2014-01-16 21:09:18 ----D---- C:\Program Files\Windows Live
                              2014-01-16 20:59:04 ----D---- C:\Users\VERMT\AppData\Roaming\Malwarebytes
                              2014-01-16 20:58:28 ----D---- C:\ProgramData\Malwarebytes
                              2014-01-16 20:58:23 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
                              2014-01-16 20:58:22 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
                              2014-01-16 20:48:41 ----D---- C:\Program Files\CCleaner
                              2014-01-16 19:15:20 ----D---- C:\Users\VERMT\AppData\Roaming\Identities
                              2014-01-16 19:06:50 ----SHD---- C:\ProgramData\Sjablonen
                              2014-01-16 19:06:50 ----SHD---- C:\ProgramData\Menu Start
                              2014-01-16 19:06:50 ----SHD---- C:\ProgramData\Documenten
                              2014-01-16 19:06:50 ----SHD---- C:\ProgramData\Bureaublad
                              2014-01-16 19:03:10 ----A---- C:\WINDOWS\system32\emptyregdb.dat
                              2014-01-16 18:46:35 ----SD---- C:\Users\VERMT\AppData\Roaming\Microsoft
                              2014-01-16 18:41:14 ----D---- C:\WINDOWS\SYSWOW64\NV
                              2014-01-16 18:41:14 ----D---- C:\WINDOWS\system32\NV
                              2014-01-16 18:41:12 ----D---- C:\ProgramData\NVIDIA
                              2014-01-16 18:41:06 ----A---- C:\WINDOWS\system32\nvvsvc.exe
                              2014-01-16 18:41:06 ----A---- C:\WINDOWS\system32\nvsvcr.dll
                              2014-01-16 18:41:06 ----A---- C:\WINDOWS\system32\nvsvc64.dll
                              2014-01-16 18:41:06 ----A---- C:\WINDOWS\system32\nvshext.dll
                              2014-01-16 18:41:06 ----A---- C:\WINDOWS\system32\nvmctray.dll
                              2014-01-16 18:41:06 ----A---- C:\WINDOWS\system32\nvcpl.dll
                              2014-01-16 18:41:06 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
                              2014-01-16 18:41:06 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
                              2014-01-16 18:40:39 ----D---- C:\ProgramData\NVIDIA Corporation
                              2014-01-16 18:40:30 ----D---- C:\Program Files\NVIDIA Corporation
                              2014-01-16 18:40:30 ----D---- C:\Program Files (x86)\NVIDIA Corporation
                              2014-01-16 18:40:20 ----D---- C:\Program Files (x86)\Intel
                              2014-01-16 18:40:14 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.DLL
                              2014-01-16 18:40:14 ----A---- C:\WINDOWS\system32\OpenCL.DLL
                              2014-01-16 18:39:37 ----A---- C:\WINDOWS\system32\drivers\RTWAVES30.dat
                              2014-01-16 18:39:27 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
                              2014-01-16 18:39:27 ----D---- C:\Program Files\Realtek
                              2014-01-16 18:38:59 ----D---- C:\WINDOWS\Prefetch
                              2014-01-16 18:37:14 ----SHD---- C:\Recovery
                              2014-01-16 18:37:00 ----DC---- C:\WINDOWS\Panther
                              2014-01-16 18:34:38 ----A---- C:\WINDOWS\SYSWOW64\imagehlp.dll
                              2014-01-16 18:34:38 ----A---- C:\WINDOWS\system32\imagehlp.dll
                              2014-01-16 18:34:32 ----A---- C:\WINDOWS\system32\uDWM.dll
                              2014-01-16 18:34:30 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
                              2014-01-16 18:34:30 ----A---- C:\WINDOWS\system32\WMPhoto.dll
                              2014-01-16 18:34:26 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
                              2014-01-16 18:34:26 ----A---- C:\WINDOWS\SYSWOW64\WSClient.dll
                              2014-01-16 18:34:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
                              2014-01-16 18:34:26 ----A---- C:\WINDOWS\SYSWOW64\OEMLicense.dll
                              2014-01-16 18:34:26 ----A---- C:\WINDOWS\system32\WSShared.dll
                              2014-01-16 18:34:26 ----A---- C:\WINDOWS\system32\WSService.dll
                              2014-01-16 18:34:26 ----A---- C:\WINDOWS\system32\WSCollect.exe
                              2014-01-16 18:34:26 ----A---- C:\WINDOWS\system32\WSClient.dll
                              2014-01-16 18:34:26 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
                              2014-01-16 18:34:26 ----A---- C:\WINDOWS\system32\OEMLicense.dll
                              2014-01-16 18:34:19 ----A---- C:\WINDOWS\SYSWOW64\scrrun.dll
                              2014-01-16 18:34:19 ----A---- C:\WINDOWS\system32\scrrun.dll
                              2014-01-16 18:34:15 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
                              2014-01-16 18:34:15 ----A---- C:\WINDOWS\system32\mdmregistration.dll
                              2014-01-16 18:34:15 ----A---- C:\WINDOWS\system32\MDMAgent.exe
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\system32\wininet.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\system32\urlmon.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\system32\mshtml.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\system32\jscript9.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\system32\iertutil.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\system32\ieframe.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\system32\ieapfltr.dll
                              2014-01-16 18:33:59 ----A---- C:\WINDOWS\system32\ie4uinit.exe
                              2014-01-16 18:33:39 ----A---- C:\WINDOWS\system32\SkyDrive.exe
                              2014-01-16 18:33:26 ----AC---- C:\WINDOWS\system32\drivers\spaceport.sys
                              2014-01-16 18:33:26 ----AC---- C:\WINDOWS\system32\drivers\intelpep.sys
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\SYSWOW64\Display.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\SYSWOW64\CredentialMigrationHandler.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\wpncore.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\WMPDMC.exe
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\wlidcli.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\winresume.exe
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\winload.exe
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\twinui.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\msftedit.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\dxgi.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\dwmcore.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\drivers\SerCx2.sys
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\Display.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\dcomp.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\d3d11.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\CredentialMigrationHandler.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
                              2014-01-16 18:33:26 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
                              2014-01-16 18:33:25 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
                              2014-01-16 18:30:36 ----D---- C:\Program Files (x86)\Reference Assemblies
                              2014-01-16 18:30:36 ----D---- C:\Program Files (x86)\MSBuild
                              2014-01-16 18:30:34 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
                              2014-01-16 18:30:34 ----D---- C:\Program Files\Reference Assemblies
                              2014-01-16 18:30:34 ----D---- C:\Program Files\MSBuild
                              2014-01-16 18:30:02 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
                              2014-01-16 18:30:02 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
                              2014-01-16 18:30:01 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
                              2014-01-16 18:30:00 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
                              2014-01-16 18:30:00 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
                              2014-01-16 18:29:59 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
                              2014-01-16 17:07:40 ----D---- C:\sources
                              2014-01-16 16:52:43 ----A---- C:\WINDOWS\system32\drivers\HipShieldK.sys
                              2014-01-16 13:31:49 ----D---- C:\WINDOWS\system32\MRT
                              2014-01-16 13:31:45 ----A---- C:\WINDOWS\system32\MRT.exe
                              2014-01-16 12:32:23 ----D---- C:\Users\VERMT\AppData\Roaming\ASUS
                              2014-01-16 12:32:21 ----D---- C:\Users\VERMT\AppData\Roaming\ASUS WebStorage
                              2014-01-16 12:32:14 ----D---- C:\Users\VERMT\AppData\Roaming\Atheros
                              2014-01-16 12:31:53 ----D---- C:\Users\VERMT\AppData\Roaming\Macromedia
                              2014-01-16 12:30:51 ----D---- C:\Users\VERMT\AppData\Roaming\Adobe
                              2014-01-16 12:29:19 ----A---- C:\Users\VERMT\AppData\Roaming\sp_data.sys
                              2014-01-16 12:29:16 ----D---- C:\ProgramData\USBChargerPlus
                              2014-01-16 11:40:35 ----ASH---- C:\swapfile.sys
                              2014-01-16 11:40:33 ----ASH---- C:\pagefile.sys
                              2014-01-16 11:40:33 ----ASH---- C:\hiberfil.sys
                              2014-01-16 11:40:25 ----SHD---- C:\System Volume Information
                              2014-01-06 20:23:36 ----A---- C:\WINDOWS\SYSWOW64\GPhotos.scr

                              ======List of files/folders modified in the last 1 month======

                              2014-01-28 11:42:43 ----RD---- C:\Program Files
                              2014-01-28 11:42:32 ----A---- C:\WINDOWS\SYSWOW64\log.txt
                              2014-01-28 11:40:29 ----D---- C:\WINDOWS\Temp
                              2014-01-28 11:00:02 ----D---- C:\WINDOWS\system32\sru
                              2014-01-28 09:59:37 ----D---- C:\WINDOWS\system32\catroot2
                              2014-01-28 09:58:41 ----D---- C:\Windows
                              2014-01-27 22:55:37 ----HD---- C:\ProgramData
                              2014-01-27 21:46:07 ----D---- C:\WINDOWS\system32\drivers\etc
                              2014-01-27 21:35:49 ----D---- C:\WINDOWS\system32\drivers
                              2014-01-27 21:35:40 ----RD---- C:\WINDOWS\System32
                              2014-01-27 21:35:40 ----D---- C:\WINDOWS\Inf
                              2014-01-27 21:35:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
                              2014-01-27 20:55:23 ----RD---- C:\Program Files (x86)
                              2014-01-27 20:51:33 ----D---- C:\WINDOWS\Tasks
                              2014-01-27 20:51:31 ----SD---- C:\ProgramData\Microsoft
                              2014-01-27 20:41:55 ----D---- C:\WINDOWS\SoftwareDistribution
                              2014-01-27 20:40:25 ----D---- C:\WINDOWS\debug
                              2014-01-27 20:29:32 ----D---- C:\WINDOWS\system32\DriverStore
                              2014-01-27 20:09:42 ----D---- C:\WINDOWS\system32\catroot
                              2014-01-27 20:09:39 ----SHD---- C:\WINDOWS\Installer
                              2014-01-27 20:09:30 ----D---- C:\WINDOWS\WinSxS
                              2014-01-27 20:09:05 ----D---- C:\WINDOWS\system32\config
                              2014-01-27 12:04:29 ----D---- C:\WINDOWS\system32\Tasks
                              2014-01-27 10:58:29 ----D---- C:\WINDOWS\rescache
                              2014-01-27 10:20:18 ----D---- C:\WINDOWS\Microsoft.NET
                              2014-01-27 00:10:54 ----D---- C:\WINDOWS\SysWOW64
                              2014-01-26 21:09:14 ----D---- C:\Program Files (x86)\Common Files
                              2014-01-26 19:16:27 ----D---- C:\WINDOWS\AppReadiness
                              2014-01-26 19:16:26 ----HD---- C:\Program Files\WindowsApps
                              2014-01-26 15:11:31 ----RSD---- C:\WINDOWS\assembly
                              2014-01-26 15:10:23 ----RSD---- C:\WINDOWS\Fonts
                              2014-01-26 12:33:21 ----D---- C:\WINDOWS\SYSWOW64\config
                              2014-01-26 12:29:34 ----D---- C:\WINDOWS\Help
                              2014-01-26 12:00:29 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
                              2014-01-26 11:58:38 ----D---- C:\Program Files\Common Files\microsoft shared
                              2014-01-26 11:58:28 ----D---- C:\WINDOWS\ShellNew
                              2014-01-26 11:58:09 ----D---- C:\Program Files\Common Files\System
                              2014-01-26 11:58:08 ----A---- C:\WINDOWS\win.ini
                              2014-01-26 11:40:03 ----D---- C:\Program Files\Common Files
                              2014-01-26 10:20:59 ----D---- C:\WINDOWS\system32\drivers\UMDF
                              2014-01-26 00:03:44 ----D---- C:\WINDOWS\CbsTemp
                              2014-01-21 16:05:35 ----RD---- C:\WINDOWS\ToastData
                              2014-01-21 16:05:33 ----D---- C:\WINDOWS\SYSWOW64\Dism
                              2014-01-21 16:05:30 ----D---- C:\WINDOWS\system32\Dism
                              2014-01-21 16:05:25 ----D---- C:\WINDOWS\apppatch
                              2014-01-21 16:01:32 ----D---- C:\Program Files (x86)\Bluetooth Suite
                              2014-01-21 16:01:22 ----D---- C:\WINDOWS\MediaViewer
                              2014-01-21 16:01:22 ----D---- C:\WINDOWS\FileManager
                              2014-01-21 16:01:22 ----D---- C:\WINDOWS\Camera
                              2014-01-20 18:02:11 ----D---- C:\WINDOWS\Logs
                              2014-01-20 16:44:44 ----D---- C:\WINDOWS\system32\wdi
                              2014-01-18 16:44:05 ----D---- C:\ProgramData\Adobe
                              2014-01-18 10:20:20 ----SD---- C:\WINDOWS\Downloaded Program Files
                              2014-01-16 22:14:17 ----D---- C:\WINDOWS\Log
                              2014-01-16 22:04:29 ----D---- C:\WINDOWS\SYSWOW64\drivers
                              2014-01-16 21:49:53 ----HD---- C:\WINDOWS\ELAMBKUP
                              2014-01-16 21:19:53 ----D---- C:\WINDOWS\system32\LogFiles
                              2014-01-16 21:11:18 ----D---- C:\WINDOWS\en-GB
                              2014-01-16 21:09:54 ----D---- C:\Program Files (x86)\Windows Live
                              2014-01-16 21:06:26 ----D---- C:\WINDOWS\system32\restore
                              2014-01-16 20:42:08 ----SHD---- C:\$Recycle.Bin
                              2014-01-16 19:06:50 ----D---- C:\Program Files\Windows NT
                              2014-01-16 19:05:43 ----D---- C:\WINDOWS\Registration
                              2014-01-16 19:00:46 ----RSD---- C:\WINDOWS\Media
                              2014-01-16 18:54:07 ----D---- C:\WINDOWS\SYSWOW64\Atheros_L1e
                              2014-01-16 18:54:07 ----D---- C:\WINDOWS\system32\Sysprep
                              2014-01-16 18:52:51 ----D---- C:\WINDOWS\WinStore
                              2014-01-16 18:52:51 ----D---- C:\WINDOWS\SYSWOW64\winrm
                              2014-01-16 18:52:50 ----D---- C:\WINDOWS\SYSWOW64\WCN
                              2014-01-16 18:52:49 ----D---- C:\WINDOWS\SYSWOW64\sysprep
                              2014-01-16 18:52:49 ----D---- C:\WINDOWS\SYSWOW64\SMI

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X