Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Downloaded problems: corrupted, unsigned publicers, ... (unknown infection(s))


  • This topic is locked This topic is locked
32 replies to this topic

#1 Daluicis

Daluicis

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 02 September 2014 - 06:34 PM

Hello,

 

For a while now I've been having problems with downloaded files on my computer. There are various problems:

- general: when downloading a file on my computer, it downloads the file fine. The problems starts when executing the file.

  • Most of the times I get to read an UAC warning that the file I try to execute is from an unknown publicer (which is not the case for many files I execute (cross checked this with a friends computer where the UAC shows the proper publicer)
  • Sometimes when I execute the file to try install a program I get an error reading the file has been corrupted. This problem continues to excist with new downloads. It has been the case for example for: java; emsisoft anti-malware. However when I download the exact same file from my friends computer and put it on my computer through USB the problems aren't occuring and everything installs fine.

- steam: has problems maintaining a download; every 100-200mb the download stops and tells me the game needs an update. I hit the update button and 100-200mb later the same happens

 

 

I don't know how long this problem has been going on. I started noticing it with steam and didn't think much of it. The problem listed with steam sometimes occurs when the servers are busy. My estimated guess is that the problems has been happening for about a month.

 

Now I've been trying to fix this problem. I've scanned with emsisoft antimalware, malwarebytes anti-malware; mcafee antivirus plus. Almost all of those scans came out clean. This made me believe the problem is a little bit more than the regular scans can handle. Since I've had training a couple years ago and I know my way well around with computers I tried some scanners on here. I've even been a naughty boy and ran combofix before posting here, my deepest apologies for this. They did find some items, shortly listed below here. But none of them has solved the problem. So that's why I decided to post here since this problem is persistent and is above me.

 

AdwCleaner: C:\END

TDSSKiller: UnsignedFile.Multi.Generic

Combofix: c:\windows\wininit.ini

 

Since I know on here you want to start with the beginning I ran DDS just before typing this post. I won't post the log files of the programs listed above unless asked to, since I know you want to start at the beginning. I just thought listing the items they found might be useful information. I will only take steps from now on listed and giving in this topic.

Here is the DDS.txt logfile

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239  BrowserJavaVersion: 10.67.2
Run by Arne at 16:10:44 on 2014-09-02
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.32.1043.18.8112.4687 [GMT -7:00]
.
AV: McAfee Antivirus en antispyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Emsisoft Anti-Malware *Disabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
SP: McAfee Antivirus en antispyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Emsisoft Anti-Malware *Disabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Security & Tools\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [CCleaner] "C:\Security & Tools\CCleaner\CCleaner64.exe" /AUTO
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Arne\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Afbeelding knippen - C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Kopieer selectie - C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Kopieer URL - C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Nieuwe notitie - C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Pagina opemen - C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{4F3D6938-C091-4C03-9418-863AA8373075} : DHCPNameServer = 75.75.75.75 75.75.76.76
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
x64-Run: [MBCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\MBCfg64.dll,RunDLLEntry MBCfg64
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\lmq2p65l.default\
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-11-20 632168]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-11-20 28008]
R0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma;C:\Windows\System32\drivers\iusb3hcs.sys [2013-8-15 20464]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2014-4-3 786296]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2014-4-3 348552]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2014-7-29 32544]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Security & Tools\Emsisoft Anti-Malware\a2ddax64.sys [2014-8-29 26176]
R1 a2injectiondriver;a2injectiondriver;C:\Security & Tools\Emsisoft Anti-Malware\a2dix64.sys [2014-8-29 45208]
R1 a2util;a-squared Malware-IDS utility driver;C:\Security & Tools\Emsisoft Anti-Malware\a2util64.sys [2014-8-29 23088]
R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;C:\Security & Tools\Emsisoft Anti-Malware\a2service.exe [2014-8-29 4754256]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-20 15720]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2014-7-15 2468496]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2014-7-15 129848]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2014-7-15 167736]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2014-7-15 178528]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-7-15 1041192]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2014-7-15 219752]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2014-7-15 189912]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-7-15 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-7-15 21055432]
R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2013-5-29 46592]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2012-12-11 27768]
R3 a2acc;a2acc;C:\Security & Tools\Emsisoft Anti-Malware\a2accx64.sys [2014-8-29 71472]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2014-4-3 72128]
R3 cleanhlp;cleanhlp;C:\Security & Tools\Emsisoft Anti-Malware\cleanhlp64.sys [2014-8-29 57024]
R3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma;C:\Windows\System32\drivers\iusb3hub.sys [2013-8-15 368624]
R3 iusb3xhc;Intel® USB 3.0 uitbreidbare hostcontroller-stuurprogramma;C:\Windows\System32\drivers\iusb3xhc.sys [2013-8-15 790000]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2014-4-3 313544]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2014-4-3 523792]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2014-7-24 444720]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-7-15 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-7-15 40392]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\drivers\RtsBaStor.sys [2014-7-15 308960]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-7-15 805088]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2014-7-15 31032]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2013-3-29 2211016]
R3 VMfilt;VMfilt;C:\Windows\System32\drivers\VMfilt64.sys [2009-7-31 25600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 BRDriver64;BRDriver64;C:\ProgramData\BitRaider\BRDriver64.sys [2014-7-15 75048]
S3 BRSptSvc;BitRaider Mini-Support Service;C:\ProgramData\BitRaider\BRSptSvc.exe [2014-7-15 477960]
S3 cpuz136;cpuz136;C:\Security & Tools\PC Wizard 2013\pcwiz_x64.sys [2014-7-15 26856]
S3 cpuz137;cpuz137;C:\Security & Tools\PC Wizard 2013\pcwiz_x64.sys [2014-7-15 26856]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;D:\Games\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-7-19 25832]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-7-15 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-15 111616]
S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-7-29 452088]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2014-7-24 96592]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-7-15 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-7-15 56832]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-7-15 1255736]
.
=============== Created Last 30 ================
.
2014-09-02 22:38:47    --------    d-sh--w-    C:\$RECYCLE.BIN
2014-09-02 22:31:32    98816    ----a-w-    C:\Windows\sed.exe
2014-09-02 22:31:32    256000    ----a-w-    C:\Windows\PEV.exe
2014-09-02 22:31:32    208896    ----a-w-    C:\Windows\MBR.exe
2014-09-02 22:23:00    --------    d--h--w-    C:\Users\Arne\InstallAnywhere
2014-08-27 17:19:35    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-08-27 17:19:35    3163648    ----a-w-    C:\Windows\System32\win32k.sys
2014-08-27 17:19:35    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-08-25 02:22:52    --------    d-----w-    C:\TDSSKiller_Quarantine
2014-08-25 02:14:51    --------    d-----w-    C:\AdwCleaner
2014-08-25 00:13:04    --------    d-----w-    C:\Users\Arne\AppData\Local\gtk-2.0
2014-08-25 00:13:01    --------    d-----w-    C:\Users\Arne\.thumbnails
2014-08-25 00:11:56    --------    d-----w-    C:\Users\Arne\AppData\Local\fontconfig
2014-08-25 00:11:55    --------    d-----w-    C:\Users\Arne\AppData\Local\gegl-0.2
2014-08-25 00:11:55    --------    d-----w-    C:\Users\Arne\.gimp-2.8
2014-08-25 00:10:14    --------    d-----w-    C:\Program Files\GIMP 2
2014-08-18 18:09:10    8192    ----a-w-    C:\Windows\SysWow64\iisrstap.dll
2014-08-18 18:09:10    60928    ----a-w-    C:\Windows\System32\ahadmin.dll
2014-08-18 18:09:10    55296    ----a-w-    C:\Windows\System32\admwprox.dll
2014-08-18 18:09:10    50688    ----a-w-    C:\Windows\SysWow64\admwprox.dll
2014-08-18 18:09:10    26624    ----a-w-    C:\Windows\SysWow64\ahadmin.dll
2014-08-18 18:09:10    192000    ----a-w-    C:\Windows\System32\iisRtl.dll
2014-08-18 18:09:10    16896    ----a-w-    C:\Windows\System32\iisreset.exe
2014-08-18 18:09:10    154624    ----a-w-    C:\Windows\SysWow64\iisRtl.dll
2014-08-18 18:09:10    15360    ----a-w-    C:\Windows\SysWow64\iisreset.exe
2014-08-18 18:09:10    14848    ----a-w-    C:\Windows\System32\wamregps.dll
2014-08-18 18:09:10    11264    ----a-w-    C:\Windows\System32\iisrstap.dll
2014-08-18 18:09:10    10752    ----a-w-    C:\Windows\SysWow64\wamregps.dll
2014-08-18 07:15:16    99480    ----a-w-    C:\Windows\SysWow64\infocardapi.dll
2014-08-18 07:15:16    619672    ----a-w-    C:\Windows\SysWow64\icardagt.exe
2014-08-18 07:15:16    171160    ----a-w-    C:\Windows\System32\infocardapi.dll
2014-08-18 07:15:16    1389208    ----a-w-    C:\Windows\System32\icardagt.exe
2014-08-18 07:15:15    8856    ----a-w-    C:\Windows\SysWow64\icardres.dll
2014-08-18 07:15:15    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-08-18 07:15:10    35480    ----a-w-    C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-18 07:15:10    35480    ----a-w-    C:\Windows\System32\TsWpfWrp.exe
2014-08-18 00:55:13    --------    d-----w-    C:\Users\Arne\AppData\Local\Adobe
2014-08-17 19:33:18    --------    d-----w-    C:\Windows\SysWow64\XPSViewer
2014-08-17 19:33:18    --------    d-----w-    C:\Windows\SysWow64\BestPractices
2014-08-17 19:33:18    --------    d-----w-    C:\Windows\System32\BestPractices
2014-08-17 19:33:18    --------    d-----w-    C:\inetpub
2014-08-17 08:46:56    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-17 08:45:25    --------    d-----w-    C:\Users\Arne\AppData\Local\ElevatedDiagnostics
2014-08-17 00:12:11    --------    d-----w-    C:\Users\Arne\AppData\Local\Creative
2014-08-15 23:48:54    741480    ------w-    C:\Windows\System32\HPDiscoPMBC11.dll
2014-08-15 23:48:45    --------    d-----w-    C:\Program Files\HP
2014-08-15 23:48:45    --------    d-----w-    C:\Program Files (x86)\HP
2014-08-15 23:48:13    --------    d-----w-    C:\Users\Arne\AppData\Local\HP
2014-08-15 22:17:57    7168    ----a-w-    C:\Windows\SysWow64\KBDYAK.DLL
2014-08-08 23:35:12    --------    d-----w-    C:\Program Files (x86)\ISO to USB
2014-08-07 15:30:18    98304    ----a-r-    C:\Users\Arne\AppData\Roaming\Microsoft\Installer\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}\icons.exe
.
==================== Find3M  ====================
.
2014-08-30 19:47:43    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-15 23:45:09    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-15 23:45:09    699568    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-07 02:06:41    529920    ----a-w-    C:\Windows\System32\aepdu.dll
2014-08-07 02:01:34    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-07-25 14:02:12    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-07-25 14:01:41    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-07-25 13:28:35    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-07-25 13:25:45    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-07-25 13:04:40    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-07-25 13:00:25    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-07-25 12:59:28    758272    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-07-25 12:47:25    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-07-25 12:34:03    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-07-25 12:33:08    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32    61952    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15    5824512    ----a-w-    C:\Windows\System32\jscript9.dll
2014-07-25 12:28:05    72704    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47    597504    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47    4204032    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-07-25 11:43:16    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29    2087936    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-07-25 11:39:25    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49    2001920    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06    2266624    ----a-w-    C:\Windows\System32\wininet.dll
2014-07-25 10:05:23    1792512    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-07-24 21:33:10    11336    ----a-w-    C:\Windows\System32\drivers\mfeclnrk.sys
2014-07-24 21:32:30    96592    ----a-w-    C:\Windows\System32\drivers\mfencrk.sys
2014-07-24 21:31:56    444720    ----a-w-    C:\Windows\System32\drivers\mfencbdc.sys
2014-07-16 03:23:41    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-07-16 02:46:02    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-07-15 22:10:14    175616    ----a-w-    C:\Windows\System32\msclmd.dll
2014-07-15 22:10:14    152576    ----a-w-    C:\Windows\SysWow64\msclmd.dll
2014-07-15 17:16:19    41984    ----a-w-    C:\Windows\System32\drivers\USB3Ver.dll
2014-07-15 17:16:18    790000    ----a-w-    C:\Windows\System32\drivers\iusb3xhc.sys
2014-07-15 17:16:18    368624    ----a-w-    C:\Windows\System32\drivers\iusb3hub.sys
2014-07-15 17:16:18    20464    ----a-w-    C:\Windows\System32\drivers\iusb3hcs.sys
2014-07-15 17:06:57    1814304    ----a-w-    C:\Windows\System32\nvdispco64.dll
2014-07-15 17:06:57    1510176    ----a-w-    C:\Windows\System32\nvdispgenco64.dll
2014-07-14 02:02:45    1216000    ----a-w-    C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58    664064    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 02:03:23    7168    ----a-w-    C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22    7168    ----a-w-    C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:41    6656    ----a-w-    C:\Windows\SysWow64\KBDBASH.DLL
2014-07-02 18:55:43    6783776    ----a-w-    C:\Windows\System32\nvcpl.dll
2014-07-02 18:55:43    3522392    ----a-w-    C:\Windows\System32\nvsvc64.dll
2014-07-02 18:55:41    935368    ----a-w-    C:\Windows\System32\nvvsvc.exe
2014-07-02 18:55:41    67072    ----a-w-    C:\Windows\System32\nv3dappshextr.dll
2014-07-02 18:55:41    62808    ----a-w-    C:\Windows\System32\nvshext.dll
2014-07-02 18:55:41    386520    ----a-w-    C:\Windows\System32\nvmctray.dll
2014-07-02 18:55:41    2559960    ----a-w-    C:\Windows\System32\nvsvcr.dll
2014-07-02 18:55:41    1084704    ----a-w-    C:\Windows\System32\nv3dappshext.dll
2014-07-02 10:14:12    3826628    ----a-w-    C:\Windows\System32\nvcoproc.bin
2014-06-20 08:38:22    72128    ----a-w-    C:\Windows\System32\drivers\cfwids.sys
2014-06-20 08:31:06    348552    ----a-w-    C:\Windows\System32\drivers\mfewfpk.sys
2014-06-20 08:30:38    189912    ----a-w-    C:\Windows\System32\mfevtps.exe
2014-06-20 08:26:02    786296    ----a-w-    C:\Windows\System32\drivers\mfehidk.sys
2014-06-20 08:23:40    523792    ----a-w-    C:\Windows\System32\drivers\mfefirek.sys
2014-06-20 08:21:48    313544    ----a-w-    C:\Windows\System32\drivers\mfeavfk.sys
2014-06-20 08:20:54    181704    ----a-w-    C:\Windows\System32\drivers\mfeapfk.sys
2014-06-18 02:18:30    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19    985536    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-06 10:10:34    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-06-06 09:44:17    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 16:10:58,84 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:51 PM

Posted 07 September 2014 - 06:35 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/546682 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Daluicis

Daluicis
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 08 September 2014 - 05:44 PM

  • Problem still excists. I was away for camping, so no new steps has been taken.
  • See log below and attached
  • I have an windows 7 ultimate disc from academicdownload (downloaded and burned on a DVD)

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239  BrowserJavaVersion: 10.67.2
Run by Arne at 15:38:36 on 2014-09-08
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.32.1043.18.12208.9101 [GMT -7:00]
.
AV: McAfee Antivirus en antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Emsisoft Anti-Malware *Disabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
SP: McAfee Antivirus en antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Emsisoft Anti-Malware *Disabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Games\Steam\Steam.exe
C:\Games\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Games\Steam\bin\steamwebhelper.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [CCleaner] "C:\Security & Tools\CCleaner\CCleaner64.exe" /AUTO
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Arne\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Afbeelding knippen - C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Kopieer selectie - C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Kopieer URL - C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Nieuwe notitie - C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Pagina opemen - C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{4F3D6938-C091-4C03-9418-863AA8373075} : DHCPNameServer = 75.75.75.75 75.75.76.76
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
x64-Run: [MBCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\MBCfg64.dll,RunDLLEntry MBCfg64
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\lmq2p65l.default\
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-11-20 632168]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-11-20 28008]
R0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma;C:\Windows\System32\drivers\iusb3hcs.sys [2013-8-15 20464]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2014-4-3 786296]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2014-4-3 348552]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2014-7-29 32544]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Security & Tools\Emsisoft Anti-Malware\a2ddax64.sys [2014-8-29 26176]
R1 a2injectiondriver;a2injectiondriver;C:\Security & Tools\Emsisoft Anti-Malware\a2dix64.sys [2014-8-29 45208]
R1 a2util;a-squared Malware-IDS utility driver;C:\Security & Tools\Emsisoft Anti-Malware\a2util64.sys [2014-8-29 23088]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-20 15720]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2014-7-15 2468496]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2014-7-15 129848]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2014-7-15 167736]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2014-7-15 178528]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-7-15 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-7-15 1041192]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2014-7-15 219752]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2014-7-15 189912]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-7-15 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-7-15 21055432]
R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2013-5-29 46592]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2012-12-11 27768]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2014-4-3 72128]
R3 cleanhlp;cleanhlp;C:\Security & Tools\Emsisoft Anti-Malware\cleanhlp64.sys [2014-8-29 57024]
R3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma;C:\Windows\System32\drivers\iusb3hub.sys [2013-8-15 368624]
R3 iusb3xhc;Intel® USB 3.0 uitbreidbare hostcontroller-stuurprogramma;C:\Windows\System32\drivers\iusb3xhc.sys [2013-8-15 790000]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2014-4-3 313544]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2014-4-3 523792]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2014-7-24 444720]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-7-15 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-7-15 40392]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\drivers\RtsBaStor.sys [2014-7-15 308960]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-7-15 805088]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2014-7-15 31032]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2013-3-29 2211016]
R3 VMfilt;VMfilt;C:\Windows\System32\drivers\VMfilt64.sys [2009-7-31 25600]
S2 0215731410215586mcinstcleanup;McAfee Application Installer Cleanup (0215731410215586);C:\Windows\TEMP\021573~1.EXE -cleanup -nolog --> C:\Windows\TEMP\021573~1.EXE -cleanup -nolog [?]
S2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;C:\Security & Tools\Emsisoft Anti-Malware\a2service.exe [2014-8-29 4783632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 a2acc;a2acc;C:\Security & Tools\Emsisoft Anti-Malware\a2accx64.sys [2014-8-29 71472]
S3 BRDriver64;BRDriver64;C:\ProgramData\BitRaider\BRDriver64.sys [2014-7-15 75048]
S3 BRSptSvc;BitRaider Mini-Support Service;C:\ProgramData\BitRaider\BRSptSvc.exe [2014-7-15 477960]
S3 cpuz136;cpuz136;C:\Security & Tools\PC Wizard 2013\pcwiz_x64.sys [2014-7-15 26856]
S3 cpuz137;cpuz137;C:\Security & Tools\PC Wizard 2013\pcwiz_x64.sys [2014-7-15 26856]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;D:\Games\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-7-19 25832]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-7-15 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-15 111616]
S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-7-29 452088]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2014-7-24 96592]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-7-15 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-7-15 56832]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-7-15 1255736]
.
=============== Created Last 30 ================
.
2014-09-02 22:38:47    --------    d-sh--w-    C:\$RECYCLE.BIN
2014-09-02 22:31:32    98816    ----a-w-    C:\Windows\sed.exe
2014-09-02 22:31:32    256000    ----a-w-    C:\Windows\PEV.exe
2014-09-02 22:31:32    208896    ----a-w-    C:\Windows\MBR.exe
2014-09-02 22:23:00    --------    d--h--w-    C:\Users\Arne\InstallAnywhere
2014-08-27 17:19:35    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-08-27 17:19:35    3163648    ----a-w-    C:\Windows\System32\win32k.sys
2014-08-27 17:19:35    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-08-25 02:22:52    --------    d-----w-    C:\TDSSKiller_Quarantine
2014-08-25 02:14:51    --------    d-----w-    C:\AdwCleaner
2014-08-25 00:13:04    --------    d-----w-    C:\Users\Arne\AppData\Local\gtk-2.0
2014-08-25 00:13:01    --------    d-----w-    C:\Users\Arne\.thumbnails
2014-08-25 00:11:56    --------    d-----w-    C:\Users\Arne\AppData\Local\fontconfig
2014-08-25 00:11:55    --------    d-----w-    C:\Users\Arne\AppData\Local\gegl-0.2
2014-08-25 00:11:55    --------    d-----w-    C:\Users\Arne\.gimp-2.8
2014-08-25 00:10:14    --------    d-----w-    C:\Program Files\GIMP 2
2014-08-18 18:09:10    8192    ----a-w-    C:\Windows\SysWow64\iisrstap.dll
2014-08-18 18:09:10    60928    ----a-w-    C:\Windows\System32\ahadmin.dll
2014-08-18 18:09:10    55296    ----a-w-    C:\Windows\System32\admwprox.dll
2014-08-18 18:09:10    50688    ----a-w-    C:\Windows\SysWow64\admwprox.dll
2014-08-18 18:09:10    26624    ----a-w-    C:\Windows\SysWow64\ahadmin.dll
2014-08-18 18:09:10    192000    ----a-w-    C:\Windows\System32\iisRtl.dll
2014-08-18 18:09:10    16896    ----a-w-    C:\Windows\System32\iisreset.exe
2014-08-18 18:09:10    154624    ----a-w-    C:\Windows\SysWow64\iisRtl.dll
2014-08-18 18:09:10    15360    ----a-w-    C:\Windows\SysWow64\iisreset.exe
2014-08-18 18:09:10    14848    ----a-w-    C:\Windows\System32\wamregps.dll
2014-08-18 18:09:10    11264    ----a-w-    C:\Windows\System32\iisrstap.dll
2014-08-18 18:09:10    10752    ----a-w-    C:\Windows\SysWow64\wamregps.dll
2014-08-18 07:15:16    99480    ----a-w-    C:\Windows\SysWow64\infocardapi.dll
2014-08-18 07:15:16    619672    ----a-w-    C:\Windows\SysWow64\icardagt.exe
2014-08-18 07:15:16    171160    ----a-w-    C:\Windows\System32\infocardapi.dll
2014-08-18 07:15:16    1389208    ----a-w-    C:\Windows\System32\icardagt.exe
2014-08-18 07:15:15    8856    ----a-w-    C:\Windows\SysWow64\icardres.dll
2014-08-18 07:15:15    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-08-18 07:15:10    35480    ----a-w-    C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-18 07:15:10    35480    ----a-w-    C:\Windows\System32\TsWpfWrp.exe
2014-08-18 00:55:13    --------    d-----w-    C:\Users\Arne\AppData\Local\Adobe
2014-08-17 19:33:18    --------    d-----w-    C:\Windows\SysWow64\XPSViewer
2014-08-17 19:33:18    --------    d-----w-    C:\Windows\SysWow64\BestPractices
2014-08-17 19:33:18    --------    d-----w-    C:\Windows\System32\BestPractices
2014-08-17 19:33:18    --------    d-----w-    C:\inetpub
2014-08-17 08:46:56    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-17 08:45:25    --------    d-----w-    C:\Users\Arne\AppData\Local\ElevatedDiagnostics
2014-08-17 00:12:11    --------    d-----w-    C:\Users\Arne\AppData\Local\Creative
2014-08-15 23:48:54    741480    ------w-    C:\Windows\System32\HPDiscoPMBC11.dll
2014-08-15 23:48:45    --------    d-----w-    C:\Program Files\HP
2014-08-15 23:48:45    --------    d-----w-    C:\Program Files (x86)\HP
2014-08-15 23:48:13    --------    d-----w-    C:\Users\Arne\AppData\Local\HP
2014-08-15 22:17:57    7168    ----a-w-    C:\Windows\SysWow64\KBDYAK.DLL
.
==================== Find3M  ====================
.
2014-09-03 23:58:21    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-15 23:45:09    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-15 23:45:09    699568    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-07 02:06:41    529920    ----a-w-    C:\Windows\System32\aepdu.dll
2014-08-07 02:01:34    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-07-25 14:02:12    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-07-25 14:01:41    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-07-25 13:28:35    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-07-25 13:25:45    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-07-25 13:04:40    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-07-25 13:00:25    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-07-25 12:59:28    758272    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-07-25 12:47:25    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-07-25 12:34:03    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-07-25 12:33:08    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32    61952    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15    5824512    ----a-w-    C:\Windows\System32\jscript9.dll
2014-07-25 12:28:05    72704    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47    597504    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47    4204032    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-07-25 11:43:16    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29    2087936    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-07-25 11:39:25    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49    2001920    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06    2266624    ----a-w-    C:\Windows\System32\wininet.dll
2014-07-25 10:05:23    1792512    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-07-24 21:33:10    11336    ----a-w-    C:\Windows\System32\drivers\mfeclnrk.sys
2014-07-24 21:32:30    96592    ----a-w-    C:\Windows\System32\drivers\mfencrk.sys
2014-07-24 21:31:56    444720    ----a-w-    C:\Windows\System32\drivers\mfencbdc.sys
2014-07-16 03:23:41    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-07-16 02:46:02    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-07-15 22:10:14    175616    ----a-w-    C:\Windows\System32\msclmd.dll
2014-07-15 22:10:14    152576    ----a-w-    C:\Windows\SysWow64\msclmd.dll
2014-07-15 17:16:19    41984    ----a-w-    C:\Windows\System32\drivers\USB3Ver.dll
2014-07-15 17:16:18    790000    ----a-w-    C:\Windows\System32\drivers\iusb3xhc.sys
2014-07-15 17:16:18    368624    ----a-w-    C:\Windows\System32\drivers\iusb3hub.sys
2014-07-15 17:16:18    20464    ----a-w-    C:\Windows\System32\drivers\iusb3hcs.sys
2014-07-15 17:06:57    1814304    ----a-w-    C:\Windows\System32\nvdispco64.dll
2014-07-15 17:06:57    1510176    ----a-w-    C:\Windows\System32\nvdispgenco64.dll
2014-07-14 02:02:45    1216000    ----a-w-    C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58    664064    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 02:03:23    7168    ----a-w-    C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22    7168    ----a-w-    C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:41    6656    ----a-w-    C:\Windows\SysWow64\KBDBASH.DLL
2014-07-02 18:55:43    6783776    ----a-w-    C:\Windows\System32\nvcpl.dll
2014-07-02 18:55:43    3522392    ----a-w-    C:\Windows\System32\nvsvc64.dll
2014-07-02 18:55:41    935368    ----a-w-    C:\Windows\System32\nvvsvc.exe
2014-07-02 18:55:41    67072    ----a-w-    C:\Windows\System32\nv3dappshextr.dll
2014-07-02 18:55:41    62808    ----a-w-    C:\Windows\System32\nvshext.dll
2014-07-02 18:55:41    386520    ----a-w-    C:\Windows\System32\nvmctray.dll
2014-07-02 18:55:41    2559960    ----a-w-    C:\Windows\System32\nvsvcr.dll
2014-07-02 18:55:41    1084704    ----a-w-    C:\Windows\System32\nv3dappshext.dll
2014-07-02 10:14:12    3826628    ----a-w-    C:\Windows\System32\nvcoproc.bin
2014-06-20 08:38:22    72128    ----a-w-    C:\Windows\System32\drivers\cfwids.sys
2014-06-20 08:31:06    348552    ----a-w-    C:\Windows\System32\drivers\mfewfpk.sys
2014-06-20 08:30:38    189912    ----a-w-    C:\Windows\System32\mfevtps.exe
2014-06-20 08:26:02    786296    ----a-w-    C:\Windows\System32\drivers\mfehidk.sys
2014-06-20 08:23:40    523792    ----a-w-    C:\Windows\System32\drivers\mfefirek.sys
2014-06-20 08:21:48    313544    ----a-w-    C:\Windows\System32\drivers\mfeavfk.sys
2014-06-20 08:20:54    181704    ----a-w-    C:\Windows\System32\drivers\mfeapfk.sys
2014-06-18 02:18:30    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19    985536    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
.
============= FINISH: 15:38:48,89 ===============
 

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:51 PM

Posted 10 September 2014 - 08:39 AM

Greetings Daluicis and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Daluicis

Daluicis
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 10 September 2014 - 11:39 AM

Hello Gary,

 

First off: thank you for your assistence, it's greatly appreciated!

I agree to follow all the ground rules and will only follow your steps.

I'm very active online so I should be able to respond fast.

Here are the logs requested per order:

 

Note: I've noticed the log says Spybot - Search and Destroy is enabled. I wanted to let you know this is the free version without real time scanning. (it was installed yesterday)

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Arne (administrator) on ARNE-LAPTOP on 10-09-2014 09:26:38
Running from C:\Users\Arne\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Emsisoft GmbH) C:\Security & Tools\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
(Safer-Networking Ltd.) C:\Security & Tools\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Security & Tools\Spybot - Search & Destroy 2\SDUpdSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Safer-Networking Ltd.) C:\Security & Tools\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Program Files (x86)\Hotkey\Hotkey.exe
(Dropbox, Inc.) C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Security & Tools\Spybot - Search & Destroy 2\SDTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3008824 2012-11-30] (Synaptics Incorporated)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5672624 2014-07-15] (VIA)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-20] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-07-15] (Intel Corporation)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-10] (Creative Technology Ltd.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Security & Tools\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4093474000-1702376-364041107-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21652064 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-4093474000-1702376-364041107-1000\...\Run: [CCleaner] => C:\Security & Tools\CCleaner\CCleaner64.exe [6462744 2014-08-21] (Piriform Ltd)
HKU\S-1-5-21-4093474000-1702376-364041107-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk
ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\Hotkey.exe ()
Startup: C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x586105154CA0CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-be
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\lmq2p65l.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bolcom-nl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\marktplaats-nl.xml
FF Extension: Adblock Plus - C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\lmq2p65l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-07-15]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-07-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Security & Tools\Emsisoft Anti-Malware\a2service.exe [4783632 2014-09-08] (Emsisoft GmbH)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-07-15] (BitRaider, LLC)
S3 DAUpdaterSvc; D:\Games\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-07-19] (BioWare)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-20] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [46592 2013-05-29] () [File not signed]
R2 SDScannerService; C:\Security & Tools\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Security & Tools\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Security & Tools\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-07-15] (VIA Technologies, Inc.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\SECURITY & TOOLS\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-08-29] (Emsisoft GmbH)
R1 A2DDA; C:\Security & Tools\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Security & Tools\Emsisoft Anti-Malware\a2dix64.sys [45208 2014-08-29] (Emsisoft GmbH)
R1 a2util; C:\Security & Tools\Emsisoft Anti-Malware\a2util64.sys [23088 2014-08-29] (Emsisoft GmbH)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-07-15] (BitRaider)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 cleanhlp; C:\Security & Tools\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2014-08-29] (Emsisoft GmbH)
S3 cpuz136; C:\Security & Tools\PC Wizard 2013\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S3 cpuz137; C:\Security & Tools\PC Wizard 2013\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-20] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-30] (Synaptics Incorporated)
R3 VMfilt; C:\Windows\System32\drivers\VMfilt64.sys [25600 2014-07-15] (Creative Technology Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 09:26 - 2014-09-10 09:27 - 00021980 _____ () C:\Users\Arne\Desktop\FRST.txt
2014-09-10 09:26 - 2014-09-10 09:26 - 00000000 ____D () C:\FRST
2014-09-10 09:24 - 2014-09-10 09:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-10 09:23 - 2014-09-10 09:23 - 02105856 _____ (Farbar) C:\Users\Arne\Desktop\FRST64.exe
2014-09-09 19:40 - 2014-09-10 09:20 - 00000336 _____ () C:\Windows\setupact.log
2014-09-09 19:40 - 2014-09-09 19:40 - 00000610 _____ () C:\Windows\PFRO.log
2014-09-09 19:40 - 2014-09-09 19:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-09 14:55 - 2014-09-09 14:55 - 00000000 ____D () C:\Users\Arne\Documents\My Games
2014-09-09 14:55 - 2014-09-09 14:55 - 00000000 ____D () C:\Users\Arne\AppData\Local\My Games
2014-09-09 14:41 - 2014-09-09 14:41 - 00003680 _____ () C:\Windows\System32\Tasks\klcp_update
2014-09-09 14:40 - 2014-09-09 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-09-09 14:40 - 2014-09-09 14:40 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-09-09 14:40 - 2014-06-14 07:03 - 00260696 _____ () C:\Windows\system32\unrar64.dll
2014-09-09 14:40 - 2014-06-14 07:03 - 00218200 _____ () C:\Windows\SysWOW64\unrar.dll
2014-09-09 13:35 - 2014-09-09 13:35 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-09 13:30 - 2014-09-09 13:30 - 00001965 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-09 13:30 - 2014-09-09 13:30 - 00001953 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-09 13:30 - 2014-09-09 13:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-09 13:30 - 2014-09-09 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-09 13:29 - 2014-09-09 13:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-09 13:29 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-09-08 15:39 - 2014-09-08 15:39 - 00002442 _____ () C:\Users\Arne\Desktop\attach.zip
2014-09-08 15:38 - 2014-09-08 15:38 - 00028130 _____ () C:\Users\Arne\Desktop\dds.txt
2014-09-08 15:38 - 2014-09-08 15:38 - 00006947 _____ () C:\Users\Arne\Desktop\attach.txt
2014-09-08 15:35 - 2014-09-08 15:35 - 00688992 ____R (Swearware) C:\Users\Arne\Desktop\dds.com
2014-09-08 15:33 - 2014-09-09 19:40 - 00000000 ____D () C:\Users\Arne\Downloads\To organise
2014-09-03 18:11 - 2014-09-03 18:11 - 00000020 ___SH () C:\Users\DefaultAppPool\ntuser.ini
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Sjablonen
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Netwerkprinteromgeving
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Mijn documenten
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Menu Start
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn video's
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn muziek
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn afbeeldingen
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Local\Geschiedenis
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 ____D () C:\Users\DefaultAppPool
2014-09-03 18:11 - 2014-07-16 09:00 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2014-09-03 18:11 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-03 18:11 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-02 15:48 - 2014-09-02 15:49 - 106224784 _____ (Flexera Software) C:\Users\Arne\Downloads\Install_ESO.exe
2014-09-02 15:38 - 2014-09-02 15:38 - 00032403 _____ () C:\ComboFix.txt
2014-09-02 15:31 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-02 15:31 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-02 15:31 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-02 15:31 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-02 15:31 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-02 15:31 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-02 15:31 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-02 15:31 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-02 15:28 - 2014-09-02 15:38 - 00000000 ____D () C:\Qoobox
2014-09-02 15:27 - 2014-09-02 15:37 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 15:23 - 2014-09-02 15:23 - 00000000 ___HD () C:\Users\Arne\InstallAnywhere
2014-08-30 10:55 - 2014-09-10 09:24 - 00514761 _____ () C:\Windows\WindowsUpdate.log
2014-08-29 14:26 - 2014-08-29 14:26 - 00000000 ____D () C:\Users\Arne\Documents\Anti-Malware
2014-08-29 14:26 - 2014-08-29 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-08-27 10:19 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 10:19 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 10:19 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-25 19:12 - 2014-08-25 19:12 - 00000000 ____D () C:\Users\Arne\Downloads\Rekeningafschriften
2014-08-25 14:41 - 2014-08-25 14:41 - 00670834 _____ () C:\Users\Arne\Downloads\versus_documentation.zip
2014-08-25 14:35 - 2014-08-25 14:35 - 00007697 _____ () C:\Users\Arne\AppData\Local\recently-used.xbel
2014-08-24 19:22 - 2014-08-24 19:22 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-24 19:14 - 2014-08-24 19:17 - 00000000 ____D () C:\AdwCleaner
2014-08-24 17:13 - 2014-08-25 14:35 - 00000000 ____D () C:\Users\Arne\AppData\Local\gtk-2.0
2014-08-24 17:13 - 2014-08-24 17:13 - 00000000 ____D () C:\Users\Arne\.thumbnails
2014-08-24 17:11 - 2014-08-25 14:38 - 00000000 ____D () C:\Users\Arne\.gimp-2.8
2014-08-24 17:11 - 2014-08-24 17:11 - 00000854 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-08-24 17:11 - 2014-08-24 17:11 - 00000000 ____D () C:\Users\Arne\AppData\Local\gegl-0.2
2014-08-24 17:10 - 2014-08-24 17:11 - 00000000 ____D () C:\Program Files\GIMP 2
2014-08-24 16:54 - 2014-08-24 16:54 - 00000000 ____D () C:\Users\Arne\Downloads\Windows and Office
2014-08-24 16:53 - 2014-09-04 12:36 - 00000000 ____D () C:\Users\Arne\Downloads\Anthropaws
2014-08-24 13:10 - 2014-09-04 12:34 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\FileZilla
2014-08-24 13:10 - 2014-08-24 13:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-18 11:09 - 2012-05-31 22:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2014-08-18 11:09 - 2012-05-31 22:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2014-08-18 11:09 - 2012-05-31 22:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2014-08-18 11:09 - 2012-05-31 22:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2014-08-18 11:09 - 2012-05-31 22:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2014-08-18 11:09 - 2012-05-31 22:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2014-08-18 11:09 - 2012-05-31 21:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2014-08-18 11:09 - 2012-05-31 21:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2014-08-18 11:09 - 2012-05-31 21:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2014-08-18 11:09 - 2012-05-31 21:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2014-08-18 11:09 - 2012-05-31 21:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2014-08-18 11:09 - 2012-05-31 21:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2014-08-18 00:15 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-18 00:15 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-18 00:15 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-18 00:15 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-18 00:15 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-18 00:15 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-18 00:15 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-18 00:15 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-17 17:55 - 2014-08-17 17:55 - 00000000 ____D () C:\Users\Arne\AppData\Local\Adobe
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Program Files\MSBuild
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\inetpub
2014-08-17 12:13 - 2014-08-17 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-17 01:47 - 2014-08-17 01:46 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-17 01:46 - 2014-08-17 01:46 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-17 01:46 - 2014-08-17 01:46 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-17 01:46 - 2014-08-17 01:46 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-17 01:46 - 2014-08-17 01:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-17 01:46 - 2014-08-17 01:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-17 01:11 - 2014-08-17 01:11 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\Oracle
2014-08-16 19:02 - 2014-08-16 19:02 - 00000000 ____D () C:\Users\Arne\Documents\DeadIsland
2014-08-16 19:02 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-08-16 19:02 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-08-16 19:02 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-08-16 19:02 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-08-16 19:02 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-08-16 19:02 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-08-16 19:02 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-08-16 19:02 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-08-16 19:02 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-08-16 19:02 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-08-16 19:02 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-08-16 19:02 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-08-16 19:02 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-08-16 19:02 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-08-16 19:02 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-08-16 19:02 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-08-16 19:02 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-08-16 19:02 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-08-16 19:02 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-08-16 19:02 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-08-16 19:02 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-08-16 19:02 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-08-16 19:02 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-08-16 19:02 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-08-16 19:02 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-08-16 19:02 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-08-16 19:02 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-08-16 19:02 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-08-16 19:02 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-08-16 19:02 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-08-16 19:02 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-08-16 19:02 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-08-16 19:02 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-08-16 19:02 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-08-16 19:02 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-08-16 19:02 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-08-16 19:02 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-08-16 19:02 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-08-16 19:02 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-08-16 19:02 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-08-16 19:02 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-08-16 19:02 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-08-16 19:02 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-08-16 19:02 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-08-16 19:02 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-08-16 19:02 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-08-16 19:02 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-08-16 19:02 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-08-16 19:02 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-08-16 19:02 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-08-16 19:02 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-08-16 19:02 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-08-16 19:02 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-08-16 19:02 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-08-16 19:02 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-08-16 19:02 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-08-16 19:02 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-08-16 19:02 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-08-16 19:02 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-08-16 19:02 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-08-16 19:02 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-08-16 19:02 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-08-16 19:02 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-08-16 19:02 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-08-16 19:02 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-08-16 19:02 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-08-16 19:02 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-08-16 19:02 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-08-16 19:02 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-08-16 19:02 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-08-16 19:02 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-08-16 19:02 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-08-16 19:02 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-08-16 19:02 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-08-16 19:02 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-08-16 19:02 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-08-16 19:02 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-08-16 19:02 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-08-16 19:02 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-08-16 19:02 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-08-16 19:02 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-08-16 19:02 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-08-16 19:02 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-08-16 19:02 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-08-16 19:02 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-08-16 19:02 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-08-16 19:02 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-08-16 19:02 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-08-16 19:02 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-08-16 19:02 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-08-16 19:02 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-08-16 19:02 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-08-16 19:02 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-08-16 19:02 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-08-16 19:02 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-08-16 19:02 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-08-16 19:02 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-08-16 19:02 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-08-16 19:02 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-08-16 19:02 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-08-16 19:02 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-08-16 19:02 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-08-16 19:02 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-08-16 19:02 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-08-16 19:02 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-08-16 19:02 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-08-16 19:02 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-08-16 19:02 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-08-16 19:02 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-08-16 19:02 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-08-16 19:02 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-08-16 19:02 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-08-16 19:02 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-08-16 19:02 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-08-16 19:02 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-08-16 19:02 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-08-16 19:02 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-08-16 19:02 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-08-16 19:02 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-08-16 19:02 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-08-16 19:02 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-08-16 19:02 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-08-16 19:02 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-08-16 19:02 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-08-16 19:02 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-08-16 19:02 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-08-16 19:02 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-08-16 19:02 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-08-16 19:02 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-08-16 19:02 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-08-16 19:02 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-08-16 19:02 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-08-16 19:02 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-08-16 19:02 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-08-16 19:02 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-08-16 19:02 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-08-16 19:02 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-08-16 19:02 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-08-16 19:02 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-08-16 19:02 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-08-16 19:02 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-08-16 19:02 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-08-16 19:02 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-08-16 19:02 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-08-16 19:02 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-08-16 19:02 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-08-16 19:02 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-08-16 19:02 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-08-16 19:02 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-08-16 19:02 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-08-16 19:02 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-08-16 19:02 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-08-16 19:02 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-08-16 19:02 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-08-16 19:02 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-08-16 19:02 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-08-16 19:02 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-08-16 19:02 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-08-16 19:02 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-08-16 19:02 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-08-16 19:02 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-08-16 19:02 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-08-16 19:02 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-08-16 19:02 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-08-16 19:02 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-08-16 19:02 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-08-16 19:02 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-08-16 19:02 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-08-16 19:02 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-08-16 19:02 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-08-16 19:02 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-08-16 19:02 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-08-16 19:02 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-08-16 19:02 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-08-16 19:02 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-08-16 19:02 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-08-16 19:02 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-08-16 17:12 - 2014-08-16 17:12 - 00000000 ____D () C:\Users\Arne\AppData\Local\Creative
2014-08-15 16:48 - 2014-08-15 16:53 - 00000000 ____D () C:\Users\Arne\AppData\Local\HP
2014-08-15 16:48 - 2014-08-15 16:48 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-08-15 16:48 - 2014-08-15 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-15 16:48 - 2014-08-15 16:48 - 00000000 ____D () C:\ProgramData\HP
2014-08-15 16:48 - 2014-08-15 16:48 - 00000000 ____D () C:\Program Files\HP
2014-08-15 16:48 - 2014-08-15 16:48 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-15 16:48 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMBC11.dll
2014-08-15 15:18 - 2014-07-31 16:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 15:18 - 2014-07-31 16:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 15:18 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 15:18 - 2014-07-25 07:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 15:18 - 2014-07-25 07:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 15:18 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 15:18 - 2014-07-25 06:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 15:18 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 15:18 - 2014-07-25 06:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 15:18 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 15:18 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 15:18 - 2014-07-25 06:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 15:18 - 2014-07-25 06:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 15:18 - 2014-07-25 06:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 15:18 - 2014-07-25 06:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 15:18 - 2014-07-25 06:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 15:18 - 2014-07-25 06:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 15:18 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 15:18 - 2014-07-25 05:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 15:18 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 15:18 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 15:18 - 2014-07-25 05:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 15:18 - 2014-07-25 05:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 15:18 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 15:18 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 15:18 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 15:18 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 15:18 - 2014-07-25 05:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 15:18 - 2014-07-25 05:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 15:18 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 15:18 - 2014-07-25 05:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 15:18 - 2014-07-25 05:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 15:18 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 15:18 - 2014-07-25 05:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 15:18 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 15:18 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 15:18 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 15:18 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 15:18 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 15:18 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 15:18 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 15:18 - 2014-07-25 04:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-15 15:18 - 2014-07-25 04:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 15:18 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 15:18 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 15:18 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 15:18 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 15:18 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 15:18 - 2014-07-25 04:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 15:18 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 15:18 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 15:18 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 15:18 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 15:18 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 15:18 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 15:18 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 15:17 - 2014-08-06 19:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-15 15:17 - 2014-08-06 19:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-15 15:17 - 2014-07-15 20:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-15 15:17 - 2014-07-15 19:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 15:17 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 15:17 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 15:17 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-15 15:17 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-15 15:17 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-15 15:17 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-15 15:17 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-15 15:17 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-15 15:17 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-15 15:17 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-15 15:17 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-15 15:17 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-15 15:17 - 2014-07-08 15:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-15 15:17 - 2014-07-08 15:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-15 15:17 - 2014-06-24 19:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-15 15:17 - 2014-06-24 18:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 15:17 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 15:17 - 2014-06-03 03:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 15:17 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 15:17 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 15:17 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 15:17 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 15:17 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 15:17 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 09:27 - 2014-09-10 09:26 - 00021980 _____ () C:\Users\Arne\Desktop\FRST.txt
2014-09-10 09:26 - 2014-09-10 09:26 - 00000000 ____D () C:\FRST
2014-09-10 09:26 - 2009-07-14 02:16 - 00834140 _____ () C:\Windows\system32\perfh013.dat
2014-09-10 09:26 - 2009-07-14 02:16 - 00189054 _____ () C:\Windows\system32\perfc013.dat
2014-09-10 09:26 - 2009-07-13 22:13 - 01899716 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 09:24 - 2014-09-10 09:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-10 09:24 - 2014-08-30 10:55 - 00514761 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 09:23 - 2014-09-10 09:23 - 02105856 _____ (Farbar) C:\Users\Arne\Desktop\FRST64.exe
2014-09-10 09:22 - 2014-07-15 14:22 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\Skype
2014-09-10 09:20 - 2014-09-09 19:40 - 00000336 _____ () C:\Windows\setupact.log
2014-09-10 09:20 - 2014-07-15 14:25 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\Dropbox
2014-09-10 09:20 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-09 20:05 - 2014-07-15 15:38 - 00000000 ____D () C:\ProgramData\Origin
2014-09-09 19:48 - 2009-07-13 21:45 - 00020496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-09 19:48 - 2009-07-13 21:45 - 00020496 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-09 19:40 - 2014-09-09 19:40 - 00000610 _____ () C:\Windows\PFRO.log
2014-09-09 19:40 - 2014-09-09 19:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-09 19:40 - 2014-09-08 15:33 - 00000000 ____D () C:\Users\Arne\Downloads\To organise
2014-09-09 19:06 - 2014-07-15 15:26 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-09 15:06 - 2014-07-15 15:26 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 14:55 - 2014-09-09 14:55 - 00000000 ____D () C:\Users\Arne\Documents\My Games
2014-09-09 14:55 - 2014-09-09 14:55 - 00000000 ____D () C:\Users\Arne\AppData\Local\My Games
2014-09-09 14:41 - 2014-09-09 14:41 - 00003680 _____ () C:\Windows\System32\Tasks\klcp_update
2014-09-09 14:40 - 2014-09-09 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-09-09 14:40 - 2014-09-09 14:40 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-09-09 14:06 - 2014-07-15 15:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 14:06 - 2014-07-15 15:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 13:59 - 2014-09-09 13:29 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-09 13:35 - 2014-09-09 13:35 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-09 13:30 - 2014-09-09 13:30 - 00001965 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-09 13:30 - 2014-09-09 13:30 - 00001953 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-09 13:30 - 2014-09-09 13:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-09 13:30 - 2014-09-09 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-09 13:29 - 2014-07-15 12:06 - 00000000 ____D () C:\Security & Tools
2014-09-09 12:57 - 2014-07-15 14:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-08 15:39 - 2014-09-08 15:39 - 00002442 _____ () C:\Users\Arne\Desktop\attach.zip
2014-09-08 15:38 - 2014-09-08 15:38 - 00028130 _____ () C:\Users\Arne\Desktop\dds.txt
2014-09-08 15:38 - 2014-09-08 15:38 - 00006947 _____ () C:\Users\Arne\Desktop\attach.txt
2014-09-08 15:35 - 2014-09-08 15:35 - 00688992 ____R (Swearware) C:\Users\Arne\Desktop\dds.com
2014-09-08 15:33 - 2014-07-15 15:34 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-04 12:36 - 2014-08-24 16:53 - 00000000 ____D () C:\Users\Arne\Downloads\Anthropaws
2014-09-04 12:34 - 2014-08-24 13:10 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\FileZilla
2014-09-03 18:11 - 2014-09-03 18:11 - 00000020 ___SH () C:\Users\DefaultAppPool\ntuser.ini
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Sjablonen
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Netwerkprinteromgeving
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Mijn documenten
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Menu Start
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn video's
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn muziek
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn afbeeldingen
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Local\Geschiedenis
2014-09-03 18:11 - 2014-09-03 18:11 - 00000000 ____D () C:\Users\DefaultAppPool
2014-09-02 15:49 - 2014-09-02 15:48 - 106224784 _____ (Flexera Software) C:\Users\Arne\Downloads\Install_ESO.exe
2014-09-02 15:38 - 2014-09-02 15:38 - 00032403 _____ () C:\ComboFix.txt
2014-09-02 15:38 - 2014-09-02 15:28 - 00000000 ____D () C:\Qoobox
2014-09-02 15:37 - 2014-09-02 15:27 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 15:36 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-02 15:34 - 2014-07-15 14:16 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-02 15:28 - 2014-07-17 06:12 - 00000000 ____D () C:\Windows\pss
2014-09-02 15:23 - 2014-09-02 15:23 - 00000000 ___HD () C:\Users\Arne\InstallAnywhere
2014-09-02 15:23 - 2014-07-15 09:12 - 00000000 ____D () C:\Users\Arne
2014-09-02 11:23 - 2014-07-20 04:48 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\NVIDIA
2014-09-02 10:55 - 2014-07-15 14:22 - 00000000 ____D () C:\ProgramData\Skype
2014-08-29 14:26 - 2014-08-29 14:26 - 00000000 ____D () C:\Users\Arne\Documents\Anti-Malware
2014-08-29 14:26 - 2014-08-29 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-08-28 15:33 - 2009-07-13 21:45 - 00408720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-26 23:04 - 2014-07-15 15:28 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-08-25 19:12 - 2014-08-25 19:12 - 00000000 ____D () C:\Users\Arne\Downloads\Rekeningafschriften
2014-08-25 14:41 - 2014-08-25 14:41 - 00670834 _____ () C:\Users\Arne\Downloads\versus_documentation.zip
2014-08-25 14:38 - 2014-08-24 17:11 - 00000000 ____D () C:\Users\Arne\.gimp-2.8
2014-08-25 14:35 - 2014-08-25 14:35 - 00007697 _____ () C:\Users\Arne\AppData\Local\recently-used.xbel
2014-08-25 14:35 - 2014-08-24 17:13 - 00000000 ____D () C:\Users\Arne\AppData\Local\gtk-2.0
2014-08-24 19:22 - 2014-08-24 19:22 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-24 19:17 - 2014-08-24 19:14 - 00000000 ____D () C:\AdwCleaner
2014-08-24 18:39 - 2014-07-15 09:12 - 00000000 ____D () C:\Users\Arne\AppData\Local\VirtualStore
2014-08-24 17:13 - 2014-08-24 17:13 - 00000000 ____D () C:\Users\Arne\.thumbnails
2014-08-24 17:11 - 2014-08-24 17:11 - 00000854 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-08-24 17:11 - 2014-08-24 17:11 - 00000000 ____D () C:\Users\Arne\AppData\Local\gegl-0.2
2014-08-24 17:11 - 2014-08-24 17:10 - 00000000 ____D () C:\Program Files\GIMP 2
2014-08-24 16:54 - 2014-08-24 16:54 - 00000000 ____D () C:\Users\Arne\Downloads\Windows and Office
2014-08-24 13:10 - 2014-08-24 13:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-22 19:07 - 2014-08-27 10:19 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 18:45 - 2014-08-27 10:19 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 17:59 - 2014-08-27 10:19 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 20:45 - 2014-07-29 15:50 - 00000000 ____D () C:\Users\Arne\Documents\My Kindle Content
2014-08-19 03:15 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-08-19 03:15 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-08-18 21:04 - 2014-08-03 14:34 - 00000000 ____D () C:\Users\Arne\Downloads\Nieuwe map (2)
2014-08-18 16:54 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-08-17 17:55 - 2014-08-17 17:55 - 00000000 ____D () C:\Users\Arne\AppData\Local\Adobe
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Program Files\MSBuild
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-08-17 12:33 - 2014-08-17 12:33 - 00000000 ____D () C:\inetpub
2014-08-17 12:33 - 2014-07-15 09:41 - 01785858 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-17 12:13 - 2014-08-17 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-17 12:13 - 2014-07-15 14:18 - 00000000 ____D () C:\Games
2014-08-17 01:47 - 2014-07-15 15:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-17 01:46 - 2014-08-17 01:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-17 01:46 - 2014-08-17 01:46 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-17 01:46 - 2014-08-17 01:46 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-17 01:46 - 2014-08-17 01:46 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-17 01:46 - 2014-08-17 01:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-17 01:46 - 2014-08-17 01:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-17 01:11 - 2014-08-17 01:11 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\Oracle
2014-08-16 19:02 - 2014-08-16 19:02 - 00000000 ____D () C:\Users\Arne\Documents\DeadIsland
2014-08-16 17:12 - 2014-08-16 17:12 - 00000000 ____D () C:\Users\Arne\AppData\Local\Creative
2014-08-16 14:59 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-16 14:45 - 2014-07-16 04:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-16 14:41 - 2014-07-15 14:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-16 14:40 - 2014-07-15 14:10 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-16 14:38 - 2014-07-15 14:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 17:33 - 2014-07-15 09:14 - 00000000 ____D () C:\Users\Arne\Documents\US
2014-08-15 17:12 - 2014-07-16 04:51 - 00000000 ____D () C:\Users\Arne\AppData\Local\Microsoft Help
2014-08-15 16:53 - 2014-08-15 16:48 - 00000000 ____D () C:\Users\Arne\AppData\Local\HP
2014-08-15 16:48 - 2014-08-15 16:48 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-08-15 16:48 - 2014-08-15 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-15 16:48 - 2014-08-15 16:48 - 00000000 ____D () C:\ProgramData\HP
2014-08-15 16:48 - 2014-08-15 16:48 - 00000000 ____D () C:\Program Files\HP
2014-08-15 16:48 - 2014-08-15 16:48 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-15 16:38 - 2014-07-16 10:21 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\Azureus
2014-08-14 12:54 - 2014-07-15 16:15 - 00000000 ____D () C:\Users\Arne\AppData\Local\Windows Live
2014-08-14 12:53 - 2014-07-15 14:35 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-11 11:03 - 2014-08-08 16:00 - 00000000 ____D () C:\Windows\Minidump

Some content of TEMP:
====================
C:\Users\Arne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvgevo5.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-08 16:56

==================== End Of Log ============================

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by Arne at 2014-09-10 09:27:17
Running from C:\Users\Arne\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Antivirus en antispyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: McAfee Antivirus en antispyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
BisonCam (HKLM-x32\...\{5BBC4803-C96E-4D3E-9D1D-2E43774C4062}) (Version:  - BisonCam)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
Evernote v. 5.4.1 (HKLM-x32\...\{A5F7DF42-F67D-11E3-B7EB-00163E98E7D6}) (Version: 5.4.1.3962 - Evernote Corp.)
FileZilla Client 3.9.0.3 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
Gebruikersregistratie voor Canon MG4200 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG4200 series) (Version:  - Canon Inc.‎)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Hotkey 7.0028 (HKLM-x32\...\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 7.0028 - NoteBook)
Hotkey 7.0028 (x32 Version: 7.0028 - NoteBook) Hidden
HP Photosmart 7520 series Basissoftware van het apparaat (HKLM\...\{B35D0E89-B997-4757-98E6-F8ADA3F21B40}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3257 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.9.0.1001 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
K-Lite Codec Pack 10.7.1 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.7.1 - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 nl)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.51.0 - Black Tree Gaming)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
NVIDIA-configuratiescherm 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version:  - CPUID)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.27036 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.01 - Creative Technology Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.46 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version:  - Gas Powered Games)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.0 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{2CDD05C4-26E6-4125-8499-EB6D800614EE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{F071F40F-CBA0-452D-A1CB-3F327CC8DF66}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VIA Platform apparaatbeheer (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
WebCam Installer (HKLM-x32\...\InstallShield_{2A14D7BC-1876-4B38-830B-18856C27F550}) (Version: 4.041 - WebCam)
WebCam Installer (x32 Version: 4.041 - WebCam) Hidden
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4093474000-1702376-364041107-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4093474000-1702376-364041107-1000_Classes\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}\InprocServer32 -> C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\EvernoteIEx64.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
CustomCLSID: HKU\S-1-5-21-4093474000-1702376-364041107-1000_Classes\CLSID\{BD6BEEE8-64CE-4814-B319-990645883E89}\InprocServer32 -> C:\Users\Arne\AppData\Local\Apps\Evernote\Evernote\EvernoteOLx64.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
CustomCLSID: HKU\S-1-5-21-4093474000-1702376-364041107-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4093474000-1702376-364041107-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4093474000-1702376-364041107-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4093474000-1702376-364041107-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4093474000-1702376-364041107-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4093474000-1702376-364041107-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4093474000-1702376-364041107-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4093474000-1702376-364041107-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

02-09-2014 22:31:34 ComboFix created restore point
09-09-2014 21:07:39 DirectX is geïnstalleerd.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2014-09-02 15:36 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {582DA1BD-FB47-4EE4-81CA-0F05413B350C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Security &amp; Tools\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {BD74545E-4817-465A-9F74-115F11758707} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-09-04] ()
Task: {C9898C32-D7D7-482D-8C73-771489D29EE0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Security &amp; Tools\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {F2EF9808-D36A-484A-83FB-807499843DA3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Security &amp; Tools\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {F661811A-156C-447E-8729-08E5B8C4C611} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-05-29 08:50 - 2013-05-29 08:50 - 00046592 _____ () C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
2014-05-01 12:29 - 2014-05-01 12:29 - 00098304 _____ () C:\Security & Tools\FileZilla FTP Client\fzshellext_64.dll
2014-07-15 09:55 - 2014-07-15 09:54 - 00078456 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-07-15 09:55 - 2014-07-15 09:54 - 00386168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-07-15 10:12 - 2012-11-01 02:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2013-08-01 00:21 - 2013-08-01 00:21 - 04912120 _____ () C:\Program Files (x86)\Hotkey\Hotkey.exe
2014-07-15 10:09 - 2014-07-02 11:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-29 15:28 - 2014-09-08 12:56 - 00751680 _____ () C:\Security & Tools\Emsisoft Anti-Malware\fw32.dll
2014-09-09 13:29 - 2014-05-13 12:04 - 00109400 _____ () C:\Security & Tools\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-09 13:29 - 2014-05-13 12:04 - 00416600 _____ () C:\Security & Tools\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-09 13:29 - 2014-05-13 12:04 - 00167768 _____ () C:\Security & Tools\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-09 13:29 - 2012-08-23 10:38 - 00574840 _____ () C:\Security & Tools\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-09 13:29 - 2012-04-03 17:06 - 00565640 _____ () C:\Security & Tools\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-04 17:36 - 2014-07-02 13:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-04 15:14 - 2013-09-04 15:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2009-06-06 05:50 - 2009-06-06 05:50 - 00019968 _____ () C:\Program Files (x86)\Hotkey\Audiodll.dll
2014-09-10 09:20 - 2014-09-10 09:20 - 00043008 _____ () c:\users\arne\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvgevo5.dll
2013-08-23 12:01 - 2013-08-23 12:01 - 25100288 _____ () C:\Users\Arne\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-15 10:12 - 2012-10-31 06:00 - 00991232 ____N () C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\nl-NL\SBCinema.resources.dll
2014-07-15 09:45 - 2014-07-24 04:33 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-15 09:32 - 2013-02-15 23:17 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-09-09 14:06 - 2014-09-09 14:06 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Arne^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: HP Photosmart 7520 series (NET) => "C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH3AJ720NG05YZ:NW" -scfn "HP Photosmart 7520 series (NET)" -AutoStart 1

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/10/2014 09:20:17 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (09/10/2014 09:20:17 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (09/10/2014 09:20:17 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: De index kan niet worden geïnitialiseerd.


Details:
    De catalogus met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: De toepassing kan niet worden geïnitialiseerd.

Context: toepassing Windows


Details:
    De catalogus met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Het object van de gegevensverzamelaar kan niet worden geïnitialiseerd.

Context: toepassing Windows, catalogus SystemIndex


Details:
    De catalogus met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: De invoegtoepassing in <Search.TripoliIndexer> kan niet worden geïnitialiseerd.

Context: toepassing Windows, catalogus SystemIndex


Details:
    Kan element niet vinden.  (HRESULT : 0x80070490) (0x80070490)

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: De invoegtoepassing in <Search.JetPropStore> kan niet worden geïnitialiseerd.

Context: toepassing Windows, catalogus SystemIndex


Details:
    De catalogus met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: De Windows Search-service kan de gegevens van het eigenschappenarchief niet laden.

Context: toepassing Windows, catalogus SystemIndex


Details:
    De database met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (09/09/2014 07:43:04 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: De Windows Search-service wordt gestopt vanwege een probleem met de indexeerfunctie, The catalog is corrupt.


Details:
    De catalogus met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (09/09/2014 07:43:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (09/09/2014 07:43:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: De Windows Search-service is gestopt met de specifieke servicefout %%-1073473535.

Error: (09/08/2014 03:33:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De McAfee Platform Services-service kan vanwege de volgende fout niet worden gestart:
%%1053

Error: (09/08/2014 03:33:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: McAfee Platform Services.

Error: (09/08/2014 03:33:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De McAfee Platform Services-service kan vanwege de volgende fout niet worden gestart:
%%1053

Error: (09/08/2014 03:33:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: McAfee Platform Services.

Error: (09/08/2014 03:33:02 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053mcpltsvc{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (09/08/2014 00:54:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 18:44:57 op ‎5/‎09/‎2014 is onverwacht gebeurd.

Error: (09/05/2014 10:17:24 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: Wlansvc.

Error: (09/04/2014 10:55:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: Wlansvc.


Microsoft Office Sessions:
=========================
Error: (09/10/2014 09:20:17 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (09/10/2014 09:20:17 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (09/10/2014 09:20:17 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
    De catalogus met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: toepassing Windows


Details:
    De catalogus met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: toepassing Windows, catalogus SystemIndex


Details:
    De catalogus met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: toepassing Windows, catalogus SystemIndex


Details:
    Kan element niet vinden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: toepassing Windows, catalogus SystemIndex


Details:
    De catalogus met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (09/09/2014 07:43:05 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: toepassing Windows, catalogus SystemIndex


Details:
    De database met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (09/09/2014 07:43:04 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
    De catalogus met de inhoudsindex is beschadigd.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt


CodeIntegrity Errors:
===================================
  Date: 2014-09-02 15:36:07.776
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

  Date: 2014-09-02 15:36:07.698
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


==================== Memory info ===========================

Processor: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 33%
Total physical RAM: 12208.01 MB
Available physical RAM: 8170.91 MB
Total Pagefile: 24414.2 MB
Available Pagefile: 20258.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:20.89 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:256.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 522378D8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 61DF0DF9)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

 

 



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:51 PM

Posted 10 September 2014 - 01:11 PM

Welcome and thanks. I am usually very prompt in my replies but might be a little less so the next few days. By that I mean it may be a few hours but hopefully not.

As soon as I am able to review the information you provided I will reply back. Just wanted to let you know I am here.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Daluicis

Daluicis
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 10 September 2014 - 01:55 PM

No worries. I completely understand and am very patient. :)



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:51 PM

Posted 10 September 2014 - 02:58 PM

Greetings,

Thanks for your understanding and patience.

If you have not already done so, please boot into Safe Mode and tell me if you have the same issues.

This is how I would like us to begin. Please consider and do this.

===================================================

Spybot S&D No Longer Recommended

--------------------

MVPS.org is no longer recommending Spybot S&D due to poor testing results. (scroll down on the web site and read under Freeware Antispyware Products)

I recommend uninstalling Spybot Search & Destroy at least while we are addressing your issues. The presence of this program can make cleaning your computer more difficult.

If you choose to uninstall please go to Start, Control Panel, Add/Remove Programs (or Programs and Features) and uninstall the program.

===================================================

Multiple Antivirus Programs

-------------------

I do not recommend that you have more than one anti virus product installed on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please remove all but one of the Antivirus programs currently on your computer, even if only one is running. You can do this via Add/Remove Programs, or Programs and Features in the Control Panel.
 

McAfee Antivirus
Emsisoft Anti-Malware


===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Delete one Antivirus program
  • Safe Mode results
  • Fixlog
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Daluicis

Daluicis
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 10 September 2014 - 04:37 PM

1)

I've uninstalled Spybot S&D. I actually only installed it as a fourth opinion, nothing more.
I've not uninstalled an antivirus program. I have however deactivated the realtime scanner of McAfee.
I haven't deleted one because I have more faith in Emsisoft than McAfee on this regard and I've a license with Emsisoft. However Emsisoft doesn't contain a firewall (well not the edition I bought); McAfee does. I trust that just deactivated the realtime scanner of McAfee suffice?

 

2)

I went into safe modus. I believe you wanted me to go into safe minimal mode, not the one with network access.
So I haven't been able to test the downloading itself.

However I tried executing a previous downloaded file, Install_ESO.exe (which is an installer for the game Elder Scrolls Online). I compared it with the same file on my friends computer.

 

My computer:

- UAC color orange

- Program name: Install_ESO.exe

- Publisher: unknown

- File origin: Downloaded from the internet

 

When I execute it the exe, it runs, but never goes to the launcher. Due corruption (no error) it asks me to install it again. There is plenty room on my HD; so the problem isn't that.

 

My friends computer:

- UAC color blue

- Program name: InstallAnywhere Self-Extractor

- Verified Publisher: Zenimax Media Inc.

- File origin: Downloaded from the internet

 

When I execute the exe, it runs and goes to the launcher (which downloads the rest of the game without problem).

Putting the exe-file from my friends computer on an USB and run it on my computer:

- UAC color blue

- Program name: InstallAnywhere Self-Extractor

- Verified Publisher: Zenimax Media Inc.

- File origin: Removable media on this computer.

 

When I execute the exe, it runs and goes to the launcher (which downloads the rest of the game without problem).



I hope this clarify the problem a bit. So when I download files of the internet on my computer the UAC shows the publisher is unknown (which is not the case of most files). And most of the times the exe doesn't run properly because the file somehow got corrupt.

 

This download problem however isn't only related to my browser (Mozilla Firefox).
Yesterday I used steam and origin to try download other games:

Steam: tried downloading civilization V. After 27mb the download stopped and said "update required". It's only after a long while and patient and clicking the update button it finally downloaded the game. (sometimes this happens when the steam servers are busy, but very rarely and that's the case of new releases, which civilization V isn't. It doesn't matter what game I try to download on steam, it always happens which is abnormal.)
Origin: tried downloading the game red alert. It downloads 'til 99% and then reverts into a continues loop towards 41%.

 

 

So I have a problem with downloading files on my computer with Mozilla Firefox, Steam, Origin.
Next to that the UAC always shows publisher: unknown, even when that's not the case, f.e. in the example I gave above.

I do not know what the cause is. My first thought is malware, but I'm not entirely sure of this since otherwise my computer runs perfectly fine and smooth. So there are no other problems.
I do have to tell you a roommate told yesterday he got mail from comcast; the internet provider of the house I'm currently residing, that comcast detected a bot on the netwerk here. I didn't read the mail myself however; so I can't tell if it's legit or not.
However the download problems are only on my laptop. My friends laptop downloads perfectly fine (as seen in the example above).
I doubt highly there is a bot on my computer though due the lack of other symptoms and I'm no total stranger to malware (and fighting it). I use my laptop dialy so I'd also notice if something majorly strange is happening.

 

 

 

I'm sorry for the long wall of text. But since the problems are vague, I tried my best explaining it.
Hope you can help me figur out what's possibly going on here.

 

 

Here is the fixlog.txt

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by Arne at 2014-09-10 14:04:01 Run:1
Running from C:\Users\Arne\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
*****************

catchme => Service deleted successfully.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
VGPU => Service deleted successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.

==== End of Fixlog ====



#10 Daluicis

Daluicis
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 10 September 2014 - 05:35 PM

Small update as something just happened.
When I started skype I got a warning from McAfee that it was trying to connect to a dangereous IP.
Here is the information from McAfee about the IP it tried to connect to:

http://www.mcafee.com/threat-intelligence/ip/default.aspx?ip=8.21.24.45&lang=nl&lcid=1043&langid=30&culture=nl-NL&rcode=WSS1282&version=12.8&wuiv=11.0&affid=1045-96&hres=1920&vres=1080&LaunchPoint=3&pkgs=276_1045_nl_0_CCD174FB-F0E6-4289-836E-D8816769726A_20141202_0_0&email=4bc752b70162a091a1201724503398c80e011a093e5a5b50243d4a0a0d0f4229790d16&hardware_id=706d81141356de5908189bdef25878bf0e15425956565111673a477d51020278615810405e05035613303b137f075f02&windows_id=a02afc6ee6bc1015f78d5bcc45b4c4953008305959737714621d097d50257261635b324641590404177e1e100f515e027a152b4740291c&pk=d960c1e8ea36fd453bf31a9efb482bbe2c30305d560672677e1e140f574b007e6f565e4c5f577719616b60157c56500d7b655932&pkgid=276&os_country=BE&os_culture=nl



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:51 PM

Posted 10 September 2014 - 09:03 PM

Greetings,

Thank you for the detailed explanation.
 

I trust that just deactivated the realtime scanner of McAfee suffice?

No, it will not.

Please do this.

===================================================

MBR Dump, Fix, and Scan Using Farbar's Recvovery Scan Tool in the Recovery Environment

--------------------

For this step you will need a USB flash drive.
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it on the flashdrive as fixlist.txt
SaveMbr: Drive=0
  • Please download Farbar Recovery Scan Tool and save it to a flash drive. You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Plug the flashdrive into the infected PC and follow the 2 step process below to enter the System Recovery Options using one of the three options listed, then running Farbar's Recover Scan Tool
----------

Entering into the System Recovery Options

Option #1

To enter System Recovery Options in Windows 8:Option #2

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
Option #3

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next
----------

Running Farbar's Recovery Scan Tool in System Recovery
  • Once you are in the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in Notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select Computer and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    • Note: Replace letter e with the drive letter of your flash drive.
  • When the tool opens click Yes to disclaimer.
  • Press Fix button.
  • It will create an mbrdump.txt file on your USB device. Attach that file to your reply
  • A fixlog.txt document will also be created on your USB drive. Copy and paste the contents of that file in your reply
  • Under Whitelist uncheck the following items

Services
Drivers
Processes
KnownDlls

  • Click the Scan button
  • A FRST document will be saved to your USB device
  • Copy and paste (or attach if necessaery) the contents of that document your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST log
  • Attached mbrdmp.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 Daluicis

Daluicis
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 11 September 2014 - 12:35 AM

Hello again,

 

I've gone succesfully through all steps listed.
Before that I uninstalled McAfee and installed Online Armor (the firewall from Emsisoft).

Here are the logs required:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by SYSTEM on MININT-A723EQV on 10-09-2014 22:12:21
Running from g:\
Platform: Windows 7 Ultimate (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (All) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [165872 2013-09-06] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [407536 2013-09-06] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [444400 2013-09-06] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3008824 2012-12-01] (Synaptics Incorporated)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5672624 2014-07-15] (VIA)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [@OnlineArmor GUI] => C:\Security & Tools\Online Armor\oaui.exe [7558464 2013-10-11] (Emsisoft GmbH)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-07-15] (Intel Corporation)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\security & tools\emsisoft anti-malware\a2guard.exe [4867544 2014-09-08] (Emsisoft GmbH)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [2871808 2011-02-25] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-02-25] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\Arne\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21652064 2014-07-25] (Skype Technologies S.A.)
HKU\Arne\...\Run: [CCleaner] => C:\Security & Tools\CCleaner\CCleaner64.exe [6462744 2014-08-21] (Piriform Ltd)
HKU\Arne\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\Arne\...\Policies\Explorer: [NoDrives] 0
HKU\Default\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\Default\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\Default User\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\DefaultAppPool\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\DefaultAppPool\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
Startup: C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  No File
BootExecute: autocheck autochk * sdnclean64.exe
AlternateShell: cmd.exe

==================== Services (All) ========================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 a2AntiMalware; C:\Security & Tools\Emsisoft Anti-Malware\a2service.exe [4783632 2014-09-08] (Emsisoft GmbH)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432 2014-05-08] (Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-09-09] (Adobe Systems Incorporated)
S3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation)
S2 AppHostSvc; C:\Windows\system32\inetsrv\apphostsvc.dll [65536 2010-11-20] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation)
S3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation)
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [193536 2009-07-14] (Microsoft Corporation)
S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [149504 2009-07-14] (Microsoft Corporation)
S4 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51808 2013-09-11] (Microsoft Corporation)
S2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2010-11-20] (Microsoft Corporation)
S2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2010-11-20] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation)
S2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation)
S3 BITS; C:\Windows\system32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation)
S3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-07-16] (BitRaider, LLC)
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [67224 2014-03-20] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144 2013-09-11] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2013-09-11] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [279024 2013-09-06] (Intel Corporation)
S2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-09] (Microsoft Corporation)
S2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [140288 2013-07-09] (Microsoft Corporation)
S2 CscService; C:\Windows\System32\cscsvc.dll [692224 2010-11-20] (Microsoft Corporation)
S3 DAUpdaterSvc; D:\Games\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-07-19] (BioWare)
S2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation)
S2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation)
S2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation)
S2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation)
S2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation)
S3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation)
S3 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation)
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation)
S2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation)
S2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation)
S2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation)
S3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation)
S3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation)
S2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-01-13] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation)
S3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation)
S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2468496 2012-11-16] (Realsil Microelectronics Inc.)
S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [859280 2014-06-30] (Microsoft Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-07-25] (Microsoft Corporation)
S2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-12] (Microsoft Corporation)
S2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation)
S2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation)
S2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation)
S2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation)
S2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation)
S2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [364856 2013-02-22] (Intel Corporation)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation)
S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-18] (Microsoft Corporation)
S2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-07-24] (Mozilla Foundation)
S2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-20] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S2 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation)
S3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation)
S2 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S3 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [117400 2014-03-09] (Microsoft Corporation)
S2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation)
S2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S2 nvsvc; C:\Windows\system32\nvvsvc.exe [935368 2014-07-02] (NVIDIA Corporation)
S2 OAcat; C:\Security & Tools\Online Armor\OAcat.exe [584864 2013-10-11] (Emsisoft GmbH)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation)
S2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation)
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1361920 2009-07-14] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation)
S2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation)
S2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation)
S2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [46592 2013-05-29] ()
S2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation)
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation)
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation)
S2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation)
S2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
S2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation)
S2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation)
S2 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation)
S2 SENS; C:\Windows\system32\sens.dll [64512 2009-07-14] (Microsoft Corporation)
S2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation)
S2 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation)
S2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation)
S2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [315008 2014-04-03] (Skype Technologies)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation)
S2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation)
S3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-08-28] (Valve Corporation)
S2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation)
S2 SvcOnlineArmor; C:\Security & Tools\Online Armor\oasrv.exe [4457688 2013-10-11] (Emsisoft GmbH)
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation)
S3 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation)
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [680960 2010-11-20] (Microsoft Corporation)
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
S2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [214528 2010-11-20] (Microsoft Corporation)
S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation)
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation)
S2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-07-15] (VIA Technologies, Inc.)
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation)
S2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WAS; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2014-07-15] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation)
S3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
S3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-20] (Microsoft Corporation)
S2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-20] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation)
S2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation)
S2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corp.)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation)
S2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation)
S2 wscsvc; C:\Windows\system32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation)
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation)
S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation)
S2 wuauserv; C:\Windows\system32\wuaueng.dll [2477536 2014-05-14] (Microsoft Corporation)
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-28] (Microsoft Corporation)

==================== Drivers (All) ==========================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation)
S3 a2acc; C:\SECURITY & TOOLS\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-08-29] (Emsisoft GmbH)
S1 A2DDA; C:\Security & Tools\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-29] (Emsisoft GmbH)
S1 a2injectiondriver; C:\Security & Tools\Emsisoft Anti-Malware\a2dix64.sys [45208 2014-08-29] (Emsisoft GmbH)
S1 a2util; C:\Security & Tools\Emsisoft Anti-Malware\a2util64.sys [23088 2014-08-29] (Emsisoft GmbH)
S0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation)
S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [491088 2009-07-14] (Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [339536 2009-07-14] (Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [182864 2009-07-14] (Adaptec, Inc.)
S1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-30] (Microsoft Corporation)
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-14] (Microsoft Corporation)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Acer Laboratories Inc.)
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-14] (Microsoft Corporation)
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] (Microsoft Corporation)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-03-11] (Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [194128 2009-07-14] (AMD Technologies Inc.)
S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-20] (Microsoft Corporation)
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [87632 2009-07-14] (Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [97856 2009-07-14] (Adaptec, Inc.)
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation)
S0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
S5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] (Microsoft Corporation)
S1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation)
S1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation)
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-07-16] (BitRaider)
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-14] (Microsoft Corporation)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
S3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [41984 2009-07-14] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation)
S3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-14] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2012-07-06] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2011-04-28] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation)
S1 cdrom; C:\Windows\system32\drivers\cdrom.sys [147456 2010-11-20] (Microsoft Corporation)
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] (Microsoft Corporation)
S3 cleanhlp; C:\Security & Tools\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2014-08-29] (Emsisoft GmbH)
S0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation)
S3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (CMD Technology, Inc.)
S0 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2013-07-04] (Microsoft Corporation)
S0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
S3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation)
S3 cpuz136; C:\Security & Tools\PC Wizard 2013\pcwiz_x64.sys [26856 2014-02-18] (CPUID)
S3 cpuz137; C:\Security & Tools\PC Wizard 2013\pcwiz_x64.sys [26856 2014-02-18] (CPUID)
S4 crcdisk; C:\Windows\system32\DRIVERS\crcdisk.sys [24144 2009-07-14] (Microsoft Corporation)
S1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-20] (Microsoft Corporation)
S1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation)
S1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation)
S0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-14] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation)
S3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [985536 2014-06-16] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [530496 2009-07-14] (Emulex)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation)
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation)
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] (Microsoft Corporation)
S0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation)
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation)
S0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] (Microsoft Corporation)
S0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
S0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 gagp30kx; C:\Windows\system32\DRIVERS\gagp30kx.sys [65088 2009-07-14] (Microsoft Corporation)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
S3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation)
S3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation)
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] (Microsoft Corporation)
S3 HidUsb; C:\Windows\system32\drivers\hidusb.sys [30208 2010-11-20] (Microsoft Corporation)
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-20] (Hewlett-Packard Company)
S3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] (Microsoft Corporation)
S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] (Microsoft Corporation)
S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation)
S0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [632168 2013-11-21] (Intel Corporation)
S0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-11] (Intel Corporation)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [4448192 2013-07-29] (Intel Corporation)
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [44112 2009-07-14] (Intel Corp./ICP vortex GmbH)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [452088 2013-07-29] (Intel® Corporation)
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] (Microsoft Corporation)
S3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation)
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [274880 2014-02-04] (Microsoft Corporation)
S0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [20464 2014-07-15] (Intel Corporation)
S3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [368624 2014-07-15] (Intel Corporation)
S3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [790000 2014-07-15] (Intel Corporation)
S3 kbdclass; C:\Windows\system32\drivers\kbdclass.sys [50768 2009-07-14] (Microsoft Corporation)
S3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation)
S0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2014-04-12] (Microsoft Corporation)
S0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155072 2014-04-12] (Microsoft Corporation)
S3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation)
S2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation)
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [114752 2009-07-14] (LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [106560 2009-07-14] (LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [65600 2009-07-14] (LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [115776 2009-07-14] (LSI Corporation)
S2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation)
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [35392 2009-07-14] (LSI Corporation)
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [284736 2009-07-14] (LSI Corporation, Inc.)
S3 MEIx64; C:\Windows\System32\DRIVERS\HECIx64.sys [64624 2013-02-16] (Intel Corporation)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation)
S3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation)
S3 mouclass; C:\Windows\system32\drivers\mouclass.sys [49216 2009-07-14] (Microsoft Corporation)
S3 mouhid; C:\Windows\system32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation)
S0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-20] (Microsoft Corporation)
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-20] (Microsoft Corporation)
S3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation)
S3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] (Microsoft Corporation)
S3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] (Microsoft Corporation)
S3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] (Microsoft Corporation)
S0 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-20] (Microsoft Corporation)
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-20] (Microsoft Corporation)
S1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation)
S0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation)
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] (Microsoft Corporation)
S1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-14] (Microsoft Corporation)
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation)
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation)
S0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation)
S0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation)
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation)
S3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation)
S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation)
S1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation)
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation)
S3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw00.sys [11530992 2013-07-25] (Intel Corporation)
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-14] (IBM Corporation)
S1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation)
S1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation)
S3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1684928 2014-01-24] (Microsoft Corporation)
S1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation)
S3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [12866008 2014-07-02] (NVIDIA Corporation)
S0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [32544 2014-07-02] (NVIDIA Corporation)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-11] (NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-11] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] (Microsoft Corporation)
S1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [64720 2013-10-11] ()
S1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [62008 2013-10-11] ()
S1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [52360 2013-10-11] (Emsisoft)
S3 OAnet; C:\Windows\System32\DRIVERS\oanet.sys [35368 2013-10-11] (Emsisoft)
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation)
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] (Microsoft Corporation)
S0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
S0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] (Microsoft Corporation)
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [220752 2009-07-14] (Microsoft Corporation)
S0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation)
S3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation)
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] (Microsoft Corporation)
S1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation)
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-14] (QLogic Corporation)
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-14] (QLogic Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation)
S3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation)
S3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation)
S3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation)
S3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation)
S1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation)
S3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation)
S1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-20] (Microsoft Corporation)
S1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation)
S1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] (Microsoft Corporation)
S0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-14] (Microsoft Corporation)
S3 RSBASTOR; C:\Windows\System32\DRIVERS\RtsBaStor.sys [308960 2012-12-25] (Realtek Semiconductor Corp.)
S2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation)
S3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [805088 2012-12-27] (Realtek                                            )
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-20] (Microsoft Corporation)
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-20] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation)
S2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation)
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] (Microsoft Corporation)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation)
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation)
S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-14] (Silicon Integrated Systems Corp.)
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-14] (Silicon Integrated Systems)
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31032 2012-12-01] (Synaptics Incorporated)
S0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
S3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] (Microsoft Corporation)
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] (Microsoft Corporation)
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] (Microsoft Corporation)
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-14] (Promise Technology)
S3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-14] (Microsoft Corporation)
S0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-20] (Microsoft Corporation)
S3 storvsc; C:\Windows\system32\drivers\storvsc.sys [34688 2010-11-20] (Microsoft Corporation)
S3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-14] (Microsoft Corporation)
S3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [464184 2012-12-01] (Synaptics Incorporated)
S0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation)
S1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] (Microsoft Corporation)
S1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-20] (Microsoft Corporation)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2013-10-02] (Microsoft Corporation)
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation)
S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-14] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation)
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] (Microsoft Corporation)
S3 umbus; C:\Windows\system32\drivers\umbus.sys [48640 2010-11-20] (Microsoft Corporation)
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation)
S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
S3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-27] (Microsoft Corporation)
S3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] (Microsoft Corporation)
S3 usbprint; C:\Windows\system32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] (Microsoft Corporation)
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-27] (Microsoft Corporation)
S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
S0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation)
S1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation)
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-20] (Microsoft Corporation)
S3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [2211016 2014-07-15] (VIA Technologies, Inc.)
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] (VIA Technologies, Inc.)
S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [199552 2010-11-20] (Microsoft Corporation)
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-20] (Microsoft Corporation)
S3 VMfilt; C:\Windows\System32\drivers\VMfilt64.sys [25600 2014-07-15] (Creative Technology Ltd.)
S0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] (Microsoft Corporation)
S0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] (Microsoft Corporation)
S0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] (Microsoft Corporation)
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-14] (VIA Technologies Inc.,Ltd)
S3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation)
S1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] (Microsoft Corporation)
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
S1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-14] (Microsoft Corporation)
S0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)
S1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-14] (Microsoft Corporation)
S3 Winsock; No ImagePath
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation)
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation)
S1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-11 05:01 - 2014-09-11 05:59 - 00000504 _____ () C:\Windows\setupact.log
2014-09-11 05:01 - 2014-09-11 05:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-11 04:58 - 2014-09-11 05:58 - 00040771 _____ () C:\Windows\WindowsUpdate.log
2014-09-11 04:58 - 2014-09-11 05:04 - 00000000 ____D () C:\ProgramData\OnlineArmor
2014-09-11 04:58 - 2014-09-11 04:58 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\OnlineArmor
2014-09-11 04:57 - 2013-10-11 11:41 - 00062008 _____ () C:\Windows\SysWOW64\Drivers\oahlp64.sys
2014-09-11 04:57 - 2013-10-11 11:40 - 00064720 _____ () C:\Windows\SysWOW64\Drivers\OADriver.sys
2014-09-11 04:57 - 2013-10-11 11:40 - 00052360 _____ (Emsisoft) C:\Windows\SysWOW64\Drivers\OAmon.sys
2014-09-11 04:57 - 2013-10-11 11:40 - 00035368 _____ (Emsisoft) C:\Windows\System32\Drivers\OAnet.sys
2014-09-10 21:48 - 2014-09-10 22:03 - 00000000 ____D () C:\Users\Arne\Desktop\old
2014-09-10 21:14 - 2014-09-10 21:14 - 00000082 _____ () C:\Windows\wininit.ini
2014-09-10 17:26 - 2014-09-10 22:12 - 00000000 ____D () C:\FRST
2014-09-10 17:23 - 2014-09-10 17:23 - 02105856 _____ (Farbar) C:\Users\Arne\Desktop\FRST64.exe
2014-09-09 22:55 - 2014-09-09 22:55 - 00000000 ____D () C:\Users\Arne\Documents\My Games
2014-09-09 22:55 - 2014-09-09 22:55 - 00000000 ____D () C:\Users\Arne\AppData\Local\My Games
2014-09-09 22:41 - 2014-09-09 22:41 - 00003680 _____ () C:\Windows\System32\Tasks\klcp_update
2014-09-09 22:40 - 2014-09-09 22:40 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-09-09 22:40 - 2014-06-14 15:03 - 00260696 _____ () C:\Windows\System32\unrar64.dll
2014-09-09 22:40 - 2014-06-14 15:03 - 00218200 _____ () C:\Windows\SysWOW64\unrar.dll
2014-09-09 21:35 - 2014-09-09 21:35 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-09 21:30 - 2014-09-09 21:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-09 21:29 - 2014-09-10 21:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-08 23:33 - 2014-09-11 05:58 - 00000000 ____D () C:\Users\Arne\Downloads\To organise
2014-09-04 02:11 - 2014-09-04 02:11 - 00000020 ___SH () C:\Users\DefaultAppPool\ntuser.ini
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Sjablonen
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Netwerkprinteromgeving
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Mijn documenten
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Menu Start
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn video's
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn muziek
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn afbeeldingen
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Local\Geschiedenis
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 ____D () C:\users\DefaultAppPool
2014-09-04 02:11 - 2014-07-16 17:00 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2014-09-02 23:48 - 2014-09-02 23:49 - 106224784 _____ (Flexera Software) C:\Users\Arne\Downloads\Install_ESO.exe
2014-09-02 23:38 - 2014-09-02 23:38 - 00032403 _____ () C:\ComboFix.txt
2014-09-02 23:31 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-02 23:31 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-02 23:31 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-02 23:31 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-02 23:31 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-02 23:31 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-02 23:31 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-02 23:31 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-02 23:28 - 2014-09-02 23:38 - 00000000 ____D () C:\Qoobox
2014-09-02 23:27 - 2014-09-02 23:37 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 23:23 - 2014-09-02 23:23 - 00000000 ___HD () C:\Users\Arne\InstallAnywhere
2014-08-29 22:26 - 2014-08-29 22:26 - 00000000 ____D () C:\Users\Arne\Documents\Anti-Malware
2014-08-27 18:19 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-08-27 18:19 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 18:19 - 2014-08-23 01:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-08-26 03:12 - 2014-08-26 03:12 - 00000000 ____D () C:\Users\Arne\Downloads\Rekeningafschriften
2014-08-25 22:41 - 2014-08-25 22:41 - 00670834 _____ () C:\Users\Arne\Downloads\versus_documentation.zip
2014-08-25 22:35 - 2014-08-25 22:35 - 00007697 _____ () C:\Users\Arne\AppData\Local\recently-used.xbel
2014-08-25 03:22 - 2014-08-25 03:22 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-25 03:14 - 2014-08-25 03:17 - 00000000 ____D () C:\AdwCleaner
2014-08-25 01:13 - 2014-08-25 22:35 - 00000000 ____D () C:\Users\Arne\AppData\Local\gtk-2.0
2014-08-25 01:13 - 2014-08-25 01:13 - 00000000 ____D () C:\Users\Arne\.thumbnails
2014-08-25 01:11 - 2014-08-25 22:38 - 00000000 ____D () C:\Users\Arne\.gimp-2.8
2014-08-25 01:11 - 2014-08-25 01:11 - 00000000 ____D () C:\Users\Arne\AppData\Local\gegl-0.2
2014-08-25 01:10 - 2014-08-25 01:11 - 00000000 ____D () C:\Program Files\GIMP 2
2014-08-25 00:54 - 2014-08-25 00:54 - 00000000 ____D () C:\Users\Arne\Downloads\Windows and Office
2014-08-25 00:53 - 2014-09-04 20:36 - 00000000 ____D () C:\Users\Arne\Downloads\Anthropaws
2014-08-24 21:10 - 2014-09-04 20:34 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\FileZilla
2014-08-18 19:09 - 2012-06-01 06:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\System32\wamregps.dll
2014-08-18 19:09 - 2012-06-01 06:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\System32\iisRtl.dll
2014-08-18 19:09 - 2012-06-01 06:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\iisrstap.dll
2014-08-18 19:09 - 2012-06-01 06:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\System32\ahadmin.dll
2014-08-18 19:09 - 2012-06-01 06:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\System32\admwprox.dll
2014-08-18 19:09 - 2012-06-01 06:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\System32\iisreset.exe
2014-08-18 19:09 - 2012-06-01 05:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2014-08-18 19:09 - 2012-06-01 05:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2014-08-18 19:09 - 2012-06-01 05:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2014-08-18 19:09 - 2012-06-01 05:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2014-08-18 19:09 - 2012-06-01 05:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2014-08-18 19:09 - 2012-06-01 05:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2014-08-18 08:15 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\System32\icardres.dll
2014-08-18 08:15 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-18 08:15 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-18 08:15 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe
2014-08-18 08:15 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\System32\icardagt.exe
2014-08-18 08:15 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\System32\infocardapi.dll
2014-08-18 08:15 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-18 08:15 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-18 01:55 - 2014-08-18 01:55 - 00000000 ____D () C:\Users\Arne\AppData\Local\Adobe
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Windows\System32\BestPractices
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Program Files\MSBuild
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\inetpub
2014-08-17 09:47 - 2014-08-17 09:46 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-17 09:46 - 2014-08-17 09:46 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-17 09:46 - 2014-08-17 09:46 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-17 09:46 - 2014-08-17 09:46 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-17 09:46 - 2014-08-17 09:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-17 09:11 - 2014-08-17 09:11 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\Oracle
2014-08-17 03:02 - 2014-08-17 03:02 - 00000000 ____D () C:\Users\Arne\Documents\DeadIsland
2014-08-17 03:02 - 2010-06-02 12:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-08-17 03:02 - 2010-06-02 12:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
2014-08-17 03:02 - 2010-06-02 12:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-08-17 03:02 - 2010-06-02 12:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll
2014-08-17 03:02 - 2010-06-02 12:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
2014-08-17 03:02 - 2010-06-02 12:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-08-17 03:02 - 2010-05-26 19:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
2014-08-17 03:02 - 2010-05-26 19:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
2014-08-17 03:02 - 2010-05-26 19:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
2014-08-17 03:02 - 2010-05-26 19:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-08-17 03:02 - 2010-05-26 19:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll
2014-08-17 03:02 - 2010-05-26 19:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-08-17 03:02 - 2010-05-26 19:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
2014-08-17 03:02 - 2010-05-26 19:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-08-17 03:02 - 2010-02-04 18:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
2014-08-17 03:02 - 2010-02-04 18:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-08-17 03:02 - 2010-02-04 18:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-08-17 03:02 - 2010-02-04 18:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
2014-08-17 03:02 - 2010-02-04 18:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
2014-08-17 03:02 - 2010-02-04 18:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-08-17 03:02 - 2010-02-04 18:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
2014-08-17 03:02 - 2010-02-04 18:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-08-17 03:02 - 2009-09-05 01:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
2014-08-17 03:02 - 2009-09-05 01:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-08-17 03:02 - 2009-09-05 01:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-08-17 03:02 - 2009-09-05 01:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2014-08-17 03:02 - 2009-09-05 01:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
2014-08-17 03:02 - 2009-09-05 01:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-08-17 03:02 - 2009-09-05 01:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2014-08-17 03:02 - 2009-09-05 01:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-08-17 03:02 - 2009-09-05 01:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2014-08-17 03:02 - 2009-09-05 01:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2014-08-17 03:02 - 2009-09-05 01:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-08-17 03:02 - 2009-09-05 01:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-08-17 03:02 - 2009-09-05 01:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll
2014-08-17 03:02 - 2009-09-05 01:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-08-17 03:02 - 2009-09-05 01:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2014-08-17 03:02 - 2009-09-05 01:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-08-17 03:02 - 2009-03-16 22:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
2014-08-17 03:02 - 2009-03-16 22:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-08-17 03:02 - 2009-03-16 22:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-08-17 03:02 - 2009-03-16 22:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
2014-08-17 03:02 - 2009-03-16 22:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
2014-08-17 03:02 - 2009-03-16 22:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-08-17 03:02 - 2009-03-09 23:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2014-08-17 03:02 - 2009-03-09 23:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-08-17 03:02 - 2009-03-09 23:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll
2014-08-17 03:02 - 2009-03-09 23:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll
2014-08-17 03:02 - 2008-10-27 18:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll
2014-08-17 03:02 - 2008-10-27 18:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-08-17 03:02 - 2008-10-27 18:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-08-17 03:02 - 2008-10-27 18:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll
2014-08-17 03:02 - 2008-10-27 18:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll
2014-08-17 03:02 - 2008-10-27 18:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-08-17 03:02 - 2008-10-27 18:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll
2014-08-17 03:02 - 2008-10-27 18:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-08-17 03:02 - 2008-10-15 14:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2014-08-17 03:02 - 2008-10-15 14:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-08-17 03:02 - 2008-10-15 14:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2014-08-17 03:02 - 2008-10-15 14:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-08-17 03:02 - 2008-10-15 14:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2014-08-17 03:02 - 2008-10-15 14:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-08-17 03:02 - 2008-07-31 18:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-08-17 03:02 - 2008-07-31 18:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
2014-08-17 03:02 - 2008-07-31 18:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
2014-08-17 03:02 - 2008-07-31 18:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-08-17 03:02 - 2008-07-31 18:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
2014-08-17 03:02 - 2008-07-31 18:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-08-17 03:02 - 2008-07-10 19:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-08-17 03:02 - 2008-07-10 19:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll
2014-08-17 03:02 - 2008-07-10 19:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-08-17 03:02 - 2008-07-10 19:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll
2014-08-17 03:02 - 2008-07-10 19:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-08-17 03:02 - 2008-07-10 19:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll
2014-08-17 03:02 - 2008-05-30 22:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll
2014-08-17 03:02 - 2008-05-30 22:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-08-17 03:02 - 2008-05-30 22:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-08-17 03:02 - 2008-05-30 22:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll
2014-08-17 03:02 - 2008-05-30 22:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll
2014-08-17 03:02 - 2008-05-30 22:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-08-17 03:02 - 2008-05-30 22:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-08-17 03:02 - 2008-05-30 22:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll
2014-08-17 03:02 - 2008-05-30 22:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll
2014-08-17 03:02 - 2008-05-30 22:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-08-17 03:02 - 2008-05-30 22:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll
2014-08-17 03:02 - 2008-05-30 22:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-08-17 03:02 - 2008-05-30 22:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll
2014-08-17 03:02 - 2008-05-30 22:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-08-17 03:02 - 2008-03-06 00:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll
2014-08-17 03:02 - 2008-03-06 00:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-08-17 03:02 - 2008-03-06 00:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-08-17 03:02 - 2008-03-06 00:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll
2014-08-17 03:02 - 2008-03-06 00:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll
2014-08-17 03:02 - 2008-03-06 00:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-08-17 03:02 - 2008-03-05 23:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll
2014-08-17 03:02 - 2008-03-05 23:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-08-17 03:02 - 2008-03-05 23:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll
2014-08-17 03:02 - 2008-03-05 23:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-08-17 03:02 - 2008-02-06 07:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll
2014-08-17 03:02 - 2008-02-06 07:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-08-17 03:02 - 2007-10-22 11:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll
2014-08-17 03:02 - 2007-10-22 11:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-08-17 03:02 - 2007-10-22 11:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll
2014-08-17 03:02 - 2007-10-22 11:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-08-17 03:02 - 2007-10-12 23:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll
2014-08-17 03:02 - 2007-10-12 23:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-08-17 03:02 - 2007-10-12 23:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll
2014-08-17 03:02 - 2007-10-12 23:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-08-17 03:02 - 2007-10-02 17:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll
2014-08-17 03:02 - 2007-10-02 17:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-08-17 03:02 - 2007-07-20 08:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll
2014-08-17 03:02 - 2007-07-20 08:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-08-17 03:02 - 2007-07-20 02:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll
2014-08-17 03:02 - 2007-07-20 02:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-08-17 03:02 - 2007-07-20 02:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll
2014-08-17 03:02 - 2007-07-20 02:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-08-17 03:02 - 2007-07-20 02:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll
2014-08-17 03:02 - 2007-07-20 02:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-08-17 03:02 - 2007-06-21 04:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll
2014-08-17 03:02 - 2007-06-21 04:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-08-17 03:02 - 2007-05-17 00:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll
2014-08-17 03:02 - 2007-05-17 00:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-08-17 03:02 - 2007-05-17 00:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll
2014-08-17 03:02 - 2007-05-17 00:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-08-17 03:02 - 2007-05-17 00:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll
2014-08-17 03:02 - 2007-05-17 00:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-08-17 03:02 - 2007-04-05 02:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll
2014-08-17 03:02 - 2007-04-05 02:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-08-17 03:02 - 2007-04-05 02:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll
2014-08-17 03:02 - 2007-03-16 00:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll
2014-08-17 03:02 - 2007-03-16 00:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-08-17 03:02 - 2007-03-13 00:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll
2014-08-17 03:02 - 2007-03-13 00:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-08-17 03:02 - 2007-03-13 00:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll
2014-08-17 03:02 - 2007-03-13 00:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-08-17 03:02 - 2007-03-05 20:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll
2014-08-17 03:02 - 2007-03-05 20:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-08-17 03:02 - 2007-01-24 23:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll
2014-08-17 03:02 - 2007-01-24 23:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-08-17 03:02 - 2006-12-08 20:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-08-17 03:02 - 2006-12-08 20:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll
2014-08-17 03:02 - 2006-11-29 21:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2014-08-17 03:02 - 2006-11-29 21:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-08-17 03:02 - 2006-11-29 21:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10.dll
2014-08-17 03:02 - 2006-11-29 21:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-08-17 03:02 - 2006-09-29 00:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll
2014-08-17 03:02 - 2006-09-29 00:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-08-17 03:02 - 2006-09-29 00:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-08-17 03:02 - 2006-09-29 00:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll
2014-08-17 03:02 - 2006-07-28 17:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll
2014-08-17 03:02 - 2006-07-28 17:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll
2014-08-17 03:02 - 2006-07-28 17:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-08-17 03:02 - 2006-07-28 17:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-08-17 03:02 - 2006-05-31 15:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-08-17 03:02 - 2006-05-31 15:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll
2014-08-17 03:02 - 2006-03-31 20:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll
2014-08-17 03:02 - 2006-03-31 20:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-08-17 03:02 - 2006-03-31 20:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll
2014-08-17 03:02 - 2006-03-31 20:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-08-17 03:02 - 2006-03-31 20:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll
2014-08-17 03:02 - 2006-03-31 20:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-08-17 03:02 - 2006-02-03 16:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll
2014-08-17 03:02 - 2006-02-03 16:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-08-17 03:02 - 2006-02-03 16:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll
2014-08-17 03:02 - 2006-02-03 16:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-08-17 03:02 - 2006-02-03 16:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll
2014-08-17 03:02 - 2006-02-03 16:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-08-17 03:02 - 2005-12-06 02:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll
2014-08-17 03:02 - 2005-12-06 02:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-08-17 03:02 - 2005-07-23 03:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2014-08-17 03:02 - 2005-07-23 03:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-08-17 03:02 - 2005-05-26 23:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll
2014-08-17 03:02 - 2005-05-26 23:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-08-17 03:02 - 2005-03-19 01:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll
2014-08-17 03:02 - 2005-03-19 01:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-08-17 03:02 - 2005-02-06 03:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll
2014-08-17 03:02 - 2005-02-06 03:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-08-17 01:12 - 2014-08-17 01:12 - 00000000 ____D () C:\Users\Arne\AppData\Local\Creative
2014-08-16 00:48 - 2014-08-16 00:53 - 00000000 ____D () C:\Users\Arne\AppData\Local\HP
2014-08-16 00:48 - 2014-08-16 00:48 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-08-16 00:48 - 2014-08-16 00:48 - 00000000 ____D () C:\ProgramData\HP
2014-08-16 00:48 - 2014-08-16 00:48 - 00000000 ____D () C:\Program Files\HP
2014-08-16 00:48 - 2014-08-16 00:48 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-16 00:48 - 2012-10-17 12:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\System32\HPDiscoPMBC11.dll
2014-08-15 23:18 - 2014-08-01 00:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-08-15 23:18 - 2014-08-01 00:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 23:18 - 2014-07-25 15:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-08-15 23:18 - 2014-07-25 15:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-08-15 23:18 - 2014-07-25 15:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-08-15 23:18 - 2014-07-25 14:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 23:18 - 2014-07-25 14:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-08-15 23:18 - 2014-07-25 14:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-08-15 23:18 - 2014-07-25 14:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-08-15 23:18 - 2014-07-25 14:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-08-15 23:18 - 2014-07-25 14:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-08-15 23:18 - 2014-07-25 14:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-08-15 23:18 - 2014-07-25 14:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-08-15 23:18 - 2014-07-25 14:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 23:18 - 2014-07-25 14:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-08-15 23:18 - 2014-07-25 14:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-08-15 23:18 - 2014-07-25 14:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-08-15 23:18 - 2014-07-25 13:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-08-15 23:18 - 2014-07-25 13:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-15 23:18 - 2014-07-25 13:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-08-15 23:18 - 2014-07-25 13:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 23:18 - 2014-07-25 13:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 23:18 - 2014-07-25 13:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 23:18 - 2014-07-25 13:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 23:18 - 2014-07-25 13:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-08-15 23:18 - 2014-07-25 13:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-15 23:18 - 2014-07-25 13:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 23:18 - 2014-07-25 13:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-08-15 23:18 - 2014-07-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 23:18 - 2014-07-25 13:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-08-15 23:18 - 2014-07-25 13:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 23:18 - 2014-07-25 13:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 23:18 - 2014-07-25 13:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-08-15 23:18 - 2014-07-25 13:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 23:18 - 2014-07-25 13:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 23:18 - 2014-07-25 13:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 23:18 - 2014-07-25 12:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 23:18 - 2014-07-25 12:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-08-15 23:18 - 2014-07-25 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 23:18 - 2014-07-25 12:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-08-15 23:18 - 2014-07-25 12:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-08-15 23:18 - 2014-07-25 12:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-08-15 23:18 - 2014-07-25 12:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 23:18 - 2014-07-25 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 23:18 - 2014-07-25 12:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 23:18 - 2014-07-25 12:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-08-15 23:18 - 2014-07-25 12:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 23:18 - 2014-07-25 12:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 23:18 - 2014-07-25 12:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 23:18 - 2014-07-25 12:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 23:18 - 2014-07-25 11:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-08-15 23:18 - 2014-07-25 11:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-08-15 23:18 - 2014-07-25 11:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-08-15 23:18 - 2014-07-25 11:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 23:18 - 2014-07-25 11:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 23:18 - 2014-07-25 11:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 23:17 - 2014-08-07 03:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-08-15 23:17 - 2014-08-07 03:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-08-15 23:17 - 2014-07-16 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-08-15 23:17 - 2014-07-16 03:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 23:17 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2014-08-15 23:17 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 23:17 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDYAK.DLL
2014-08-15 23:17 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDTAT.DLL
2014-08-15 23:17 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDRU1.DLL
2014-08-15 23:17 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDBASH.DLL
2014-08-15 23:17 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\KBDRU.DLL
2014-08-15 23:17 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-15 23:17 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-15 23:17 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-15 23:17 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-15 23:17 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-15 23:17 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\System32\locale.nls
2014-08-15 23:17 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-15 23:17 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-08-15 23:17 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 23:17 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-08-15 23:17 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2014-08-15 23:17 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-08-15 23:17 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2014-08-15 23:17 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2014-08-15 23:17 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 23:17 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 23:17 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-11 05:59 - 2014-09-11 05:01 - 00000504 _____ () C:\Windows\setupact.log
2014-09-11 05:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-11 05:58 - 2014-09-11 04:58 - 00040771 _____ () C:\Windows\WindowsUpdate.log
2014-09-11 05:58 - 2014-09-08 23:33 - 00000000 ____D () C:\Users\Arne\Downloads\To organise
2014-09-11 05:08 - 2009-07-14 05:45 - 00020496 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-11 05:08 - 2009-07-14 05:45 - 00020496 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-11 05:07 - 2009-07-14 10:16 - 00834140 _____ () C:\Windows\System32\perfh013.dat
2014-09-11 05:07 - 2009-07-14 10:16 - 00189054 _____ () C:\Windows\System32\perfc013.dat
2014-09-11 05:07 - 2009-07-14 06:13 - 01899716 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-09-11 05:06 - 2014-07-15 23:26 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-11 05:04 - 2014-09-11 04:58 - 00000000 ____D () C:\ProgramData\OnlineArmor
2014-09-11 05:02 - 2014-07-15 22:25 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\Dropbox
2014-09-11 05:01 - 2014-09-11 05:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-11 04:58 - 2014-09-11 04:58 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\OnlineArmor
2014-09-11 04:58 - 2014-07-15 22:22 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\Skype
2014-09-11 04:57 - 2014-07-15 20:06 - 00000000 ____D () C:\Security & Tools
2014-09-10 22:12 - 2014-09-10 17:26 - 00000000 ____D () C:\FRST
2014-09-10 22:03 - 2014-09-10 21:48 - 00000000 ____D () C:\Users\Arne\Desktop\old
2014-09-10 21:53 - 2014-07-17 14:12 - 00000000 ____D () C:\Windows\pss
2014-09-10 21:14 - 2014-09-10 21:14 - 00000082 _____ () C:\Windows\wininit.ini
2014-09-10 21:14 - 2014-09-09 21:29 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-10 17:23 - 2014-09-10 17:23 - 02105856 _____ (Farbar) C:\Users\Arne\Desktop\FRST64.exe
2014-09-10 04:05 - 2014-07-15 23:38 - 00000000 ____D () C:\ProgramData\Origin
2014-09-09 23:06 - 2014-07-15 23:26 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 22:55 - 2014-09-09 22:55 - 00000000 ____D () C:\Users\Arne\Documents\My Games
2014-09-09 22:55 - 2014-09-09 22:55 - 00000000 ____D () C:\Users\Arne\AppData\Local\My Games
2014-09-09 22:41 - 2014-09-09 22:41 - 00003680 _____ () C:\Windows\System32\Tasks\klcp_update
2014-09-09 22:40 - 2014-09-09 22:40 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-09-09 22:06 - 2014-07-15 23:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 22:06 - 2014-07-15 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 21:35 - 2014-09-09 21:35 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-09 21:30 - 2014-09-09 21:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-09 20:57 - 2014-07-15 22:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-09-04 20:36 - 2014-08-25 00:53 - 00000000 ____D () C:\Users\Arne\Downloads\Anthropaws
2014-09-04 20:34 - 2014-08-24 21:10 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\FileZilla
2014-09-04 02:11 - 2014-09-04 02:11 - 00000020 ___SH () C:\Users\DefaultAppPool\ntuser.ini
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Sjablonen
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Netwerkprinteromgeving
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Mijn documenten
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Menu Start
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn video's
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn muziek
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Mijn afbeeldingen
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Local\Geschiedenis
2014-09-04 02:11 - 2014-09-04 02:11 - 00000000 ____D () C:\users\DefaultAppPool
2014-09-02 23:49 - 2014-09-02 23:48 - 106224784 _____ (Flexera Software) C:\Users\Arne\Downloads\Install_ESO.exe
2014-09-02 23:38 - 2014-09-02 23:38 - 00032403 _____ () C:\ComboFix.txt
2014-09-02 23:38 - 2014-09-02 23:28 - 00000000 ____D () C:\Qoobox
2014-09-02 23:37 - 2014-09-02 23:27 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 23:36 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-02 23:34 - 2014-07-15 22:16 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-02 23:23 - 2014-09-02 23:23 - 00000000 ___HD () C:\Users\Arne\InstallAnywhere
2014-09-02 23:23 - 2014-07-15 17:12 - 00000000 ____D () C:\users\Arne
2014-09-02 19:23 - 2014-07-20 12:48 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\NVIDIA
2014-09-02 18:55 - 2014-07-15 22:22 - 00000000 ____D () C:\ProgramData\Skype
2014-08-29 22:26 - 2014-08-29 22:26 - 00000000 ____D () C:\Users\Arne\Documents\Anti-Malware
2014-08-28 23:33 - 2009-07-14 05:45 - 00408720 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-08-26 03:12 - 2014-08-26 03:12 - 00000000 ____D () C:\Users\Arne\Downloads\Rekeningafschriften
2014-08-25 22:41 - 2014-08-25 22:41 - 00670834 _____ () C:\Users\Arne\Downloads\versus_documentation.zip
2014-08-25 22:38 - 2014-08-25 01:11 - 00000000 ____D () C:\Users\Arne\.gimp-2.8
2014-08-25 22:35 - 2014-08-25 22:35 - 00007697 _____ () C:\Users\Arne\AppData\Local\recently-used.xbel
2014-08-25 22:35 - 2014-08-25 01:13 - 00000000 ____D () C:\Users\Arne\AppData\Local\gtk-2.0
2014-08-25 03:22 - 2014-08-25 03:22 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-25 03:17 - 2014-08-25 03:14 - 00000000 ____D () C:\AdwCleaner
2014-08-25 02:39 - 2014-07-15 17:12 - 00000000 ____D () C:\Users\Arne\AppData\Local\VirtualStore
2014-08-25 01:13 - 2014-08-25 01:13 - 00000000 ____D () C:\Users\Arne\.thumbnails
2014-08-25 01:11 - 2014-08-25 01:11 - 00000000 ____D () C:\Users\Arne\AppData\Local\gegl-0.2
2014-08-25 01:11 - 2014-08-25 01:10 - 00000000 ____D () C:\Program Files\GIMP 2
2014-08-25 00:54 - 2014-08-25 00:54 - 00000000 ____D () C:\Users\Arne\Downloads\Windows and Office
2014-08-23 03:07 - 2014-08-27 18:19 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-08-23 02:45 - 2014-08-27 18:19 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 01:59 - 2014-08-27 18:19 - 03163648 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-08-21 04:45 - 2014-07-29 23:50 - 00000000 ____D () C:\Users\Arne\Documents\My Kindle Content
2014-08-19 11:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-08-19 11:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\System32\inetsrv
2014-08-19 05:04 - 2014-08-03 22:34 - 00000000 ____D () C:\Users\Arne\Downloads\Nieuwe map (2)
2014-08-19 00:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-08-18 01:55 - 2014-08-18 01:55 - 00000000 ____D () C:\Users\Arne\AppData\Local\Adobe
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Windows\System32\BestPractices
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Program Files\MSBuild
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-08-17 20:33 - 2014-08-17 20:33 - 00000000 ____D () C:\inetpub
2014-08-17 20:33 - 2014-07-15 17:41 - 01785858 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-17 20:13 - 2014-07-15 22:18 - 00000000 ____D () C:\Games
2014-08-17 09:47 - 2014-07-15 23:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-17 09:46 - 2014-08-17 09:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-17 09:46 - 2014-08-17 09:46 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-17 09:46 - 2014-08-17 09:46 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-17 09:46 - 2014-08-17 09:46 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-17 09:46 - 2014-08-17 09:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-17 09:11 - 2014-08-17 09:11 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\Oracle
2014-08-17 03:02 - 2014-08-17 03:02 - 00000000 ____D () C:\Users\Arne\Documents\DeadIsland
2014-08-17 01:12 - 2014-08-17 01:12 - 00000000 ____D () C:\Users\Arne\AppData\Local\Creative
2014-08-16 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-16 22:45 - 2014-07-16 12:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-16 22:41 - 2014-07-15 22:11 - 00000000 ____D () C:\Windows\System32\MRT
2014-08-16 22:40 - 2014-07-15 22:10 - 99218768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-08-16 22:38 - 2014-07-15 22:49 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-08-16 01:33 - 2014-07-15 17:14 - 00000000 ____D () C:\Users\Arne\Documents\US
2014-08-16 01:12 - 2014-07-16 12:51 - 00000000 ____D () C:\Users\Arne\AppData\Local\Microsoft Help
2014-08-16 00:53 - 2014-08-16 00:48 - 00000000 ____D () C:\Users\Arne\AppData\Local\HP
2014-08-16 00:48 - 2014-08-16 00:48 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-08-16 00:48 - 2014-08-16 00:48 - 00000000 ____D () C:\ProgramData\HP
2014-08-16 00:48 - 2014-08-16 00:48 - 00000000 ____D () C:\Program Files\HP
2014-08-16 00:48 - 2014-08-16 00:48 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-16 00:38 - 2014-07-16 18:21 - 00000000 ____D () C:\Users\Arne\AppData\Roaming\Azureus
2014-08-14 20:54 - 2014-07-16 00:15 - 00000000 ____D () C:\Users\Arne\AppData\Local\Windows Live
2014-08-11 19:03 - 2014-08-09 00:00 - 00000000 ____D () C:\Windows\Minidump

Some content of TEMP:
====================
C:\Users\Arne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjzt9wi.dll


==================== Known DLLs (All) =========================

[2009-07-14 01:00] - [2009-07-14 02:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-14 00:44] - [2009-07-14 02:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
[2014-07-15 23:07] - [2010-11-20 14:27] - 2086912 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2014-07-15 23:07] - [2010-11-20 13:20] - 1414144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
[2014-07-15 23:19] - [2013-08-29 03:13] - 0878080 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2014-07-15 23:19] - [2013-08-29 02:48] - 0640512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
[2014-07-15 23:07] - [2010-11-20 14:25] - 0594432 ____A (Microsoft Corporation) C:\Windows\System32\COMDLG32.dll
[2014-07-15 23:07] - [2010-11-20 13:18] - 0485888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll
[2014-08-27 18:19] - [2014-08-23 03:07] - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2014-08-27 18:19] - [2014-08-23 02:45] - 0311808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
[2014-08-15 23:18] - [2014-07-25 14:25] - 2774528 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2014-08-15 23:18] - [2014-07-25 13:21] - 2184704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll
[2014-07-15 23:19] - [2013-10-19 03:18] - 0081408 ____A (Microsoft Corporation) C:\Windows\System32\IMAGEHLP.dll
[2014-07-15 23:19] - [2013-10-19 02:36] - 0159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll
[2009-07-14 00:38] - [2009-07-14 02:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2014-07-15 23:06] - [2010-11-20 13:08] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll
[2014-07-15 23:18] - [2014-03-04 10:44] - 1163264 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2014-07-15 23:18] - [2014-03-04 10:16] - 1114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
[2014-07-15 23:19] - [2013-06-06 06:50] - 0041472 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2014-07-15 23:19] - [2013-06-06 05:57] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll
[2009-07-14 00:40] - [2009-07-14 02:41] - 1067008 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-07-14 00:28] - [2009-07-14 02:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll
[2014-07-15 21:29] - [2011-12-16 09:46] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2014-07-15 21:29] - [2011-12-16 08:52] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll
[2009-07-14 00:26] - [2009-07-14 02:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-14 00:15] - [2009-07-14 02:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll
[2009-07-14 00:21] - [2009-07-14 02:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2009-07-14 00:12] - [2009-07-14 02:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll
[2014-07-15 21:29] - [2011-08-27 06:37] - 0861696 ____A (Microsoft Corporation) C:\Windows\System32\OLEAUT32.dll
[2014-07-15 21:29] - [2011-08-27 05:26] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OLEAUT32.dll
[2009-07-14 00:26] - [2009-07-14 02:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2009-07-14 00:15] - [2009-07-14 02:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll
[2014-08-15 23:17] - [2014-07-14 03:02] - 1216000 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2014-08-15 23:17] - [2014-07-14 02:40] - 0664064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
[2009-07-14 00:20] - [2009-07-14 02:41] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2009-07-14 00:11] - [2009-07-14 02:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
[2014-07-15 23:07] - [2010-11-20 14:27] - 1900544 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2014-07-15 23:07] - [2010-11-20 13:21] - 1667584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll
[2014-08-15 23:17] - [2014-06-25 03:05] - 14175744 ____A (Microsoft Corporation) C:\Windows\System32\SHELL32.dll
[2014-08-15 23:17] - [2014-06-25 02:41] - 12874240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHELL32.dll
[2014-07-15 23:07] - [2010-11-20 14:27] - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2014-07-15 23:07] - [2010-11-20 13:21] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll
[2014-08-15 23:18] - [2014-07-25 11:26] - 1431040 ____A (Microsoft Corporation) C:\Windows\System32\URLMON.dll
[2014-08-15 23:18] - [2014-07-25 11:00] - 1169920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\URLMON.dll
[2014-07-15 23:07] - [2010-11-20 14:27] - 1008128 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2014-07-15 23:07] - [2010-11-20 13:08] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
[2014-07-15 23:19] - [2014-04-25 03:34] - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2014-07-15 23:19] - [2014-04-25 03:06] - 0626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll
[2014-08-15 23:18] - [2014-07-25 11:52] - 2266624 ____A (Microsoft Corporation) C:\Windows\System32\WININET.dll
[2014-08-15 23:18] - [2014-07-25 11:05] - 1792512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WININET.dll
[2014-07-15 23:07] - [2010-11-20 14:27] - 0312832 ____A (Microsoft Corporation) C:\Windows\System32\WLDAP32.dll
[2014-07-15 23:07] - [2010-11-20 13:21] - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WLDAP32.dll
[2014-07-15 23:07] - [2010-11-20 14:27] - 0297984 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2014-07-15 23:06] - [2010-11-20 13:21] - 0206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll
[2009-07-14 00:27] - [2009-07-14 02:40] - 0504320 ____A (Microsoft Corporation) C:\Windows\System32\DifxApi.dll
[2009-07-14 00:16] - [2009-07-14 02:15] - 0315904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DifxApi.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-09-02 23:31:38
Restore point made on: 2014-09-09 22:07:45
Restore point made on: 2014-09-11 04:57:50
Restore point made on: 2014-09-11 04:58:13

==================== Memory info ===========================

Percentage of memory in use: 8%
Total physical RAM: 12208.01 MB
Available physical RAM: 11200.98 MB
Total Pagefile: 12206.16 MB
Available Pagefile: 11198.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:21.81 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:256.89 GB) NTFS
Drive g: () (Removable) (Total:7.53 GB) (Free:7.53 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 522378D8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 61DF0DF9)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 00074F47)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0B)


LastRegBack: 2014-09-09 00:56

==================== End Of Log ============================


 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by SYSTEM at 2014-09-10 22:10:11 Run:2
Running from g:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
SaveMbr: Drive=0
*****************

MBRDUMP.txt is made successfully.

==== End of Fixlog ====

 

 



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:51 PM

Posted 11 September 2014 - 08:47 AM

Greetings,

 

MBRDUMP.txt is made successfully.


Please attach the MBRDUMP.txt file to your reply.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 Daluicis

Daluicis
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 11 September 2014 - 01:33 PM

Hi Gary,

 

Sorry. I apparantly forgot to click on attach this file.
This should be better.

Attached Files



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:51 PM

Posted 11 September 2014 - 05:04 PM

Thanks for the information. Your Master Boot Record is clean.

Please do these things for me.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
S3 Winsock; No ImagePath
C:\Users\Arne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjzt9wi.dll
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

RogueKiller by Tigzy

--------------------
  • Download RogueKiller and save it to your desktop
  • Close all running programs
  • For Windows 8/7/Vista users right click on the icon and select Run as Administrator
  • For Windows XP simply double click on the icon
  • When prompted, Click Scan
  • A report should open and a copy of the report will be placed on your desktop
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If it really won't run, rename it winlogon.exe (or winlogon.com) and try again
  • Copy and paste the contents of the report in your reply
===================================================

Malwarebytes Anti-Rootkit - Scan Only

--------------------
  • Download Malwarebytes Anti-Rootkit (mbar) and save it to your desktop
  • Double click the mbar icon and select Run
  • Click OK to install it on your desktop
  • If you receive a User Account Control prompt allow it to run
  • If you receive the following screen select Yes and your computer will be restarted

dda-driver-warning.png

  • Click Next on the following screen (or something that looks similar)

start-screen.png

  • On the Update Database: screen click Update to download the latest definition updates then click Next

database-update.png

  • On the Scan System: screen place checkmarks in the Drivers, Sectors, and System boxes (should be checked by default) then click Scan. Please be patient and allow the process to complete

scan-system.png

  • Click the Exit button not Cleanup
  • A system-log report will be created in the mbar folder, please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • RogueKiller log
  • MBAR log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users