Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
COM Surrogate issue
Message
<blockquote data-quote="Kuthe93" data-source="post: 311645" data-attributes="member: 30963"><p>Coolcool thanks for the next step.</p><p></p><p></p><p></p><p></p><p></p><p>Zoek.exe v5.0.0.0 Updated 06-December-2014</p><p>Tool run by Kuthe on Mon 08/12/2014 at 23:56:16.29.</p><p>Microsoft Windows 8.1 Pro 6.3.9600 x64</p><p>Running in: Normal Mode Internet Access Detected</p><p>Launched: C:\Users\Kuthe\Desktop\zoek.exe [Scan all users] [Script inserted] </p><p></p><p>==== System Restore Info ======================</p><p></p><p>8/12/2014 11:56:37 PM Zoek.exe System Restore Point Created Succesfully.</p><p></p><p>==== Empty Folders Check ======================</p><p></p><p>C:\PROGRA~2\AGEIA Technologies deleted successfully</p><p>C:\PROGRA~2\GUM38C9.tmp deleted successfully</p><p>C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully</p><p>C:\Program Files\Google deleted successfully</p><p>C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully</p><p>C:\Users\Kuthe\AppData\Local\Adobe deleted successfully</p><p></p><p>==== Deleting CLSID Registry Keys ======================</p><p></p><p></p><p>==== Deleting CLSID Registry Values ======================</p><p></p><p></p><p>==== Deleting Services ======================</p><p></p><p></p><p>==== Deleting Files \ Folders ======================</p><p></p><p>C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found</p><p>C:\PROGRA~3\Documents deleted</p><p>C:\PROGRA~3\Package Cache deleted</p><p>C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted</p><p>C:\Windows\SysNative\config\systemprofile\Searches deleted</p><p></p><p>==== Files Recently Created / Modified ======================</p><p></p><p>====== C:\Windows ====</p><p>2014-12-04 02:32:31 01A4FEEB9CB3E8C739CE62EB050D363D 262 ----a-w- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini</p><p>2014-11-18 00:48:01 ACDBE1ED38167C8B01B8F63161BB2CEA 2374784 ----a-w- C:\Windows\explorer.exe</p><p>2014-11-14 03:27:32 FFC77870402F6DDD5BB8172C6A55DFB3 2080472 ------r- C:\Windows\RtlExUpd.dll</p><p>====== C:\Users\Kuthe\AppData\Local\Temp ====</p><p>====== Java Cache =====</p><p>====== C:\Windows\SysWOW64 =====</p><p>====== C:\Windows\SysWOW64\drivers =====</p><p>====== C:\Windows\Sysnative =====</p><p>====== C:\Windows\Sysnative\drivers =====</p><p>2014-12-01 11:59:07 A1965DFC0CD91E7CFC42925F8F597274 34808 ----a-w- C:\Windows\Sysnative\drivers\TrueSight.sys</p><p>2014-11-19 02:40:08 6416E79A58A8FCC33A447A4DDDD3BF04 412160 ----a-w- C:\Windows\Sysnative\drivers\srv.sys</p><p>2014-11-19 02:40:08 038C77D577900EE39410662478BB0D50 2009920 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys</p><p>2014-11-19 02:40:07 5BED3AB69797C8786EF70AEA8C33748B 674816 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys</p><p>2014-11-19 02:40:06 FF78D053A05E5A394F4E3C1816CC65A8 143680 -c--a-w- C:\Windows\Sysnative\drivers\usbccgp.sys</p><p>2014-11-19 02:40:05 240C5C3793206725AA05665851E8C214 412992 -c--a-w- C:\Windows\Sysnative\drivers\spaceport.sys</p><p>2014-11-19 02:40:04 64CA2B4A49A8EAF495E435623ECCE7DB 310080 -c--a-w- C:\Windows\Sysnative\drivers\volsnap.sys</p><p>2014-11-19 02:40:03 D047CD668E6277FD80F0C613946F034C 246272 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys</p><p>2014-11-19 02:40:02 FEF0BC107812B36849741C3211BA6B60 419648 -c--a-w- C:\Windows\Sysnative\drivers\usbhub.sys</p><p>2014-11-19 02:40:02 26ACA481FAFEC59FE311D719E3027BBA 446976 ----a-w- C:\Windows\Sysnative\drivers\nwifi.sys</p><p>2014-11-19 02:40:02 1DD05F4857C2188744B9E864658949DD 295424 ----a-w- C:\Windows\Sysnative\drivers\ks.sys</p><p>2014-11-19 02:40:00 E4B4BE2D7750849C07589DA0B0AABA01 1118040 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys</p><p>2014-11-19 02:40:00 D4B7ED39C7900384D9E5C1283F1E7926 76800 -c--a-w- C:\Windows\Sysnative\drivers\hdaudbus.sys</p><p>2014-11-19 02:40:00 C910E5D18958914A66F0E45689D0B40A 206848 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys</p><p>2014-11-19 02:40:00 B1AA3B19A2E596A59224F893E01A5A75 126464 ----a-w- C:\Windows\Sysnative\drivers\NdisImPlatform.sys</p><p>2014-11-19 02:39:57 91ED124E261EA8FAA1C0FFDF2A71B0C4 280384 -c--a-w- C:\Windows\Sysnative\drivers\pci.sys</p><p>2014-11-19 02:39:56 9C096BF5E10CA8BFA56F32522A89FAF1 79872 ----a-w- C:\Windows\Sysnative\drivers\IPMIDrv.sys</p><p>2014-11-18 09:49:59 435DCC78057A57965DA660A85A0922DE 135384 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys</p><p>2014-11-18 09:49:44 3540DDFAC8A076B983F86EB2A79D8FBD 96472 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys</p><p>2014-11-18 01:13:31 947EA0AFF75E3E70D5BE9F88F6325F30 2641 ----a-w- C:\Windows\Sysnative\drivers\mfencrk.inf</p><p>2014-11-18 01:13:31 628DC155C32875B286B2742D10D196C2 5442 ----a-w- C:\Windows\Sysnative\drivers\mfencbdc.inf</p><p>2014-11-18 01:13:21 29F981739E50305128022CBE10B3659C 197704 ----a-w- C:\Windows\Sysnative\drivers\HipShieldK.sys</p><p>2014-11-18 00:48:04 8DF1254093B5C354CE725EB6B9B0DE19 146752 ----a-w- C:\Windows\Sysnative\drivers\msgpioclx.sys</p><p>2014-11-18 00:42:20 6D2EE96150E35B9EA49F2B481DE0369A 177472 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys</p><p>2014-11-18 00:42:20 4E1207CE16E615B0B7A70DC889F4500E 563976 ----a-w- C:\Windows\Sysnative\drivers\cng.sys</p><p>2014-11-18 00:42:19 9F08A6608F98B5407E7DDBCF306573EF 27456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys</p><p>2014-11-18 00:41:33 313DCE665B57000B18CB26C6B6A10DFE 1557848 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys</p><p>2014-11-18 00:40:16 374E27295F0A9DCAA8FC96370F9BEEA5 563200 ----a-w- C:\Windows\Sysnative\drivers\afd.sys</p><p>2014-11-18 00:36:28 DE8D12B4C3F55FA2C5E9774314F6C58A 258368 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys</p><p>2014-11-18 00:36:27 4AD874CDC812EC156265E451B6B09DAB 114496 ----a-w- C:\Windows\Sysnative\drivers\WdNisDrv.sys</p><p>2014-11-18 00:36:26 0359607177E5E9F6041136CC0A5CB0B6 35320 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys</p><p>2014-11-18 00:34:19 7A1A3F213CDB3363D179D5014272025D 402432 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys</p><p>2014-11-18 00:34:15 674A4702E4E144E8710ED1A2EC6DD049 96768 ----a-w- C:\Windows\Sysnative\drivers\agilevpn.sys</p><p>2014-11-18 00:34:14 65ED7B9CFEA893DF7748D5FF692690DE 38912 ----a-w- C:\Windows\Sysnative\drivers\vwifimp.sys</p><p>2014-11-18 00:34:11 35BF5C5F5E3C9902C98978C7640574DA 71680 ----a-w- C:\Windows\Sysnative\drivers\vwififlt.sys</p><p>2014-11-18 00:32:02 E0927EFA25D473367C3341B9F5969779 115712 ----a-w- C:\Windows\Sysnative\drivers\bridge.sys</p><p>2014-11-18 00:32:02 65392F3F3F65E4C6CC82A0F4F8A0B051 468288 -c--a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS</p><p>2014-11-18 00:31:56 E3FCE2A6B3533D99A3B498504DF9CC47 474432 ----a-w- C:\Windows\Sysnative\drivers\netio.sys</p><p>2014-11-18 00:31:56 CCB3A2BB60FE5073F2DEA63FE83CF8FE 2497344 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys</p><p>2014-11-18 00:31:55 7F23E38C5B6448F91439E4066645191E 428864 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS</p><p>2014-11-18 00:31:55 66732C13628BDB1AB0D6FD46027327C2 148800 -c--a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS</p><p>2014-11-18 00:31:42 FE0ADF5028EB8C1339B66B3AEDE3FEF9 440664 -c--a-w- C:\Windows\Sysnative\drivers\usbport.sys</p><p>2014-11-18 00:31:42 D79920BE4E6683D3AB50F71457A4F6C6 27480 -c--a-w- C:\Windows\Sysnative\drivers\usbd.sys</p><p>2014-11-18 00:31:42 D537815E450A149752C15868392AD1F3 110592 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys</p><p>2014-11-18 00:31:42 7CCBBCEE408A5DBE3FE47297DB5A6CFC 227840 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys</p><p>2014-11-18 00:31:42 48BA326A3DBA5B5BEB5F2777F4618696 89944 -c--a-w- C:\Windows\Sysnative\drivers\usbehci.sys</p><p>2014-11-18 00:31:42 064260B3A5868AC894A4943543BC7AB7 37376 -c--a-w- C:\Windows\Sysnative\drivers\usbuhci.sys</p><p>2014-11-18 00:31:35 F152D55E497E12256290C43B31C7D0CE 589656 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys</p><p>2014-11-18 00:31:35 CADCE0D6C30427F70A4BFA426256F68C 337240 ----a-w- C:\Windows\Sysnative\drivers\Classpnp.sys</p><p>2014-11-18 00:31:34 D90AB68D0FAC9F357F663670FDBB511E 275800 -c--a-w- C:\Windows\Sysnative\drivers\msiscsi.sys</p><p>2014-11-18 00:31:34 6592D192E2823C043EDBC010E7774053 360792 ----a-w- C:\Windows\Sysnative\drivers\fltMgr.sys</p><p>2014-11-18 00:31:34 4C1E71E37B56C768900B1FCF81205027 372568 ----a-w- C:\Windows\Sysnative\drivers\storport.sys</p><p>2014-11-18 00:31:29 182561A14F2E93E81E66FE3700D17A5A 55328 ----a-w- C:\Windows\Sysnative\drivers\wpcfltr.sys</p><p>2014-11-17 06:20:15 7FC5667DF73D4B04AA457CC3A4180E09 157016 ----a-w- C:\Windows\Sysnative\drivers\wof.sys</p><p>2014-11-17 06:20:13 4030CB06B8D963A45CED9E60C9F2A11E 379224 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys</p><p>2014-11-17 06:20:13 179A41249055D5F039F1B6703F3B6D2B 376152 ----a-w- C:\Windows\Sysnative\drivers\clfs.sys</p><p>2014-11-17 06:20:08 A03F362C5557E238CBFA914689C77248 134144 ----a-w- C:\Windows\Sysnative\drivers\dfsc.sys</p><p>2014-11-17 06:20:07 BFBE1C5F57FE7A885673A1962D5532B7 136024 ----a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys</p><p>2014-11-17 06:20:07 8DB8EAB9D0C6A5DF0BDCADEA239220B4 33280 -c--a-w- C:\Windows\Sysnative\drivers\hidusb.sys</p><p>2014-11-17 06:20:06 41CF802064F72E55F50CA0A221FD36D4 49152 ----a-w- C:\Windows\Sysnative\drivers\tcpipreg.sys</p><p>2014-11-17 06:20:05 ABB7341766902F5AAB45E15F34D19E15 111616 -c--a-w- C:\Windows\Sysnative\drivers\hidclass.sys</p><p>2014-11-17 06:20:04 1D55DADC22D21883A2F80297F5A5AE48 140288 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys</p><p>2014-11-17 06:20:03 3E28B99198B514DFEB152EACF913025E 283648 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys</p><p>2014-11-17 06:17:18 9539F7917B4B6D92C90F0FAA6B86C605 539992 -c--a-w- C:\Windows\Sysnative\drivers\acpi.sys</p><p>2014-11-17 06:17:10 A26AEC49F318FEE141DDDB2C5F99B3E6 249688 ----a-w- C:\Windows\Sysnative\drivers\rdyboost.sys</p><p>2014-11-17 06:16:52 8685379B82AC81187813225905531D1E 272896 -c--a-w- C:\Windows\Sysnative\drivers\portcls.sys</p><p>2014-11-17 06:16:51 52E483A3701A5A61A75A06993720347D 551256 -c--a-w- C:\Windows\Sysnative\drivers\vhdmp.sys</p><p>2014-11-17 06:16:35 DDEE191AB32DFC22C6465002ECDF5EE4 124416 ----a-w- C:\Windows\Sysnative\drivers\luafv.sys</p><p>2014-11-17 06:16:35 0ECEE590F2E2EF969FB74A6FC583A1E6 663040 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys</p><p>2014-11-17 06:16:33 FDEC5799BA499D18AFA3A540538866E7 236888 -c--a-w- C:\Windows\Sysnative\drivers\sdbus.sys</p><p>2014-11-17 06:16:26 E515A287C8FAE901EB8FB42F168E14F2 924504 ----a-w- C:\Windows\Sysnative\drivers\refs.sys</p><p>2014-11-17 06:16:26 BCFD8B149B3ADF92D0DB1E909CAF0265 79192 ----a-w- C:\Windows\Sysnative\drivers\fileinfo.sys</p><p>2014-11-17 06:16:25 38A82F4EE8C416A6744B6D30381ED768 33280 -c--a-w- C:\Windows\Sysnative\drivers\BasicRender.sys</p><p>2014-11-17 06:16:25 02836172141D3AFA35B07679E253E503 151384 -c--a-w- C:\Windows\Sysnative\drivers\dumpsd.sys</p><p>2014-11-17 06:16:24 0B1E929D11A8E358106955603FAC65E8 79192 -c--a-w- C:\Windows\Sysnative\drivers\sdstor.sys</p><p>2014-11-17 06:16:18 61A1C2641321A6B89A2B41C5D481EF48 71888 ----a-w- C:\Windows\Sysnative\drivers\dumpfve.sys</p><p>2014-11-17 06:16:15 48430B0313FC1CFE3D2400553F1A93CD 325464 -c--a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS</p><p>2014-11-17 06:16:14 B034A41891A36457B994307DFA772293 189784 -c--a-w- C:\Windows\Sysnative\drivers\UCX01000.SYS</p><p>2014-11-17 06:16:11 9DDCA7F18983C5410DEFF79F819DF93C 994136 ----a-w- C:\Windows\Sysnative\drivers\http.sys</p><p>2014-11-17 06:16:01 9CC0003FB8ED3763B977B43F1012FF63 54272 ----a-w- C:\Windows\Sysnative\drivers\watchdog.sys</p><p>2014-11-16 09:36:08 6B06E2D11E604BE2B1A406C4CB3B90DE 57176 -c--a-w- C:\Windows\Sysnative\drivers\stornvme.sys</p><p>2014-11-16 09:34:16 B7342B3C58E91107F6E946A93D9D4EFD 142848 ----a-w- C:\Windows\Sysnative\drivers\ipnat.sys</p><p>2014-11-16 09:34:16 1C89EF529DB7DCA98E801EFDCC8437DE 19456 -c--a-w- C:\Windows\Sysnative\drivers\BtaMPM.sys</p><p>2014-11-16 09:31:34 A1A5E79C0D1352AFDC08328A623DA051 408576 ----a-w- C:\Windows\Sysnative\drivers\rdbss.sys</p><p>2014-11-16 09:30:24 ADDECBCC777665BD113BED437E602AB0 101208 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys</p><p>2014-11-16 09:30:16 A026EDEAA5EECAE0B08E2748B616D4BD 175960 ----a-w- C:\Windows\Sysnative\drivers\VerifierExt.sys</p><p>2014-11-16 09:30:10 04951A9A937CBE28A2D3FEEA360B6D1F 83456 ----a-w- C:\Windows\Sysnative\drivers\appid.sys</p><p>2014-11-16 09:26:10 139CFCDCD36B1B1782FD8C0014AC9B0E 39768 -c--a-w- C:\Windows\Sysnative\drivers\intelpep.sys</p><p>2014-11-16 09:26:10 0044B31F93946D5D41982314381FE431 146776 ----a-w- C:\Windows\Sysnative\drivers\SerCx2.sys</p><p>2014-11-16 09:26:09 B9D968D8E2B0F9C6301CEB39CFC9B9E4 86872 ----a-w- C:\Windows\Sysnative\drivers\pdc.sys</p><p>2014-11-14 10:34:04 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf</p><p>2014-11-14 10:23:37 FDB03499693DEFD0B6754264C187F967 13207184 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys</p><p>2014-11-14 10:23:37 C4E0CB81D36A14807628DD70105D6696 39056 ----a-w- C:\Windows\Sysnative\drivers\nvvadarm.sys</p><p>2014-11-14 04:29:37 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys</p><p>2014-11-14 03:32:42 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_INETMON_01011.Wdf</p><p>2014-11-14 03:32:42 0BBE196EED750C18E5D4B3CB55EB097C 25800 ----a-w- C:\Windows\Sysnative\drivers\INETMON.sys</p><p>2014-11-14 03:30:11 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf</p><p>2014-11-14 03:28:24 886CE666A9507E17475C7156B157D181 5804772 ----a-w- C:\Windows\Sysnative\drivers\rtvienna.dat</p><p>2014-11-14 03:28:07 70DD225646BF84233E18890583E57EFB 3882456 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys</p><p>2014-11-14 03:28:06 CAC02E951108A92C26669262129BF3B5 837014 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT</p><p>2014-11-14 03:26:49 D9C5260772FDA64AB729C0B4822F11E3 838872 ----a-w- C:\Windows\Sysnative\drivers\Rt630x64.sys</p><p>2014-11-14 03:22:09 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys</p><p>2014-11-14 02:31:51 4CCF421E6C4B2A4CBCE000715911F7CC 15872 ----a-w- C:\Windows\Sysnative\drivers\anodlwfx.sys</p><p>2014-11-14 02:20:45 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf</p><p>====== C:\Windows\Tasks ======</p><p>2014-11-16 10:23:09 9B5BBE65BF46FC888695004FEC569B05 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job</p><p>2014-11-16 10:23:09 044B73E94A392CED3C48024518BE939E 3718 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater</p><p>2014-11-14 23:03:42 463B07980121D5557C7CA1D7E8EE76E4 3918 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{B1471B66-7717-4090-A6A8-2DA7BD8D0A7F}</p><p>2014-11-14 10:37:31 65F36D4B537280C48507A38BF6072108 3234 ----a-w- C:\Windows\Sysnative\Tasks\SamsungMagician</p><p>2014-11-14 07:28:48 EAFF5A20637B608B92C1FCCFC411F5E0 3118 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe</p><p>2014-11-14 07:28:48 38C7CCB21D1B852DF6E087AD10C63307 3090 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft_Hardware_Launch_itype_exe</p><p>2014-11-14 07:28:48 06710202549E47FE1A712A857C95D87B 3092 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft_Hardware_Launch_ipoint_exe</p><p>2014-11-14 03:29:15 AD7985A8445DD29094ADC1074E975EF9 920 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2014-11-14 03:29:15 199E686576C403C6259991698705B2A1 3892 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA</p><p>2014-11-14 03:29:14 93ACAD69BCF12D1B16A8AD3F8252E46C 916 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2014-11-14 03:29:14 482C3564532F739970145BEDAF76B3F0 3656 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore</p><p>2014-11-14 02:31:10 D96BEA37E85FEB5C328C596041B9E1B9 3600 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070813323-3721601472-3593959141-1001</p><p>2014-11-14 02:28:32 DE93297DDB7BEDD78AA338E54C6008C7 2992 ----a-w- C:\Windows\Sysnative\Tasks\EXPERTool</p><p>2014-11-14 02:24:33 -------- d-----w- C:\Windows\Sysnative\Tasks\WPD</p><p>2014-11-14 02:22:22 CBAB4F322A53D89A2886AB651CEDF7C5 3706 ----a-w- C:\Windows\Sysnative\Tasks\AutoPico Daily Restart</p><p>====== C:\Windows\Temp ======</p><p>======= C:\Program Files =====</p><p>2014-12-04 02:32:31 -------- d-----w- C:\Program Files\Ventrilo</p><p>2014-11-14 23:33:15 -------- d-----w- C:\Program Files\Reference Assemblies</p><p>2014-11-14 23:33:15 -------- d-----w- C:\Program Files\MSBuild</p><p>2014-11-14 07:28:43 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center</p><p>2014-11-14 03:28:45 -------- d-----w- C:\Program Files\Realtek</p><p>2014-11-14 03:26:36 -------- d-----w- C:\Program Files\Intel</p><p>2014-11-14 02:30:26 -------- d-----w- C:\Program Files\NVIDIA Corporation</p><p>2014-11-14 02:22:22 -------- d-----w- C:\Program Files\KMSpico</p><p>======= C:\PROGRA~2 =====</p><p>2014-12-04 02:31:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard</p><p>2014-11-18 02:02:08 -------- d-----w- C:\PROGRA~2\Corsair</p><p>2014-11-17 13:46:56 -------- d--h--w- C:\PROGRA~2\COMMON~1\EAInstaller</p><p>2014-11-16 22:56:28 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype</p><p>2014-11-16 22:56:27 -------- d-----r- C:\PROGRA~2\Skype</p><p>2014-11-16 10:23:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Blizzard Entertainment</p><p>2014-11-16 09:41:56 -------- d-----w- C:\PROGRA~2\HD Tune Pro</p><p>2014-11-14 23:33:16 -------- d-----w- C:\PROGRA~2\Reference Assemblies</p><p>2014-11-14 23:33:16 -------- d-----w- C:\PROGRA~2\MSBuild</p><p>2014-11-14 11:02:37 -------- d-----w- C:\PROGRA~2\SystemRequirementsLab</p><p>2014-11-14 10:37:22 -------- d-----w- C:\PROGRA~2\Samsung Magician</p><p>2014-11-14 04:32:04 -------- d-----w- C:\PROGRA~2\League of Legends</p><p>2014-11-14 04:25:43 -------- d-----w- C:\PROGRA~2\COMMON~1\Java</p><p>2014-11-14 04:25:36 -------- d-----w- C:\PROGRA~2\Java</p><p>2014-11-14 04:22:26 -------- d-----w- C:\PROGRA~2\COMMON~1\Steam</p><p>2014-11-14 03:30:17 -------- d-----w- C:\PROGRA~2\COMMON~1\PostureAgent</p><p>2014-11-14 03:30:11 -------- d-----w- C:\PROGRA~2\Intel</p><p>2014-11-14 03:29:14 -------- d-----w- C:\PROGRA~2\Google</p><p>2014-11-14 03:27:34 -------- d--h--w- C:\PROGRA~2\Temp</p><p>2014-11-14 03:27:29 -------- d-----w- C:\PROGRA~2\COMMON~1\InstallShield</p><p>2014-11-14 03:26:43 -------- d-----w- C:\PROGRA~2\Realtek</p><p>2014-11-14 03:26:25 -------- d-----w- C:\PROGRA~2\MSI</p><p>2014-11-14 03:21:55 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation</p><p>2014-11-14 03:15:58 -------- d-----w- C:\PROGRA~2\Samsung</p><p>2014-11-14 03:08:16 -------- d-----w- C:\PROGRA~2\COMMON~1\Nikon</p><p>2014-11-14 02:31:50 -------- d--h--w- C:\PROGRA~2\InstallShield Installation Information</p><p>2014-11-14 02:28:31 -------- d-----w- C:\PROGRA~2\EXPERTool</p><p>======= C: =====</p><p>====== C:\Users\Kuthe\AppData\Roaming ======</p><p>2014-12-07 07:45:27 -------- d-----w- C:\Users\Kuthe\AppData\Local\THQ</p><p>2014-12-06 10:51:55 -------- d-----w- C:\Users\Kuthe\AppData\Local\Blizzard</p><p>2014-12-04 02:32:44 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Ventrilo</p><p>2014-12-04 02:32:32 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo</p><p>2014-12-03 10:44:16 -------- d-sh--w- C:\Users\Kuthe\AppData\Locallow\EmieUserList</p><p>2014-12-03 10:44:16 -------- d-sh--w- C:\Users\Kuthe\AppData\Locallow\EmieBrowserModeList</p><p>2014-12-03 10:44:03 -------- d-sh--w- C:\Users\Kuthe\AppData\Local\EmieUserList</p><p>2014-12-03 10:44:03 -------- d-sh--w- C:\Users\Kuthe\AppData\Local\EmieSiteList</p><p>2014-12-03 10:44:03 -------- d-sh--w- C:\Users\Kuthe\AppData\Local\EmieBrowserModeList</p><p>2014-12-03 10:44:00 -------- d-sh--w- C:\Users\Kuthe\AppData\Locallow\EmieSiteList</p><p>2014-12-01 12:15:19 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm</p><p>2014-11-30 21:11:54 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking</p><p>2014-11-30 12:07:39 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps</p><p>2014-11-18 02:03:28 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Corsair</p><p>2014-11-18 02:03:28 -------- d-----w- C:\Users\Kuthe\AppData\Local\Corsair</p><p>2014-11-18 00:40:47 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft</p><p>2014-11-16 22:56:30 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Skype</p><p>2014-11-16 22:56:30 -------- d-----w- C:\Users\Kuthe\AppData\Local\Skype</p><p>2014-11-16 15:10:25 4E5B953322D4ECAEE558AA468A83CEA1 1200968 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat</p><p>2014-11-16 11:55:20 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Curse Advertising</p><p>2014-11-16 11:55:10 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Apps</p><p>2014-11-16 11:55:10 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse</p><p>2014-11-16 11:54:30 -------- d-----w- C:\Users\Kuthe\AppData\Local\Deployment</p><p>2014-11-16 11:54:30 -------- d-----w- C:\Users\Kuthe\AppData\Local\Apps</p><p>2014-11-16 09:56:19 -------- d-----w- C:\Users\Kuthe\AppData\Local\ElevatedDiagnostics</p><p>2014-11-16 09:51:14 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Origin</p><p>2014-11-16 09:51:12 -------- d-----w- C:\Users\Kuthe\AppData\Local\Origin</p><p>2014-11-16 09:41:59 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\HD Tune Pro</p><p>2014-11-14 23:08:59 -------- d-----w- C:\Users\Kuthe\AppData\Local\Diagnostics</p><p>2014-11-14 22:38:02 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft</p><p>2014-11-14 11:05:45 -------- d-----w- C:\Users\Kuthe\AppData\Local\Intel_Corporation</p><p>2014-11-14 10:41:22 -------- d-----w- C:\Users\Kuthe\AppData\Local\Blizzard Entertainment</p><p>2014-11-14 10:41:17 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Battle.net</p><p>2014-11-14 10:41:17 -------- d-----w- C:\Users\Kuthe\AppData\Local\Battle.net</p><p>2014-11-14 10:33:45 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\LolClient</p><p>2014-11-14 07:40:16 -------- d-----w- C:\Users\Default\AppData\Local\Google</p><p>2014-11-14 07:40:16 -------- d-----w- C:\Users\Default User\AppData\Local\Google</p><p>2014-11-14 07:34:26 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google</p><p>2014-11-14 07:26:28 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft</p><p>2014-11-14 04:21:43 -------- d-----w- C:\Users\Kuthe\AppData\Local\Ubisoft Game Launcher</p><p>2014-11-14 04:21:00 -------- d-----w- C:\Users\Kuthe\AppData\Locallow\Sun</p><p>2014-11-14 04:19:00 -------- d-s---w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft</p><p>2014-11-14 04:17:40 -------- d-s---w- C:\Users\Kuthe\AppData\Locallow\Microsoft</p><p>2014-11-14 04:16:49 -------- d-s---w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Microsoft</p><p>2014-11-14 03:33:12 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\NVIDIA</p><p>2014-11-14 03:33:11 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\CyberLink</p><p>2014-11-14 03:32:56 -------- d-----w- C:\Users\Kuthe\AppData\Local\Power2Go8</p><p>2014-11-14 03:29:51 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft</p><p>2014-11-14 03:29:14 -------- d-----w- C:\Users\Kuthe\AppData\Local\Google</p><p>2014-11-14 03:22:39 -------- d-----w- C:\Users\Kuthe\AppData\Local\NVIDIA Corporation</p><p>2014-11-14 03:22:39 -------- d-----w- C:\Users\Kuthe\AppData\Local\NVIDIA</p><p>2014-11-14 02:31:00 -------- d-s---w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Microsoft</p><p>2014-11-14 02:28:31 -------- d-----w- C:\Users\Kuthe\AppData\Local\Programs</p><p>2014-11-14 02:24:31 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Adobe</p><p>2014-11-14 02:24:31 -------- d-----w- C:\Users\Kuthe\AppData\Local\VirtualStore</p><p>2014-11-14 02:24:31 -------- d-----r- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup</p><p>2014-11-14 02:24:31 -------- d-----r- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools</p><p>2014-11-14 02:24:27 -------- d-----w- C:\Users\Kuthe\AppData\Local\Packages</p><p>2014-11-14 02:24:26 -------- d-s---w- C:\Users\Kuthe\AppData\Roaming\Microsoft</p><p>2014-11-14 02:24:26 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance</p><p>2014-11-14 02:24:26 -------- d-----w- C:\Users\Kuthe\AppData\Local\Temp</p><p>2014-11-14 02:24:26 -------- d-----w- C:\Users\Kuthe\AppData\Local\Microsoft</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility</p><p>2014-11-14 02:22:22 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Programs</p><p>2014-11-14 02:21:52 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages</p><p>====== C:\Users\Kuthe ======</p><p>2014-12-07 13:22:12 F92CE6E6B3A0AB75E48D9A6BE9DDB550 16448208 ----a-w- C:\Users\Kuthe\Desktop\mbar-1.08.2.1001.exe</p><p>2014-12-07 12:47:52 2F3CC1F69C009EC8F616B824442F6FDA 2119680 ----a-w- C:\Users\Kuthe\Desktop\FRST64.exe</p><p>2014-12-04 02:31:35 BF048C561E8FC17E5E018FB65F5614E1 4135696 ----a-w- C:\Users\Kuthe\Downloads\ventrilo-3.0.8-Windows-x64.exe</p><p>2014-12-03 00:39:38 23DEAC9FBE97193CEC07942B6115CE31 28115400 ----a-w- C:\Users\Kuthe\Downloads\TeamSpeak3-Client-win32-3.0.16.exe</p><p>2014-12-02 11:43:32 -------- d-----w- C:\ProgramData\EA Core</p><p>2014-12-01 11:59:04 -------- d-----w- C:\ProgramData\RogueKiller</p><p>2014-11-17 14:34:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm</p><p>2014-11-17 14:30:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone</p><p>2014-11-17 13:54:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II</p><p>2014-11-17 13:10:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III</p><p>2014-11-16 22:56:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype</p><p>2014-11-16 22:56:26 -------- d-----w- C:\ProgramData\Skype</p><p>2014-11-16 10:23:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net</p><p>2014-11-16 10:04:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel</p><p>2014-11-16 09:50:42 -------- d-----w- C:\ProgramData\Origin</p><p>2014-11-16 09:50:42 -------- d-----w- C:\ProgramData\Electronic Arts</p><p>2014-11-16 09:41:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro</p><p>2014-11-14 11:13:53 -------- d-----w- C:\Users\Kuthe\jagexcache</p><p>2014-11-14 11:02:37 -------- d-----w- C:\ProgramData\SystemRequirementsLab</p><p>2014-11-14 10:41:17 -------- d-----w- C:\ProgramData\Blizzard Entertainment</p><p>2014-11-14 10:37:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician</p><p>2014-11-14 10:33:33 -------- d-----w- C:\ProgramData\Riot Games</p><p>2014-11-14 07:28:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center</p><p>2014-11-14 04:30:08 -------- d-----w- C:\ProgramData\Battle.net</p><p>2014-11-14 04:25:43 -------- d-----w- C:\ProgramData\Sun</p><p>2014-11-14 04:25:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java</p><p>2014-11-14 04:25:38 -------- d-----w- C:\ProgramData\Oracle</p><p>2014-11-14 04:22:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam</p><p>2014-11-14 03:30:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI</p><p>2014-11-14 03:30:11 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\Intel</p><p>2014-11-14 03:30:11 -------- d-----w- C:\ProgramData\Intel</p><p>2014-11-14 03:29:58 -------- d-----w- C:\Users\Kuthe\Intel</p><p>2014-11-14 03:29:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome</p><p>2014-11-14 03:22:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation</p><p>2014-11-14 03:22:08 -------- d-----w- C:\ProgramData\NVIDIA</p><p>2014-11-14 03:21:57 -------- d-----w- C:\ProgramData\NVIDIA Corporation</p><p>2014-11-14 03:15:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung</p><p>2014-11-14 03:12:57 -------- d-----w- C:\ProgramData\Samsung</p><p>2014-11-14 03:05:50 -------- d-----w- C:\ProgramData\install_clap</p><p>2014-11-14 03:04:26 -------- d-----w- C:\ProgramData\Temp</p><p>2014-11-14 03:04:07 -------- d-----w- C:\ProgramData\CyberLink</p><p>2014-11-14 02:28:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXPERTool</p><p>2014-11-14 02:24:31 -------- d-----r- C:\Users\Kuthe\Searches</p><p>2014-11-14 02:24:31 -------- d-----r- C:\Users\Kuthe\Contacts</p><p>2014-11-14 02:24:26 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Kuthe\ntuser.ini</p><p>2014-11-14 02:24:26 -------- d--h--w- C:\Users\Kuthe\AppData</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Videos</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Saved Games</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Pictures</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Music</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Links</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Favorites</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Downloads</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Documents</p><p>2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Desktop</p><p></p><p>====== C: exe-files ==</p><p>2014-12-07 13:23:03 FAB83053CAE661446491946824E843CC 821560 ----a-w- C:\Users\Kuthe\Desktop\mbar\Plugins\fixdamage.exe</p><p>2014-12-07 13:23:03 EACCC127C05090878AC0153FA17C4E65 54072 ----a-w- C:\Users\Kuthe\Desktop\mbar\mbamdor.exe</p><p>2014-12-07 13:23:03 2E65369E31EC7B7C95ABCD5516A06B5F 1216824 ----a-w- C:\Users\Kuthe\Desktop\mbar\mbar.exe</p><p>2014-12-07 13:22:12 F92CE6E6B3A0AB75E48D9A6BE9DDB550 16448208 ----a-w- C:\Users\Kuthe\Desktop\mbar-1.08.2.1001.exe</p><p>2014-12-07 12:47:52 2F3CC1F69C009EC8F616B824442F6FDA 2119680 ----a-w- C:\Users\Kuthe\Desktop\FRST64.exe</p><p>2014-12-05 14:51:00 99CD14EFE0F5A39FD6FA63B0D62F5E88 4451032 ----a-w- C:\Users\Kuthe\AppData\Local\NVIDIA\NvBackend\Packages\00006942\DAO.19113547.exe</p><p>2014-12-05 14:51:00 053A3499F9FA53C8CA808033C0F2B8E2 429800 ----a-w- C:\Users\Kuthe\AppData\Local\NVIDIA\NvBackend\Packages\00006943\CoProc update.19113656.exe</p><p>2014-12-04 02:31:35 BF048C561E8FC17E5E018FB65F5614E1 4135696 ----a-w- C:\Users\Kuthe\Downloads\ventrilo-3.0.8-Windows-x64.exe</p><p>2014-12-03 00:39:38 23DEAC9FBE97193CEC07942B6115CE31 28115400 ----a-w- C:\Users\Kuthe\Downloads\TeamSpeak3-Client-win32-3.0.16.exe</p><p>=== C: other files ==</p><p></p><p>==== Startup Registry Enabled ======================</p><p></p><p>[HKEY_USERS\S-1-5-21-4070813323-3721601472-3593959141-1001\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"TBPanel"="C:\Program Files (x86)\EXPERTool\TBPanel.exe /A"</p><p>"Akamai NetSession Interface"="C:\Users\Kuthe\AppData\Local\Akamai\netsession_win.exe"</p><p></p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"Super Charger"="C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe"</p><p>"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"</p><p>"mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"</p><p>"Corsair Utility Engine"="C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe --autorun"</p><p></p><p>[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"TBPanel"="C:\Program Files (x86)\EXPERTool\TBPanel.exe /A"</p><p>"Akamai NetSession Interface"="C:\Users\Kuthe\AppData\Local\Akamai\netsession_win.exe"</p><p></p><p>==== Startup Registry Enabled x64 ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"</p><p>"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"</p><p>"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"</p><p>"ISCT Tray"="C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"</p><p></p><p>==== Startup Folders ======================</p><p></p><p>2014-11-14 10:37:26 1760 ----a-w- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk</p><p></p><p>==== Task Scheduler Jobs ======================</p><p></p><p>C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [30/11/2014 04:41 PM]</p><p>C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/11/2014 02:29 PM]</p><p>C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/11/2014 02:29 PM]</p><p></p><p>==== Other Scheduled Tasks ======================</p><p></p><p>"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]</p><p>"C:\Windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"]</p><p>"C:\Windows\SysNative\tasks\EXPERTool" [C:\Program Files (x86)\EXPERTool\TBPanel.exe]</p><p>"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]</p><p>"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]</p><p>"C:\Windows\SysNative\tasks\SamsungMagician" ["C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe"]</p><p>"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{B1471B66-7717-4090-A6A8-2DA7BD8D0A7F}" [C:\Windows\system32\msfeedssync.exe]</p><p></p><p>==== Firefox Extensions Registry ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]</p><p>"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [01/12/2014 11:15 PM]</p><p></p><p>==== Chromium Look ======================</p><p></p><p>HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions</p><p>fheoggkfdfchfphceeifdbepaooicaho - No path found[]</p><p></p><p>Google Voice Search Hotword (Beta) - Kuthe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn</p><p>SiteAdvisor - Kuthe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho</p><p>AdBlock - Kuthe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom</p><p>Into The Mist - Kuthe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh</p><p>Google Wallet - Kuthe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda</p><p></p><p>==== Chromium Fix ======================</p><p></p><p>C:\Users\Kuthe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully</p><p></p><p>==== Set IE to Default ======================</p><p></p><p>Old Values:</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://www.google.com/" target="_blank">http://www.google.com/</a>"</p><p></p><p>New Values:</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://www.google.com/" target="_blank">http://www.google.com/</a>"</p><p></p><p>==== All HKCU SearchScopes ======================</p><p></p><p>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes</p><p>"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"</p><p>{012E1000-F331-11DB-8314-0800200C9A66} Google Url="<a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>"</p><p>{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="<a href="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" target="_blank">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02</a>"</p><p>{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="<a href="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" target="_blank">http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7</a>"</p><p></p><p>==== Empty IE Cache ======================</p><p></p><p>C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Users\Kuthe\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully</p><p>C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully</p><p>C:\Users\Kuthe\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully</p><p>C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully</p><p></p><p>==== Empty FireFox Cache ======================</p><p></p><p>No FireFox Profiles found</p><p></p><p>==== Empty Chrome Cache ======================</p><p></p><p>C:\Users\Kuthe\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully</p><p></p><p>==== Empty All Flash Cache ======================</p><p></p><p>Flash Cache Emptied Successfully</p><p></p><p>==== Empty All Java Cache ======================</p><p></p><p>No Java Cache Found</p><p></p><p>==== C:\zoek_backup content ======================</p><p></p><p>C:\zoek_backup (files=26 folders=25 24296470 bytes)</p><p></p><p>==== Empty Temp Folders ======================</p><p></p><p>C:\Users\Default\AppData\Local\Temp emptied successfully</p><p>C:\Users\Default User\AppData\Local\Temp emptied successfully</p><p>C:\Users\Kuthe\AppData\Local\Temp will be emptied at reboot</p><p>C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully</p><p>C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully</p><p>C:\Windows\Temp will be emptied at reboot</p><p></p><p>==== After Reboot ======================</p><p></p><p>==== Empty Temp Folders ======================</p><p></p><p>C:\Windows\Temp successfully emptied</p><p>C:\Users\Kuthe\AppData\Local\Temp successfully emptied</p><p></p><p>==== Empty Recycle Bin ======================</p><p></p><p>C:\$RECYCLE.BIN successfully emptied</p><p></p><p>==== EOF on Tue 09/12/2014 at 0:05:49.73 ======================</p></blockquote><p></p>
[QUOTE="Kuthe93, post: 311645, member: 30963"] Coolcool thanks for the next step. Zoek.exe v5.0.0.0 Updated 06-December-2014 Tool run by Kuthe on Mon 08/12/2014 at 23:56:16.29. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Kuthe\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 8/12/2014 11:56:37 PM Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\GUM38C9.tmp deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Google deleted successfully C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully C:\Users\Kuthe\AppData\Local\Adobe deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found C:\PROGRA~3\Documents deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-12-04 02:32:31 01A4FEEB9CB3E8C739CE62EB050D363D 262 ----a-w- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini 2014-11-18 00:48:01 ACDBE1ED38167C8B01B8F63161BB2CEA 2374784 ----a-w- C:\Windows\explorer.exe 2014-11-14 03:27:32 FFC77870402F6DDD5BB8172C6A55DFB3 2080472 ------r- C:\Windows\RtlExUpd.dll ====== C:\Users\Kuthe\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-12-01 11:59:07 A1965DFC0CD91E7CFC42925F8F597274 34808 ----a-w- C:\Windows\Sysnative\drivers\TrueSight.sys 2014-11-19 02:40:08 6416E79A58A8FCC33A447A4DDDD3BF04 412160 ----a-w- C:\Windows\Sysnative\drivers\srv.sys 2014-11-19 02:40:08 038C77D577900EE39410662478BB0D50 2009920 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-11-19 02:40:07 5BED3AB69797C8786EF70AEA8C33748B 674816 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2014-11-19 02:40:06 FF78D053A05E5A394F4E3C1816CC65A8 143680 -c--a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2014-11-19 02:40:05 240C5C3793206725AA05665851E8C214 412992 -c--a-w- C:\Windows\Sysnative\drivers\spaceport.sys 2014-11-19 02:40:04 64CA2B4A49A8EAF495E435623ECCE7DB 310080 -c--a-w- C:\Windows\Sysnative\drivers\volsnap.sys 2014-11-19 02:40:03 D047CD668E6277FD80F0C613946F034C 246272 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys 2014-11-19 02:40:02 FEF0BC107812B36849741C3211BA6B60 419648 -c--a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2014-11-19 02:40:02 26ACA481FAFEC59FE311D719E3027BBA 446976 ----a-w- C:\Windows\Sysnative\drivers\nwifi.sys 2014-11-19 02:40:02 1DD05F4857C2188744B9E864658949DD 295424 ----a-w- C:\Windows\Sysnative\drivers\ks.sys 2014-11-19 02:40:00 E4B4BE2D7750849C07589DA0B0AABA01 1118040 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2014-11-19 02:40:00 D4B7ED39C7900384D9E5C1283F1E7926 76800 -c--a-w- C:\Windows\Sysnative\drivers\hdaudbus.sys 2014-11-19 02:40:00 C910E5D18958914A66F0E45689D0B40A 206848 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2014-11-19 02:40:00 B1AA3B19A2E596A59224F893E01A5A75 126464 ----a-w- C:\Windows\Sysnative\drivers\NdisImPlatform.sys 2014-11-19 02:39:57 91ED124E261EA8FAA1C0FFDF2A71B0C4 280384 -c--a-w- C:\Windows\Sysnative\drivers\pci.sys 2014-11-19 02:39:56 9C096BF5E10CA8BFA56F32522A89FAF1 79872 ----a-w- C:\Windows\Sysnative\drivers\IPMIDrv.sys 2014-11-18 09:49:59 435DCC78057A57965DA660A85A0922DE 135384 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-11-18 09:49:44 3540DDFAC8A076B983F86EB2A79D8FBD 96472 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-11-18 01:13:31 947EA0AFF75E3E70D5BE9F88F6325F30 2641 ----a-w- C:\Windows\Sysnative\drivers\mfencrk.inf 2014-11-18 01:13:31 628DC155C32875B286B2742D10D196C2 5442 ----a-w- C:\Windows\Sysnative\drivers\mfencbdc.inf 2014-11-18 01:13:21 29F981739E50305128022CBE10B3659C 197704 ----a-w- C:\Windows\Sysnative\drivers\HipShieldK.sys 2014-11-18 00:48:04 8DF1254093B5C354CE725EB6B9B0DE19 146752 ----a-w- C:\Windows\Sysnative\drivers\msgpioclx.sys 2014-11-18 00:42:20 6D2EE96150E35B9EA49F2B481DE0369A 177472 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-11-18 00:42:20 4E1207CE16E615B0B7A70DC889F4500E 563976 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2014-11-18 00:42:19 9F08A6608F98B5407E7DDBCF306573EF 27456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2014-11-18 00:41:33 313DCE665B57000B18CB26C6B6A10DFE 1557848 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2014-11-18 00:40:16 374E27295F0A9DCAA8FC96370F9BEEA5 563200 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2014-11-18 00:36:28 DE8D12B4C3F55FA2C5E9774314F6C58A 258368 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys 2014-11-18 00:36:27 4AD874CDC812EC156265E451B6B09DAB 114496 ----a-w- C:\Windows\Sysnative\drivers\WdNisDrv.sys 2014-11-18 00:36:26 0359607177E5E9F6041136CC0A5CB0B6 35320 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys 2014-11-18 00:34:19 7A1A3F213CDB3363D179D5014272025D 402432 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2014-11-18 00:34:15 674A4702E4E144E8710ED1A2EC6DD049 96768 ----a-w- C:\Windows\Sysnative\drivers\agilevpn.sys 2014-11-18 00:34:14 65ED7B9CFEA893DF7748D5FF692690DE 38912 ----a-w- C:\Windows\Sysnative\drivers\vwifimp.sys 2014-11-18 00:34:11 35BF5C5F5E3C9902C98978C7640574DA 71680 ----a-w- C:\Windows\Sysnative\drivers\vwififlt.sys 2014-11-18 00:32:02 E0927EFA25D473367C3341B9F5969779 115712 ----a-w- C:\Windows\Sysnative\drivers\bridge.sys 2014-11-18 00:32:02 65392F3F3F65E4C6CC82A0F4F8A0B051 468288 -c--a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS 2014-11-18 00:31:56 E3FCE2A6B3533D99A3B498504DF9CC47 474432 ----a-w- C:\Windows\Sysnative\drivers\netio.sys 2014-11-18 00:31:56 CCB3A2BB60FE5073F2DEA63FE83CF8FE 2497344 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-11-18 00:31:55 7F23E38C5B6448F91439E4066645191E 428864 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-11-18 00:31:55 66732C13628BDB1AB0D6FD46027327C2 148800 -c--a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS 2014-11-18 00:31:42 FE0ADF5028EB8C1339B66B3AEDE3FEF9 440664 -c--a-w- C:\Windows\Sysnative\drivers\usbport.sys 2014-11-18 00:31:42 D79920BE4E6683D3AB50F71457A4F6C6 27480 -c--a-w- C:\Windows\Sysnative\drivers\usbd.sys 2014-11-18 00:31:42 D537815E450A149752C15868392AD1F3 110592 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys 2014-11-18 00:31:42 7CCBBCEE408A5DBE3FE47297DB5A6CFC 227840 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys 2014-11-18 00:31:42 48BA326A3DBA5B5BEB5F2777F4618696 89944 -c--a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2014-11-18 00:31:42 064260B3A5868AC894A4943543BC7AB7 37376 -c--a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2014-11-18 00:31:35 F152D55E497E12256290C43B31C7D0CE 589656 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys 2014-11-18 00:31:35 CADCE0D6C30427F70A4BFA426256F68C 337240 ----a-w- C:\Windows\Sysnative\drivers\Classpnp.sys 2014-11-18 00:31:34 D90AB68D0FAC9F357F663670FDBB511E 275800 -c--a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-11-18 00:31:34 6592D192E2823C043EDBC010E7774053 360792 ----a-w- C:\Windows\Sysnative\drivers\fltMgr.sys 2014-11-18 00:31:34 4C1E71E37B56C768900B1FCF81205027 372568 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-11-18 00:31:29 182561A14F2E93E81E66FE3700D17A5A 55328 ----a-w- C:\Windows\Sysnative\drivers\wpcfltr.sys 2014-11-17 06:20:15 7FC5667DF73D4B04AA457CC3A4180E09 157016 ----a-w- C:\Windows\Sysnative\drivers\wof.sys 2014-11-17 06:20:13 4030CB06B8D963A45CED9E60C9F2A11E 379224 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys 2014-11-17 06:20:13 179A41249055D5F039F1B6703F3B6D2B 376152 ----a-w- C:\Windows\Sysnative\drivers\clfs.sys 2014-11-17 06:20:08 A03F362C5557E238CBFA914689C77248 134144 ----a-w- C:\Windows\Sysnative\drivers\dfsc.sys 2014-11-17 06:20:07 BFBE1C5F57FE7A885673A1962D5532B7 136024 ----a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys 2014-11-17 06:20:07 8DB8EAB9D0C6A5DF0BDCADEA239220B4 33280 -c--a-w- C:\Windows\Sysnative\drivers\hidusb.sys 2014-11-17 06:20:06 41CF802064F72E55F50CA0A221FD36D4 49152 ----a-w- C:\Windows\Sysnative\drivers\tcpipreg.sys 2014-11-17 06:20:05 ABB7341766902F5AAB45E15F34D19E15 111616 -c--a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2014-11-17 06:20:04 1D55DADC22D21883A2F80297F5A5AE48 140288 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2014-11-17 06:20:03 3E28B99198B514DFEB152EACF913025E 283648 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2014-11-17 06:17:18 9539F7917B4B6D92C90F0FAA6B86C605 539992 -c--a-w- C:\Windows\Sysnative\drivers\acpi.sys 2014-11-17 06:17:10 A26AEC49F318FEE141DDDB2C5F99B3E6 249688 ----a-w- C:\Windows\Sysnative\drivers\rdyboost.sys 2014-11-17 06:16:52 8685379B82AC81187813225905531D1E 272896 -c--a-w- C:\Windows\Sysnative\drivers\portcls.sys 2014-11-17 06:16:51 52E483A3701A5A61A75A06993720347D 551256 -c--a-w- C:\Windows\Sysnative\drivers\vhdmp.sys 2014-11-17 06:16:35 DDEE191AB32DFC22C6465002ECDF5EE4 124416 ----a-w- C:\Windows\Sysnative\drivers\luafv.sys 2014-11-17 06:16:35 0ECEE590F2E2EF969FB74A6FC583A1E6 663040 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys 2014-11-17 06:16:33 FDEC5799BA499D18AFA3A540538866E7 236888 -c--a-w- C:\Windows\Sysnative\drivers\sdbus.sys 2014-11-17 06:16:26 E515A287C8FAE901EB8FB42F168E14F2 924504 ----a-w- C:\Windows\Sysnative\drivers\refs.sys 2014-11-17 06:16:26 BCFD8B149B3ADF92D0DB1E909CAF0265 79192 ----a-w- C:\Windows\Sysnative\drivers\fileinfo.sys 2014-11-17 06:16:25 38A82F4EE8C416A6744B6D30381ED768 33280 -c--a-w- C:\Windows\Sysnative\drivers\BasicRender.sys 2014-11-17 06:16:25 02836172141D3AFA35B07679E253E503 151384 -c--a-w- C:\Windows\Sysnative\drivers\dumpsd.sys 2014-11-17 06:16:24 0B1E929D11A8E358106955603FAC65E8 79192 -c--a-w- C:\Windows\Sysnative\drivers\sdstor.sys 2014-11-17 06:16:18 61A1C2641321A6B89A2B41C5D481EF48 71888 ----a-w- C:\Windows\Sysnative\drivers\dumpfve.sys 2014-11-17 06:16:15 48430B0313FC1CFE3D2400553F1A93CD 325464 -c--a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS 2014-11-17 06:16:14 B034A41891A36457B994307DFA772293 189784 -c--a-w- C:\Windows\Sysnative\drivers\UCX01000.SYS 2014-11-17 06:16:11 9DDCA7F18983C5410DEFF79F819DF93C 994136 ----a-w- C:\Windows\Sysnative\drivers\http.sys 2014-11-17 06:16:01 9CC0003FB8ED3763B977B43F1012FF63 54272 ----a-w- C:\Windows\Sysnative\drivers\watchdog.sys 2014-11-16 09:36:08 6B06E2D11E604BE2B1A406C4CB3B90DE 57176 -c--a-w- C:\Windows\Sysnative\drivers\stornvme.sys 2014-11-16 09:34:16 B7342B3C58E91107F6E946A93D9D4EFD 142848 ----a-w- C:\Windows\Sysnative\drivers\ipnat.sys 2014-11-16 09:34:16 1C89EF529DB7DCA98E801EFDCC8437DE 19456 -c--a-w- C:\Windows\Sysnative\drivers\BtaMPM.sys 2014-11-16 09:31:34 A1A5E79C0D1352AFDC08328A623DA051 408576 ----a-w- C:\Windows\Sysnative\drivers\rdbss.sys 2014-11-16 09:30:24 ADDECBCC777665BD113BED437E602AB0 101208 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2014-11-16 09:30:16 A026EDEAA5EECAE0B08E2748B616D4BD 175960 ----a-w- C:\Windows\Sysnative\drivers\VerifierExt.sys 2014-11-16 09:30:10 04951A9A937CBE28A2D3FEEA360B6D1F 83456 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2014-11-16 09:26:10 139CFCDCD36B1B1782FD8C0014AC9B0E 39768 -c--a-w- C:\Windows\Sysnative\drivers\intelpep.sys 2014-11-16 09:26:10 0044B31F93946D5D41982314381FE431 146776 ----a-w- C:\Windows\Sysnative\drivers\SerCx2.sys 2014-11-16 09:26:09 B9D968D8E2B0F9C6301CEB39CFC9B9E4 86872 ----a-w- C:\Windows\Sysnative\drivers\pdc.sys 2014-11-14 10:34:04 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf 2014-11-14 10:23:37 FDB03499693DEFD0B6754264C187F967 13207184 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2014-11-14 10:23:37 C4E0CB81D36A14807628DD70105D6696 39056 ----a-w- C:\Windows\Sysnative\drivers\nvvadarm.sys 2014-11-14 04:29:37 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys 2014-11-14 03:32:42 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_INETMON_01011.Wdf 2014-11-14 03:32:42 0BBE196EED750C18E5D4B3CB55EB097C 25800 ----a-w- C:\Windows\Sysnative\drivers\INETMON.sys 2014-11-14 03:30:11 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2014-11-14 03:28:24 886CE666A9507E17475C7156B157D181 5804772 ----a-w- C:\Windows\Sysnative\drivers\rtvienna.dat 2014-11-14 03:28:07 70DD225646BF84233E18890583E57EFB 3882456 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys 2014-11-14 03:28:06 CAC02E951108A92C26669262129BF3B5 837014 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT 2014-11-14 03:26:49 D9C5260772FDA64AB729C0B4822F11E3 838872 ----a-w- C:\Windows\Sysnative\drivers\Rt630x64.sys 2014-11-14 03:22:09 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys 2014-11-14 02:31:51 4CCF421E6C4B2A4CBCE000715911F7CC 15872 ----a-w- C:\Windows\Sysnative\drivers\anodlwfx.sys 2014-11-14 02:20:45 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf ====== C:\Windows\Tasks ====== 2014-11-16 10:23:09 9B5BBE65BF46FC888695004FEC569B05 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-16 10:23:09 044B73E94A392CED3C48024518BE939E 3718 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2014-11-14 23:03:42 463B07980121D5557C7CA1D7E8EE76E4 3918 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{B1471B66-7717-4090-A6A8-2DA7BD8D0A7F} 2014-11-14 10:37:31 65F36D4B537280C48507A38BF6072108 3234 ----a-w- C:\Windows\Sysnative\Tasks\SamsungMagician 2014-11-14 07:28:48 EAFF5A20637B608B92C1FCCFC411F5E0 3118 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2014-11-14 07:28:48 38C7CCB21D1B852DF6E087AD10C63307 3090 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft_Hardware_Launch_itype_exe 2014-11-14 07:28:48 06710202549E47FE1A712A857C95D87B 3092 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2014-11-14 03:29:15 AD7985A8445DD29094ADC1074E975EF9 920 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-14 03:29:15 199E686576C403C6259991698705B2A1 3892 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2014-11-14 03:29:14 93ACAD69BCF12D1B16A8AD3F8252E46C 916 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-14 03:29:14 482C3564532F739970145BEDAF76B3F0 3656 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2014-11-14 02:31:10 D96BEA37E85FEB5C328C596041B9E1B9 3600 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070813323-3721601472-3593959141-1001 2014-11-14 02:28:32 DE93297DDB7BEDD78AA338E54C6008C7 2992 ----a-w- C:\Windows\Sysnative\Tasks\EXPERTool 2014-11-14 02:24:33 -------- d-----w- C:\Windows\Sysnative\Tasks\WPD 2014-11-14 02:22:22 CBAB4F322A53D89A2886AB651CEDF7C5 3706 ----a-w- C:\Windows\Sysnative\Tasks\AutoPico Daily Restart ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-04 02:32:31 -------- d-----w- C:\Program Files\Ventrilo 2014-11-14 23:33:15 -------- d-----w- C:\Program Files\Reference Assemblies 2014-11-14 23:33:15 -------- d-----w- C:\Program Files\MSBuild 2014-11-14 07:28:43 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center 2014-11-14 03:28:45 -------- d-----w- C:\Program Files\Realtek 2014-11-14 03:26:36 -------- d-----w- C:\Program Files\Intel 2014-11-14 02:30:26 -------- d-----w- C:\Program Files\NVIDIA Corporation 2014-11-14 02:22:22 -------- d-----w- C:\Program Files\KMSpico ======= C:\PROGRA~2 ===== 2014-12-04 02:31:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard 2014-11-18 02:02:08 -------- d-----w- C:\PROGRA~2\Corsair 2014-11-17 13:46:56 -------- d--h--w- C:\PROGRA~2\COMMON~1\EAInstaller 2014-11-16 22:56:28 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-11-16 22:56:27 -------- d-----r- C:\PROGRA~2\Skype 2014-11-16 10:23:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Blizzard Entertainment 2014-11-16 09:41:56 -------- d-----w- C:\PROGRA~2\HD Tune Pro 2014-11-14 23:33:16 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2014-11-14 23:33:16 -------- d-----w- C:\PROGRA~2\MSBuild 2014-11-14 11:02:37 -------- d-----w- C:\PROGRA~2\SystemRequirementsLab 2014-11-14 10:37:22 -------- d-----w- C:\PROGRA~2\Samsung Magician 2014-11-14 04:32:04 -------- d-----w- C:\PROGRA~2\League of Legends 2014-11-14 04:25:43 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-11-14 04:25:36 -------- d-----w- C:\PROGRA~2\Java 2014-11-14 04:22:26 -------- d-----w- C:\PROGRA~2\COMMON~1\Steam 2014-11-14 03:30:17 -------- d-----w- C:\PROGRA~2\COMMON~1\PostureAgent 2014-11-14 03:30:11 -------- d-----w- C:\PROGRA~2\Intel 2014-11-14 03:29:14 -------- d-----w- C:\PROGRA~2\Google 2014-11-14 03:27:34 -------- d--h--w- C:\PROGRA~2\Temp 2014-11-14 03:27:29 -------- d-----w- C:\PROGRA~2\COMMON~1\InstallShield 2014-11-14 03:26:43 -------- d-----w- C:\PROGRA~2\Realtek 2014-11-14 03:26:25 -------- d-----w- C:\PROGRA~2\MSI 2014-11-14 03:21:55 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation 2014-11-14 03:15:58 -------- d-----w- C:\PROGRA~2\Samsung 2014-11-14 03:08:16 -------- d-----w- C:\PROGRA~2\COMMON~1\Nikon 2014-11-14 02:31:50 -------- d--h--w- C:\PROGRA~2\InstallShield Installation Information 2014-11-14 02:28:31 -------- d-----w- C:\PROGRA~2\EXPERTool ======= C: ===== ====== C:\Users\Kuthe\AppData\Roaming ====== 2014-12-07 07:45:27 -------- d-----w- C:\Users\Kuthe\AppData\Local\THQ 2014-12-06 10:51:55 -------- d-----w- C:\Users\Kuthe\AppData\Local\Blizzard 2014-12-04 02:32:44 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Ventrilo 2014-12-04 02:32:32 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo 2014-12-03 10:44:16 -------- d-sh--w- C:\Users\Kuthe\AppData\Locallow\EmieUserList 2014-12-03 10:44:16 -------- d-sh--w- C:\Users\Kuthe\AppData\Locallow\EmieBrowserModeList 2014-12-03 10:44:03 -------- d-sh--w- C:\Users\Kuthe\AppData\Local\EmieUserList 2014-12-03 10:44:03 -------- d-sh--w- C:\Users\Kuthe\AppData\Local\EmieSiteList 2014-12-03 10:44:03 -------- d-sh--w- C:\Users\Kuthe\AppData\Local\EmieBrowserModeList 2014-12-03 10:44:00 -------- d-sh--w- C:\Users\Kuthe\AppData\Locallow\EmieSiteList 2014-12-01 12:15:19 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2014-11-30 21:11:54 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2014-11-30 12:07:39 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps 2014-11-18 02:03:28 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Corsair 2014-11-18 02:03:28 -------- d-----w- C:\Users\Kuthe\AppData\Local\Corsair 2014-11-18 00:40:47 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-11-16 22:56:30 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Skype 2014-11-16 22:56:30 -------- d-----w- C:\Users\Kuthe\AppData\Local\Skype 2014-11-16 15:10:25 4E5B953322D4ECAEE558AA468A83CEA1 1200968 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-11-16 11:55:20 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Curse Advertising 2014-11-16 11:55:10 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Apps 2014-11-16 11:55:10 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse 2014-11-16 11:54:30 -------- d-----w- C:\Users\Kuthe\AppData\Local\Deployment 2014-11-16 11:54:30 -------- d-----w- C:\Users\Kuthe\AppData\Local\Apps 2014-11-16 09:56:19 -------- d-----w- C:\Users\Kuthe\AppData\Local\ElevatedDiagnostics 2014-11-16 09:51:14 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Origin 2014-11-16 09:51:12 -------- d-----w- C:\Users\Kuthe\AppData\Local\Origin 2014-11-16 09:41:59 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\HD Tune Pro 2014-11-14 23:08:59 -------- d-----w- C:\Users\Kuthe\AppData\Local\Diagnostics 2014-11-14 22:38:02 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-11-14 11:05:45 -------- d-----w- C:\Users\Kuthe\AppData\Local\Intel_Corporation 2014-11-14 10:41:22 -------- d-----w- C:\Users\Kuthe\AppData\Local\Blizzard Entertainment 2014-11-14 10:41:17 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Battle.net 2014-11-14 10:41:17 -------- d-----w- C:\Users\Kuthe\AppData\Local\Battle.net 2014-11-14 10:33:45 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\LolClient 2014-11-14 07:40:16 -------- d-----w- C:\Users\Default\AppData\Local\Google 2014-11-14 07:40:16 -------- d-----w- C:\Users\Default User\AppData\Local\Google 2014-11-14 07:34:26 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google 2014-11-14 07:26:28 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2014-11-14 04:21:43 -------- d-----w- C:\Users\Kuthe\AppData\Local\Ubisoft Game Launcher 2014-11-14 04:21:00 -------- d-----w- C:\Users\Kuthe\AppData\Locallow\Sun 2014-11-14 04:19:00 -------- d-s---w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft 2014-11-14 04:17:40 -------- d-s---w- C:\Users\Kuthe\AppData\Locallow\Microsoft 2014-11-14 04:16:49 -------- d-s---w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Microsoft 2014-11-14 03:33:12 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\NVIDIA 2014-11-14 03:33:11 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\CyberLink 2014-11-14 03:32:56 -------- d-----w- C:\Users\Kuthe\AppData\Local\Power2Go8 2014-11-14 03:29:51 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2014-11-14 03:29:14 -------- d-----w- C:\Users\Kuthe\AppData\Local\Google 2014-11-14 03:22:39 -------- d-----w- C:\Users\Kuthe\AppData\Local\NVIDIA Corporation 2014-11-14 03:22:39 -------- d-----w- C:\Users\Kuthe\AppData\Local\NVIDIA 2014-11-14 02:31:00 -------- d-s---w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Microsoft 2014-11-14 02:28:31 -------- d-----w- C:\Users\Kuthe\AppData\Local\Programs 2014-11-14 02:24:31 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Adobe 2014-11-14 02:24:31 -------- d-----w- C:\Users\Kuthe\AppData\Local\VirtualStore 2014-11-14 02:24:31 -------- d-----r- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-11-14 02:24:31 -------- d-----r- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-11-14 02:24:27 -------- d-----w- C:\Users\Kuthe\AppData\Local\Packages 2014-11-14 02:24:26 -------- d-s---w- C:\Users\Kuthe\AppData\Roaming\Microsoft 2014-11-14 02:24:26 -------- d-----w- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-14 02:24:26 -------- d-----w- C:\Users\Kuthe\AppData\Local\Temp 2014-11-14 02:24:26 -------- d-----w- C:\Users\Kuthe\AppData\Local\Microsoft 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-11-14 02:22:22 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Programs 2014-11-14 02:21:52 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages ====== C:\Users\Kuthe ====== 2014-12-07 13:22:12 F92CE6E6B3A0AB75E48D9A6BE9DDB550 16448208 ----a-w- C:\Users\Kuthe\Desktop\mbar-1.08.2.1001.exe 2014-12-07 12:47:52 2F3CC1F69C009EC8F616B824442F6FDA 2119680 ----a-w- C:\Users\Kuthe\Desktop\FRST64.exe 2014-12-04 02:31:35 BF048C561E8FC17E5E018FB65F5614E1 4135696 ----a-w- C:\Users\Kuthe\Downloads\ventrilo-3.0.8-Windows-x64.exe 2014-12-03 00:39:38 23DEAC9FBE97193CEC07942B6115CE31 28115400 ----a-w- C:\Users\Kuthe\Downloads\TeamSpeak3-Client-win32-3.0.16.exe 2014-12-02 11:43:32 -------- d-----w- C:\ProgramData\EA Core 2014-12-01 11:59:04 -------- d-----w- C:\ProgramData\RogueKiller 2014-11-17 14:34:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm 2014-11-17 14:30:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2014-11-17 13:54:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II 2014-11-17 13:10:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III 2014-11-16 22:56:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-11-16 22:56:26 -------- d-----w- C:\ProgramData\Skype 2014-11-16 10:23:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-11-16 10:04:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2014-11-16 09:50:42 -------- d-----w- C:\ProgramData\Origin 2014-11-16 09:50:42 -------- d-----w- C:\ProgramData\Electronic Arts 2014-11-16 09:41:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro 2014-11-14 11:13:53 -------- d-----w- C:\Users\Kuthe\jagexcache 2014-11-14 11:02:37 -------- d-----w- C:\ProgramData\SystemRequirementsLab 2014-11-14 10:41:17 -------- d-----w- C:\ProgramData\Blizzard Entertainment 2014-11-14 10:37:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician 2014-11-14 10:33:33 -------- d-----w- C:\ProgramData\Riot Games 2014-11-14 07:28:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center 2014-11-14 04:30:08 -------- d-----w- C:\ProgramData\Battle.net 2014-11-14 04:25:43 -------- d-----w- C:\ProgramData\Sun 2014-11-14 04:25:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-14 04:25:38 -------- d-----w- C:\ProgramData\Oracle 2014-11-14 04:22:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-11-14 03:30:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2014-11-14 03:30:11 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\Intel 2014-11-14 03:30:11 -------- d-----w- C:\ProgramData\Intel 2014-11-14 03:29:58 -------- d-----w- C:\Users\Kuthe\Intel 2014-11-14 03:29:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-11-14 03:22:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-11-14 03:22:08 -------- d-----w- C:\ProgramData\NVIDIA 2014-11-14 03:21:57 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2014-11-14 03:15:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2014-11-14 03:12:57 -------- d-----w- C:\ProgramData\Samsung 2014-11-14 03:05:50 -------- d-----w- C:\ProgramData\install_clap 2014-11-14 03:04:26 -------- d-----w- C:\ProgramData\Temp 2014-11-14 03:04:07 -------- d-----w- C:\ProgramData\CyberLink 2014-11-14 02:28:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXPERTool 2014-11-14 02:24:31 -------- d-----r- C:\Users\Kuthe\Searches 2014-11-14 02:24:31 -------- d-----r- C:\Users\Kuthe\Contacts 2014-11-14 02:24:26 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Kuthe\ntuser.ini 2014-11-14 02:24:26 -------- d--h--w- C:\Users\Kuthe\AppData 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Videos 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Saved Games 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Pictures 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Music 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Links 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Favorites 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Downloads 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Documents 2014-11-14 02:24:26 -------- d-----r- C:\Users\Kuthe\Desktop ====== C: exe-files == 2014-12-07 13:23:03 FAB83053CAE661446491946824E843CC 821560 ----a-w- C:\Users\Kuthe\Desktop\mbar\Plugins\fixdamage.exe 2014-12-07 13:23:03 EACCC127C05090878AC0153FA17C4E65 54072 ----a-w- C:\Users\Kuthe\Desktop\mbar\mbamdor.exe 2014-12-07 13:23:03 2E65369E31EC7B7C95ABCD5516A06B5F 1216824 ----a-w- C:\Users\Kuthe\Desktop\mbar\mbar.exe 2014-12-07 13:22:12 F92CE6E6B3A0AB75E48D9A6BE9DDB550 16448208 ----a-w- C:\Users\Kuthe\Desktop\mbar-1.08.2.1001.exe 2014-12-07 12:47:52 2F3CC1F69C009EC8F616B824442F6FDA 2119680 ----a-w- C:\Users\Kuthe\Desktop\FRST64.exe 2014-12-05 14:51:00 99CD14EFE0F5A39FD6FA63B0D62F5E88 4451032 ----a-w- C:\Users\Kuthe\AppData\Local\NVIDIA\NvBackend\Packages\00006942\DAO.19113547.exe 2014-12-05 14:51:00 053A3499F9FA53C8CA808033C0F2B8E2 429800 ----a-w- C:\Users\Kuthe\AppData\Local\NVIDIA\NvBackend\Packages\00006943\CoProc update.19113656.exe 2014-12-04 02:31:35 BF048C561E8FC17E5E018FB65F5614E1 4135696 ----a-w- C:\Users\Kuthe\Downloads\ventrilo-3.0.8-Windows-x64.exe 2014-12-03 00:39:38 23DEAC9FBE97193CEC07942B6115CE31 28115400 ----a-w- C:\Users\Kuthe\Downloads\TeamSpeak3-Client-win32-3.0.16.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-4070813323-3721601472-3593959141-1001\Software\Microsoft\Windows\CurrentVersion\Run] "TBPanel"="C:\Program Files (x86)\EXPERTool\TBPanel.exe /A" "Akamai NetSession Interface"="C:\Users\Kuthe\AppData\Local\Akamai\netsession_win.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Super Charger"="C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "Corsair Utility Engine"="C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe --autorun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TBPanel"="C:\Program Files (x86)\EXPERTool\TBPanel.exe /A" "Akamai NetSession Interface"="C:\Users\Kuthe\AppData\Local\Akamai\netsession_win.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "ISCT Tray"="C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe" ==== Startup Folders ====================== 2014-11-14 10:37:26 1760 ----a-w- C:\Users\Kuthe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [30/11/2014 04:41 PM] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/11/2014 02:29 PM] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/11/2014 02:29 PM] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"] "C:\Windows\SysNative\tasks\EXPERTool" [C:\Program Files (x86)\EXPERTool\TBPanel.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SamsungMagician" ["C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{B1471B66-7717-4090-A6A8-2DA7BD8D0A7F}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [01/12/2014 11:15 PM] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - No path found[] Google Voice Search Hotword (Beta) - Kuthe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn SiteAdvisor - Kuthe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho AdBlock - Kuthe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Into The Mist - Kuthe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh Google Wallet - Kuthe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Kuthe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://www.google.com/[/url]" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://www.google.com/[/url]" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="[url]http://www.google.com/search?q={searchTerms}[/url]" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="[url]http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02[/url]" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="[url]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Kuthe\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Kuthe\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Kuthe\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=26 folders=25 24296470 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Kuthe\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Kuthe\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Tue 09/12/2014 at 0:05:49.73 ====================== [/QUOTE]
Insert quotes…
Verification
Post reply
Top