• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

Firefox doet raar

Status
Niet open voor verdere reacties.

Themostdead

Gevestigd lid
Lid geworden
19 okt 2013
Berichten
372
Waarderingsscore
0
Als ik een zoek opdracht met google image doe krijg ik ongeveer 4 seconden nadat de pagina geleden is een nieuwe tab met de naam https://www.google.nl/blank.html, die word elke keer automatisch geopend.

Op facebook als ik op een foto klik wat dan opent in facebook, blijft me muis op het laad icoontje hangen ( de normale muis en het bewegende blauwe wieltje ernaast) zodra ik naar een andere tab ga word de cursor weer normaal, maar als ik weer terug ga naar facebook gaat hij weer naar die laad cursor toe, ik heb dit ook op internet explorer geprobeerd en daar deed hij het ook, ook op een andere PC deed hij hetzelfde op facebook.

Iemand enig idee wat dit zou kunnen zijn?
Of zou dit gewoon een foutje van facebook en google kunnen zijn (aangezien facebook ook raar doet op internet explorer)
Ik heb mijn PC al gescant met malwarebytes en avira en allebei niks gevonden
 
Gebruik onderstaande scanner maar eens: download 9-Lab Scan via n van de twee links hieronder:

9-Lab Scan voor 64-bit Windows
9-Lab Scan voor 32-bit Windows

Installeer het tool in jouw Windows; op het bureaublad vind je daarna deze snelkoppeling:
558471a36e4d8-RRXH2ZG.jpg


Klik deze snelkoppeling met rechts aan kies voor "Als administrator uitvoeren".

Controleer nu eerst of 9-Lab Scan geupdated is:

5584722fea56f-9-Lab_scan1x.jpg


Klik daarvoor op het pijltje welk door de rode pijl is aangeduidt.


Klik daarna in het menu op "Full Scan" - die duurt wel even, dus wees geduldig.

Is de scan scan klaar, klik dan op de knop "Clean".

558472f03a2f2-9-Lab_scan2x.jpg



Er wordt een log bewaard, dat vind jij dan via de linkerkolom via "Logs".
Klik eerst het log aan en dan op de knop open.

558473c62ba1e-9-Lab_scan3x.jpg



Selekteer vervolgens de gehele inhoud van het log en plak deze dan in jouw volgende antwoord.
 
Hier is de log. vond het aan de ene kant wel raar, aangezien ik assassins creed unity gewoon legaal erop heb staan
Facebook doet nog wel steeds raar met de cursor, dat van google was daarnet al opgehouden

9-lab Removal Tool 1.0.0.36 BETA
9-lab.com

Database version: 107.32316

Windows 7 Service Pack 1 (Version 6.1, Build 7601, 64-bit Edition)
Internet Explorer 9.11.9600.17843
Patrick :: PATRICK-PC

2-7-2015 15:49:57
9lab-log-2015-07-02 (15-49-57).txt

Scan type: Full
Objects scanned: 46297
Time Elapsed: 12 m 40 s

Registry Values detected: 1
Risk.IEPath [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command (Default)]


Files detected: 4
[68D344749398248C3DD7A69099BB85C9] Risk.FPL.CoinMiner.vb [c:\users\patrick\appdata\roaming\steam\Reversed\config.xml]
[C226B63F617C4049935040D207046CE6] Risk.FPL.CoinMiner.vb [c:\users\patrick\appdata\roaming\steam\Reversed\steam.comp]
[C39609712405F157D5817B8D773B1870] Malware.Win32.Gen.sm!s1 [D:\Games\Ubisoft Game Launcher\games\Assassins Creed Unity\Assassin's Creed Unity\GDF.exe]
[C7F1F13D961D105866B7ED078403D000] Malware.Win32.Gen.sm!s1 [D:\Games\Ubisoft Game Launcher\games\Assassins Creed Unity\Assassin's Creed Unity\GDF_rem.exe]

--- Update ---

Ik wilde nog even zeggen, ik heb via Uplay de game laten controleren ( om te kijken of er beschadigde bestanden zijn of er een paar missen) en hij heeft de bestanden van assasssins creed unity ( GDF.EXE en GDF_rem.exe) die heeft hij gewoon weer gedownload via de ubisoft servers, dus het lijkt met sterk dat die het probleem waren

--- Update ---

Me google is nu weer begonnen om elke keer een nieuwe tab te openen als ik een google image search doe

--- Update ---

Ik ben er nu achter dat adblock ervoor zorgt dat google elke keer een nieuwe tab open maakt

--- Update ---

Oww laat maar, zelfs met adblock uit doet hij het af en toe
 
Laatst bewerkt door een moderator:
Oww laat maar, zelfs met adblock uit doet hij het af en toe

Ik laat niks, ik heb nu als allereerste jouw topic verplaatst.


Download ZHPDiag naar het bureaublad.

Antivirussoftware uitschakelen
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met ZHPDiag.

ZHPDiag installeren
  • Dubbelklik op zhpdiag.exe om de installatie te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik meerdere keren op "Suivant" om het installatieproces te doorlopen.
  • Klik op "Installer" wanneer daar om gevraagd wordt en op "Terminer" wanneer de installatie voltooid is.

ZHPDiag uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
  • Dubbelklik op de snelkoppeling met de naam ZHPDiag
  • Het startvenster verschijnt, klik nu op "Configureren".
  • Als de taal niet als Nederlands is ingesteld klik rechts onderaan op het
    52c0016c69f81-huisje.png
    icoontje "Slectionner une langue" en kies "Nerlandais".
  • Klik daarna links onderaan op het
    52c001f7eec91-vergrootglas.png
    icoontje "Diagnosemogelijkheden".
  • Er wordt nu een scan van je systeem gemaakt wacht geduldig tot deze voltooid is.
  • 5457c42d077c1-ZHPDiag.jpg

ZHPDiag.txt logbestand plaatsen
  • Na afloop staat er een tekstbestand met de naam ZHPDiag.txt op het bureaublad.
  • Post vervolgens de inhoud van dit log in je volgende bericht.
 
De zhp diag die ik kan downloaden via die pagina ziet er heel anders uit dan jij omschrijft het is een oranje met zwart scherm en de dingen die ik moet aanklikken staan er ook niet?
Het bestand heet dan ook: ZHPDiag3

Ik ben er trouwens achter gekomen dat waarschijnlijk de addon: Avira Brower Safety er voor zorgt dat google elke keer een nieuwe tab opent, als ik die uitzet gebeurd het namelijk niet meer
 
Laatst bewerkt door een moderator:
Download
51a5f5d096dae-icon_RSIT.png
RSIT van de onderstaande locaties en sla deze op het bureablad op.
Hier staat een beschrijving hoe je kunt kijken of je een 32 of 64 bit versie van Windows heeft.

RSIT Uitvoeren
Wanneer je problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt, laat dit dan even weten in je bericht.
  • Dubbelklik op RSIT.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Als u RSIT de eerste keer uitvoert zal HijackThis gedownload worden als deze niet aanwezig is, sta dit vervolgens toe door op "I accept" te klikken.
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend, genaamd "Log.txt" en "Info.txt".
  • Post beide logs door telkens de gehele inhoud te kopiren en te plakken in jouw nieuwe antwoord.
 
info.txt logfile of random's system information tool 1.10 2015-07-03 10:10:38

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9AAAB0152A000080202100077E05390008000000100E00007E063907FEFFFF00180E000020441900FEFFFF27FEFFFF003852190000A0020000000000000000000000000000000055AA

======Uninstall list======

-->MsiExec /X{B455E95A-B804-439F-B533-336B1635AE97}
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F561AD0-55E0-4B00-9429-C727DD525977}\setup.exe" -l0x9
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F561AD0-55E0-4B00-9429-C727DD525977}\setup.exe" -l0x9 /remove
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x13
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x13 /remove
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{8A83AB8D-8F49-4DB1-BDF6-D74037508614}\setup.exe" -l0x13
-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{8A83AB8D-8F49-4DB1-BDF6-D74037508614}\setup.exe" -l0x13 /remove
Adobe Flash Player 18 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_194_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.11) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824144531}
Alan Wake-->"D:\Steam\steam.exe" steam://uninstall/108710
Assassins Creed Chronicles: China-->"D:\Steam\steam.exe" steam://uninstall/354380
Assassin's Creed Unity-->"D:\Games\Ubisoft Game Launcher\Uplay.exe" uplay://uninstall/720
Avira Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
Avira Browser Safety-->MsiExec.exe /I{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}
Avira-->"C:\ProgramData\Package Cache\{0696cc37-db90-4000-be99-4a173ca7c8af}\Avira.OE.Setup.Bundle.exe" /uninstall
Avira-->MsiExec.exe /I{65EBED55-4B58-4583-88EC-8190D776BFBB}
Battle.net-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=battle.net --displayname="Battle.net"
Battlefield 4-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 4\Cleanup.exe" uninstall_game -autologging
Beard and Hairstyle Set-->"D:\Games\The Witcher 3\The Witcher 3 Wild Hunt\unins002.exe"
Black Mesa-->"D:\Steam\steam.exe" steam://uninstall/362890
Counter-Strike: Global Offensive-->"D:\Steam\steam.exe" steam://uninstall/730
Dead Rising 2-->"D:\Steam\steam.exe" steam://uninstall/45740
Deus Ex: Human Revolution - Director's Cut-->"D:\Steam\steam.exe" steam://uninstall/238010
Dishonored-->"D:\Steam\steam.exe" steam://uninstall/205100
ENSLAVED: Odyssey to the West Premium Edition-->"D:\Steam\steam.exe" steam://uninstall/245280
Fraps-->"D:\Programma's\Fraps\uninstall.exe"
GOG Galaxy-->"C:\Program Files (x86)\GalaxyClient\unins000.exe"
Grand Theft Auto V-->"C:\Program Files (x86)\InstallShield Installation Information\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}\setup.exe" -runfromtemp -l0x0409 -removeonly
Hearthstone-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=hs_beta --displayname="Hearthstone"
HitmanPro.Alert-->"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /uninstall
Intel(R) Chipset Device Software-->MsiExec.exe /I{46C478DE-C381-4200-9627-0DA025B555EB}
Intel(R) Management Engine Components-->"C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall
Intel(R) Management Engine Components-->MsiExec.exe /I{0D01BDA8-C995-40AD-95F8-26B7EA4DCF9F}
Intel(R) Management Engine Components-->MsiExec.exe /I{98900FE1-9C17-4553-B0D1-132BF9126412}
Intel(R) ME UninstallLegacy-->MsiExec.exe /I{E8B134CC-098E-4623-BD85-0A432FE5DDFB}
Intel(R) Rapid Storage Technology-->"C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall
Intel(R) Rapid Storage Technology-->MsiExec.exe /I{EAF826C0-245E-4D02-9D51-BA4C98717EAE}
Intel(R) Smart Connect Technology-->MsiExec.exe /I{85A835DD-7582-4991-B091-BB11347916E1}
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Intel Trusted Connect Service Client-->MsiExec.exe /I{B5E06417-A4AC-4225-B36E-7E34C91616E7}
Java 8 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218045F0}
Just Cause 2-->"D:\Steam\steam.exe" steam://uninstall/8190
League of Legends-->msiexec.exe /x {79BF4901-1EC4-4726-B3C2-A7859706C6E7}
League of Legends-->MsiExec.exe /X{79BF4901-1EC4-4726-B3C2-A7859706C6E7}
LEGO Batman 3: Beyond Gotham-->"D:\Steam\steam.exe" steam://uninstall/313690
LYNE-->"D:\Steam\steam.exe" steam://uninstall/266010
Malwarebytes Anti-Malware versie 2.1.8.1057-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Mark of the Ninja-->"D:\Steam\steam.exe" steam://uninstall/214560
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 4.5.2 (Nederlands)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\NLD\\Setup.exe /repair /x86 /x64 /lcid 1043
Microsoft .NET Framework 4.5.2 (NLD)-->MsiExec.exe /X{AD1F4FA8-65AF-3EAC-A27A-BB08E2686BE2}
Microsoft .NET Framework 4.5.2-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.2-->MsiExec.exe /X{26784146-6E05-3FF9-9335-786C7C0FB5BE}
Microsoft ASP.NET MVC 4 Runtime-->MsiExec.exe /X{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F112F66E-25CA-42DD-983C-6118EB38F606}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0413-1000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Dutch) 2007-->MsiExec.exe /X{90120000-002A-0413-1000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005-->"C:\ProgramData\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft XNA Framework Redistributable 3.1-->MsiExec.exe /I{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}
Microsoft XNA Framework Redistributable 4.0 Refresh-->MsiExec.exe /I{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
MKVToolNix 7.7.0 (64bit)-->D:\Programma's\MKVToolNix\uninst.exe
Mozilla Firefox 38.0.5 (x86 nl)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 31.7.0 (x86 nl)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
New Quest - Contract Missing Miners-->"D:\Games\The Witcher 3\The Witcher 3 Wild Hunt\unins003.exe"
NVIDIA 3D Vision controllerstuurprogramma 352.65-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA 3D Vision stuurprogramma 353.06-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA GeForce Experience 2.4.5.44-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Grafisch stuurprogramma 353.06-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA HD Audio-stuurprogramma 1.3.33.0-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA PhysX (Legacy)-->MsiExec.exe /I{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}
NVIDIA PhysX Systeem Software 9.15.0428-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
One Finger Death Punch-->"D:\Steam\steam.exe" steam://uninstall/264200
OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
Origin-->D:\Programma's\Origin\OriginUninstall.exe
Project CARS-->"D:\Steam\steam.exe" steam://uninstall/234630
PunkBuster Services-->C:\Program Files (x86)\Battlefield 4\Battlefield 4\pbsvc.exe -u
Razer Surround-->"C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\Razer Surround\Razer Surround_Uninstaller.exe" /S
Razer Synapse-->MsiExec.exe /I{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -runfromtemp -removeonly
Resident Evil 5 / Biohazard 5-->"D:\Steam\steam.exe" steam://uninstall/21690
Resident Evil Revelations 2 / Biohazard Revelations 2-->"D:\Steam\steam.exe" steam://uninstall/287290
Revo Uninstaller Pro 3.0.8-->"D:\Programma's\Revo Uninstaller Pro\unins000.exe"
Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {175C1563-5389-3174-A18B-A90AD45208D2}
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {6F197100-4BF3-3105-AA93-C5731C4FA85F}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {32DA925D-8B7D-4298-B893-6291D28CE809}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office 2007 suites (KB2883029) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D08B187F-0D9B-42AC-956E-F46AEC899742}
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {56BB0BAB-7C3C-40C1-8F70-1AAE6A5FE45F}
Security Update for Microsoft Office 2007 suites (KB2965282) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {950FA8CA-FA83-4082-A79B-BCE05762A9EE}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2863812) 32-Bit Edition -->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {D1314007-2EBB-4566-B0AD-C1EEC4262BC4}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6C1A25BE-E3D5-4A5A-B677-8833E5996C20}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BBB81235-8EE6-411F-903E-F83DB17B7B34}
Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A1AB4C88-5F23-43DF-B461-32E5CBA84F7B}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C069DBBB-0547-4405-B9C8-38123FCD9CE0}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {732E7378-7132-4C0F-B30E-C00A0F8AC1EB}
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F88656FB-92A1-484E-911E-D259B15CF420}
Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {39D5B9E5-1C4E-4FBD-9B42-98E89B04AF38}
Shadow Warrior-->"D:\Steam\steam.exe" steam://uninstall/233130
Skype 7.5-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
Software voor Intel Chipset-apparaten-->"C:\ProgramData\Package Cache\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}\SetupChipset.exe" /uninstall
Speccy-->"C:\Program Files\Speccy\uninst.exe"
Temerian Armor Set-->"D:\Games\The Witcher 3\The Witcher 3 Wild Hunt\unins001.exe"
The Witcher 3 - Wild Hunt-->"D:\Games\The Witcher 3\The Witcher 3 Wild Hunt\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BB006B39-9FD7-4DD5-942E-CDF1BBD718DB}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {F8564AF8-30AE-4427-ACF3-69714E1BB656}
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {53DEC068-4690-4F6B-9946-7D21EF02236B}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3054891) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1A06EE8F-D692-4414-847F-94E75E554234}
Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}
Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}
Uplay-->D:\Games\Ubisoft Game Launcher\Uninstall.exe
VGA Boost-->"C:\Program Files (x86)\MSI\MSITrigger\VGA Boost\unins000.exe"
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WhoCrashed 5.02-->"C:\Program Files\WhoCrashed\unins000.exe"
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
WinRAR 4.00 (64-bit)-->D:\Programma's\Winrar\uninstall.exe
XIII-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{42BC0474-6E50-464A-8183-5E3D32E41B1B}\setup.exe" -l0x9

======System event log======

Computer Name: Patrick-PC
Event Code: 7036
Message: De Computer Browser-service heeft nu de status gestopt.
Record Number: 142007
Source Name: Service Control Manager
Time Written: 20150414164007.202319-000
Event Type: Informatie
User:

Computer Name: Patrick-PC
Event Code: 7036
Message: De Computer Browser-service heeft nu de status wordt uitgevoerd.
Record Number: 142006
Source Name: Service Control Manager
Time Written: 20150414164001.194976-000
Event Type: Informatie
User:

Computer Name: Patrick-PC
Event Code: 7036
Message: De Computer Browser-service heeft nu de status gestopt.
Record Number: 142005
Source Name: Service Control Manager
Time Written: 20150414163801.204113-000
Event Type: Informatie
User:

Computer Name: Patrick-PC
Event Code: 7036
Message: De Computer Browser-service heeft nu de status wordt uitgevoerd.
Record Number: 142004
Source Name: Service Control Manager
Time Written: 20150414163755.189769-000
Event Type: Informatie
User:

Computer Name: Patrick-PC
Event Code: 7036
Message: De Computer Browser-service heeft nu de status gestopt.
Record Number: 142003
Source Name: Service Control Manager
Time Written: 20150414163359.377281-000
Event Type: Informatie
User:

=====Application event log=====

Computer Name: Patrick-PC
Event Code: 100
Message:
Record Number: 36176
Source Name: sbNet
Time Written: 20141224081412.000000-000
Event Type: Informatie
User:

Computer Name: Patrick-PC
Event Code: 100
Message:
Record Number: 36175
Source Name: sbNet
Time Written: 20141224081412.000000-000
Event Type: Informatie
User:

Computer Name: Patrick-PC
Event Code: 100
Message:
Record Number: 36174
Source Name: sbNet
Time Written: 20141224081412.000000-000
Event Type: Informatie
User:

Computer Name: Patrick-PC
Event Code: 2003
Message: Expected event (SSAU process launched 2656 [0]).
Record Number: 36173
Source Name: NvStreamSvc
Time Written: 20141224081411.000000-000
Event Type: Informatie
User:

Computer Name: Patrick-PC
Event Code: 2003
Message: Expected event (SSAS and NSS already have consistent certificates [0]).
Record Number: 36172
Source Name: NvStreamSvc
Time Written: 20141224081411.000000-000
Event Type: Informatie
User:

=====Security event log=====

Computer Name: Patrick-PC
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 11579
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141013151235.747166-000
Event Type: Controle geslaagd
User:

Computer Name: Patrick-PC
Event Code: 4624
Message: Er is een account aangemeld.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PATRICK-PC$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:
Proces-id: 0x2d8
Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -

Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 11578
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141013151235.746166-000
Event Type: Controle geslaagd
User:

Computer Name: Patrick-PC
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 11577
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141013151033.042148-000
Event Type: Controle geslaagd
User:

Computer Name: Patrick-PC
Event Code: 4624
Message: Er is een account aangemeld.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PATRICK-PC$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:
Proces-id: 0x2d8
Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -

Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 11576
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141013151033.042148-000
Event Type: Controle geslaagd
User:

Computer Name: Patrick-PC
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 11575
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141013130728.577781-000
Event Type: Controle geslaagd
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone;C:\Program Files (x86)\Skype\Phone\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=3c03
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3

-----------------EOF-----------------


Logfile of random's system information tool 1.10 (written by random/random)
Run by Patrick at 2015-07-03 10:10:19
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 71 GB (34%) free of 207 GB
Total RAM: 16328 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:10:37, on 3-7-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
D:\Steam\Steam.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
D:\Steam\bin\steamwebhelper.exe
D:\Steam\bin\steamwebhelper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Patrick\AppData\Roaming\uTorrent\uTorrent.exe
D:\Programma's\Office\Office12\WINWORD.EXE
C:\Program Files\trend micro\Patrick.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programma's\Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - Startup: Steam.lnk = D:\Steam\Steam.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Office\Office12\REFIEBAR.DLL
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Programma's\Origin\OriginClientService.exe
O23 - Service: PAExec - Power Admin LLC - C:\Windows\PAExec.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzSurroundVADStreamingService - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11004 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /service
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\PnkBstrA.exe
"C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\wbem\WmiPrvSE.exe
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" ae2b2c2b-a76d-4b40-bf87-5f121bd9b538 1
\??\C:\Windows\system32\conhost.exe "2058009754-539989486957813416-636341359-19474203751204869815-15773699251699161307
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
WLIDSvcM.exe 2372
\??\C:\Windows\system32\conhost.exe "842087912-488518067-88082990-13350153-1568262781-506645551273353750-787060460
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007d8
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
"D:\Steam\Steam.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"D:\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Patrick\AppData\Local\Steam\htmlcache" -steampid 4984 -buildid 1433441724 -steamid "0" --disable-gpu-compositing --disable-gpu --enable-threaded-compositing --disable-pinch-virtual-viewport --process-per-tab --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Windows\system32\GWX\GWX.exe"
"D:\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --enable-threaded-compositing --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --device-scale-factor=1 --font-cache-shared-mem-suffix=5392 --enable-delegated-renderer --num-raster-threads=2 --disable-gpu-compositing --channel="5392.0.1876511532\1293911688" /prefetch:673131151
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" -launch
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Patrick\AppData\Roaming\uTorrent\uTorrent.exe" "C:\Users\Patrick\AppData\Local\Temp\[kat.cr]big.tit.cream.pie.nikki.benz.nikki.benz.first.ever.creampie.new.bang.bros.april.06.2014.new.torrent"
"D:\Programma's\Office\Office12\WINWORD.EXE" /n /dde
C:\Windows\splwow64.exe 8192
taskeng.exe {234645B0-4337-4236-A6D2-A1D23A969D6C}
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"C:\Users\Patrick\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g5t9qa2e.default-1435854843415

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 18.0.0.194 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle Next Generation Java Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 18.0.0.194 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g5t9qa2e.default-1435854843415\extensions\
abs@avira.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Programma's\Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MBCfg64"=C:\Windows\system32\MBCfg64.dll [2013-08-29 40576]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-05-28 36352]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-03-06 292848]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-06-09 730416]
"Avira Systray"=C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [2015-05-21 130864]

C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Steam.lnk - D:\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Programma's\Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-07-03 10:10:19 ----D---- C:\rsit
2015-07-03 10:10:19 ----D---- C:\Program Files\trend micro
2015-07-02 23:32:12 ----D---- C:\Users\Patrick\AppData\Roaming\ZHP
2015-07-02 12:55:46 ----D---- C:\AdwCleaner
2015-06-29 09:16:56 ----D---- C:\Windows\CryptoGuard
2015-06-24 23:37:09 ----D---- C:\ProgramData\Ubisoft
2015-06-23 11:00:27 ----D---- C:\Windows\Minidump
2015-06-22 23:00:14 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-22 23:00:14 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-10 08:11:08 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 08:11:08 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 08:11:08 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 08:11:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 08:11:08 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 08:11:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 08:11:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 08:11:08 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 08:11:08 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 08:11:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 08:11:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 08:11:08 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 08:11:07 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 08:11:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 08:11:07 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 08:11:07 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 08:11:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 08:11:07 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 08:11:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 08:11:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 08:11:07 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 08:11:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 08:11:07 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 08:11:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 08:11:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 08:11:07 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 08:11:07 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 08:11:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 08:11:06 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 08:11:06 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 08:11:06 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 08:11:06 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 08:11:06 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 08:11:06 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 08:11:06 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 08:11:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 08:11:05 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 08:11:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 08:11:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 08:11:05 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 08:11:05 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 08:11:05 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 08:11:05 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 08:11:05 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 08:11:05 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 08:11:05 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 08:11:04 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 08:11:04 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 08:11:04 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 08:11:04 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 08:11:04 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 08:11:04 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 08:11:04 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 08:11:03 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 08:10:50 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 08:10:50 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 08:10:50 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\smss.exe
2015-06-10 08:10:50 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 08:10:50 ----A---- C:\Windows\system32\relog.exe
2015-06-10 08:10:50 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 08:10:50 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 08:10:50 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\logman.exe
2015-06-10 08:10:50 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 08:10:50 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 08:10:50 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 08:10:50 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 08:10:50 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 08:10:50 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 08:10:50 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:10:49 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 08:10:49 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 08:10:49 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 08:10:49 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 08:10:49 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 08:10:49 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 08:10:49 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 08:10:49 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 08:10:49 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 08:10:49 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 08:10:49 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 08:10:49 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 08:10:47 ----A---- C:\Windows\system32\invagent.dll
2015-06-10 08:10:47 ----A---- C:\Windows\system32\generaltel.dll
2015-06-10 08:10:47 ----A---- C:\Windows\system32\devinv.dll
2015-06-10 08:10:47 ----A---- C:\Windows\system32\appraiser.dll
2015-06-10 08:10:47 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 08:10:47 ----A---- C:\Windows\system32\aepdu.dll
2015-06-10 08:10:47 ----A---- C:\Windows\system32\aeinv.dll
2015-06-10 08:10:47 ----A---- C:\Windows\system32\acmigration.dll
2015-06-10 08:10:46 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 08:10:46 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 08:10:46 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 08:10:46 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 08:10:46 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 08:10:46 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 08:10:46 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 08:10:46 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 08:10:45 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 08:10:45 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 08:10:17 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 08:10:08 ----A---- C:\Windows\system32\drivers\stream.sys

======List of files/folders modified in the last 1 month======

2015-07-03 10:10:30 ----D---- C:\Windows\Prefetch
2015-07-03 10:10:23 ----D---- C:\Users\Patrick\AppData\Roaming\uTorrent
2015-07-03 10:10:19 ----RD---- C:\Program Files
2015-07-03 10:10:12 ----A---- C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2015-07-03 10:10:05 ----D---- C:\Windows\Temp
2015-07-03 10:02:54 ----D---- C:\Windows\System32
2015-07-03 10:02:54 ----D---- C:\Windows\inf
2015-07-03 10:02:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-03 09:58:49 ----D---- C:\Windows\system32\config
2015-07-03 09:58:40 ----D---- C:\ProgramData\NVIDIA
2015-07-03 09:58:38 ----D---- C:\Windows
2015-07-03 00:20:25 ----D---- C:\Users\Patrick\AppData\Roaming\vlc
2015-07-02 23:43:21 ----D---- C:\Windows\system32\drivers
2015-07-02 19:40:37 ----RSD---- C:\Windows\assembly
2015-07-02 19:40:26 ----SHD---- C:\System Volume Information
2015-07-02 19:40:24 ----SHD---- C:\Windows\Installer
2015-07-02 19:40:24 ----D---- C:\Config.Msi
2015-07-02 16:23:01 ----D---- C:\ProgramData
2015-07-02 12:48:43 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-30 18:09:17 ----D---- C:\Users\Patrick\AppData\Roaming\Skype
2015-06-28 17:24:14 ----D---- C:\ProgramData\Intel
2015-06-28 17:15:50 ----D---- C:\Program Files (x86)\Rockstar Games
2015-06-28 17:15:45 ----D---- C:\Program Files\Rockstar Games
2015-06-28 17:11:17 ----RD---- C:\Program Files (x86)
2015-06-27 01:55:45 ----D---- C:\Program Files\WhoCrashed
2015-06-26 23:15:27 ----D---- C:\ProgramData\Skype
2015-06-26 10:11:08 ----D---- C:\Windows\system32\Tasks
2015-06-24 10:34:19 ----D---- C:\Windows\SysWOW64
2015-06-24 10:34:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-22 23:01:03 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-22 23:00:49 ----D---- C:\Windows\system32\DriverStore
2015-06-22 23:00:15 ----D---- C:\ProgramData\boost_interprocess
2015-06-15 23:32:23 ----D---- C:\ProgramData\Avira
2015-06-15 13:10:45 ----D---- C:\ProgramData\Package Cache
2015-06-15 13:10:42 ----D---- C:\Program Files (x86)\Avira
2015-06-14 12:00:57 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-06-14 11:58:14 ----D---- C:\ProgramData\Origin
2015-06-10 14:17:36 ----D---- C:\Windows\rescache
2015-06-10 12:03:15 ----D---- C:\Windows\winsxs
2015-06-10 08:33:32 ----SD---- C:\Windows\system32\CompatTel
2015-06-10 08:33:32 ----D---- C:\Windows\system32\appraiser
2015-06-10 08:33:32 ----D---- C:\Windows\AppPatch
2015-06-10 08:33:32 ----D---- C:\Program Files\Windows Media Player
2015-06-10 08:33:32 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-10 08:33:31 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-06-10 08:33:31 ----D---- C:\Windows\system32\nl-NL
2015-06-10 08:33:31 ----D---- C:\Program Files\Internet Explorer
2015-06-10 08:33:30 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-10 08:33:30 ----D---- C:\Windows\system32\en-US
2015-06-10 08:33:30 ----D---- C:\Windows\PolicyDefinitions
2015-06-10 08:33:30 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-10 08:13:53 ----D---- C:\ProgramData\Microsoft Help
2015-06-10 08:13:19 ----D---- C:\Windows\system32\MRT
2015-06-10 08:11:41 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 08:11:33 ----D---- C:\Windows\SoftwareDistribution
2015-06-10 08:10:28 ----D---- C:\Windows\system32\catroot2
2015-06-07 15:46:54 ----D---- C:\Users\Patrick\AppData\Roaming\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-05-28 672104]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-05-28 28008]
R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-03-06 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-06-09 132656]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-02-04 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-21 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-06-09 153256]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-02-04 44088]
R2 hmpalert;HitmanPro.Alert Support Driver; C:\Windows\System32\drivers\hmpalert.sys [2015-02-21 93144]
R2 rzpmgrk;rzpmgrk; \??\C:\Windows\system32\drivers\rzpmgrk.sys [2015-02-05 37184]
R2 rzpnk;rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [2014-10-23 129600]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2014-02-03 22216]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2014-02-03 22728]
R3 INETMON;INETMON; \??\C:\Windows\System32\Drivers\INETMON.sys [2014-04-03 25800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-03-10 4430808]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD.sys [2014-02-03 44744]
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-03-06 370672]
R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-03-06 791024]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-04-03 118272]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-04-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-04-10 849992]
R3 rzendpt;rzendpt; C:\Windows\system32\DRIVERS\rzendpt.sys [2014-12-30 39592]
R3 RZSURROUNDVADService;Razer Surround Audio Service; C:\Windows\system32\drivers\RzSurroundVAD.sys [2015-02-09 40640]
R3 rzudd;Razer Keyboard Driver; C:\Windows\system32\DRIVERS\rzudd.sys [2014-12-30 177832]
S2 tandpl;tandpl; C:\Windows\System32\drivers\tandpl.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2010-05-05 1119072]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service; C:\Windows\system32\drivers\RzMaelstromVAD.sys [2014-06-09 32768]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-06-09 450808]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-06-09 450808]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2015-05-21 208632]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2015-02-21 1876816]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-05-28 16232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2014-04-24 209712]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-04-03 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-04-03 398296]
R2 MSI_Trigger_Service;MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2013-09-26 30240]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-03 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-03 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-05-28 937288]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2015-05-15 76152]
R2 RzSurroundVADStreamingService;RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [2015-02-03 4250624]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-05-28 410768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-06-09 827184]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-06-09 1188360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24 268976]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [2015-06-02 1751096]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2015-06-03 6666808]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Programma's\Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-17 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; D:\Programma's\Origin\OriginClientService.exe [2015-06-07 1997168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PAExec;PAExec; C:\Windows\PAExec.exe [2015-02-11 207872]
S3 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-02-05 187072]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-21 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
 
Graag de twee logs in n keer posten - gebruik de tools in de volgorde zoals aangegeven.

Stap 1
Download
51e281a62c183-Junkware_Removal_Tool_icon_Canned_1351185104.png.jpg
Junkware Removal Tool by Thisisu.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
  • Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.:
  • Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
  • Dat tijdens de scan van JRT.exe tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.
Junkware Removal Tool by Thisisu opstarten:
  • Windows 2000 en Windows XP: dubbelklik op JRT.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op JRT.exe en kies voor "Als Administrator uitvoeren".
  • JRT.exe zal daarna Windows gaan scannen.
  • Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
  • Indien de scan voltooid is, zal een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch openen.
  • Post de inhoud van dit log in je volgende bericht.

Stap 2
Download
52186926180a1-adwcleaner_nieuw.png
AdwCleaner by Xplode.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
AdwCleaner opstarten:
  • Windows 2000 en Windows XP: dubbelklik op adwcleaner.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".
AdwCleaner is opgestart:
  • Klik op de knop Scan
  • Is de scan gereed, klik dan op de knop Verwijderen
  • Klik bij AdwCleaner Afsluiting van de programma's op OK
  • Klik bij AdwCleaner Herstarten noodzakelijk op OK
AdwCleaner logbestand:
  • Nadat de PC opnieuw is opgestart, opent een logfile.
  • Ingeval het log niet opent, is dit alsnog terug te vinden in C:\AdwCleaner\AdwCleaner[R0, of 1, of 2].txt
  • Post vervolgens de inhoud van dit log in je volgende bericht.
 
Toevallig had ik ook ADW cleaner al laten draaien! ( was het alleen vergeten te zeggen in mijn vorige post) de log heb ik gelukkig nog wel
Ik heb ook nog op een andere pc gekeken en daar doet hij precies hetzelfde op facebook, dus ik denk dat het toch misschien iets met facebook te maken heeft misschien?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.2.7 (07.02.2015:2)
OS: Windows 7 Home Premium x64
Ran by Patrick on vr 03-07-2015 at 12:06:53,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\Patrick\appdata\local\crashrpt





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on vr 03-07-2015 at 12:09:13,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v4.207 - Logbestand aangemaakt 02/07/2015 op 12:55:49
# Laatste update 21/06/2015 door Xplode
# Database : 2015-07-02.1 [Server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : Patrick - PATRICK-PC
# Gestart vanuit : C:\Users\Patrick\Desktop\AdwCleaner.exe
# Optie : Scannen

***** [ Services ] *****


***** [ Bestanden / Mappen ] *****


***** [ Geplande taken ] *****


***** [ Snelkoppelingen ] *****


***** [ Register ] *****

Sleutel Gevonden : HKCU\Software\Avg Secure Update
Sleutel Gevonden : [x64] HKCU\Software\Avg Secure Update
Sleutel Gevonden : HKU\.DEFAULT\Software\Avg Secure Update

***** [ Webbrowsers ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.5 (x86 nl)


-\\ Chromium v


*************************

AdwCleaner[R10].txt - [839 bytes] - [02/07/2015 12:55:49]

########## EOF - C:\AdwCleaner\AdwCleaner[R10].txt - [898 bytes] ##########
 
Laatst bewerkt door een moderator:
Bij facebook heb ik nogsteeds hetzelfde probleem, maar aangezien dat de enige site is waar het gebeurd en het ook op 2 andere pc's in mijn huis is zal het misschien toch aan hun kant liggen, anders zal ik eens proberen me internet te resetten, misschien dat ik zelfs even bel, aangezien mijn internet op het moment ook redelijk traag is.
Op het moment krijg ik niet meer die lege tab als ik met google een image opzoek maar misschien dat het ooit weer terug komt, zal het wel even aankijken
Bedankt voor de hulp!!!
 
Wie is dan jouw internetprovider?
En betrek je internet rechtstreeks via de door de provider geleverde modem of zit er ook nog een router tussen?
 
Oeei, daar vraag je me wat.

Ik geloof dat het KPN is, maar dat is sinds kort samengevoegd met Ziggo als ik het goed begreep.
Ik heb gewoon een kabel van mijn PC naar een modem alhoewel dat al wel een oude is, onze internet down en upload is dan ook niet erg hoog
 
KPN zit niet in Ziggo - bedoel je soms UPC?

Zit/zat je bij UPC en nu is dat dan Ziggo en had je het goedkoopste abo, dan moet je 50MB snel internet hebben.
 
Heb het nog even aan me vader nagevraagd en hij zegt dat het KPN is, maar het kan zijn dat jij toch gelijk hebt.
Hoeveel MB ik het zou ik ook niet durven zeggen maar als ik naar down/upload speed kijk is dat max 820 kbs down en 110 kbs upload, dingen zoals MS en ping is altijd wel erg laag bij mij.
Het ziet er naar uit dat ik geen lege tabs meer krijg bij google, enig idee wat het geweest zou kunnen zijn?
Aangzien junkware removal alleen maar 1 map heeft weggehaald?
 
Doe het volgende: ga naar Start en typ in de zoekregel cmd - bovenaan in het startmenu zie je nu de betreffende snelkoppeling.
Klik deze snelkoppeling met rechts aan en kies voor Als administrator uitvoeren.

In het zwarte venster typ je nu netsh winsock reset gevolgd door indrukken van de Entertoets.
Je mag ook de opdracht kopiren en via rechtsklik in het zwarte venster plakken.

Is de reparatie klaar, dien jij vervolgens de computer opnieuw op te starten.
 
Ok dat is gebeurd, me internet lijkt wel iets sneller met browsen tussen verschillende websites, maar ik krijg nogsteeds dezelfde rare cursor met facebook.

Ik had ook nog een andere vraag, ik heb laats een aantal rare bestanden op mijn PC staan, misschien dat jij er heel even naar zou willen kijken wat het zou kunnen zijn?raar 1.jpgraar 2.jpg
De eerste rij staan allemaal in mijn Appdate/Local folder en de Recyclebin staat allebei op mijn C en D schijf met niks erin
 
Heb je soms via Mapoties de optie "Beveiligde besturingsbestanden niet weergeven" gedeaktiveerd?
 
Beveiligde besturingsysteembestanden verbergen ( aanbevolen) staan gewoon aan
En verborgen mappen en bestanden weergeven staat ook uit
 
Laatst bewerkt door een moderator:
Gebruik dan nu weer zowel MBAM als ook de 9-lab malwarescanner.

Waarschijnlijk dat je bij zoeken naar updates in MBAM een nieuwe versie krijgt aangeboden om te installeren.
Doe dat en vergeet op het einde niet het vinkje weg te halen bij de demo-versie.
Daarna als het goed is, update MBAM zich nu ook automatisch bij opstarten, zoals de 9-lab scanner dat ook doet.

Post van beide scans weer de inhoud van de logs.
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan