Ga naar inhoud

PC herstart af en toe uit zichzelf

SXTC

Door SXTC
in Archief Hardware algemeen

 Delen

Aanbevolen berichten

  • Reacties 41
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

SXTC Leerling

SXTC

Geplaatst:
  • Auteur
Geplaatst:

Logfile of random's system information tool 1.09 (written by random/random)

Run by SXTC at 2014-02-09 19:06:17

Microsoft Windows 7 Ultimate Service Pack 1

System drive C: has 83 GB (34%) free of 244 GB

Total RAM: 8190 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:06:22, on 9/02/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe

C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe

C:\Program Files\trend micro\SXTC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 8391 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe" /service

C:\Windows\system32\svchost.exe -k RPCSS

"c:\Program Files\Microsoft Security Client\MsMpEng.exe"

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"

C:\Windows\system32\svchost.exe -k GPSvcGroup

atieclxx

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"taskhost.exe"

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

taskeng.exe {BA224DD1-1E55-4291-A19F-AE39641992AB}

C:\Windows\SysWOW64\PnkBstrA.exe

system32\RAPID\SamsungRapidSvc.exe

"C:\Program Files\Software Informer\softinfo.exe" -service

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe" /service

"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"

"c:\Program Files\Microsoft Security Client\NisSrv.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe"

"C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe"

"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"

"C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow

HydraDM64.exe -h:131354 "Maximize to full desktop" "Maximize to window corners" "Restore desktop"

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0

"C:\Program Files\iPod\bin\iPodService.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4620.11aa3600.1014163976 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4620 "\\.\pipe\gecko-crash-server-pipe.4620" plugin

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe" --proxy-stub-channel=Flash784.6CA3C7B8.18913 --host-broker-channel=Flash784.6CA3C7B8.27848 --host-pid=784 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll"

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe" --channel=1504.003FF79C.1509843220 --proxy-stub-channel=Flash784.6CA3C7B8.18913 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll" --host-npapi-version=27 --type=renderer

"C:\Users\SXTC\Downloads\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\SXTC\AppData\Roaming\Mozilla\Firefox\Profiles\4wussu2q.default

prefs.js - "browser.search.useDBForOrder" - "false"

prefs.js - "keyword.enabled" - false

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 12.0.0.44 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 12.0.0.43 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Bdagent"=C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [2013-11-15 1575192]

"SamsungRapidApp"=C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [2013-07-29 109280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2014-01-31 389120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Arc]

C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio8788]

C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio8788GX]

C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio8788GX64]

C:\Windows\system\HsMgr64.exe [2008-07-11 282112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]

C:\Program Files (x86)\Origin\Origin.exe [2014-01-29 3598680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-01-20 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]

C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]

c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPIRunE]

Rundll32 SPIRunE.dll,RunDLLEntry []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]

C:\Users\SXTC\AppData\Roaming\Spotify\Spotify.exe [2013-12-27 5951488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

C:\Users\SXTC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-12-27 1168896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

C:\Program Files (x86)\Steam\Steam.exe [2014-01-27 1815976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^SXTC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk]

C:\PROGRA~2\Samsung\SAMSUN~1\SAMSUN~1.EXE [2013-11-28 4580256]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"VolPanel"=C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2007-04-17 184320]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-01-20 152392]

"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-01-31 767200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux2"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux3"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-02-09 18:16:29 ----D---- C:\rsit

2014-02-09 18:16:29 ----D---- C:\Program Files\trend micro

2014-02-07 22:45:24 ----A---- C:\Windows\system32\drivers\netio.sys

2014-02-05 23:47:41 ----D---- C:\Users\SXTC\AppData\Roaming\SketchUp

2014-02-04 20:17:02 ----D---- C:\ProgramData\ATI

2014-02-04 20:17:00 ----D---- C:\Program Files (x86)\AMD AVT

2014-02-03 21:50:46 ----D---- C:\Windows\pss

2014-02-03 18:51:08 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe

2014-02-03 18:51:05 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe

2014-02-03 18:51:04 ----A---- C:\Windows\SYSWOW64\pbsvc.exe

2014-02-02 00:15:15 ----D---- C:\Program Files (x86)\Ubisoft

2014-01-31 22:07:44 ----A---- C:\Windows\SYSWOW64\atimpc32.dll

2014-01-31 22:07:44 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll

2014-01-31 22:07:44 ----A---- C:\Windows\system32\atimpc64.dll

2014-01-31 22:07:44 ----A---- C:\Windows\system32\amdpcom64.dll

2014-01-31 22:07:28 ----A---- C:\Windows\system32\atiuxp64.dll

2014-01-31 22:07:26 ----A---- C:\Windows\system32\atiu9p64.dll

2014-01-31 22:07:24 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll

2014-01-31 22:07:22 ----A---- C:\Windows\system32\aticfx64.dll

2014-01-31 22:07:14 ----A---- C:\Windows\system32\atidxx64.dll

2014-01-31 22:07:02 ----A---- C:\Windows\SYSWOW64\atiumdva.dll

2014-01-31 22:06:54 ----A---- C:\Windows\SYSWOW64\atiumdag.dll

2014-01-31 22:06:38 ----A---- C:\Windows\system32\atiumd6a.dll

2014-01-31 22:06:34 ----A---- C:\Windows\system32\atiumd64.dll

2014-01-31 21:57:20 ----A---- C:\Windows\system32\drivers\atikmdag.sys

2014-01-31 21:43:36 ----A---- C:\Windows\system32\clinfo.exe

2014-01-31 21:43:20 ----A---- C:\Windows\system32\OpenVideo64.dll

2014-01-31 21:43:14 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll

2014-01-31 21:43:08 ----A---- C:\Windows\system32\OVDecode64.dll

2014-01-31 21:43:04 ----A---- C:\Windows\SYSWOW64\OVDecode.dll

2014-01-31 21:42:58 ----A---- C:\Windows\system32\amdocl64.dll

2014-01-31 21:40:34 ----A---- C:\Windows\SYSWOW64\amdocl.dll

2014-01-31 21:38:16 ----A---- C:\Windows\system32\OpenCL.dll

2014-01-31 21:38:12 ----A---- C:\Windows\SYSWOW64\OpenCL.dll

2014-01-31 21:26:40 ----A---- C:\Windows\system32\atiapfxx.exe

2014-01-31 21:26:30 ----A---- C:\Windows\system32\aticalrt64.dll

2014-01-31 21:26:28 ----A---- C:\Windows\SYSWOW64\aticalrt.dll

2014-01-31 21:26:20 ----A---- C:\Windows\system32\aticalcl64.dll

2014-01-31 21:26:18 ----A---- C:\Windows\SYSWOW64\aticalcl.dll

2014-01-31 21:26:04 ----A---- C:\Windows\system32\aticaldd64.dll

2014-01-31 21:24:36 ----A---- C:\Windows\system32\mantle64.dll

2014-01-31 21:24:16 ----A---- C:\Windows\SYSWOW64\mantle32.dll

2014-01-31 21:23:54 ----A---- C:\Windows\system32\amdmantle64.dll

2014-01-31 21:22:52 ----A---- C:\Windows\SYSWOW64\aticaldd.dll

2014-01-31 21:22:04 ----A---- C:\Windows\system32\atio6axx.dll

2014-01-31 21:10:46 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll

2014-01-31 21:06:22 ----A---- C:\Windows\system32\atidemgy.dll

2014-01-31 21:06:12 ----A---- C:\Windows\system32\atimuixx.dll

2014-01-31 21:06:06 ----A---- C:\Windows\system32\atieclxx.exe

2014-01-31 21:05:12 ----A---- C:\Windows\system32\atiesrxx.exe

2014-01-31 21:03:34 ----A---- C:\Windows\system32\atitmm64.dll

2014-01-31 21:03:32 ----A---- C:\Windows\SYSWOW64\atioglxx.dll

2014-01-31 20:59:12 ----A---- C:\Windows\system32\mantleaxl64.dll

2014-01-31 20:59:02 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll

2014-01-31 20:48:04 ----A---- C:\Windows\system32\amdmmcl6.dll

2014-01-31 20:47:58 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll

2014-01-31 20:37:06 ----A---- C:\Windows\system32\coinst_13.350.dll

2014-01-31 20:30:14 ----A---- C:\Windows\system32\atiadlxx.dll

2014-01-31 20:30:02 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll

2014-01-31 20:29:46 ----A---- C:\Windows\system32\atig6pxx.dll

2014-01-31 20:29:40 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll

2014-01-31 20:29:40 ----A---- C:\Windows\system32\atiglpxx.dll

2014-01-31 20:29:36 ----A---- C:\Windows\system32\atig6txx.dll

2014-01-31 20:29:14 ----A---- C:\Windows\SYSWOW64\atigktxx.dll

2014-01-31 20:28:50 ----A---- C:\Windows\system32\drivers\atikmpag.sys

2014-01-31 20:25:02 ----A---- C:\Windows\system32\drivers\ati2erec.dll

2014-01-31 18:33:12 ----D---- C:\Program Files\Speccy

2014-01-31 15:53:46 ----A---- C:\Windows\system32\kdbsdk64.dll

2014-01-31 15:49:02 ----A---- C:\Windows\SYSWOW64\kdbsdk32.dll

2014-01-26 11:04:06 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-01-26 11:04:06 ----D---- C:\Program Files\iTunes

2014-01-26 11:04:06 ----D---- C:\Program Files\iPod

2014-01-26 11:04:06 ----D---- C:\Program Files (x86)\iTunes

2014-01-26 11:03:20 ----D---- C:\Program Files\Bonjour

2014-01-26 11:03:20 ----D---- C:\Program Files (x86)\Bonjour

2014-01-20 07:56:41 ----D---- C:\ProgramData\McAfee

2014-01-19 19:29:36 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2014-01-19 19:29:36 ----A---- C:\Windows\system32\drivers\usbport.sys

2014-01-19 19:29:36 ----A---- C:\Windows\system32\drivers\usbohci.sys

2014-01-19 19:29:36 ----A---- C:\Windows\system32\drivers\usbhub.sys

2014-01-19 19:29:36 ----A---- C:\Windows\system32\drivers\usbehci.sys

2014-01-19 19:29:36 ----A---- C:\Windows\system32\drivers\usbd.sys

2014-01-19 19:29:36 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2014-01-19 19:29:35 ----A---- C:\Windows\system32\win32k.sys

2014-01-16 09:34:52 ----A---- C:\Windows\system32\atiicdxx.dat

2014-01-14 20:01:42 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll

2014-01-14 20:01:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll

2014-01-14 20:01:42 ----A---- C:\Windows\system32\XAudio2_6.dll

2014-01-14 20:01:42 ----A---- C:\Windows\system32\XAPOFX1_4.dll

2014-01-14 20:01:41 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll

2014-01-14 20:01:41 ----A---- C:\Windows\system32\xactengine3_6.dll

2014-01-14 20:01:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll

2014-01-14 20:01:40 ----A---- C:\Windows\system32\X3DAudio1_7.dll

2014-01-14 19:30:56 ----D---- C:\Program Files (x86)\Origin Games

2014-01-14 19:29:51 ----D---- C:\Users\SXTC\AppData\Roaming\Origin

2014-01-14 19:29:02 ----D---- C:\ProgramData\Origin

2014-01-14 19:29:02 ----D---- C:\ProgramData\Electronic Arts

2014-01-14 19:28:59 ----D---- C:\Program Files (x86)\Origin

2014-01-11 19:34:53 ----D---- C:\Users\SXTC\AppData\Roaming\Awesomium

2014-01-11 00:50:32 ----A---- C:\Windows\system32\ativvaxy_cik.dat

======List of files/folders modified in the last 1 month======

2014-02-09 19:06:13 ----D---- C:\Windows\Temp

2014-02-09 19:04:27 ----RD---- C:\Program Files (x86)

2014-02-09 18:52:44 ----D---- C:\Windows\system32\drivers\etc

2014-02-09 18:16:29 ----RD---- C:\Program Files

2014-02-09 16:15:34 ----D---- C:\Windows\system32\config

2014-02-09 10:28:14 ----D---- C:\Windows\System32

2014-02-09 10:28:14 ----D---- C:\Windows\inf

2014-02-09 10:28:14 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-02-09 05:19:12 ----A---- C:\bdlog.txt

2014-02-08 19:13:02 ----D---- C:\Windows\winsxs

2014-02-08 19:13:01 ----D---- C:\Windows\system32\LogFiles

2014-02-08 19:12:58 ----D---- C:\Windows

2014-02-07 23:44:43 ----D---- C:\Windows\system32\drivers

2014-02-07 22:45:33 ----SHD---- C:\System Volume Information

2014-02-07 22:45:16 ----D---- C:\Windows\system32\catroot

2014-02-07 22:44:58 ----D---- C:\ProgramData\Spybot - Search & Destroy

2014-02-07 22:44:58 ----D---- C:\Program Files (x86)\Steam

2014-02-07 22:44:56 ----D---- C:\Windows\Minidump

2014-02-07 22:44:56 ----D---- C:\Windows\Logs

2014-02-06 08:04:54 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2014-02-05 23:50:37 ----SHD---- C:\Windows\Installer

2014-02-05 23:50:35 ----HD---- C:\ProgramData

2014-02-05 23:45:24 ----D---- C:\Windows\SysWOW64

2014-02-05 23:31:09 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-02-05 23:30:43 ----D---- C:\Windows\system32\catroot2

2014-02-04 23:27:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-02-04 20:57:40 ----D---- C:\Windows\Microsoft.NET

2014-02-04 20:17:01 ----D---- C:\ProgramData\AMD

2014-02-04 20:16:57 ----D---- C:\Program Files (x86)\ATI Technologies

2014-02-04 20:16:31 ----D---- C:\Program Files\ATI Technologies

2014-02-04 20:15:38 ----D---- C:\Windows\system32\DriverStore

2014-02-04 20:12:21 ----D---- C:\AMD

2014-02-03 18:50:23 ----RSD---- C:\Windows\assembly

2014-01-31 22:07:28 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll

2014-01-31 22:07:20 ----A---- C:\Windows\SYSWOW64\aticfx32.dll

2014-01-31 22:07:10 ----A---- C:\Windows\SYSWOW64\atidxx32.dll

2014-01-28 23:58:35 ----D---- C:\Users\SXTC\AppData\Roaming\Apple Computer

2014-01-26 11:02:57 ----D---- C:\ProgramData\Apple

2014-01-21 23:52:38 ----D---- C:\Windows\debug

2014-01-20 07:58:27 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2014-01-19 19:33:07 ----D---- C:\ProgramData\Microsoft Help

2014-01-19 19:32:25 ----D---- C:\Windows\system32\MRT

2014-01-19 19:31:00 ----A---- C:\Windows\system32\MRT.exe

2014-01-19 08:33:29 ----N---- C:\Windows\system32\MpSigStub.exe

2014-01-14 20:01:48 ----D---- C:\Program Files (x86)\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\Windows\system32\DRIVERS\avc3.sys [2013-11-15 727592]

R0 gzflt;gzflt; C:\Windows\system32\DRIVERS\gzflt.sys [2013-11-15 150256]

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-11-04 98144]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver; C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys [2013-07-29 240864]

R0 SamsungRapidFSFltr;SamsungRapidFSFltr; C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys [2013-07-29 111328]

R0 trufos;trufos; C:\Windows\system32\DRIVERS\trufos.sys [2013-11-15 389240]

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]

R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver; \??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2013-11-15 93600]

R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]

R1 BDVEDISK;BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [2012-04-17 76944]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]

R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-11-04 59648]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]

R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 27136]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-01-31 13929472]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-01-31 636928]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-12-19 94720]

R3 avchv;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys [2012-11-02 261056]

R3 avckf;avckf; C:\Windows\system32\DRIVERS\avckf.sys [2013-11-15 601360]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]

R3 t3;Sound Blaster X-Fi Xtreme Audio; C:\Windows\system32\drivers\t3.sys [2009-05-06 639512]

S2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-11-04 59648]

S3 BDSandBox;BDSandBox; \??\C:\Windows\system32\drivers\bdsandbox.sys [2013-11-15 82824]

S3 cmudaxp;ASUS Xonar Essence STX Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys []

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]

S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 32360]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]

S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []

S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []

S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-01-31 240128]

R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-01-31 344064]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]

R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-02-03 75136]

R2 SamsungRapidSvc;Samsung RAPID Mode Service; C:\Windows\system32\RAPID\SamsungRapidSvc.exe [2013-07-29 27360]

R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-11-15 67320]

R2 VSSERV;Bitdefender Virus Shield; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [2013-11-15 1645256]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 641352]

R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04 257928]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-27 571816]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-09 1255736]

S4 BdDesktopParental;Bitdefender Desktop Parental Control; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2013-11-15 69392]

S4 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-08-18 79360]

S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-07-11 79360]

S4 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2013-07-11 79360]

S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-05 118896]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 SafeBox;SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2012-06-25 95184]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

autoclean;
emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites
SXTC Leerling

SXTC

Geplaatst:
  • Auteur
Geplaatst:

Zoek.exe v5.0.0.0 Updated 10-February-2014

Tool run by SXTC on ma 10/02/2014 at 21:53:01,28.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\SXTC\Desktop\zoek.scr [scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

10/02/2014 21:53:51 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\MunSoft deleted successfully

C:\PROGRA~2\WinISO Computing deleted successfully

C:\Users\SXTC\AppData\Roaming\QuickScan deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\SXTC\AppData\Roaming\Mozilla\Firefox\Profiles\4wussu2q.default

---- Lines delta removed from prefs.js ----

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta.aflt", "orgnl");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.dfltLng", "nl");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.id", "6645ba4b00000000000000241dc1af2b");

user_pref("extensions.delta.instlDay", "15950");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.vrsn", "1.8.24.6");

user_pref("extensions.delta.vrsnTs", "1.8.24.618:53:52");

user_pref("extensions.delta.vrsni", "1.8.24.6");

---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.id", "6645ba4b00000000000000241dc1af2b");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.instlDay", "15950");

user_pref("extensions.delta.vrsn", "1.8.24.6");

user_pref("extensions.delta.vrsni", "1.8.24.6");

user_pref("extensions.delta.vrsnTs", "1.8.24.618:53:52");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.aflt", "orgnl");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.dfltLng", "nl");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta_i.babTrack", ""affID=121115&tsp=4993" srcExt=def");

user_pref("extensions.delta_i.babExt", "");

user_pref("extensions.delta_i.srcExt", "");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.newTab", false);

---- Lines mindspark removed from prefs.js ----

user_pref("extensions.toolbar.mindspark._39Members_.homepage", "http://home.tb.ask.com/index.jhtml?ptb=EA60CB86-4CA6-4A7B-82D2-DB83E154EF33&n=77fd51ac

user_pref("extensions.toolbar.mindspark._39Members_.initialized", true);

user_pref("extensions.toolbar.mindspark._39Members_.installation.contextKey", "");

user_pref("extensions.toolbar.mindspark._39Members_.installation.installDate", "2013090220");

user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerId", "^UX^xdm170^YYA^be");

user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerSubId", "KI_MAPS_FIG_BEL_11");

user_pref("extensions.toolbar.mindspark._39Members_.installation.success", true);

user_pref("extensions.toolbar.mindspark._39Members_.installation.toolbarId", "EA60CB86-4CA6-4A7B-82D2-DB83E154EF33");

user_pref("extensions.toolbar.mindspark._39Members_.lastActivePing", "1378145542097");

user_pref("extensions.toolbar.mindspark._39Members_.options.defaultSearch", false);

user_pref("extensions.toolbar.mindspark._39Members_.options.homePageEnabled", false);

user_pref("extensions.toolbar.mindspark._39Members_.options.keywordEnabled", false);

user_pref("extensions.toolbar.mindspark._39Members_.options.tabEnabled", false);

user_pref("extensions.toolbar.mindspark.lastInstalled", "mapsgalaxy@mindspark.com");

---- FireFox user.js and prefs.js backups ----

user_20141002_2204_.backup

prefs_20141002_2204_.backup

==== Deleting Files \ Folders ======================

C:\found.000 deleted

C:\ProgramData\Package Cache deleted

C:\Users\SXTC\AppData\LocalLow\Delta deleted

C:\Users\SXTC\AppData\Roaming\Mozilla\Firefox\Profiles\4wussu2q.default\Invalidprefs.js deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\SXTC\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

2014-02-05 22:45:24 55C7EB9671FB0B8C984B3420E40C1F14 3120 ----a-w- C:\Windows\SysWOW64\ALLFSAF13a.ocx

2014-02-03 17:51:08 27F1BE4A53441C9F1F48B9ADC145B0A5 189248 ----a-w- C:\Windows\SysWOW64\PnkBstrB.exe

2014-02-03 17:51:05 3A2BDD76E7D2A5F40A7174793D1BA794 75136 ----a-w- C:\Windows\SysWOW64\PnkBstrA.exe

2014-02-03 17:51:04 3A5B5A6404BADFB949979DBACD8B1688 3123272 ----a-w- C:\Windows\SysWOW64\pbsvc.exe

2014-01-31 21:07:44 1F4736D684D47644BA5D1F9023612603 71704 ----a-w- C:\Windows\SysWOW64\atimpc32.dll

2014-01-31 21:07:44 1F4736D684D47644BA5D1F9023612603 71704 ----a-w- C:\Windows\SysWOW64\amdpcom32.dll

2014-01-31 21:07:24 5693B872792333907FCA8938F98F3AAB 98496 ----a-w- C:\Windows\SysWOW64\atiu9pag.dll

2014-01-31 21:07:02 FF5C92F39C64C957E466E2183063DF28 10145128 ----a-w- C:\Windows\SysWOW64\atiumdva.dll

2014-01-31 21:06:54 BDE84089801FEBDF93DB890BB3651E8A 6716264 ----a-w- C:\Windows\SysWOW64\atiumdag.dll

2014-01-31 20:43:14 5D0D1E65CE4F078206CF515188D385D2 83456 ----a-w- C:\Windows\SysWOW64\OpenVideo.dll

2014-01-31 20:43:04 FBE67D149DCD388FDAAEAF3E8F9A2AB0 73216 ----a-w- C:\Windows\SysWOW64\OVDecode.dll

2014-01-31 20:40:34 F413FDA8908910A75CB88E55CD5AAD9C 23903232 ----a-w- C:\Windows\SysWOW64\amdocl.dll

2014-01-31 20:38:12 C35D309B969944F0D26F07BBECBFE009 58880 ----a-w- C:\Windows\SysWOW64\OpenCL.dll

2014-01-31 20:27:06 11456063808F7882BB41FD7E66C3A58A 576040 ----a-w- C:\Windows\SysWOW64\atiapfxx.blb

2014-01-31 20:26:28 B7E1DBA8F8D90006F52D385A6A1F9217 52224 ----a-w- C:\Windows\SysWOW64\aticalrt.dll

2014-01-31 20:26:18 5A1241C72944770C99BAF7023AB025A0 49152 ----a-w- C:\Windows\SysWOW64\aticalcl.dll

2014-01-31 20:24:16 105708A90E7FE30BBB0B74AEF55D4B2F 113152 ----a-w- C:\Windows\SysWOW64\mantle32.dll

2014-01-31 20:22:52 A30D4AB01464185E1AB5F7F43359F9CC 14302208 ----a-w- C:\Windows\SysWOW64\aticaldd.dll

2014-01-31 20:10:46 FD44D31DEB28A20C536AE04612A1E305 4286976 ----a-w- C:\Windows\SysWOW64\amdmantle32.dll

2014-01-31 20:03:32 F5614FF3841129D20C6C1253D61E8804 22834688 ----a-w- C:\Windows\SysWOW64\atioglxx.dll

2014-01-31 19:59:02 EBF22EAB53F1D9198429BDB12810BCEF 79360 ----a-w- C:\Windows\SysWOW64\mantleaxl32.dll

2014-01-31 19:47:58 91B1389CC8D1AB1CB0AF6774C57A95E2 35840 ----a-w- C:\Windows\SysWOW64\amdmmcl.dll

2014-01-31 19:32:12 503C40D235069ECB144553013F131F5C 3468336 ----a-w- C:\Windows\SysWOW64\atiumdva.cap

2014-01-31 19:30:02 988C9C533A8C311FCC2705AF6D638A5B 828416 ----a-w- C:\Windows\SysWOW64\atiadlxy.dll

2014-01-31 19:29:40 A2F6DE81923B443D1E98D49A24B383EE 69632 ----a-w- C:\Windows\SysWOW64\atiglpxx.dll

2014-01-31 19:29:14 B94CF5DD34BC35A22E002506DB08D829 133120 ----a-w- C:\Windows\SysWOW64\atigktxx.dll

2014-01-31 14:49:02 EA76FEC539846E337230588A77F6B0D5 38912 ----a-w- C:\Windows\SysWOW64\kdbsdk32.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-01-31 21:07:44 4E862C22733433B07561468E51044982 78432 ----a-w- C:\Windows\Sysnative\atimpc64.dll

2014-01-31 21:07:44 4E862C22733433B07561468E51044982 78432 ----a-w- C:\Windows\Sysnative\amdpcom64.dll

2014-01-31 21:07:28 26EACB1C69B2958DDC3C336B1B2FB317 143304 ----a-w- C:\Windows\Sysnative\atiuxp64.dll

2014-01-31 21:07:26 04473202BA802EE21561582BABE56E72 116024 ----a-w- C:\Windows\Sysnative\atiu9p64.dll

2014-01-31 21:07:22 DA12CA6DC973F53AE2538027429940C4 1328328 ----a-w- C:\Windows\Sysnative\aticfx64.dll

2014-01-31 21:07:14 C8F1655CF6DA170BF43C4031958C0618 10171456 ----a-w- C:\Windows\Sysnative\atidxx64.dll

2014-01-31 21:06:38 A14A7AFA071FB084ADE14D0D35106840 10899624 ----a-w- C:\Windows\Sysnative\atiumd6a.dll

2014-01-31 21:06:34 D258C84C274F7634BD94CEA9F94006AA 7892000 ----a-w- C:\Windows\Sysnative\atiumd64.dll

2014-01-31 20:43:36 5124E168BF27073A0BA1D58DF075CA53 230912 ----a-w- C:\Windows\Sysnative\clinfo.exe

2014-01-31 20:43:20 62C7ED3814C3CEC044814F1E4B09033C 98816 ----a-w- C:\Windows\Sysnative\OpenVideo64.dll

2014-01-31 20:43:08 750F963819E04AEAED29F88D71C402D4 86528 ----a-w- C:\Windows\Sysnative\OVDecode64.dll

2014-01-31 20:42:58 E38F97C85189E3DF09E0C4FE00616258 28424704 ----a-w- C:\Windows\Sysnative\amdocl64.dll

2014-01-31 20:38:16 C7FC5385EC39384935545D07D688CB13 65024 ----a-w- C:\Windows\Sysnative\OpenCL.dll

2014-01-31 20:27:06 11456063808F7882BB41FD7E66C3A58A 576040 ----a-w- C:\Windows\Sysnative\atiapfxx.blb

2014-01-31 20:26:40 A09F6F74E871D8B6BF8DF8E5EF285313 368640 ----a-w- C:\Windows\Sysnative\atiapfxx.exe

2014-01-31 20:26:30 B509F083C4C0BDE31B0D77820E547C1D 62464 ----a-w- C:\Windows\Sysnative\aticalrt64.dll

2014-01-31 20:26:20 0B733FCDFFA4A2CA91DA2AACBFABB9D3 55808 ----a-w- C:\Windows\Sysnative\aticalcl64.dll

2014-01-31 20:26:04 20217EB1FC74AEC83B9AC55B90ACD553 15716352 ----a-w- C:\Windows\Sysnative\aticaldd64.dll

2014-01-31 20:24:36 963FD1DA40D19237EBB9728C5DA6E49A 126464 ----a-w- C:\Windows\Sysnative\mantle64.dll

2014-01-31 20:23:54 FE7DE842208EE55C97203D7461BDE055 5350400 ----a-w- C:\Windows\Sysnative\amdmantle64.dll

2014-01-31 20:22:04 1B30374BA562F1233A1B8F19A4BFFFF9 27152384 ----a-w- C:\Windows\Sysnative\atio6axx.dll

2014-01-31 20:06:22 A809DB74100D8F28062BDC3D39247CFC 442368 ----a-w- C:\Windows\Sysnative\atidemgy.dll

2014-01-31 20:06:12 D123457EDE8FEACC2BCD734EEF29DC76 31232 ----a-w- C:\Windows\Sysnative\atimuixx.dll

2014-01-31 20:06:06 360BA8E58DB77EC9E16502BF96168014 586240 ----a-w- C:\Windows\Sysnative\atieclxx.exe

2014-01-31 20:05:12 09F1332EA1955D4C5CEBFA82499C7361 240128 ----a-w- C:\Windows\Sysnative\atiesrxx.exe

2014-01-31 20:03:34 230F13D93D3783B74C6A940C9C0E79C9 190976 ----a-w- C:\Windows\Sysnative\atitmm64.dll

2014-01-31 19:59:12 A60914482496EF4570E167CBBCC33F1D 81920 ----a-w- C:\Windows\Sysnative\mantleaxl64.dll

2014-01-31 19:48:04 713E4E667C3867AC22A1FAF167C5D22B 44544 ----a-w- C:\Windows\Sysnative\amdmmcl6.dll

2014-01-31 19:43:42 1610FA79F41F87C7B607539A289A1198 3434288 ----a-w- C:\Windows\Sysnative\atiumd6a.cap

2014-01-31 19:37:06 F99EFA3243D73C8A70CA083C5C42657C 806912 ----a-w- C:\Windows\Sysnative\coinst_13.350.dll

2014-01-31 19:30:14 75C8C9B395BE100332C27F1C2D52E059 1148416 ----a-w- C:\Windows\Sysnative\atiadlxx.dll

2014-01-31 19:29:46 1F2F971300CDF27FF75783CBDCAE4D7E 75264 ----a-w- C:\Windows\Sysnative\atig6pxx.dll

2014-01-31 19:29:40 A2F6DE81923B443D1E98D49A24B383EE 69632 ----a-w- C:\Windows\Sysnative\atiglpxx.dll

2014-01-31 19:29:36 4199305D10E2CE8D67B12A10D00BBCB2 146432 ----a-w- C:\Windows\Sysnative\atig6txx.dll

2014-01-31 14:53:46 2354ED75FC3FA25C1D6835328C5F48CC 51200 ----a-w- C:\Windows\Sysnative\kdbsdk64.dll

====== C:\Windows\Sysnative\drivers =====

2014-02-07 21:45:24 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys

2014-01-31 20:57:20 755D08758837EB5E54875C17531D0FEE 13929472 ----a-w- C:\Windows\Sysnative\drivers\atikmdag.sys

2014-01-31 19:28:50 E72EEF6B0FF8872538FF4A37AB112206 636928 ----a-w- C:\Windows\Sysnative\drivers\atikmpag.sys

2014-01-31 19:25:02 12A3797633DCB6FE664370C54B0B12EA 43520 ----a-w- C:\Windows\Sysnative\drivers\ati2erec.dll

2014-01-19 18:29:36 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys

2014-01-19 18:29:36 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys

2014-01-19 18:29:36 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys

2014-01-19 18:29:36 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys

2014-01-19 18:29:36 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys

2014-01-19 18:29:36 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys

2014-01-19 18:29:36 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-02-09 17:16:29 -------- d-----w- C:\Program Files\trend micro

2014-01-31 17:33:12 -------- d-----w- C:\Program Files\Speccy

2014-01-26 10:04:06 -------- d-----w- C:\Program Files\iTunes

2014-01-26 10:04:06 -------- d-----w- C:\Program Files\iPod

2014-01-26 10:03:20 -------- d-----w- C:\Program Files\Bonjour

======= C:\PROGRA~2 =====

2014-02-04 19:17:00 -------- d-----w- C:\PROGRA~2\AMD AVT

2014-02-01 23:15:15 -------- d-----w- C:\PROGRA~2\Ubisoft

2014-01-26 10:04:06 -------- d-----w- C:\PROGRA~2\iTunes

2014-01-26 10:03:20 -------- d-----w- C:\PROGRA~2\Bonjour

2014-01-14 19:01:48 -------- d--h--w- C:\PROGRA~2\COMMON~1\EAInstaller

2014-01-14 18:30:56 -------- d-----w- C:\PROGRA~2\Origin Games

2014-01-14 18:28:59 -------- d-----w- C:\PROGRA~2\Origin

======= C: =====

====== C:\Users\SXTC\AppData\Roaming ======

2014-02-05 22:47:41 -------- d-----w- C:\Users\SXTC\AppData\Roaming\SketchUp

2014-02-01 23:15:23 -------- d-----w- C:\Users\SXTC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2014-02-01 23:15:23 -------- d-----w- C:\Users\SXTC\AppData\Local\Ubisoft Game Launcher

2014-01-14 19:08:46 -------- d-----w- C:\Users\SXTC\AppData\Local\EA Games

2014-01-14 18:29:51 -------- d-----w- C:\Users\SXTC\AppData\Roaming\Origin

2014-01-14 18:29:49 -------- d-----w- C:\Users\SXTC\AppData\Local\Origin

====== C:\Users\SXTC ======

2014-02-09 17:16:00 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\SXTC\Downloads\RSITx64.exe

2014-02-05 22:43:05 7F965C797E6A1967F426541FBA9BA961 75726696 ----a-w- C:\Users\SXTC\Downloads\SketchUpWEN.exe

2014-02-04 19:17:02 -------- d-----w- C:\ProgramData\ATI

2014-02-04 19:16:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2014-02-04 19:07:28 FFB606AEE808AB8F53FE51302037F0A2 299767515 ----a-w- C:\Users\SXTC\Downloads\amd_catalyst_14.1_betav1.6.exe

2014-02-01 23:14:36 8A2F2DAC1011510688D0AF14CFA63244 64024752 ----a-w- C:\Users\SXTC\Downloads\UplayInstaller.exe

2014-01-31 17:33:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

2014-01-31 17:32:50 024542793EF5B061EA2AE16D991D2DD3 4845384 ----a-w- C:\Users\SXTC\Downloads\spsetup125.exe

2014-01-26 10:04:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-01-26 10:04:06 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-01-14 19:01:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space 3

2014-01-14 18:29:02 -------- d-----w- C:\ProgramData\Origin

2014-01-14 18:29:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin

2014-01-14 18:29:02 -------- d-----w- C:\ProgramData\Electronic Arts

====== C: exe-files ==

2014-02-09 17:16:33 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\SXTC.exe

2014-02-09 17:16:00 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\SXTC\Downloads\RSITx64.exe

2014-02-05 22:43:05 7F965C797E6A1967F426541FBA9BA961 75726696 ----a-w- C:\Users\SXTC\Downloads\SketchUpWEN.exe

2014-02-04 19:07:28 FFB606AEE808AB8F53FE51302037F0A2 299767515 ----a-w- C:\Users\SXTC\Downloads\amd_catalyst_14.1_betav1.6.exe

=== C: other files ==

2014-02-07 21:45:24 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\System32\drivers\netio.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-532856226-922665447-3377960694-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VolPanel"="C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe /r"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe"

"SamsungRapidApp"="C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Arc]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Arc"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Perfect World Entertainment\\Arc\\ArcLauncher.exe /autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cmaudio8788]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Cmaudio8788"

"hkey"="HKLM"

"command"="C:\\Windows\\syswow64\\RunDll32.exe C:\\Windows\\Syswow64\\cmicnfgp.dll,CMICtrlWnd"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cmaudio8788GX]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Cmaudio8788GX"

"hkey"="HKLM"

"command"="C:\\Windows\\syswow64\\HsMgr.exe Envoke"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cmaudio8788GX64]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Cmaudio8788GX64"

"hkey"="HKLM"

"command"="C:\\Windows\\system\\HsMgr64.exe Envoke"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EADM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EADM"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Origin\\Origin.exe\" -AutoStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\JMB36X IDE Setup]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="JMB36X IDE Setup"

"hkey"="HKLM"

"command"="C:\\Windows\\RaidTool\\xInsIDE.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MSC"

"hkey"="HKLM"

"command"="\"c:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SPIRunE]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SPIRunE"

"hkey"="HKLM"

"command"="Rundll32 SPIRunE.dll,RunDLLEntry"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spotify"

"hkey"="HKCU"

"command"="\"C:\\Users\\SXTC\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spotify Web Helper"

"hkey"="HKCU"

"command"="\"C:\\Users\\SXTC\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Steam"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^SXTC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk]

"path"="C:\\Users\\SXTC\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk"

"backup"="C:\\Windows\\pss\\Samsung Magician.lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\PROGRA~2\\Samsung\\SAMSUN~1\\SAMSUN~1.EXE /AUTOHIDE"

"item"="Samsung Magician"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ArcService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Creative ALchemy AL6 Licensing Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Creative Audio Engine Licensing Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Creative Media Toolbox 6 Licensing Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SafeBox]

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\SoftwareInformerService" ["C:\Program Files\Software Informer\softinfo.exe"]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions ======================

ProfilePath: C:\Users\SXTC\AppData\Roaming\Mozilla\Firefox\Profiles\4wussu2q.default

- YouTube High Definition - %ProfilePath%\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi

- Easy Youtube Video Downloader Express - %ProfilePath%\extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\SXTC\AppData\Roaming\Mozilla\Firefox\Profiles\4wussu2q.default

FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash

07FAA8B85F81784DEC315E04E5852F2F - C:\Users\SXTC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Arc deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\SXTC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\SXTC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\SXTC\AppData\Local\Mozilla\Firefox\Profiles\4wussu2q.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=20 folders=20 21727644 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\SXTC\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\SXTC\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 10/02/2014 at 23:54:41,32 ======================

Link naar reactie
Delen op andere sites
SXTC Leerling

SXTC

Geplaatst:
  • Auteur
Geplaatst:

Starte net men pc op en al direct 3x opnieuw reboot en weer bleef hij hangen op een zwart scherm... zijn jullie er trouwens iets mee met die log die ik laatst stuurde?

Bitdefender en spybot vinden niets op mijn schijf dus of het een virus is weet ik niet... maar je wil niets uitsluiten.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Malware mag je nu zo goed als uitsluiten. Doe even het volgende:

Download en installeer Speccy.

Speccy is er ook in Nederlandstalige versie, bij de installatie (of update) kan je de taal wijzigen van Engels naar Nederlands ... als je op het driehoekje klikt, krijg je een uitrolmenu waarin je Nederlands kan selecteren.

Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is.

525a111b37ea3-Speccy.PNG

Start nu het programma en er zal een overzicht gemaakt worden van je hardware.

Als dit gereed is selecteer je bovenaan "Bestand - Publiceer Snapshot" en vervolgens bevestig je die keuze met " Ja ".

In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware.

Meer info over deze procedure lees je HIER.

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.