trage laptop

[Explo]

Mijn laptop begint steeds trager te werken. Ik heb al anti-malwarebytes laten lopen en die vond niets terug. Hierbij zie je mijn RSIT log.

Logfile of random's system information tool 1.09 (written by random/random)

Run by User at 2014-02-02 19:19:05

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 483 GB (82%) free of 590 GB

Total RAM: 8140 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:19:08, on 2/02/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe

C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe

C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\SysWOW64\RunDll32.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe

C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe

Q:\140066.nld\Office14\WINWORDC.EXE

Q:\140066.nld\Office14\OffSpon.EXE

Q:\140066.nld\Office14\EXCELC.EXE

Q:\140066.nld\Office14\OffSpon.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe

C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: vpngui.exe.lnk = ?

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{F79C1463-5778-4FE0-834E-3F155561C450}: NameServer = 81.169.62.171 81.169.62.171

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

O23 - Service: GamesAppService - Unknown owner - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (file missing)

O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe

O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 14937 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\Windows\system32\Hpservice.exe

atieclxx

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe 21620960

\??\C:\Windows\system32\conhost.exe "2671820701196515627-203194923613745679201604508445-16815963481117342898-92336371

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k WbioSvcGroup

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files\IDT\WDM\AESTSr64.exe"

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files\Bonjour\mDNSResponder.exe"

"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"

"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"

C:\Windows\SysWOW64\ezSharedSvcHost.exe

"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"

"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"

"C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\diMaster.dll" /prefetch:1

"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\diMaster.dll" /prefetch:1

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

WLIDSvcM.exe 2744

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe" /c /a /s UserSession2

"taskhost.exe"

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\alg.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe" /c /a /s UserSession

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

C:\Windows\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files\IDT\WDM\sttray64.exe"

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"

"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"

C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook

"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding

"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0

"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

-Minimized

"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Connection Manager</Title><Text>Wi-Fi: Verbonden

Bluetooth®: Aan

LAN: Niet verbonden</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe</IconPath><ID>1</ID><Path>C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe</Path><Parameters>OpenMainWindow</Parameters></Toast></hpNotification>"

C:\Windows\system32\svchost.exe -k SDRSVC

"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical

"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe" "Microsoft Word Starter 2010 9014006604130000" /n "C:\Users\User\Documents\oude pc\Mijn ontvangen bestanden\lala(1).docx"

"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe" /start IDLE_APP_EVENT_{90140011-0066-0413-0000-0000000FF1CE}

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-de8737c3-491f-4614-8ae5-8a0b20b20d78 -SystemEventPortName:HostProcess-c4d0cac9-cbda-4735-bb95-3eb5f8a291d5 -IoCancelEventPortName:HostProcess-6ad1bd80-38d9-4e60-8948-ca8d1ccaccec -NonStateChangingEventPortName:HostProcess-1400314b-9694-40ca-ae2c-6da9e2890447 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7efe7620-2193-4473-992a-c9b7e3f95e0e -DeviceGroupId:

C:\Windows\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"taskhost.exe"

C:\Windows\splwow64.exe 12288

"Q:\140066.nld\Office14\WINWORDC.EXE" /n "C:\Users\User\AppData\Local\Temp\Masterproef_Astrid 19_12_feedback.docx"

"Q:\140066.nld\Office14\OffSpon.EXE" -Embedding

"Q:\140066.nld\Office14\EXCELC.EXE" /dde

"Q:\140066.nld\Office14\OffSpon.EXE" -Embedding

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /ArmUpdateExe:"C:\ProgramData\Adobe\ARM\Reader_10.1.4\18101" /MODE:2 /PRODUCT:Reader /VERSION:10 /LANG:NLD

uTorrent.exe /NOINSTALL /BRINGTOFRONT

"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"

"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding

"C:\Program Files (x86)\Steam\Steam.exe"

"C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"

"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=26736.1508fb00.2105860677 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 26736 "\\.\pipe\gecko-crash-server-pipe.26736" plugin

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --proxy-stub-channel=Flash27372.5292B990.20800 --host-broker-channel=Flash27372.5292B990.5771 --host-pid=27372 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll"

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --channel=25808.0041F298.262846121 --proxy-stub-channel=Flash27372.5292B990.20800 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --host-npapi-version=27 --type=renderer

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe154_ Global\UsGthrCtrlFltPipeMssGthrPipe154 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532

"C:\Users\User\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tcia5tx8.default

prefs.js - "browser.startup.homepage" - "https://www.google.be/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.170 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]

"Description"=This plugin detects and launches Pando Media Booster

"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]

"Description"=WildTangent Games App Presence Detector Plugin

"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.170 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\

websitelogon@truesuite.com

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tcia5tx8.default\searchplugins\

ask-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]

TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-17 1744200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]

Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-02 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL [2012-08-10 387040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-10 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]

TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-17 1596232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]

Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-10 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-15 168216]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-15 392472]

"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-15 416024]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-03-11 1128448]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-01-19 3093624]

"Spotify Web Helper"=C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-12-04 1168896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe [2013-12-11 839560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-01-16 421736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2012-03-08 4280184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-12-04 1168896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2011-01-13 283160]

"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-08 336384]

"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]

""= []

"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-02-15 94264]

"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]

"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-07-27 35768]

"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]

"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

vpngui.exe.lnk - C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2011-04-15 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-02 52920]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"ConsentPromptBehaviorUser"=3

"EnableLUA"=0

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux1"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux2"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"aux3"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"aux4"=wdmaud.drv

"wave7"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

"aux5"=wdmaud.drv

"wave8"=wdmaud.drv

"midi8"=wdmaud.drv

"mixer8"=wdmaud.drv

"aux6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-02 19:19:06 ----D---- C:\Program Files\trend micro

2014-02-02 19:19:05 ----D---- C:\rsit

2014-02-02 19:15:21 ----A---- C:\DelFix.txt

2014-02-02 18:27:42 ----D---- C:\ProgramData\TweakBit

2014-02-02 18:25:49 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll

2014-02-02 18:25:49 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll

2014-02-02 18:25:49 ----A---- C:\Windows\system32\XAudio2_7.dll

2014-02-02 18:25:49 ----A---- C:\Windows\system32\XAPOFX1_5.dll

2014-02-02 18:25:48 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll

2014-02-02 18:25:48 ----A---- C:\Windows\system32\xactengine3_7.dll

2014-02-02 18:25:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll

2014-02-02 18:25:47 ----A---- C:\Windows\system32\D3DCompiler_43.dll

2014-02-02 18:25:46 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll

2014-02-02 18:25:46 ----A---- C:\Windows\system32\d3dcsx_43.dll

2014-02-02 18:25:45 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll

2014-02-02 18:25:45 ----A---- C:\Windows\system32\d3dx11_43.dll

2014-02-02 18:25:44 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll

2014-02-02 18:25:44 ----A---- C:\Windows\system32\d3dx10_43.dll

2014-02-02 18:25:43 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll

2014-02-02 18:25:43 ----A---- C:\Windows\system32\D3DX9_43.dll

2014-02-02 18:25:42 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll

2014-02-02 18:25:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll

2014-02-02 18:25:42 ----A---- C:\Windows\system32\XAudio2_6.dll

2014-02-02 18:25:42 ----A---- C:\Windows\system32\XAPOFX1_4.dll

2014-02-02 18:25:40 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll

2014-02-02 18:25:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll

2014-02-02 18:25:40 ----A---- C:\Windows\system32\xactengine3_6.dll

2014-02-02 18:25:40 ----A---- C:\Windows\system32\X3DAudio1_7.dll

2014-02-02 18:25:38 ----A---- C:\Windows\system32\XAudio2_5.dll

2014-02-02 18:25:36 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll

2014-02-02 18:25:36 ----A---- C:\Windows\system32\xactengine3_5.dll

2014-02-02 18:25:35 ----A---- C:\Windows\system32\D3DCompiler_42.dll

2014-02-02 18:25:34 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll

2014-02-02 18:25:34 ----A---- C:\Windows\system32\d3dcsx_42.dll

2014-02-02 18:25:32 ----A---- C:\Windows\system32\d3dx11_42.dll

2014-02-02 18:25:31 ----A---- C:\Windows\system32\D3DX9_42.dll

2014-02-02 18:25:29 ----A---- C:\Windows\system32\d3dx10_41.dll

2014-02-02 18:25:29 ----A---- C:\Windows\system32\D3DCompiler_41.dll

2014-02-02 18:25:27 ----A---- C:\Windows\system32\D3DX9_41.dll

2014-02-02 18:25:26 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll

2014-02-02 18:25:26 ----A---- C:\Windows\system32\XAudio2_4.dll

2014-02-02 18:25:26 ----A---- C:\Windows\system32\XAPOFX1_3.dll

2014-02-02 18:25:25 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll

2014-02-02 18:25:25 ----A---- C:\Windows\system32\xactengine3_4.dll

2014-02-02 18:25:24 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll

2014-02-02 18:25:24 ----A---- C:\Windows\system32\X3DAudio1_6.dll

2014-02-02 18:25:23 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll

2014-02-02 18:25:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll

2014-02-02 18:25:23 ----A---- C:\Windows\system32\d3dx10_40.dll

2014-02-02 18:25:23 ----A---- C:\Windows\system32\D3DCompiler_40.dll

2014-02-02 18:25:22 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll

2014-02-02 18:25:22 ----A---- C:\Windows\system32\D3DX9_40.dll

2014-02-02 18:25:20 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll

2014-02-02 18:25:20 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll

2014-02-02 18:25:20 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll

2014-02-02 18:25:20 ----A---- C:\Windows\system32\XAudio2_3.dll

2014-02-02 18:25:20 ----A---- C:\Windows\system32\XAPOFX1_2.dll

2014-02-02 18:25:20 ----A---- C:\Windows\system32\xactengine3_3.dll

2014-02-02 18:25:19 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll

2014-02-02 18:25:19 ----A---- C:\Windows\system32\X3DAudio1_5.dll

2014-02-02 18:25:18 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll

2014-02-02 18:25:18 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll

2014-02-02 18:25:18 ----A---- C:\Windows\system32\XAudio2_2.dll

2014-02-02 18:25:18 ----A---- C:\Windows\system32\XAPOFX1_1.dll

2014-02-02 18:25:16 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll

2014-02-02 18:25:16 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll

2014-02-02 18:25:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll

2014-02-02 18:25:16 ----A---- C:\Windows\system32\xactengine3_2.dll

2014-02-02 18:25:16 ----A---- C:\Windows\system32\d3dx10_39.dll

2014-02-02 18:25:16 ----A---- C:\Windows\system32\D3DCompiler_39.dll

2014-02-02 18:25:14 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll

2014-02-02 18:25:14 ----A---- C:\Windows\system32\D3DX9_39.dll

2014-02-02 18:25:13 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll

2014-02-02 18:25:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll

2014-02-02 18:25:13 ----A---- C:\Windows\system32\XAudio2_1.dll

2014-02-02 18:25:13 ----A---- C:\Windows\system32\XAPOFX1_0.dll

2014-02-02 18:25:12 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll

2014-02-02 18:25:12 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll

2014-02-02 18:25:12 ----A---- C:\Windows\system32\xactengine3_1.dll

2014-02-02 18:25:12 ----A---- C:\Windows\system32\X3DAudio1_4.dll

2014-02-02 18:25:10 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll

2014-02-02 18:25:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll

2014-02-02 18:25:10 ----A---- C:\Windows\system32\d3dx10_38.dll

2014-02-02 18:25:10 ----A---- C:\Windows\system32\D3DCompiler_38.dll

2014-02-02 18:25:09 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll

2014-02-02 18:25:09 ----A---- C:\Windows\system32\D3DX9_38.dll

2014-02-02 18:25:08 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll

2014-02-02 18:25:08 ----A---- C:\Windows\system32\XAudio2_0.dll

2014-02-02 18:25:07 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll

2014-02-02 18:25:07 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll

2014-02-02 18:25:07 ----A---- C:\Windows\system32\xactengine3_0.dll

2014-02-02 18:25:07 ----A---- C:\Windows\system32\X3DAudio1_3.dll

2014-02-02 18:25:06 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll

2014-02-02 18:25:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll

2014-02-02 18:25:06 ----A---- C:\Windows\system32\d3dx10_37.dll

2014-02-02 18:25:06 ----A---- C:\Windows\system32\D3DCompiler_37.dll

2014-02-02 18:25:05 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll

2014-02-02 18:25:05 ----A---- C:\Windows\system32\D3DX9_37.dll

2014-02-02 18:25:04 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll

2014-02-02 18:25:04 ----A---- C:\Windows\system32\xactengine2_10.dll

2014-02-02 18:25:02 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll

2014-02-02 18:25:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll

2014-02-02 18:25:02 ----A---- C:\Windows\system32\d3dx10_36.dll

2014-02-02 18:25:02 ----A---- C:\Windows\system32\D3DCompiler_36.dll

2014-02-02 18:25:01 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll

2014-02-02 18:25:01 ----A---- C:\Windows\system32\d3dx9_36.dll

2014-02-02 18:24:59 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll

2014-02-02 18:24:59 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll

2014-02-02 18:24:59 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll

2014-02-02 18:24:59 ----A---- C:\Windows\system32\xactengine2_9.dll

2014-02-02 18:24:59 ----A---- C:\Windows\system32\d3dx10_35.dll

2014-02-02 18:24:59 ----A---- C:\Windows\system32\D3DCompiler_35.dll

2014-02-02 18:24:57 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll

2014-02-02 18:24:57 ----A---- C:\Windows\system32\d3dx9_35.dll

2014-02-02 18:24:56 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll

2014-02-02 18:24:56 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll

2014-02-02 18:24:56 ----A---- C:\Windows\system32\xactengine2_8.dll

2014-02-02 18:24:56 ----A---- C:\Windows\system32\X3DAudio1_2.dll

2014-02-02 18:24:55 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll

2014-02-02 18:24:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll

2014-02-02 18:24:55 ----A---- C:\Windows\system32\d3dx10_34.dll

2014-02-02 18:24:55 ----A---- C:\Windows\system32\D3DCompiler_34.dll

2014-02-02 18:24:54 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll

2014-02-02 18:24:54 ----A---- C:\Windows\system32\xinput1_3.dll

2014-02-02 18:24:54 ----A---- C:\Windows\system32\d3dx9_34.dll

2014-02-02 18:24:52 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll

2014-02-02 18:24:52 ----A---- C:\Windows\system32\xactengine2_7.dll

2014-02-02 18:24:51 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll

2014-02-02 18:24:51 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll

2014-02-02 18:24:51 ----A---- C:\Windows\system32\d3dx10_33.dll

2014-02-02 18:24:51 ----A---- C:\Windows\system32\D3DCompiler_33.dll

2014-02-02 18:24:49 ----A---- C:\Windows\system32\d3dx9_33.dll

2014-02-02 18:24:48 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll

2014-02-02 18:24:48 ----A---- C:\Windows\system32\xactengine2_6.dll

2014-02-02 18:24:47 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll

2014-02-02 18:24:47 ----A---- C:\Windows\SYSWOW64\d3dx10.dll

2014-02-02 18:24:47 ----A---- C:\Windows\system32\xactengine2_5.dll

2014-02-02 18:24:47 ----A---- C:\Windows\system32\d3dx10.dll

2014-02-02 18:24:39 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll

2014-02-02 18:24:39 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll

2014-02-02 18:24:39 ----A---- C:\Windows\system32\xactengine2_4.dll

2014-02-02 18:24:39 ----A---- C:\Windows\system32\x3daudio1_1.dll

2014-02-02 18:24:38 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll

2014-02-02 18:24:38 ----A---- C:\Windows\system32\d3dx9_31.dll

2014-02-02 18:24:37 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll

2014-02-02 18:24:37 ----A---- C:\Windows\system32\xactengine2_3.dll

2014-02-02 18:24:34 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll

2014-02-02 18:24:34 ----A---- C:\Windows\system32\xinput1_2.dll

2014-02-02 18:24:32 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll

2014-02-02 18:24:32 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll

2014-02-02 18:24:32 ----A---- C:\Windows\system32\xinput1_1.dll

2014-02-02 18:24:32 ----A---- C:\Windows\system32\xactengine2_2.dll

2014-02-02 18:24:30 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll

2014-02-02 18:24:30 ----A---- C:\Windows\system32\xactengine2_1.dll

2014-02-02 18:24:00 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll

2014-02-02 18:24:00 ----A---- C:\Windows\system32\d3dx9_30.dll

2014-02-02 18:23:58 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll

2014-02-02 18:23:58 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll

2014-02-02 18:23:58 ----A---- C:\Windows\system32\xactengine2_0.dll

2014-02-02 18:23:58 ----A---- C:\Windows\system32\x3daudio1_0.dll

2014-02-02 18:23:56 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll

2014-02-02 18:23:56 ----A---- C:\Windows\system32\d3dx9_29.dll

2014-02-02 18:23:55 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll

2014-02-02 18:23:55 ----A---- C:\Windows\system32\d3dx9_28.dll

2014-02-02 18:23:53 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll

2014-02-02 18:23:53 ----A---- C:\Windows\system32\d3dx9_27.dll

2014-02-02 18:23:52 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll

2014-02-02 18:23:52 ----A---- C:\Windows\system32\d3dx9_26.dll

2014-02-02 18:23:50 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll

2014-02-02 18:23:50 ----A---- C:\Windows\system32\d3dx9_25.dll

2014-02-02 18:23:47 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll

2014-02-02 18:23:47 ----A---- C:\Windows\system32\d3dx9_24.dll

2014-02-02 17:46:11 ----D---- C:\Program Files (x86)\Steam

2014-02-02 15:07:11 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll

2014-02-02 15:07:08 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll

2014-02-02 15:06:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll

2014-02-02 15:06:08 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll

2014-02-02 15:06:07 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll

2014-02-02 14:54:22 ----D---- C:\ProgramData\Turbine

2014-02-02 14:53:40 ----D---- C:\ProgramData\HappyCloud

2014-02-02 13:19:39 ----D---- C:\Users\User\AppData\Roaming\Azureus

2014-01-15 09:08:00 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2014-01-15 09:08:00 ----A---- C:\Windows\system32\drivers\usbport.sys

2014-01-15 09:08:00 ----A---- C:\Windows\system32\drivers\usbohci.sys

2014-01-15 09:08:00 ----A---- C:\Windows\system32\drivers\usbhub.sys

2014-01-15 09:08:00 ----A---- C:\Windows\system32\drivers\usbehci.sys

2014-01-15 09:08:00 ----A---- C:\Windows\system32\drivers\usbd.sys

2014-01-15 09:08:00 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2014-01-15 09:07:59 ----A---- C:\Windows\system32\win32k.sys

2014-01-15 09:07:58 ----A---- C:\Windows\system32\drivers\netio.sys

2014-01-15 08:56:39 ----A---- C:\Windows\system32\wmploc.DLL

2014-01-15 08:56:38 ----A---- C:\Windows\SYSWOW64\wmploc.DLL

2014-01-15 08:56:38 ----A---- C:\Windows\SYSWOW64\wmp.dll

2014-01-15 08:56:36 ----A---- C:\Windows\system32\wmp.dll

2014-01-15 08:54:31 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-01-15 08:54:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-01-15 08:54:30 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-01-15 08:54:30 ----A---- C:\Windows\system32\jsproxy.dll

2014-01-15 08:54:30 ----A---- C:\Windows\system32\ieUnatt.exe

2014-01-15 08:54:30 ----A---- C:\Windows\system32\ieui.dll

2014-01-15 08:54:30 ----A---- C:\Windows\system32\iernonce.dll

2014-01-15 08:54:30 ----A---- C:\Windows\system32\ie4uinit.exe

2014-01-15 08:54:29 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2014-01-15 08:54:29 ----A---- C:\Windows\system32\mshtml.dll

2014-01-15 08:54:29 ----A---- C:\Windows\system32\jscript9diag.dll

2014-01-15 08:54:29 ----A---- C:\Windows\system32\iesetup.dll

2014-01-15 08:54:29 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-01-15 08:54:29 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-01-15 08:54:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2014-01-15 08:54:28 ----A---- C:\Windows\system32\iertutil.dll

2014-01-15 08:54:28 ----A---- C:\Windows\system32\ieapfltr.dll

2014-01-15 08:54:27 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-01-15 08:54:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-01-15 08:54:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-01-15 08:54:27 ----A---- C:\Windows\system32\wininet.dll

2014-01-15 08:54:27 ----A---- C:\Windows\system32\urlmon.dll

2014-01-15 08:54:26 ----A---- C:\Windows\system32\ieframe.dll

2014-01-15 08:54:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-01-15 08:54:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-01-15 08:54:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-01-15 08:54:22 ----A---- C:\Windows\system32\jscript9.dll

2014-01-11 10:23:38 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-01-10 14:54:12 ----A---- C:\Windows\SYSWOW64\msieftp.dll

2014-01-10 14:54:12 ----A---- C:\Windows\system32\msieftp.dll

2014-01-10 14:54:09 ----A---- C:\Windows\SYSWOW64\imagehlp.dll

2014-01-10 14:54:09 ----A---- C:\Windows\system32\imagehlp.dll

2014-01-10 14:54:08 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll

2014-01-10 14:54:08 ----A---- C:\Windows\system32\WMPhoto.dll

2014-01-10 14:54:06 ----A---- C:\Windows\SYSWOW64\tzres.dll

2014-01-10 14:54:06 ----A---- C:\Windows\system32\tzres.dll

2014-01-10 14:54:00 ----A---- C:\Windows\SYSWOW64\wscript.exe

2014-01-10 14:54:00 ----A---- C:\Windows\system32\scrrun.dll

2014-01-10 14:54:00 ----A---- C:\Windows\system32\drivers\portcls.sys

2014-01-10 14:54:00 ----A---- C:\Windows\system32\drivers\drmk.sys

2014-01-10 14:54:00 ----A---- C:\Windows\system32\cscript.exe

2014-01-10 14:53:59 ----A---- C:\Windows\SYSWOW64\scrrun.dll

2014-01-10 14:53:59 ----A---- C:\Windows\SYSWOW64\cscript.exe

2014-01-10 14:53:59 ----A---- C:\Windows\system32\wscript.exe

======List of files/folders modified in the last 1 month======

2014-02-02 19:19:06 ----RD---- C:\Program Files

2014-02-02 19:18:31 ----D---- C:\Windows\Temp

2014-02-02 19:18:13 ----D---- C:\Users\User\AppData\Roaming\uTorrent

2014-02-02 19:15:30 ----SHD---- C:\System Volume Information

2014-02-02 19:02:37 ----RD---- C:\Program Files (x86)

2014-02-02 19:02:36 ----D---- C:\Windows\system32\Tasks

2014-02-02 19:00:49 ----D---- C:\Windows\system32\LogFiles

2014-02-02 18:34:24 ----D---- C:\Windows\inf

2014-02-02 18:34:23 ----D---- C:\Windows\Logs

2014-02-02 18:34:23 ----D---- C:\Windows

2014-02-02 18:27:42 ----HD---- C:\ProgramData

2014-02-02 18:25:50 ----D---- C:\Windows\System32

2014-02-02 18:25:49 ----D---- C:\Windows\SysWOW64

2014-02-02 18:24:30 ----RSD---- C:\Windows\assembly

2014-02-02 18:24:06 ----D---- C:\Windows\Microsoft.NET

2014-02-02 17:46:27 ----D---- C:\Windows\Prefetch

2014-02-02 15:14:49 ----D---- C:\Users\User\AppData\Roaming\Opera

2014-02-02 15:11:58 ----D---- C:\Windows\system32\config

2014-02-02 15:08:18 ----SHD---- C:\Windows\Installer

2014-02-02 15:08:17 ----HD---- C:\Config.Msi

2014-02-02 15:01:07 ----D---- C:\Windows\winsxs

2014-01-28 19:53:55 ----D---- C:\Windows\rescache

2014-01-19 19:00:34 ----D---- C:\Windows\system32\catroot2

2014-01-19 17:41:37 ----D---- C:\Windows\Panther

2014-01-19 17:41:37 ----D---- C:\Windows\Minidump

2014-01-19 17:41:37 ----D---- C:\Windows\debug

2014-01-18 13:15:41 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-01-18 13:12:16 ----A---- C:\Windows\SYSWOW64\log.txt

2014-01-17 14:55:23 ----D---- C:\Windows\system32\DriverStore

2014-01-17 14:55:23 ----D---- C:\Windows\system32\drivers

2014-01-17 14:55:05 ----D---- C:\Users\User\AppData\Roaming\SoftGrid Client

2014-01-17 09:51:56 ----D---- C:\Windows\system32\MRT

2014-01-17 09:51:36 ----A---- C:\Windows\system32\MRT.exe

2014-01-16 07:23:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2014-01-16 07:20:50 ----D---- C:\Program Files\Windows Media Player

2014-01-16 07:20:50 ----D---- C:\Program Files (x86)\Windows Media Player

2014-01-16 07:20:45 ----D---- C:\Program Files (x86)\Internet Explorer

2014-01-16 07:20:44 ----D---- C:\Program Files\Internet Explorer

2014-01-16 07:20:42 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-01-16 07:20:42 ----D---- C:\Windows\system32\nl-NL

2014-01-15 09:07:53 ----D---- C:\Windows\system32\catroot

2014-01-14 11:23:09 ----D---- C:\Windows\system32\NDF

2014-01-10 22:18:47 ----D---- C:\Windows\Tasks

2014-01-10 22:18:47 ----D---- C:\Windows\SYSWOW64\wbem

2014-01-10 22:18:47 ----D---- C:\Windows\system32\wfp

2014-01-10 22:18:47 ----D---- C:\Windows\system32\wbem

2014-01-10 22:18:41 ----D---- C:\Windows\system32\drivers\UMDF

2014-01-10 22:18:41 ----D---- C:\Windows\system32\drivers\etc

2014-01-10 22:18:41 ----D---- C:\Windows\system32\CodeIntegrity

2014-01-10 22:18:40 ----D---- C:\Windows\AppCompat

2014-01-10 22:18:39 ----D---- C:\ProgramData\PMB Files

2014-01-10 22:18:36 ----D---- C:\ProgramData\Norton

2014-01-10 22:18:36 ----D---- C:\ProgramData\Microsoft Help

2014-01-10 22:18:25 ----D---- C:\Windows\registration

2014-01-10 22:17:15 ----RHD---- C:\MSOCache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAVx64\1404000.028\SYMDS64.SYS [2013-05-20 493656]

R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [2013-05-22 1139800]

R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [2013-12-18 1526488]

R1 ccSet_NAV;Norton AntiVirus Settings Manager; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [2013-04-15 169048]

R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [2013-09-27 162392]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-11-21 484952]

R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20140131.001\IDSvia64.sys [2014-01-21 521944]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [2013-03-04 36952]

R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [2012-07-27 224416]

R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NAVx64\1404000.028\SYMNETS.SYS [2013-04-24 433752]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-07 9259520]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-07 301568]

R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-10-18 3065408]

R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]

R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]

R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-12-03 137648]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-07-26 33240]

R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-04-18 85504]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]

R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-04-15 12228128]

R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140201.002\ENG64.SYS [2014-01-18 126040]

R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20140201.002\EX64.SYS [2014-01-18 2099288]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-13 333928]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]

R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSP64.SYS [2013-05-15 796760]

R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-03-11 521728]

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-11-03 177312]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]

S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]

S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]

S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]

S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]

S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]

S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]

S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]

S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]

S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-04-18 117248]

S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-04-18 13952]

S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2011-04-18 413696]

S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-04-18 219008]

S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-07 203776]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]

R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]

R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-17 265544]

R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]

R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-28 92216]

R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]

R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-12-22 325656]

R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [2013-05-20 144368]

R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [2013-10-06 129424]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-03-11 297984]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]

R3 hpCMSrv;HP Connection Manager 4.0 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]

R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-02-28 799800]

R3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-27 571816]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]

S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe []

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]

S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-01-16 934760]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-11 119408]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-10 1255736]

-----------------EOF-----------------

[kape]

Had je hetzelfde probleem al vóór je TweakBit hebt gedownload ?

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com;fs
 C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tcia5tx8.default\searchplugins\ask-search.xml;f
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
 ""=-;r64
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Quick Scan
  
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Explo]

Ik had het probleem al voor ik TweakBits heb gedownload. Hieronder het logje.

Zoek.exe v5.0.0.0 Updated 31-January-2014

Tool run by User on ma 03/02/2014 at 8:52:21,74.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\User\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

3/02/2014 8:53:50 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AVS4YOU deleted successfully

C:\PROGRA~2\Chat Republic Games deleted successfully

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\Program Files\Google deleted successfully

C:\ProgramData\Chat Republic Games deleted successfully

C:\ProgramData\Turbine deleted successfully

C:\Users\User\AppData\Roaming\Nico Mak Computing deleted successfully

C:\Users\User\AppData\Roaming\Opera deleted successfully

C:\Users\User\AppData\Roaming\TP deleted successfully

C:\Users\User\AppData\Local\Chat Republic Games deleted successfully

C:\Users\User\AppData\Local\CrashDumps deleted successfully

C:\Users\User\AppData\Local\Opera deleted successfully

C:\Users\User\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2202616576-1541917244-3164909884-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully

HKEY_USERS\S-1-5-21-2202616576-1541917244-3164909884-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8C230407-C2F1-4E43-A28B-07CDADE0BD16} deleted successfully

HKEY_USERS\S-1-5-21-2202616576-1541917244-3164909884-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tcia5tx8.default

---- Lines crossrider removed from prefs.js ----

user_pref("extensions.a8ddb3e39a5ea4f439fa8fcfcc9c9be7b6454baf098b349b1999f308955ae836ccom34329.34329.plugins.plugin_1.code", "appAPI._cr_config={appI

user_pref("extensions.a8ddb3e39a5ea4f439fa8fcfcc9c9be7b6454baf098b349b1999f308955ae836ccom34329.34329.plugins.plugin_13.name", "CrossriderAppUtils");

user_pref("extensions.a8ddb3e39a5ea4f439fa8fcfcc9c9be7b6454baf098b349b1999f308955ae836ccom34329.34329.plugins.plugin_14.name", "CrossriderUtils");

user_pref("extensions.a8ddb3e39a5ea4f439fa8fcfcc9c9be7b6454baf098b349b1999f308955ae836ccom34329.34329.plugins.plugin_21.code", "var CrossriderDebugMan

user_pref("extensions.a8ddb3e39a5ea4f439fa8fcfcc9c9be7b6454baf098b349b1999f308955ae836ccom34329.34329.plugins.plugin_22.code", "(function(a){appAPI.qu

user_pref("extensions.a8ddb3e39a5ea4f439fa8fcfcc9c9be7b6454baf098b349b1999f308955ae836ccom34329.34329.plugins.plugin_28.code", "var CrossriderInitiali

user_pref("extensions.a8ddb3e39a5ea4f439fa8fcfcc9c9be7b6454baf098b349b1999f308955ae836ccom34329.34329.plugins.plugin_47.code", "(function(){appAPI.rea

user_pref("extensions.a8ddb3e39a5ea4f439fa8fcfcc9c9be7b6454baf098b349b1999f308955ae836ccom34329.34329.plugins.plugin_78.name", "CrossriderInfo");

user_pref("extensions.crossrider.bic", "13f286645d043decaa5517164480dcc1");

---- FireFox user.js and prefs.js backups ----

user_20140302_0902_.backup

prefs_20140302_0902_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

""=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com deleted

C:\Users\User\AppData\Roaming\Registry Mechanic deleted

C:\ProgramData\APN deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard deleted

C:\Windows\SysNative\roboot64.exe deleted

C:\Windows\Syswow64\sho1B5.tmp deleted

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tcia5tx8.default\searchplugins\ask-search.xml deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\User\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2014-02-02 17:25:49 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_5.dll

2014-02-02 17:25:49 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\Windows\SysWOW64\XAudio2_7.dll

2014-02-02 17:25:48 4FD7BCB9D8AF6A165E9BA0C2EB702E7C 239960 ----a-w- C:\Windows\SysWOW64\xactengine3_7.dll

2014-02-02 17:25:47 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Windows\SysWOW64\D3DCompiler_43.dll

2014-02-02 17:25:46 83EBA442F07AAB8D6375D2EEC945C46C 1868128 ----a-w- C:\Windows\SysWOW64\d3dcsx_43.dll

2014-02-02 17:25:45 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\SysWOW64\d3dx11_43.dll

2014-02-02 17:25:44 20C835843FCEC4DEDFCD7BFFA3B91641 470880 ----a-w- C:\Windows\SysWOW64\d3dx10_43.dll

2014-02-02 17:25:43 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\SysWOW64\D3DX9_43.dll

2014-02-02 17:25:42 E4CE2AF32F501A7F7DDDD908704A0EE6 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_4.dll

2014-02-02 17:25:42 4976243BD70FAE3D1D24E49739AB2710 528216 ----a-w- C:\Windows\SysWOW64\XAudio2_6.dll

2014-02-02 17:25:40 F81C4678A55FFEE585AC75825FAF5582 238936 ----a-w- C:\Windows\SysWOW64\xactengine3_6.dll

2014-02-02 17:25:40 C811E70C8804CFFF719038250A43B464 22360 ----a-w- C:\Windows\SysWOW64\X3DAudio1_7.dll

2014-02-02 17:25:36 DB3C93E87452B8DAB4F58ED1FD2B1998 238936 ----a-w- C:\Windows\SysWOW64\xactengine3_5.dll

2014-02-02 17:25:34 B337306DFB508A1BCEF1974BFBB8D924 5501792 ----a-w- C:\Windows\SysWOW64\d3dcsx_42.dll

2014-02-02 17:25:26 E684C5FA18ADF9EA14737757413BF727 517448 ----a-w- C:\Windows\SysWOW64\XAudio2_4.dll

2014-02-02 17:25:25 686F8D1B4926D48227A06ACD4D41CD1E 235352 ----a-w- C:\Windows\SysWOW64\xactengine3_4.dll

2014-02-02 17:25:24 E763798CAD2A90B6AB61854F50CD47DD 22360 ----a-w- C:\Windows\SysWOW64\X3DAudio1_6.dll

2014-02-02 17:25:23 91B4AAD4412BB223B466F3DFB43E86DA 452440 ----a-w- C:\Windows\SysWOW64\d3dx10_40.dll

2014-02-02 17:25:23 3384134EEB8F223178C2EB8323003EC0 2036576 ----a-w- C:\Windows\SysWOW64\D3DCompiler_40.dll

2014-02-02 17:25:22 EEA5E428CE63804F9B12D21C97B5968F 4379984 ----a-w- C:\Windows\SysWOW64\D3DX9_40.dll

2014-02-02 17:25:20 8BA296419AF3417D1E9806B83166E472 235856 ----a-w- C:\Windows\SysWOW64\xactengine3_3.dll

2014-02-02 17:25:20 47ED15DC87AE334C13C4DACD1BE2CCED 514384 ----a-w- C:\Windows\SysWOW64\XAudio2_3.dll

2014-02-02 17:25:20 295E47A75F278580F9441041EAAEA3D2 70992 ----a-w- C:\Windows\SysWOW64\XAPOFX1_2.dll

2014-02-02 17:25:19 350FEFE18B86BD4D9AB2A96D00215A49 23376 ----a-w- C:\Windows\SysWOW64\X3DAudio1_5.dll

2014-02-02 17:25:18 D95EAABF5D277EF91D9CA70151209E56 68616 ----a-w- C:\Windows\SysWOW64\XAPOFX1_1.dll

2014-02-02 17:25:18 50F4A0D5E6A0BAFEFA78F353533B8E06 509448 ----a-w- C:\Windows\SysWOW64\XAudio2_2.dll

2014-02-02 17:25:16 F3C6BE26949CAADB11DBF0086082FAC9 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_2.dll

2014-02-02 17:25:16 E6C2F1D8B667DDC04CB55B9F0159EF97 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_39.dll

2014-02-02 17:25:16 C4F1972497FE2CEB7D900938C97FCF91 1493528 ----a-w- C:\Windows\SysWOW64\D3DCompiler_39.dll

2014-02-02 17:25:14 8CB3DEFB8887C4F0846DB1FC1304D6D2 3851784 ----a-w- C:\Windows\SysWOW64\D3DX9_39.dll

2014-02-02 17:25:13 E34FF0115B1EE3B4E03D22AE9840EE03 507400 ----a-w- C:\Windows\SysWOW64\XAudio2_1.dll

2014-02-02 17:25:13 DD165760F1B95200A3DA2D9DFDB84234 65032 ----a-w- C:\Windows\SysWOW64\XAPOFX1_0.dll

2014-02-02 17:25:12 E3832514BD21236067B7227F6165EF95 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_4.dll

2014-02-02 17:25:12 2E0E25252E1D41752876E9FE12ADE175 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_1.dll

2014-02-02 17:25:10 A2650B27472C21CDD817EEEDE65648E1 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_38.dll

2014-02-02 17:25:10 103CBFC5591008AD33046E20E8E1EEBE 1491992 ----a-w- C:\Windows\SysWOW64\D3DCompiler_38.dll

2014-02-02 17:25:09 8F3EB548AC4ED90252394F60C77E3196 3850760 ----a-w- C:\Windows\SysWOW64\D3DX9_38.dll

2014-02-02 17:25:08 418CDC57E55EE79C3F86C13A19B3D5E3 479752 ----a-w- C:\Windows\SysWOW64\XAudio2_0.dll

2014-02-02 17:25:07 C593FD0A96EE4B6390B653C4C641313F 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_3.dll

2014-02-02 17:25:07 8A83673F0AB001870583FDE2B004FA59 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_0.dll

2014-02-02 17:25:06 EA752DBCE35045D3C830DC16578CC8AB 1420824 ----a-w- C:\Windows\SysWOW64\D3DCompiler_37.dll

2014-02-02 17:25:06 4A43E9A2B17E4CAFA9CB5FEC0B5B686B 462864 ----a-w- C:\Windows\SysWOW64\d3dx10_37.dll

2014-02-02 17:25:05 AC3C517FB0FBBE45FE44007BCD3625A7 3786760 ----a-w- C:\Windows\SysWOW64\D3DX9_37.dll

2014-02-02 17:25:04 73E055AF78A64F9B2779D44407CA2AB6 267272 ----a-w- C:\Windows\SysWOW64\xactengine2_10.dll

2014-02-02 17:25:02 FB4299688A0D3A37687C015AC2B9922D 1374232 ----a-w- C:\Windows\SysWOW64\D3DCompiler_36.dll

2014-02-02 17:25:02 D9158E78A368B08D9133043EB3058C12 444776 ----a-w- C:\Windows\SysWOW64\d3dx10_36.dll

2014-02-02 17:25:01 44BFEC5C9C82A2EE9871D88FD3B9A0E2 3734536 ----a-w- C:\Windows\SysWOW64\d3dx9_36.dll

2014-02-02 17:24:59 F3764552E45880DC49B82F38699AA87C 444776 ----a-w- C:\Windows\SysWOW64\d3dx10_35.dll

2014-02-02 17:24:59 5B441670A4F5F8BCCE76741902B8AF56 1358192 ----a-w- C:\Windows\SysWOW64\D3DCompiler_35.dll

2014-02-02 17:24:59 46EE68F04A75A1CCF40235EA6F1CBA05 267112 ----a-w- C:\Windows\SysWOW64\xactengine2_9.dll

2014-02-02 17:24:57 3EF18B78D17C962F2B71AC1CB7757684 3727720 ----a-w- C:\Windows\SysWOW64\d3dx9_35.dll

2014-02-02 17:24:56 F6A9FC2AD2F9111372B5AB3BBA3707EC 17928 ----a-w- C:\Windows\SysWOW64\X3DAudio1_2.dll

2014-02-02 17:24:56 499210C45AFEAADEE8CF4DCF7D5E570B 266088 ----a-w- C:\Windows\SysWOW64\xactengine2_8.dll

2014-02-02 17:24:55 75F206C195BBACA6EF28565B1C0CD75C 1124720 ----a-w- C:\Windows\SysWOW64\D3DCompiler_34.dll

2014-02-02 17:24:55 5AA9987F2E62B56D7661B6901901F927 443752 ----a-w- C:\Windows\SysWOW64\d3dx10_34.dll

2014-02-02 17:24:54 1CA939918ED1B930059B3A882DE6F648 3497832 ----a-w- C:\Windows\SysWOW64\d3dx9_34.dll

2014-02-02 17:24:52 7FEBB8CE2233CBAE738B16D42ED29674 261480 ----a-w- C:\Windows\SysWOW64\xactengine2_7.dll

2014-02-02 17:24:51 FAE7E1D578C42A7C3D9D61A99D178BD5 1123696 ----a-w- C:\Windows\SysWOW64\D3DCompiler_33.dll

2014-02-02 17:24:51 37A8171ACCF46A9C196054066C28827F 443752 ----a-w- C:\Windows\SysWOW64\d3dx10_33.dll

2014-02-02 17:24:48 39000E033D39D19CCCE21AEAFCCE2476 255848 ----a-w- C:\Windows\SysWOW64\xactengine2_6.dll

2014-02-02 17:24:47 86C93789E9006F1AC47ED9DD47D4C8A1 251672 ----a-w- C:\Windows\SysWOW64\xactengine2_5.dll

2014-02-02 17:24:47 6F34F7405807DCBF0B9BF6811C94C6D9 440080 ----a-w- C:\Windows\SysWOW64\d3dx10.dll

2014-02-02 17:24:39 6550E1A0A7BE611592C31222FCB981FB 237848 ----a-w- C:\Windows\SysWOW64\xactengine2_4.dll

2014-02-02 17:24:39 121B131EAA369D8F58DACC5C39A77D80 15128 ----a-w- C:\Windows\SysWOW64\x3daudio1_1.dll

2014-02-02 17:24:38 797E24743937D67D69F28F2CF5052EE8 2414360 ----a-w- C:\Windows\SysWOW64\d3dx9_31.dll

2014-02-02 17:24:37 69D841744B2BAE38FBB2D40A230A549C 236824 ----a-w- C:\Windows\SysWOW64\xactengine2_3.dll

2014-02-02 17:24:34 33B62BE226934E1B01F5043870C70427 62744 ----a-w- C:\Windows\SysWOW64\xinput1_2.dll

2014-02-02 17:24:32 F1726346E583442541FE73429F8E9C10 62672 ----a-w- C:\Windows\SysWOW64\xinput1_1.dll

2014-02-02 17:24:32 5C4D3843B491C047B7A619901FBD2EC1 230168 ----a-w- C:\Windows\SysWOW64\xactengine2_2.dll

2014-02-02 17:24:30 7C9952111F4C743B9F0D8B68B6ED93C9 229584 ----a-w- C:\Windows\SysWOW64\xactengine2_1.dll

2014-02-02 17:24:00 E415862612E65F10D7D888443ECD7594 2388176 ----a-w- C:\Windows\SysWOW64\d3dx9_30.dll

2014-02-02 17:23:58 4E961525CC7FF0E5D7DA19E170B7C14C 14032 ----a-w- C:\Windows\SysWOW64\x3daudio1_0.dll

2014-02-02 17:23:58 2112FE0C46662D429347A7D7B49E3ECE 230096 ----a-w- C:\Windows\SysWOW64\xactengine2_0.dll

2014-02-02 17:23:56 99F4FC172A5ACE36CF00AA7038D23F2C 2332368 ----a-w- C:\Windows\SysWOW64\d3dx9_29.dll

2014-02-02 17:23:55 BE19B603DFBAA829EE5B7749B3BA97DB 2323664 ----a-w- C:\Windows\SysWOW64\d3dx9_28.dll

2014-02-02 17:23:53 852EDC778A7A50077694F84D8E601234 2319568 ----a-w- C:\Windows\SysWOW64\d3dx9_27.dll

2014-02-02 17:23:52 523AB607EEF81CC4D909E7FEBD8A788E 2297552 ----a-w- C:\Windows\SysWOW64\d3dx9_26.dll

2014-02-02 17:23:50 5B48FE9D6686F0D54B26A005ACE24D1D 2337488 ----a-w- C:\Windows\SysWOW64\d3dx9_25.dll

2014-02-02 17:23:47 BC831661963763AC4D504C5CABB1FDD9 2222800 ----a-w- C:\Windows\SysWOW64\d3dx9_24.dll

2014-02-02 14:07:11 3FA06CF5079B84155D18B05C08F7131B 4178264 ----a-w- C:\Windows\SysWOW64\D3DX9_41.dll

2014-02-02 14:07:08 D09AC80A4B5312239852836C84DF3392 235344 ----a-w- C:\Windows\SysWOW64\d3dx11_42.dll

2014-02-02 14:06:10 B33B21DB610116262D906305CE65C354 1974616 ----a-w- C:\Windows\SysWOW64\D3DCompiler_42.dll

2014-02-02 14:06:08 C6A44FC3CF2F5801561804272217B14D 1892184 ----a-w- C:\Windows\SysWOW64\D3DX9_42.dll

2014-02-02 14:06:07 CDB1CD22BAFF21F48606B3C1A18B000B 3495784 ----a-w- C:\Windows\SysWOW64\d3dx9_33.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-02-02 17:25:49 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\Windows\Sysnative\XAPOFX1_5.dll

2014-02-02 17:25:49 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\Windows\Sysnative\XAudio2_7.dll

2014-02-02 17:25:48 BDEC09A032DB44D9CDB3A0D97224D64E 176984 ----a-w- C:\Windows\Sysnative\xactengine3_7.dll

2014-02-02 17:25:47 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\Windows\Sysnative\D3DCompiler_43.dll

2014-02-02 17:25:46 5F1DA86286A2DFB01C4FED55C2DD1D61 1907552 ----a-w- C:\Windows\Sysnative\d3dcsx_43.dll

2014-02-02 17:25:45 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\Windows\Sysnative\d3dx11_43.dll

2014-02-02 17:25:44 AD7FA9485059F4DC53C98B49CAB13F0B 511328 ----a-w- C:\Windows\Sysnative\d3dx10_43.dll

2014-02-02 17:25:43 7160FC226391C0B50C85571FA1A546E5 2401112 ----a-w- C:\Windows\Sysnative\D3DX9_43.dll

2014-02-02 17:25:42 A9724EB3D6CC032D0C4ECAFF4AD8C17F 78680 ----a-w- C:\Windows\Sysnative\XAPOFX1_4.dll

2014-02-02 17:25:42 05E88C8D8E652DFF03B469331F474CCE 530776 ----a-w- C:\Windows\Sysnative\XAudio2_6.dll

2014-02-02 17:25:40 B4FF2A39685C1A6D43F0E56EB350AF3A 24920 ----a-w- C:\Windows\Sysnative\X3DAudio1_7.dll

2014-02-02 17:25:40 936DCC640B2991905D909395E03B64F9 176984 ----a-w- C:\Windows\Sysnative\xactengine3_6.dll

2014-02-02 17:25:38 C291AEFD47A587FF5F509E2F96613F7D 517960 ----a-w- C:\Windows\Sysnative\XAudio2_5.dll

2014-02-02 17:25:36 51D65BE2F794B944CADAF287B34EF603 176968 ----a-w- C:\Windows\Sysnative\xactengine3_5.dll

2014-02-02 17:25:35 E92D2E4AFA43CD39A8C1C2C2DB59667E 2582888 ----a-w- C:\Windows\Sysnative\D3DCompiler_42.dll

2014-02-02 17:25:34 F13B90F5090EBA9041558BC6AAED79B8 5554512 ----a-w- C:\Windows\Sysnative\d3dcsx_42.dll

2014-02-02 17:25:32 522749761B6CC69F8630F4B472DCA623 285024 ----a-w- C:\Windows\Sysnative\d3dx11_42.dll

2014-02-02 17:25:31 1AF7AE1FDE027A30B9097280819A0A86 2475352 ----a-w- C:\Windows\Sysnative\D3DX9_42.dll

2014-02-02 17:25:29 E730967811E3702499446FFC8A432607 520544 ----a-w- C:\Windows\Sysnative\d3dx10_41.dll

2014-02-02 17:25:29 A59A5BADE4AF200C720D99EAE6E04E0E 2430312 ----a-w- C:\Windows\Sysnative\D3DCompiler_41.dll

2014-02-02 17:25:27 ECDDB13BC805B9F3EF3A855E6FD85C69 5425496 ----a-w- C:\Windows\Sysnative\D3DX9_41.dll

2014-02-02 17:25:26 B94F08069EFE2F8151DEF350E526E063 521560 ----a-w- C:\Windows\Sysnative\XAudio2_4.dll

2014-02-02 17:25:26 37B348A79C4C9B8AB925B18FFD241E96 73544 ----a-w- C:\Windows\Sysnative\XAPOFX1_3.dll

2014-02-02 17:25:25 1BA01062450BD1F052C54C01C12248F6 174936 ----a-w- C:\Windows\Sysnative\xactengine3_4.dll

2014-02-02 17:25:24 EEE871CC4F5563FF8B3C8385B32B0C5F 24920 ----a-w- C:\Windows\Sysnative\X3DAudio1_6.dll

2014-02-02 17:25:23 862586AD4B1355F7DCDE111EE0AAF350 519000 ----a-w- C:\Windows\Sysnative\d3dx10_40.dll

2014-02-02 17:25:23 37309B833480DC69FDE7DB68F9B8BC20 2605920 ----a-w- C:\Windows\Sysnative\D3DCompiler_40.dll

2014-02-02 17:25:22 29A79F0B607FAF5722D7BAF2485F632A 5631312 ----a-w- C:\Windows\Sysnative\D3DX9_40.dll

2014-02-02 17:25:20 84B41FD03CAFC5048346B3B2AB92D199 175440 ----a-w- C:\Windows\Sysnative\xactengine3_3.dll

2014-02-02 17:25:20 758139A39AECC1B512576275A27C1177 518480 ----a-w- C:\Windows\Sysnative\XAudio2_3.dll

2014-02-02 17:25:20 2F8F9B707FED2405A787380230CC6FA9 74576 ----a-w- C:\Windows\Sysnative\XAPOFX1_2.dll

2014-02-02 17:25:19 CFF1C1F7B9F855DDEE431D7B5DCACDF8 25936 ----a-w- C:\Windows\Sysnative\X3DAudio1_5.dll

2014-02-02 17:25:18 E335DF094836EE7030F1B9CE7429E884 513544 ----a-w- C:\Windows\Sysnative\XAudio2_2.dll

2014-02-02 17:25:18 0F2DB378FBE2D124E4D3631B329688AE 72200 ----a-w- C:\Windows\Sysnative\XAPOFX1_1.dll

2014-02-02 17:25:16 EAA692FDC990ED0407DF957316DA33C2 540688 ----a-w- C:\Windows\Sysnative\d3dx10_39.dll

2014-02-02 17:25:16 CC8399A9E51B2AF1C2C20A26D85EB60E 177672 ----a-w- C:\Windows\Sysnative\xactengine3_2.dll

2014-02-02 17:25:16 7741A0A6CED6C441B97D625B730D6075 1942552 ----a-w- C:\Windows\Sysnative\D3DCompiler_39.dll

2014-02-02 17:25:14 7505C133FC704B40CFDDFD38777BAAC3 4992520 ----a-w- C:\Windows\Sysnative\D3DX9_39.dll

2014-02-02 17:25:13 E9C0F926D7C9082A805F4FEF81DEEB30 511496 ----a-w- C:\Windows\Sysnative\XAudio2_1.dll

2014-02-02 17:25:13 0E92D8C0ECA74B6D0A55ABAD53226113 68104 ----a-w- C:\Windows\Sysnative\XAPOFX1_0.dll

2014-02-02 17:25:12 DE6004D16DBACD781ED4596C4FEA7D14 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_4.dll

2014-02-02 17:25:12 A2A098BF5A8C255A0090818AD8E87B0F 177672 ----a-w- C:\Windows\Sysnative\xactengine3_1.dll

2014-02-02 17:25:10 A7E59BB6FAC119FABB83F18BD72AA1D7 1941528 ----a-w- C:\Windows\Sysnative\D3DCompiler_38.dll

2014-02-02 17:25:10 72CB653CECF4EA670E7F5A8D74358423 540688 ----a-w- C:\Windows\Sysnative\d3dx10_38.dll

2014-02-02 17:25:09 E5EC2AB7156A752F9614CDA4BE66EFE8 4991496 ----a-w- C:\Windows\Sysnative\D3DX9_38.dll

2014-02-02 17:25:08 29AF48F6C894328A58DEFDC560A70CF3 489480 ----a-w- C:\Windows\Sysnative\XAudio2_0.dll

2014-02-02 17:25:07 C4C2ED69B18EE1C60026877FCC470FA7 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_3.dll

2014-02-02 17:25:07 A8B5370B7B61D3777D840DA1C64A1C2D 177672 ----a-w- C:\Windows\Sysnative\xactengine3_0.dll

2014-02-02 17:25:06 A8C5688BBA00C1630550F26260AB5CAE 529424 ----a-w- C:\Windows\Sysnative\d3dx10_37.dll

2014-02-02 17:25:06 31026CEA5AFA2798292179102C06FE40 1860120 ----a-w- C:\Windows\Sysnative\D3DCompiler_37.dll

2014-02-02 17:25:05 8A10974DC6E1E42BDC635C2C2AFBD2CC 4910088 ----a-w- C:\Windows\Sysnative\D3DX9_37.dll

2014-02-02 17:25:04 E8932AF24786765859558CB79E385AC2 411656 ----a-w- C:\Windows\Sysnative\xactengine2_10.dll

2014-02-02 17:25:02 7299DF5CF81135934740211D9A946737 2006552 ----a-w- C:\Windows\Sysnative\D3DCompiler_36.dll

2014-02-02 17:25:02 570FDAE7041775DE0C67747BB7081939 508264 ----a-w- C:\Windows\Sysnative\d3dx10_36.dll

2014-02-02 17:25:01 BBB6C6833C30E323B41860D6DF61972D 5081608 ----a-w- C:\Windows\Sysnative\d3dx9_36.dll

2014-02-02 17:24:59 B21427EDF0449E92000FF497DAAF89C9 1985904 ----a-w- C:\Windows\Sysnative\D3DCompiler_35.dll

2014-02-02 17:24:59 A69C32C2BD01522A088D254342826866 411496 ----a-w- C:\Windows\Sysnative\xactengine2_9.dll

2014-02-02 17:24:59 84116AA94672D623B95217648AE5B5B9 508264 ----a-w- C:\Windows\Sysnative\d3dx10_35.dll

2014-02-02 17:24:57 1B3AF16A27D390096925576202A64037 5073256 ----a-w- C:\Windows\Sysnative\d3dx9_35.dll

2014-02-02 17:24:56 FA485E76F94B7457767E372F47757733 409960 ----a-w- C:\Windows\Sysnative\xactengine2_8.dll

2014-02-02 17:24:56 BC78D5328541410510DDE06B9FA92024 21000 ----a-w- C:\Windows\Sysnative\X3DAudio1_2.dll

2014-02-02 17:24:55 9D9407F52B8E24E99358D9944B0D5FA3 1401200 ----a-w- C:\Windows\Sysnative\D3DCompiler_34.dll

2014-02-02 17:24:55 1ED4E7A82BD5C7DEED082F00E63BB7A0 506728 ----a-w- C:\Windows\Sysnative\d3dx10_34.dll

2014-02-02 17:24:54 BFB3091B167550EC6E6454813D3DB244 107368 ----a-w- C:\Windows\Sysnative\xinput1_3.dll

2014-02-02 17:24:54 AE5D5439525B4A4CBF206058D493685D 4496232 ----a-w- C:\Windows\Sysnative\d3dx9_34.dll

2014-02-02 17:24:52 8C970509E0AE10061E3ED6D51E34FEB9 403304 ----a-w- C:\Windows\Sysnative\xactengine2_7.dll

2014-02-02 17:24:51 839C3921005BB41D441E3752C74F2292 506728 ----a-w- C:\Windows\Sysnative\d3dx10_33.dll

2014-02-02 17:24:51 3EBF620536A13CA343E52ECA4F0DE7F8 1400176 ----a-w- C:\Windows\Sysnative\D3DCompiler_33.dll

2014-02-02 17:24:49 3172C3CAC8EA7CA1B5D5AF6699C037D6 4494184 ----a-w- C:\Windows\Sysnative\d3dx9_33.dll

2014-02-02 17:24:48 4837A54574A6105D404A8560984B93DD 393576 ----a-w- C:\Windows\Sysnative\xactengine2_6.dll

2014-02-02 17:24:47 8251826F04BA0822D08AD9B92C65A3D5 469264 ----a-w- C:\Windows\Sysnative\d3dx10.dll

2014-02-02 17:24:47 398FF46FF7354FED2F0F1AECDB546866 390424 ----a-w- C:\Windows\Sysnative\xactengine2_5.dll

2014-02-02 17:24:39 58BB51253427A834A8807B9245CC5965 364824 ----a-w- C:\Windows\Sysnative\xactengine2_4.dll

2014-02-02 17:24:39 489E5B8BB1BD1028FF1C798EAAEC65E4 17688 ----a-w- C:\Windows\Sysnative\x3daudio1_1.dll

2014-02-02 17:24:38 FAAA0BB9CD2905B25334132E5BA093EB 3977496 ----a-w- C:\Windows\Sysnative\d3dx9_31.dll

2014-02-02 17:24:37 0396D2A98B0CCD4419B572EBF618E81E 363288 ----a-w- C:\Windows\Sysnative\xactengine2_3.dll

2014-02-02 17:24:34 06F15D3CB1AE0EAFA50F595B3FF8D9F5 83736 ----a-w- C:\Windows\Sysnative\xinput1_2.dll

2014-02-02 17:24:32 DC5A914C34EB12056531777D4DD0F44E 354072 ----a-w- C:\Windows\Sysnative\xactengine2_2.dll

2014-02-02 17:24:32 6F9D3289D8B166E478AFFF9EFA92C42C 83664 ----a-w- C:\Windows\Sysnative\xinput1_1.dll

2014-02-02 17:24:30 0CC809422AB40974DFF8078392E4D507 352464 ----a-w- C:\Windows\Sysnative\xactengine2_1.dll

2014-02-02 17:24:00 E09A9CF383ACF4A28038561E62277377 3927248 ----a-w- C:\Windows\Sysnative\d3dx9_30.dll

2014-02-02 17:23:58 F77D5AB654881E683CFF6650916C424E 16592 ----a-w- C:\Windows\Sysnative\x3daudio1_0.dll

2014-02-02 17:23:58 CE5753F9A27837259EB52F3F47F39593 355536 ----a-w- C:\Windows\Sysnative\xactengine2_0.dll

2014-02-02 17:23:56 68B35CBDB4A8CC424718BBCC894FEEEA 3830992 ----a-w- C:\Windows\Sysnative\d3dx9_29.dll

2014-02-02 17:23:55 88BAC8306D4EC79A82B1FFA17DC8CF4A 3815120 ----a-w- C:\Windows\Sysnative\d3dx9_28.dll

2014-02-02 17:23:53 914C3237E4D145A18DCD1D0D4C8659E1 3807440 ----a-w- C:\Windows\Sysnative\d3dx9_27.dll

2014-02-02 17:23:52 44F5C5E27D6825E4E62420BC29B8B533 3767504 ----a-w- C:\Windows\Sysnative\d3dx9_26.dll

2014-02-02 17:23:50 4C56E7C5B2A61353E534C7D15D05856D 3823312 ----a-w- C:\Windows\Sysnative\d3dx9_25.dll

2014-02-02 17:23:47 B165DF72E13E6AF74D47013504319921 3544272 ----a-w- C:\Windows\Sysnative\d3dx9_24.dll

====== C:\Windows\Sysnative\drivers =====

2014-01-15 08:08:00 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys

2014-01-15 08:08:00 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys

2014-01-15 08:08:00 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys

2014-01-15 08:08:00 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys

2014-01-15 08:08:00 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys

2014-01-15 08:08:00 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys

2014-01-15 08:08:00 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys

2014-01-15 08:07:58 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys

2014-01-10 13:54:00 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys

2014-01-10 13:54:00 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-02-02 18:19:06 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-02-02 16:46:11 -------- d-----w- C:\PROGRA~2\Steam

======= C: =====

2014-02-02 18:15:21 A965CF1862C7EF032C105B4363990DE0 802 ----a-w- C:\DelFix.txt

====== C:\Users\User\AppData\Roaming ======

2014-02-02 16:51:14 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2014-02-02 14:37:53 -------- d-----w- C:\Users\User\AppData\Local\Chromium

2014-02-02 14:34:44 -------- d-----w- C:\Users\User\AppData\Local\The Lord of the Rings Online

2014-02-02 14:07:21 -------- d-----w- C:\Users\User\AppData\Local\Turbine

2014-02-02 13:53:49 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud

2014-02-02 12:19:39 -------- d-----w- C:\Users\User\AppData\Roaming\Azureus

====== C:\Users\User ======

2014-02-02 18:18:21 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\User\Downloads\RSITx64.exe

2014-02-02 17:27:42 -------- d-----w- C:\ProgramData\TweakBit

2014-02-02 17:25:29 BF83D7FD9CE346EA7CBE722B3CB0B100 14838128 ----a-w- C:\Users\User\Downloads\pc-speed-up-setup.exe

2014-02-02 16:46:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2014-02-02 16:45:20 2490602E7489690853CD62DED939366B 1133552 ----a-w- C:\Users\User\Downloads\SteamSetup.exe

2014-02-02 13:53:40 -------- d-----w- C:\ProgramData\HappyCloud

2014-02-02 13:53:15 DB8F715B60AAA2FC5EFFE2E5B284C578 8711768 ----a-w- C:\Users\User\Downloads\LOTROProgressive_4.28.exe

2014-02-02 12:20:03 7BCC6D6A58C120E6CDCB4FB654A9EA1B 1307736 ----a-w- C:\Users\User\Downloads\utorrent.exe

====== C: exe-files ==

2014-02-02 18:19:06 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\User.exe

2014-02-02 18:18:21 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\User\Downloads\RSITx64.exe

2014-02-02 17:36:55 5FFDA96330357A914A69D79BE1988A38 571816 ----a-w- C:\Program Files (x86)\Common Files\Steam\SteamServiceTmp.exe

2014-02-02 17:25:29 BF83D7FD9CE346EA7CBE722B3CB0B100 14838128 ----a-w- C:\Users\User\Downloads\pc-speed-up-setup.exe

2014-02-02 17:17:13 DF0C961D3C540B26A7F4352B099871C2 188928 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vtex.exe

2014-02-02 16:51:14 D52BA5A81C7DBC32E91B4D8121B63710 288680 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe

2014-02-02 16:51:14 CA2A41B08070A69837034F5D1DB602AD 799744 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\dmxconvert.exe

2014-02-02 16:51:14 763D79A1C722D972DB45D6985B544C98 2745856 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\hlmv.exe

2014-02-02 16:51:14 31376922C1C37AAE4AD1914480D35FB2 3209216 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\studiomdl.exe

2014-02-02 16:51:13 BF3F290275C21BDD3951955C9C3CF32C 517976 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\_CommonRedist\DirectX\Jun2010\DXSETUP.exe

2014-02-02 16:47:34 E52C1B99FB8622F6F79144F84EA1382D 193784 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_10560.exe

2014-02-02 16:47:34 C34F746ACB2A8C69817AE58AA1DF5D30 238840 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_17300.exe

2014-02-02 16:47:34 B6AE77037F06336CF5046603E715D39F 226552 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_17340.exe

2014-02-02 16:47:34 A23357A49B79CBF46E15F367FBC2028E 500984 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_17330.exe

2014-02-02 16:47:34 9F54C8A9C92C42165575C1428862AF2B 2364920 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_6520.exe

2014-02-02 16:47:34 9F54C8A9C92C42165575C1428862AF2B 2364920 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_6510.exe

2014-02-02 16:47:34 9F0ACFF4C39190F3F84CF87FE4C34085 193784 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_10540.exe

2014-02-02 16:47:32 BB4DBF1A4969C32FDB96D25475F1E429 207784 ----a-w- C:\Program Files (x86)\Steam\steamerrorreporter.exe

2014-02-02 16:47:32 168CF1DBA0B4D9208B870BD0AFCF95FB 250280 ----a-w- C:\Program Files (x86)\Steam\steamerrorreporter64.exe

2014-02-02 16:47:31 EE57DFA8CDE83118E8745BE09D5E8259 284456 ----a-w- C:\Program Files (x86)\Steam\WriteMiniDump.exe

2014-02-02 16:47:30 DEA03B61AB454CE22B556A7DDAE4B970 76712 ----a-w- C:\Program Files (x86)\Steam\bin\x64launcher.exe

2014-02-02 16:47:30 B8332EA22D380CB8EE349320B36BA155 1811880 ----a-w- C:\Program Files (x86)\Steam\streaming_client.exe

2014-02-02 16:47:30 A54A7BA45D4CACFD0DEB34CBD42B7EFD 60840 ----a-w- C:\Program Files (x86)\Steam\GameOverlayUI.exe

2014-02-02 16:45:20 2490602E7489690853CD62DED939366B 1133552 ----a-w- C:\Users\User\Downloads\SteamSetup.exe

2014-02-02 15:26:00 C2DE31A65FC8AEC53855CF0AD184DA6C 740936 ----a-w- C:\Users\User\AppData\LocalLow\Unity\WebPlayer\UnityBugReporter.exe

2014-02-02 15:26:00 9B773554EE425A965C7F22D63B1C98A9 581192 ----a-w- C:\Users\User\AppData\LocalLow\Unity\WebPlayer\UnityWebPlayerUpdate.exe

2014-02-02 13:53:48 E833219B1EF0EA2F6E2C18D0D31EEB62 397520 ----a-w- C:\ProgramData\HappyCloud\Application\uninstaller.exe

2014-02-02 13:53:48 B3054118D70639FAEF382E924FE032C5 4586848 ----a-w- C:\ProgramData\HappyCloud\Application\HappyCloudService.exe

2014-02-02 13:53:48 637AB561401A53662FCC6C3962184D44 705376 ----a-w- C:\ProgramData\HappyCloud\Application\hcwebwindow.exe

2014-02-02 13:53:48 3E53E49E6D74E5C06F65FF84801E0B0B 692632 ----a-w- C:\ProgramData\HappyCloud\Application\hcuninstaller.exe

2014-02-02 13:53:48 103E44ED5E1AE37CD97193F09D2AD24D 755104 ----a-w- C:\ProgramData\HappyCloud\Application\hcfwexcp.exe

2014-02-02 13:53:15 DB8F715B60AAA2FC5EFFE2E5B284C578 8711768 ----a-w- C:\Users\User\Downloads\LOTROProgressive_4.28.exe

2014-02-02 12:21:04 7BCC6D6A58C120E6CDCB4FB654A9EA1B 1307736 ----a-w- C:\Users\User\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe

2014-02-02 12:20:03 7BCC6D6A58C120E6CDCB4FB654A9EA1B 1307736 ----a-w- C:\Users\User\Downloads\utorrent.exe

2014-02-02 12:19:53 6DE6928A085106176D9346C0E18695F2 21971720 ----a-w- C:\Users\User\.frostwire5\updates\frostwire-5.7.0.windows.coc.premium.exe

2014-02-02 10:31:34 ADD384698C7CBF8198EE8A9778502B77 384000 ----a-w- C:\Users\User\Desktop\ps1\ePSXe.exe

=== C: other files ==

2014-02-02 10:31:55 B74F6C24DB8AC65087B52F282CA01913 241675 ----a-w- C:\Users\User\Downloads\SCPH7003.zip

2014-02-02 10:30:52 895FF71A77FAFAD221594A28A66C7770 638836 ----a-w- C:\Users\User\Downloads\ePSXe190.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2202616576-1541917244-3164909884-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"

"Spotify Web Helper"="C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-2202616576-1541917244-3164909884-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"HPConnectionManager"="C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"

"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"

"Spotify Web Helper"="C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="msnmsgr"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spotify Web Helper"

"hkey"="HKCU"

"command"="\"C:\\Users\\User\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

==== Startup Folders ======================

2011-10-18 07:13:05 836 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

2013-12-04 08:43:49 2653 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/12/2013 08:36]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\WSCStub.exe"]

"C:\Windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F6D1DDD0-66F9-45FC-96C0-63ECB478E936}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Analyzer" [C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Processor" [C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFF" [03/11/2013 21:20]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{cd288a68-7b21-4f14-b789-82cc44992259}"="C:\Program Files (x86)\LyricsContainer\133.xpi" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tcia5tx8.default

- Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFF

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tcia5tx8.default

E38F27A1D577015B52EB9C6E7F793684 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17

4C07B5286D129DFD25C24B4A31B9B888 - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll - Happy Cloud Plugin

8FE7BA502945BE735D09D5703BD76FDA - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll - Shockwave for Director / Shockwave for Director

855B79451ECF62602F20EB4D5C71F99B - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

abfmigjiaapipflmopkaaooigcjjdojh - C:\Program Files (x86)\LyricsContainer\133.crx[]

aepeildmfnnehghlknddebgjghlompfe - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[11/02/2011 02:37]

nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx[06/10/2013 04:26]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"

{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2202616576-1541917244-3164909884-1000\Software\Mozilla\Firefox\Extensions\{cd288a68-7b21-4f14-b789-82cc44992259} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\abfmigjiaapipflmopkaaooigcjjdojh deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\tcia5tx8.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=17 folders=10 16655517 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\User\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\User\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 03/02/2014 at 9:12:16,50 ======================

[kape]

Hiermee is al flink wat rommel van de PC gehaald. Doe nu even het volgende:

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

[Explo]

# AdwCleaner v3.018 - Report created 03/02/2014 at 09:45:44

# Updated 28/01/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : User - USER-HP

# Running from : C:\Users\User\Downloads\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tcia5tx8.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_age-of-empires-ii_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_age-of-empires-ii_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\AppDataLow\Software\LyricsContainer

Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (nl)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tcia5tx8.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [2142 octets] - [03/02/2014 09:42:57]

AdwCleaner[s0].txt - [1932 octets] - [03/02/2014 09:45:44]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1992 octets] ##########

[kape]

Hoe staat het nu met de snelheid (of de traagheid) ?