Ga naar inhoud

pirrit suggestor


Aanbevolen berichten

Hallo allemaal,

Ik ben op deze website terecht gekomen omdat ik op google wilde uitvinden hoe ik pirrit suggestor verwijder.

Ik heb in een vorig topic al een instructie video bekeken en deze stappen gevolgd. (zie topic www.pc-helpforum.be/f201/last-van-pirritsuggestor-70589/)

Hier heb ik dan ook een logje van. (Halleluja dat er een video online stond, ben een echte noob haha)

Zijn er hier mensen die mij kunnen helpen :adore:

Hierbij de log:

Logfile of random's system information tool 1.10 (written by random/random)

Run by thomas at 2014-07-25 08:57:16

Microsoft Windows 8.1

System drive C: has 1437 GB (76%) free of 1898 GB

Total RAM: 8107 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 08:57:17, on 25-7-2014

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.9600.17126)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe

C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\Alienware\Command Center\AlienFusionController.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\AlienRespawn\COMPONENTS\DBRUPDATE\DBRUPD.EXE

C:\Program Files (x86)\AlienRespawn\TOASTER.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\thomas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:21726

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (file missing)

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (file missing)

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (file missing)

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (file missing)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (file missing)

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe

O23 - Service: AlienFXWindowsService - Alienware - C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: FileMinimalSprite - Unknown owner - C:\WINDOWS\SysWOW64\FileMinimalSprite\FileMinimalSprite.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

O23 - Service: ioloEnergyBooster - iolo technologies, LLC - C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: MSI_ODD_Service - Micro-Star Int'l Co., Ltd. - c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\AlienRespawn\sftservice.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

--

End of file - 9933 bytes

======Listing Processes======

wininit.exe

C:\WINDOWS\system32\lsass.exe

winlogon.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

"dwm.exe"

"C:\Windows\system32\nvvsvc.exe"

"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\WINDOWS\system32\nvvsvc.exe -session -first

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC

"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"

"C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe"

dashost.exe {2ea3ce14-eb42-4fa4-b34f0b600d7d3b46}

"c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe"

"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"

"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"

C:\WINDOWS\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe"

C:\WINDOWS\system32\wbem\wmiprvse.exe

taskhostex.exe

C:\WINDOWS\Explorer.EXE

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel

"C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca

"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss fcfb854d-732d-4afe-ad3b-8ec79ca8ec00 1

C:\WINDOWS\system32\SearchIndexer.exe /Embedding

\??\C:\WINDOWS\system32\conhost.exe 0x4

C:\Windows\System32\skydrive.exe -Embedding

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d7b7aa3d-3e0f-462d-a74d-14940f3d720b -SystemEventPortName:HostProcess-3e3186a5-127a-4ff8-9917-91483c04cad3 -IoCancelEventPortName:HostProcess-575d5ee3-b3ce-490b-bd47-8b5b5673726b -NonStateChangingEventPortName:HostProcess-8c4a21f5-e013-43d2-ac50-dfac37bdc9bc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7bd89406-89fe-4341-bc75-51579da34bef -DeviceGroupId:WpdFsGroup

"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp

\??\C:\WINDOWS\system32\conhost.exe 0x4

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s

"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5REC

"C:\Windows\system32\igfxsrvc.exe" -Embedding

"C:\Windows\System32\igfxpers.exe"

"C:\Program Files\Alienware\Command Center\AWCCServiceController.exe"

"C:\Windows\System32\SettingSyncHost.exe" -Embedding

"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"

"C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe"

"C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe" 199436

"C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe" 199436

\??\C:\WINDOWS\system32\conhost.exe 0x4

\??\C:\WINDOWS\system32\conhost.exe 0x4

"C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

C:\WINDOWS\system32\DllHost.exe /Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}

"C:\Program Files\Alienware\Command Center\AlienFusionService.exe"

C:\WINDOWS\SysWOW64\FileMinimalSprite\FileMinimalSprite.exe

"C:\Program Files\Alienware\Command Center\AlienFusionController.exe"

"C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"

"C:\Program Files (x86)\AlienRespawn\sftservice.exe"

"C:\Program Files\Windows Defender\MSASCui.exe" /CleanSystem

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5664.0.922703095\226118530" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,43 --gpu-vendor-id=0x10de --gpu-device-id=0x1382 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.4.1274183476\1963960512" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5664.6.1833652990\521735799" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.9.1535922734\1058139595" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.10.1324278776\1031424543" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.15.252275890\659229581" /prefetch:673131151

"C:\Program Files (x86)\AlienRespawn\COMPONENTS\DBRUPDATE\DBRUPD.EXE"

"C:\Program Files (x86)\AlienRespawn\TOASTER.EXE" C:\Users\thomas

C:\WINDOWS\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe"

\??\C:\WINDOWS\system32\conhost.exe 0x4

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.17.330852199\1116091524" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.22.230658533\1928649588" /prefetch:673131151

"C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\info.txt

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.41.360432757\1747828979" /prefetch:673131151

"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="5664.44.1922267762\114884225" /prefetch:673131151

C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

"C:\Users\thomas\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]

Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-09-06 7199448]

"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-31 1321688]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-30 391152]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-30 771568]

"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-30 770544]

"IAStorIcon"=C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-30 36352]

""= []

"Command Center Controllers"=C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [2013-12-06 13840]

"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]

"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-05-30 1279480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2014-01-23 624640]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.yuy2"=msyuv.dll

"vidc.i420"=iyuv_32.dll

"msacm.msgsm610"=msgsm32.acm

"msacm.msg711"=msg711.acm

"vidc.yvyu"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"wavemapper"=msacm32.drv

"midimapper"=midimap.dll

"vidc.uyvy"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"vidc.msvc"=msvidc32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-25 08:52:01 ----D---- C:\rsit

2014-07-25 08:52:01 ----D---- C:\Program Files\trend micro

2014-07-25 08:18:03 ----D---- C:\ProgramData\374311380

2014-07-25 08:13:58 ----D---- C:\ProgramData\Systweak

2014-07-25 08:13:38 ----D---- C:\Users\thomas\AppData\Roaming\Systweak

2014-07-25 08:13:34 ----A---- C:\WINDOWS\system32\roboot64.exe

2014-07-25 08:13:25 ----D---- C:\WINDOWS\SYSWOW64\FileMinimalSprite

2014-07-21 21:06:36 ----D---- C:\Users\thomas\AppData\Roaming\TS3Client

2014-07-21 21:05:47 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client

2014-07-16 16:10:30 ----D---- C:\ProgramData\Electronic Arts

2014-07-16 16:10:28 ----D---- C:\ProgramData\Origin

2014-07-12 14:16:03 ----D---- C:\Users\thomas\AppData\Roaming\DCC

2014-07-11 09:42:09 ----D---- C:\ProgramData\HP

2014-07-09 18:29:52 ----A---- C:\WINDOWS\system32\termsrv.dll

2014-07-09 14:56:45 ----A---- C:\WINDOWS\system32\drivers\afd.sys

2014-07-09 14:56:44 ----A---- C:\WINDOWS\system32\win32k.sys

2014-07-09 14:56:43 ----A---- C:\WINDOWS\SYSWOW64\osk.exe

2014-07-09 14:56:43 ----A---- C:\WINDOWS\system32\osk.exe

2014-07-09 14:56:41 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll

2014-07-09 14:56:41 ----A---- C:\WINDOWS\system32\mshtml.dll

2014-07-09 14:56:41 ----A---- C:\WINDOWS\system32\iedkcs32.dll

2014-07-09 14:56:40 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll

2014-07-09 14:56:36 ----A---- C:\WINDOWS\system32\jscript9.dll

2014-07-09 14:56:36 ----A---- C:\WINDOWS\system32\ieframe.dll

2014-07-09 14:56:35 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll

2014-07-09 14:56:34 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll

2014-07-09 14:56:33 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll

2014-07-09 14:56:33 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll

2014-07-09 14:56:33 ----A---- C:\WINDOWS\system32\wininet.dll

2014-07-09 14:56:33 ----A---- C:\WINDOWS\system32\urlmon.dll

2014-07-09 14:56:33 ----A---- C:\WINDOWS\system32\iertutil.dll

2014-07-09 14:56:33 ----A---- C:\WINDOWS\system32\dxtrans.dll

2014-07-09 14:56:33 ----A---- C:\WINDOWS\system32\dxtmsft.dll

2014-07-09 14:56:32 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll

2014-07-09 14:56:32 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll

2014-07-09 14:56:32 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll

2014-07-09 14:56:32 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll

2014-07-09 14:56:32 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll

2014-07-09 14:56:32 ----A---- C:\WINDOWS\system32\mshtmled.dll

2014-07-09 14:56:32 ----A---- C:\WINDOWS\system32\msfeeds.dll

2014-07-09 14:56:31 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll

2014-07-09 14:56:31 ----A---- C:\WINDOWS\system32\ieapfltr.dll

2014-07-09 14:56:31 ----A---- C:\WINDOWS\system32\ie4uinit.exe

2014-07-09 14:56:27 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll

2014-07-09 14:56:27 ----A---- C:\WINDOWS\system32\qedit.dll

2014-07-09 14:56:26 ----A---- C:\WINDOWS\system32\lsasrv.dll

2014-07-09 14:56:26 ----A---- C:\WINDOWS\system32\drivers\cng.sys

2014-07-09 14:56:26 ----A---- C:\WINDOWS\system32\certcli.dll

2014-07-09 14:56:25 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll

2014-07-09 14:56:25 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll

2014-07-09 14:56:25 ----A---- C:\WINDOWS\system32\adtschema.dll

2014-07-09 14:55:38 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll

2014-07-09 14:55:38 ----A---- C:\WINDOWS\system32\WSShared.dll

2014-07-09 14:55:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-09 14:55:37 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll

2014-07-09 14:55:37 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll

2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\wuaueng.dll

2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\wuauclt.exe

2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\twinui.dll

2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\twinui.appcore.dll

2014-07-09 14:55:37 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll

2014-07-09 14:55:36 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll

2014-07-09 14:55:36 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll

2014-07-09 14:55:36 ----A---- C:\WINDOWS\system32\wudriver.dll

2014-07-09 14:55:36 ----A---- C:\WINDOWS\system32\wuapi.dll

2014-07-09 14:54:23 ----A---- C:\WINDOWS\system32\WSReset.exe

2014-07-08 09:28:23 ----D---- C:\Users\thomas\AppData\Roaming\ERS Game Studios

2014-07-08 09:25:50 ----D---- C:\Users\thomas\AppData\Roaming\DarkParablesBriarRose_BFG

2014-07-08 09:11:58 ----D---- C:\Users\thomas\AppData\Roaming\Blue Tea Games

2014-07-08 09:06:21 ----D---- C:\Users\thomas\AppData\Roaming\Ph03nixNewMedia

2014-07-08 09:05:01 ----D---- C:\Users\thomas\AppData\Roaming\Vogat Interactive

2014-07-05 12:53:12 ----D---- C:\Program Files\Microsoft Silverlight

2014-07-05 12:53:12 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2014-07-01 18:17:50 ----D---- C:\Users\thomas\AppData\Roaming\Casual Arts

2014-07-01 18:17:50 ----D---- C:\ProgramData\Casual Arts

2014-07-01 18:15:54 ----D---- C:\ProgramData\Becky Brogan

2014-07-01 18:14:07 ----D---- C:\Users\thomas\AppData\Roaming\BloodTies

2014-07-01 16:39:39 ----D---- C:\Users\thomas\AppData\Roaming\HitPoint Studios

2014-07-01 16:33:29 ----D---- C:\Users\thomas\AppData\Roaming\BigFishv1002

2014-07-01 13:29:59 ----D---- C:\Users\thomas\AppData\Roaming\Alawar

2014-07-01 13:27:23 ----D---- C:\Users\thomas\AppData\Roaming\RobinsonCrusoe

2014-07-01 12:07:44 ----D---- C:\Users\thomas\AppData\Roaming\Az-Art

2014-06-29 11:32:22 ----D---- C:\Users\thomas\AppData\Roaming\Boomzap

2014-06-29 11:29:03 ----D---- C:\Users\thomas\AppData\Roaming\PoBros

2014-06-29 11:29:03 ----D---- C:\ProgramData\PoBros

2014-06-29 10:06:45 ----D---- C:\Program Files\WinRAR

2014-06-28 00:45:49 ----D---- C:\Users\thomas\AppData\Roaming\dvdcss

2014-06-27 17:05:05 ----D---- C:\Users\thomas\AppData\Roaming\NVIDIA

2014-06-27 17:05:03 ----D---- C:\Users\thomas\AppData\Roaming\Mad Head Games

2014-06-27 16:55:07 ----D---- C:\Users\thomas\AppData\Roaming\Vast Studios

2014-06-27 16:49:54 ----D---- C:\Users\thomas\AppData\Roaming\casualArts

2014-06-27 16:49:54 ----D---- C:\ProgramData\casualArts

2014-06-26 10:15:10 ----D---- C:\Users\thomas\AppData\Roaming\Elephant Games

2014-06-26 10:15:10 ----D---- C:\ProgramData\Elephant Games

2014-06-26 10:12:03 ----D---- C:\Users\thomas\AppData\Roaming\DailyMagic

2014-06-26 10:12:03 ----D---- C:\ProgramData\DailyMagic

2014-06-26 09:48:46 ----D---- C:\ProgramData\JollyBear

2014-06-26 09:36:10 ----D---- C:\Users\thomas\AppData\Roaming\AlawarEntertainment

2014-06-26 09:27:01 ----D---- C:\Users\thomas\AppData\Roaming\SMIGames

======List of files/folders modified in the last 1 month======

2014-07-25 08:57:04 ----D---- C:\WINDOWS\Temp

2014-07-25 08:52:11 ----D---- C:\WINDOWS\Prefetch

2014-07-25 08:52:01 ----RD---- C:\Program Files

2014-07-25 08:32:07 ----D---- C:\Program Files (x86)\AlienRespawn

2014-07-25 08:26:29 ----RD---- C:\Program Files (x86)

2014-07-25 08:23:40 ----D---- C:\ProgramData\NVIDIA

2014-07-25 08:18:56 ----D---- C:\WINDOWS\system32\Tasks

2014-07-25 08:18:55 ----D---- C:\WINDOWS\System32

2014-07-25 08:18:03 ----HD---- C:\ProgramData

2014-07-25 08:17:49 ----D---- C:\WINDOWS\Tasks

2014-07-25 08:13:25 ----D---- C:\WINDOWS\SysWOW64

2014-07-25 08:00:00 ----D---- C:\WINDOWS\system32\sru

2014-07-25 04:53:50 ----SHD---- C:\System Volume Information

2014-07-25 04:49:49 ----D---- C:\WINDOWS\Microsoft.NET

2014-07-24 15:28:12 ----D---- C:\WINDOWS\system32\drivers

2014-07-24 10:58:49 ----SHD---- C:\WINDOWS\Installer

2014-07-24 10:57:48 ----D---- C:\WINDOWS\system32\catroot2

2014-07-23 16:42:47 ----D---- C:\Users\thomas\AppData\Roaming\vlc

2014-07-23 10:03:39 ----HD---- C:\Program Files\WindowsApps

2014-07-23 10:03:39 ----D---- C:\WINDOWS\AppReadiness

2014-07-22 10:51:16 ----D---- C:\WINDOWS\Inf

2014-07-16 16:10:03 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2014-07-16 16:09:19 ----D---- C:\Program Files (x86)\Electronic Arts

2014-07-15 03:20:11 ----D---- C:\WINDOWS\system32\config

2014-07-12 14:14:46 ----AD---- C:\ProgramData\Temp

2014-07-12 10:13:38 ----D---- C:\WINDOWS\rescache

2014-07-12 10:06:43 ----RSD---- C:\WINDOWS\assembly

2014-07-11 14:23:02 ----D---- C:\WINDOWS\WinSxS

2014-07-11 14:21:21 ----RD---- C:\WINDOWS\ToastData

2014-07-11 14:21:21 ----D---- C:\WINDOWS\WinStore

2014-07-11 14:21:21 ----D---- C:\WINDOWS\SYSWOW64\nl-NL

2014-07-11 14:21:21 ----D---- C:\WINDOWS\system32\nl-NL

2014-07-11 14:21:21 ----D---- C:\Program Files\Internet Explorer

2014-07-11 14:21:21 ----D---- C:\Program Files (x86)\Internet Explorer

2014-07-11 05:46:43 ----D---- C:\ProgramData\regid.1991-06.com.microsoft

2014-07-09 18:30:56 ----D---- C:\WINDOWS\CbsTemp

2014-07-09 18:30:48 ----D---- C:\WINDOWS\system32\MRT

2014-07-09 18:30:13 ----A---- C:\WINDOWS\system32\MRT.exe

2014-07-09 18:29:41 ----D---- C:\Program Files\Windows Journal

2014-07-05 13:57:45 ----D---- C:\Program Files\Common Files\microsoft shared

2014-07-05 12:53:16 ----D---- C:\ProgramData\Microsoft

2014-07-04 05:58:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2014-06-29 10:06:56 ----D---- C:\Users\thomas\AppData\Roaming\WinRAR

2014-06-27 18:20:22 ----SD---- C:\Users\thomas\AppData\Roaming\Microsoft

2014-06-26 22:55:30 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

2014-06-26 16:57:51 ----D---- C:\WINDOWS\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-29 644968]

R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 157016]

R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]

R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]

R3 athr;@oem11.inf,%ATHR.Service.DispName%;Dell Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-07-15 3837440]

R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-23 4221440]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-09-11 3640024]

R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-01-23 450520]

R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]

R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-02-19 116736]

R3 NTIOLib_X64;NTIOLib_X64; \??\C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [2012-11-20 14136]

R3 NVHDA;@oem13.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2013-11-28 197408]

R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-05-20 12688328]

R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]

R3 nvvad_WaveExtensible;@oem18.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-03-31 40392]

R3 RTL8168;@oem1.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-22 816344]

R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]

S3 dg_ssudbus;@oem19.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]

S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]

S3 ssudmdm;@oem20.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]

S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]

R2 AlienFusionService;Alienware Fusion Service; C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2013-12-06 15888]

R2 AlienFXWindowsService;AlienFXWindowsService; C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [2013-12-06 14352]

R2 FileMinimalSprite;FileMinimalSprite; C:\WINDOWS\SysWOW64\FileMinimalSprite\FileMinimalSprite.exe [2014-07-25 60965]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-30 15720]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2014-02-19 154584]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2014-02-19 398296]

R2 MSI_ODD_Service;MSI_ODD_Service; c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe [2012-11-20 83512]

R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]

R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2013-07-30 253776]

R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-08-23 289496]

R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\AlienRespawn\sftservice.exe [2014-04-05 1915920]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-17 116648]

S3 cphs;Intel® Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279024]

S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-23 43696]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-17 116648]

S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]

S3 ioloEnergyBooster;ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [2012-11-01 6145872]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-01 150600]

S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 [font=arial][size=2] torpigcheck;
emptyfolderscheck;delete
standardsearch;
resetIEproxy;
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
 ""=-;r
 startupall; 
filesrcm;[/size][/font]

  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Link naar reactie
Delen op andere sites

Allereerst bedankt voor de snelle reaktie, en de duidelijke uitleg :D

Hierbij het logje:

Zoek.exe v5.0.0.0 Updated 24-07-2014

Tool run by thomas on vr 25-07-2014 at 11:54:03,78.

Microsoft Windows 8.1 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\thomas\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

===== Runcheck 11:55:16,07 =====

--- Create Environment Variables 11:55:16,66

--- Create System Restore Point 11:55:19,73

--- Checking Input 11:55:35,34

--- Torpig Check 11:55:37,12

--- AU AppData Check 11:55:38,08

--- Remove From Windows Installer 11:55:40,02

--- Empty Folders Check 11:55:53,31

--- IE Startpage Check 11:55:56,67

--- Program Files DB Check 11:56:04,78

--- C:\Users\Administrator\AppData\Roaming DB Check 11:56:29,02

--- C:\Users\Default\AppData\Roaming DB Check 11:56:29,02

--- C:\Users\thomas\AppData\Roaming DB Check 11:56:29,02

--- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming DB Check 11:56:29,02

--- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming DB Check 11:56:29,02

--- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming DB Check 11:56:29,02

- - - Updated - - -

Oh ik was te snel :D

Hierbij de juiste:

Zoek.exe v5.0.0.0 Updated 24-07-2014

Tool run by thomas on vr 25-07-2014 at 11:54:03,78.

Microsoft Windows 8.1 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\thomas\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

25-7-2014 11:55:35 Zoek.exe System Restore Point Created Succesfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully

C:\Users\thomas\AppData\Local\softthinks deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Users\thomas\AppData\Local\DLCRootRuntime\DLCRootRuntime.exe

c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe

C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Users\thomas\AppData\Local\DLCRootRuntime\AddonWin32Windows.exe

C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe

C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\WINDOWS\SysWOW64\FileMinimalSprite\FileMinimalSprite.exe

C:\Program Files\Alienware\Command Center\AlienFusionController.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

C:\Program Files (x86)\AlienRespawn\sftservice.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\AlienRespawn\COMPONENTS\DBRUPDATE\DBRUPD.EXE

C:\Program Files (x86)\AlienRespawn\TOASTER.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\thomas\Desktop\zoek.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RgFltX64 deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

==== Deleting Files \ Folders ======================

C:\Users\thomas\AppData\Roaming\Alawar deleted

C:\Users\thomas\AppData\Roaming\AlawarEntertainment deleted

C:\Users\thomas\AppData\Roaming\Systweak deleted

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Systweak deleted

C:\PROGRA~3\Systweak deleted

C:\PROGRA~3\Package Cache deleted

C:\WINDOWS\SysNative\roboot64.exe deleted

C:\Users\thomas\Searches deleted

C:\WINDOWS\wininit.ini deleted

C:\WINDOWS\SysWow64\AI_RecycleBin deleted

"C:\Users\thomas\AppData\Local\DLCRootRuntime\AddonWin32Windows.exe" deleted

"C:\Users\thomas\AppData\Local\DLCRootRuntime\DLCRootRuntime.exe" deleted

"C:\Users\thomas\AppData\Local\DLCRootRuntime\msvcp100.dll" deleted

"C:\Users\thomas\AppData\Local\DLCRootRuntime\msvcr100.dll" not deleted

"C:\Users\thomas\AppData\Local\DLCRootRuntime\QtCore4.dll" deleted

"C:\Users\thomas\AppData\Local\DLCRootRuntime\QtNetwork4.dll" deleted

"C:\WINDOWS\Syswow64\FileMinimalSprite\FileMinimalSprite.exe" deleted

"C:\WINDOWS\Syswow64\FileMinimalSprite\msvcp100.dll" deleted

"C:\WINDOWS\Syswow64\FileMinimalSprite\msvcr100.dll" not deleted

"C:\WINDOWS\Syswow64\FileMinimalSprite\QtCore4.dll" deleted

"C:\WINDOWS\Syswow64\FileMinimalSprite\QtNetwork4.dll" deleted

"C:\Users\thomas\AppData\Local\DLCRootRuntime" not deleted

"C:\WINDOWS\Syswow64\FileMinimalSprite" not deleted

"C:\Users\thomas\AppData\Local\DLCRootRuntime\desktop" not deleted

"C:\Users\thomas\AppData\Local\DLCRootRuntime\service" deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM): 8107 MB

CPU Info: Intel® Core i5-4460 CPU @ 3.20GHz

CPU Speed: 3205,3 MHz

Sound Card: Luidsprekers (Realtek High Defi |

Realtek Digital Output (Realtek |

DENON-AVR-4 (NVIDIA High Defini |

Display Adapters: NVIDIA GeForce GTX 745 | NVIDIA GeForce GTX 745 | NVIDIA GeForce GTX 745 | Intel® HD Graphics 4600 | Intel® HD Graphics 4600 | Intel® HD Graphics 4600

Monitors: 1x; Generic PnP Monitor |

Screen Resolution: 1920 X 1080 - 32 bit

Network: Network Present

Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe GBE Family Controller | Dell Wireless 1506 802.11b/g/n (2.4GHz)

CD / DVD Drives: 2x (D: | F: | ) D: HL-DT-STDVD+-RW GA50N | F: CyberLnkVirtualDrive

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 8 Button Wheel Mouse Present

Hard Disks: C: 1853,7GB | E: 465,7GB | X: 750,0MB | Y: 8,0GB

Hard Disks - Free: C: 1404,0GB | E: 204,3GB | X: 308,1MB | Y: 749,3MB

Manufacturer *: Alienware

BIOS Info: AT/AT COMPATIBLE | | ALWARE - 1072009

Time Zone: West-Europa (standaardtijd)

Motherboard *: Alienware 0PGRP5

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Default Browser: Google Chrome 36.0.1985.125

Internet Explorer Version: 11.0.9600.17207

Google Chrome version: 36.0.1985.125

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\Users\thomas\AppData\Local\Temp ====

2014-07-25 06:13:52 D073EF407FBEF0603C68838A97C922FA 108502671 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\microsoft-office-2010-en.exe

2014-07-25 06:13:35 32D3CBFF8F36368ABF784CD550EAA091 7025480 ----a-w- C:\Users\thomas\AppData\Local\Temp\optprosetup.exe

2014-07-25 06:13:33 3BB5FEE6B8D0F72FCF0E05167DFBA497 7205416 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\OptimizerPro.exe

2014-07-25 06:13:29 62BAFE9A908B1717484D32DE5A54244B 4380069 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\RegClean_0307-7366cb4a.exe

2014-07-25 06:13:23 BA0FAAEDEDAB6E6365A92143B558BD8C 4242370 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\systemsspeedup_0307-cd6becd7.exe

2014-07-25 06:13:12 B16C300A13291FE826BBB59F2E7BFE18 4440864 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\eDeals_2207-a0ba44b9.exe

2014-07-25 06:12:56 F0F3706910D84499E7845934117022BA 55363 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\wajam_2207-6c14163c.exe

2014-07-25 06:12:55 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\FLVMPlayerSetup-c45490cb.exe

2014-07-25 06:12:18 9C12E804C38CBA812DA4C33F5712812A 164352 ----atw- C:\Users\thomas\AppData\Local\Temp\n652\s652.exe

2014-07-24 10:34:56 F3A15497E25BAAA721F96638D7A4D2F8 230529 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libpng14-14.dll

2014-07-24 10:34:56 C9E16CD9B7C0B84DDFE7249A24FE64B3 230457 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libpng12.dll

2014-07-24 10:34:56 989F5B2FC89DE3557307B703CE6A865D 42496 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libusb0.dll

2014-07-24 10:34:56 9469CE468DE91263B73AAC7A3C1CA087 258294 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libcurl-4.dll

2014-07-24 10:34:56 7AD6F303082B382BFF7BAFBAB246C61F 44287 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libgthread-2.0-0.dll

2014-07-24 10:34:56 6891946EF55E211F0B6ABACA235A5160 119296 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libgcc_s_dw2-1.dll

2014-07-24 10:34:56 550B3EC2D6A2DB0036B4E6E057B54768 36878 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libssp-0.dll

2014-07-24 10:34:56 4400DDF68DC5B57F55582CDF3CAC85F8 56832 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\mgwz.dll

2014-07-24 10:34:56 18E88B04DA123BF05B07FF60A4E96654 1242929 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\libglib-2.0-0.dll

2014-07-24 10:34:55 F18452737F106A7B8A0BDAE6EA982E69 128254 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\jpeg62.dll

2014-07-24 10:34:55 B82D7190245E19AAA0161CD5FF45B958 27648 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\IPAddressControlLib.dll

2014-07-24 10:34:55 56BA17C77CC27D746B7F52ED2575A804 1237504 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\KMSELDI.exe

2014-07-24 10:34:54 EB2D4C4D4A527BC88A69A16CC99AFCF5 152489 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\intl.dll

2014-07-24 10:34:54 B8D0CCE2CA1CC850C8C6F25A70D855E6 162816 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\fmod.dll

2014-07-24 10:34:53 C5455F06FB5F0182BF01F5AE751CDCF7 638121 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\firewall.exe

2014-07-24 10:34:32 EF8D4CDB4B3CE3B20B6410E73BC7FA69 59904 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\timesync.exe

2014-07-24 10:34:32 D90DAD5EEA33A178BAC56FFF2847D4C2 100352 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\zlib1.dll

2014-07-24 10:34:32 B0C7E94DE4DAD29651316A34ECC816AA 3338240 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\qemu-system-i386.exe

2014-07-24 10:34:32 67ACD10F873A6F1997B17E629E1DBDFE 324096 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\SDL.dll

2014-07-24 10:34:31 CA2F560921B7B8BE1CF555A5A18D54C3 348160 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\msvcr71.dll

2014-07-24 10:34:31 79BF7493F97989E21D0D6BEC2D2934B7 303104 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\PortQry.exe

2014-07-24 10:34:31 60622FE5CD2DECFB12C110E8B2B31893 15960 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\mingwm10.dll

====== Java Cache =====

====== C:\WINDOWS\SysWOW64 =====

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

====== C:\WINDOWS\Sysnative\drivers =====

2014-07-09 12:56:45 374E27295F0A9DCAA8FC96370F9BEEA5 563200 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys

2014-07-09 12:56:26 1CD3A907D64D08F49208DA00B69BF35E 565576 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-07-25 06:52:01 -------- d-----w- C:\Program Files\trend micro

2014-07-05 10:53:12 -------- d-----w- C:\Program Files\Microsoft Silverlight

2014-06-29 08:06:45 -------- d-----w- C:\Program Files\WinRAR

======= C:\PROGRA~2 =====

2014-07-21 19:05:47 -------- d-----w- C:\PROGRA~2\TeamSpeak 3 Client

2014-07-05 10:53:12 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight

======= C: =====

====== C:\Users\thomas\AppData\Roaming ======

2014-07-25 06:14:47 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft

2014-07-25 06:13:20 -------- d-----w- C:\Users\thomas\AppData\Local\DLCRootRuntime

2014-07-25 06:13:14 -------- d-----w- C:\Users\thomas\AppData\Local\Programs

2014-07-24 12:12:33 -------- d-----w- C:\Users\thomas\AppData\Local\@ByELDI

2014-07-21 19:06:36 -------- d-----w- C:\Users\thomas\AppData\Roaming\TS3Client

2014-07-12 12:16:03 -------- d-----w- C:\Users\thomas\AppData\Roaming\DCC

2014-07-08 07:28:23 -------- d-----w- C:\Users\thomas\AppData\Roaming\ERS Game Studios

2014-07-08 07:25:50 -------- d-----w- C:\Users\thomas\AppData\Roaming\DarkParablesBriarRose_BFG

2014-07-08 07:11:58 -------- d-----w- C:\Users\thomas\AppData\Roaming\Blue Tea Games

2014-07-08 07:06:21 -------- d-----w- C:\Users\thomas\AppData\Roaming\Ph03nixNewMedia

2014-07-08 07:05:01 -------- d-----w- C:\Users\thomas\AppData\Roaming\Vogat Interactive

2014-07-01 16:17:50 -------- d-----w- C:\Users\thomas\AppData\Roaming\Casual Arts

2014-07-01 16:14:07 -------- d-----w- C:\Users\thomas\AppData\Roaming\BloodTies

2014-07-01 14:39:39 -------- d-----w- C:\Users\thomas\AppData\Roaming\HitPoint Studios

2014-07-01 14:33:29 -------- d-----w- C:\Users\thomas\AppData\Roaming\BigFishv1002

2014-07-01 11:27:23 -------- d-----w- C:\Users\thomas\AppData\Roaming\RobinsonCrusoe

2014-07-01 10:07:44 -------- d-----w- C:\Users\thomas\AppData\Roaming\Az-Art

2014-06-29 09:32:22 -------- d-----w- C:\Users\thomas\AppData\Roaming\Boomzap

2014-06-29 09:29:03 -------- d-----w- C:\Users\thomas\AppData\Roaming\PoBros

2014-06-29 08:06:49 -------- d-----w- C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-06-27 22:45:49 -------- d-----w- C:\Users\thomas\AppData\Roaming\dvdcss

2014-06-27 15:05:05 -------- d-----w- C:\Users\thomas\AppData\Roaming\NVIDIA

2014-06-27 15:05:03 -------- d-----w- C:\Users\thomas\AppData\Roaming\Mad Head Games

2014-06-27 14:55:07 -------- d-----w- C:\Users\thomas\AppData\Roaming\Vast Studios

2014-06-27 14:49:54 -------- d-----w- C:\Users\thomas\AppData\Roaming\casualArts

2014-06-26 08:15:10 -------- d-----w- C:\Users\thomas\AppData\Roaming\Elephant Games

2014-06-26 08:12:03 -------- d-----w- C:\Users\thomas\AppData\Roaming\DailyMagic

2014-06-26 07:48:46 -------- d-----w- C:\Users\thomas\AppData\Local\JollyBear

2014-06-26 07:27:01 -------- d-----w- C:\Users\thomas\AppData\Roaming\SMIGames

2014-06-25 16:41:31 -------- d-----w- C:\Users\thomas\AppData\Roaming\PlayFavoriteGames

2014-06-25 16:35:42 -------- d-----w- C:\Users\thomas\AppData\Roaming\EleFun Games

2014-06-25 16:35:07 -------- d-----w- C:\Users\thomas\AppData\Roaming\CyberLink

====== C:\Users\thomas ======

2014-07-25 06:51:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\thomas\Downloads\RSITx64.exe

2014-07-25 06:18:03 -------- d-----w- C:\ProgramData\374311380

2014-07-25 06:12:15 5D121BFED914E6301C1FC916B753A825 471448 ----a-w- C:\Users\thomas\Downloads\Microsoft Office 2010.exe

2014-07-21 19:05:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client

2014-07-16 14:10:30 -------- d-----w- C:\ProgramData\Electronic Arts

2014-07-16 14:10:28 -------- d-----w- C:\ProgramData\Origin

2014-07-16 14:10:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts

2014-07-11 07:42:09 -------- d-----w- C:\ProgramData\HP

2014-07-05 10:53:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-07-01 16:17:50 -------- d-----w- C:\ProgramData\Casual Arts

2014-07-01 16:15:54 -------- d-----w- C:\ProgramData\Becky Brogan

2014-06-29 09:29:03 -------- d-----w- C:\ProgramData\PoBros

2014-06-29 08:06:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-06-27 14:49:54 -------- d-----w- C:\ProgramData\casualArts

2014-06-26 08:15:10 -------- d-----w- C:\ProgramData\Elephant Games

2014-06-26 08:12:03 -------- d-----w- C:\ProgramData\DailyMagic

2014-06-26 07:48:46 -------- d-----w- C:\ProgramData\JollyBear

====== C: exe-files ==

2014-07-25 06:52:01 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\thomas.exe

2014-07-25 06:51:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\thomas\Downloads\RSITx64.exe

2014-07-25 06:13:52 D073EF407FBEF0603C68838A97C922FA 108502671 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\microsoft-office-2010-en.exe

2014-07-25 06:13:35 32D3CBFF8F36368ABF784CD550EAA091 7025480 ----a-w- C:\Users\thomas\AppData\Local\Temp\optprosetup.exe

2014-07-25 06:13:33 3BB5FEE6B8D0F72FCF0E05167DFBA497 7205416 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\OptimizerPro.exe

2014-07-25 06:13:29 62BAFE9A908B1717484D32DE5A54244B 4380069 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\RegClean_0307-7366cb4a.exe

2014-07-25 06:13:23 BA0FAAEDEDAB6E6365A92143B558BD8C 4242370 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\systemsspeedup_0307-cd6becd7.exe

2014-07-25 06:13:12 B16C300A13291FE826BBB59F2E7BFE18 4440864 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\eDeals_2207-a0ba44b9.exe

2014-07-25 06:13:02 89B4EDE91F028F9EB52D03F3538666D9 2382296 ----a-w- C:\Users\thomas\AppData\Local\Microsoft\Windows\INetCache\IE\PBY0RISI\WIE_2.11.2.54[1].exe

2014-07-25 06:12:56 F0F3706910D84499E7845934117022BA 55363 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\wajam_2207-6c14163c.exe

2014-07-25 06:12:55 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Users\thomas\AppData\Local\Temp\n652\FLVMPlayerSetup-c45490cb.exe

2014-07-25 06:12:18 9C12E804C38CBA812DA4C33F5712812A 164352 ----atw- C:\Users\thomas\AppData\Local\Temp\n652\s652.exe

2014-07-25 06:12:15 5D121BFED914E6301C1FC916B753A825 471448 ----a-w- C:\Users\thomas\Downloads\Microsoft Office 2010.exe

2014-07-24 10:34:55 56BA17C77CC27D746B7F52ED2575A804 1237504 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\KMSELDI.exe

2014-07-24 10:34:53 C5455F06FB5F0182BF01F5AE751CDCF7 638121 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\firewall.exe

2014-07-24 10:34:32 EF8D4CDB4B3CE3B20B6410E73BC7FA69 59904 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\timesync.exe

2014-07-24 10:34:32 B0C7E94DE4DAD29651316A34ECC816AA 3338240 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\qemu-system-i386.exe

2014-07-24 10:34:31 79BF7493F97989E21D0D6BEC2D2934B7 303104 ----a-w- C:\Users\thomas\AppData\Local\Temp\RarSFX0\PortQry.exe

2014-07-23 15:25:52 A29D17CDEB67522D6822C45153EB79B3 3766008 ----a-w- C:\Users\thomas\AppData\Local\NVIDIA\NvBackend\Packages\00005d75\DAO.18716353.exe

2014-07-21 19:05:49 5F79854614F93158E8F3051965ADFD5E 126283 ----a-w- C:\Program Files (x86)\TeamSpeak 3 Client\Uninstall.exe

2014-07-20 06:43:46 C5D237A3DA4A914D19D825C73FDE4487 8848464 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.125\36.0.1985.125_35.0.1916.153_chrome_updater.exe

2014-07-19 15:22:32 079EDD62B499E926979317E9F88C9E46 3727400 ----a-w- C:\Users\thomas\AppData\Local\NVIDIA\NvBackend\Packages\00005d55\DAO.18705904.exe

=== C: other files ==

2014-07-24 13:13:12 E4118571634DBE57076EB32897E65699 7817000 ----a-w- C:\Users\thomas\Downloads\ABEstimating(Windows) (1).zip

2014-07-23 21:12:48 E4118571634DBE57076EB32897E65699 7817000 ----a-w- C:\Users\thomas\Downloads\ABEstimating(Windows).zip

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX5REC"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60"

"Command Center Controllers"="C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe"

"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

"ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17-06-2014 14:38]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17-06-2014 14:38]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]

"C:\WINDOWS\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\AlienAutopsy\sessionchecker.exe"]

"C:\WINDOWS\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\AlienAutopsy\uaclauncher.exe"]

"C:\WINDOWS\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2014-06-12 20:36:38 -------- d-----w- C:\PROGRA~3\Intel

2014-06-12 20:40:29 -------- d-----w- C:\PROGRA~3\iolo

2014-06-12 20:43:03 -------- d-----w- C:\PROGRA~3\Dell

2014-06-12 20:45:21 -------- d---a-w- C:\PROGRA~3\Temp

2014-06-12 20:45:24 -------- d-----w- C:\PROGRA~3\CyberLink

2014-06-12 20:45:25 -------- d-----w- C:\PROGRA~3\CLSK

2014-06-12 20:45:41 -------- d-----w- C:\PROGRA~3\install_clap

2014-06-12 20:49:20 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation

2014-06-12 20:49:37 -------- d-----w- C:\PROGRA~3\NVIDIA

2014-06-12 20:51:34 -------- d-----w- C:\PROGRA~3\PC-Doctor for Windows

2014-06-12 20:51:34 -------- d-----w- C:\PROGRA~3\PCDr

2014-06-17 12:34:24 -------- d-sh--we C:\PROGRA~3\Bureaublad

2014-06-17 12:34:24 -------- d-sh--we C:\PROGRA~3\Documenten

2014-06-17 12:34:24 -------- d-sh--we C:\PROGRA~3\Menu Start

2014-06-17 12:34:24 -------- d-sh--we C:\PROGRA~3\Sjablonen

2014-06-17 12:42:38 -------- d-----w- C:\PROGRA~3\softthinks

2014-06-17 15:30:07 -------- d-----w- C:\PROGRA~3\Media Center Programs

2014-06-21 20:56:04 -------- d-----w- C:\PROGRA~3\Spotnet

2014-06-24 08:17:43 -------- d-----w- C:\PROGRA~3\Microsoft SkyDrive

2014-06-26 07:48:46 -------- d-----w- C:\PROGRA~3\JollyBear

2014-06-26 08:12:03 -------- d-----w- C:\PROGRA~3\DailyMagic

2014-06-26 08:15:10 -------- d-----w- C:\PROGRA~3\Elephant Games

2014-06-27 14:49:54 -------- d-----w- C:\PROGRA~3\casualArts

2014-06-29 09:29:03 -------- d-----w- C:\PROGRA~3\PoBros

2014-07-01 16:15:54 -------- d-----w- C:\PROGRA~3\Becky Brogan

2014-07-01 16:17:50 -------- d-----w- C:\PROGRA~3\Casual Arts

2014-07-11 07:42:09 -------- d-----w- C:\PROGRA~3\HP

2014-07-16 14:10:28 -------- d-----w- C:\PROGRA~3\Origin

2014-07-16 14:10:30 -------- d-----w- C:\PROGRA~3\Electronic Arts

2014-07-25 06:18:03 -------- d-----w- C:\PROGRA~3\374311380

==== Chrome Look ======================

Google Docs - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://dell13.msn.com/?pc=DCJB"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{7DADFD38-0CC6-4FF6-903D-796898E121CA}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://dell13.msn.com/?pc=DCJB"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{7DADFD38-0CC6-4FF6-903D-796898E121CA} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3959895356-1840219888-164995823-1002\Software\Microsoft\Internet Explorer\SearchScopes\{7DADFD38-0CC6-4FF6-903D-796898E121CA} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyServer"="http=127.0.0.1:21726"

"ProxyOverride"="<local>;*origin.com;*ea.com;*akamaihd.net"

"ProxyEnable"=dword:00000001

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (file missing)

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (file missing)

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (file missing)

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (file missing)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (file missing)

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe

O23 - Service: AlienFXWindowsService - Alienware - C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: DLCRootRuntime.exe - Unknown owner - C:\Users\thomas\AppData\Local\DLCRootRuntime\DLCRootRuntime.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: FileMinimalSprite - Unknown owner - C:\WINDOWS\SysWOW64\FileMinimalSprite\FileMinimalSprite.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

O23 - Service: ioloEnergyBooster - iolo technologies, LLC - C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: MSI_ODD_Service - Micro-Star Int'l Co., Ltd. - c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\AlienRespawn\sftservice.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\thomas\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\thomas\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=57 folders=48 37060002 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\thomas\AppData\Local\Temp will be emptied at reboot

C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot

C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\Users\thomas\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\thomas\AppData\Local\DLCRootRuntime\msvcr100.dll" not found

"C:\WINDOWS\Syswow64\FileMinimalSprite\msvcr100.dll" not found

"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not deleted

"C:\Users\thomas\AppData\Local\DLCRootRuntime" not found

"C:\WINDOWS\Syswow64\FileMinimalSprite" not found

==== EOF on vr 25-07-2014 at 12:03:18,13 ======================

Link naar reactie
Delen op andere sites

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Hierbij het logje

# AdwCleaner v3.216 - Rapport aangemaakt 25/07/2014 op 21:14:56

# Laatste Update 17/07/2014 door Xplode

# Besturingssysteem : Windows 8.1 (64 bits)

# Gebruikersnaam : thomas - THOMAS

# Gestart vanuit : C:\Users\thomas\Desktop\adwcleaner_3.216.exe

# Optie : Verwijderen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\ProgramData\374311380

Bestand Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk

Bestand Verwijderd : C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage

Bestand Verwijderd : C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

Bestand Verwijderd : C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage

Bestand Verwijderd : C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS

Sleutel Verwijderd : HKCU\Software\Optimizer Pro

Sleutel Verwijderd : HKCU\Software\systweak

Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Sleutel Verwijderd : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Sleutel Verwijderd : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Sleutel Verwijderd : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Sleutel Verwijderd : HKLM\Software\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Google Chrome v36.0.1985.125

[ Bestand : C:\Users\thomas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2327 octets] - [25/07/2014 21:11:57]

AdwCleaner[s0].txt - [2182 octets] - [25/07/2014 21:14:56]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2242 octets] ##########

Link naar reactie
Delen op andere sites

Prima ... dan mag je nu de gebruikte tools en nog wat overbodige restjes verwijderen:

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”.

Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”.

Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.