Ga naar inhoud

Computer loopt om de seconde vast en hapert constant


Aanbevolen berichten

Beste leden/gasten,

Sinds ongeveer een week geleden heb ik een heel irritant probleem. Wanneer ik me PC opstart dan begint die meteen met haperen en vast lopen. Alles wat ik doe gaat verkeerd. Van foto's openen tot aan typen. Hij loopt letter om de seconde vast en computer hapert constant. Dus je kunt gewoon niets doen. Meestal bij het opstarten gaat het dan weer beter. Maar zo herhaald dit zich steeds.

Ik heb een Hijacklog voor jullie als jullie daar wat aan hebben en misschien kunnen jullie me helpen. Ik hoop van wel.

Alvast bedankt voor jullie tijd.

geLogfile of Trend Micro HijackThis v2.0.5

Scan saved at 5:57:05, on 20-8-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17239)

FIREFOX: 31.0 (x86 nl)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_176_ActiveX.exe

C:\Windows\System32\MsSpellCheckingFacility.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RH2EPB2O\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = V9

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = V9

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1393198871&from=amt&uid=ST3750640AS_3QD0HHC5XXXX3QD0HHC5&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1393198871&from=amt&uid=ST3750640AS_3QD0HHC5XXXX3QD0HHC5&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = V9

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Freecorder extension - {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files\Freecorder extension\ScriptHost.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office15\URLREDIR.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~4\Office15\GROOVEEX.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help" /build:7601 (User 'Default user')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office15\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office15\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe

O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe

O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-UpdaterService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Popcorn Time Updater - Popcorn Time - C:\Program Files\Popcorn Time\PopcornTimeUpdater.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--

End of file - 8372 bytes

Link naar reactie
Delen op andere sites

  • Reacties 22
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk.

Kan je het onderstaande uitvoeren en het gevraagde logje hier in je topic posten ? ...

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

Link naar reactie
Delen op andere sites

Met printscreens kan helaas niet gewerkt worden, neem onderstaande info nog eens door voor het correct posten van het logje:

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

Link naar reactie
Delen op andere sites

Er staat "Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.". Daar klikte ik dus op en zag dat je printscreen moest maken en dat uiteindelijk moest opslaan.

- - - Updated - - -

Logfile of random's system information tool 1.10 (written by random/random)

Run by pc at 2014-08-20 09:57:03

Microsoft Windows 7 Ultimate Service Pack 1

System drive C: has 271 GB (71%) free of 382 GB

Total RAM: 2047 MB (11% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:57:16, on 20-8-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17239)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_176_ActiveX.exe

C:\Windows\System32\MsSpellCheckingFacility.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\pc\Downloads\RSIT.exe

C:\Program Files\trend micro\pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1393198871&from=amt&uid=ST3750640AS_3QD0HHC5XXXX3QD0HHC5

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1393198871&from=amt&uid=ST3750640AS_3QD0HHC5XXXX3QD0HHC5

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1393198871&from=amt&uid=ST3750640AS_3QD0HHC5XXXX3QD0HHC5&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1393198871&from=amt&uid=ST3750640AS_3QD0HHC5XXXX3QD0HHC5&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1393198871&from=amt&uid=ST3750640AS_3QD0HHC5XXXX3QD0HHC5

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Freecorder extension - {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files\Freecorder extension\ScriptHost.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office15\URLREDIR.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~4\Office15\GROOVEEX.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1577482832-1229427741-2884412449-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-1577482832-1229427741-2884412449-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office15\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office15\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe

O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe

O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-UpdaterService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Popcorn Time Updater - Popcorn Time - C:\Program Files\Popcorn Time\PopcornTimeUpdater.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--

End of file - 9026 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1577482832-1229427741-2884412449-1000Core.job - C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1577482832-1229427741-2884412449-1000UA.job - C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default

prefs.js - "browser.startup.homepage" - "http://www.google.nl/"

prefs.js - "keyword.URL" - "http://dts.search.ask.com/sr?src=ffb&gct=ds&appid=102&systemid=473&v=a12349-344&apn_dtid=BND101&apn_ptnrs=AG1&apn_uid=7324727399454171&o=APN10640&q="

"quick_start@gmail.com"=C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\extensions\quick_start@gmail.com

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 14.0.0.145 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]

"Description"=Picasa3 plugin

"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0]

"Description"=Logitech Harmony Remote Plugin

"Path"=C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0]

"Description"=Microsoft Lync Plug-in for Firefox

"Path"=C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]

"Description"=NVIDIA stereo images plugin for Mozilla browsers

"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]

"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers

"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\

np-mswmp.dll

npMeetingJoinPluginOC.dll

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

QuickTimePlugin.class

WMP Firefox Plugin License.rtf

WMP Firefox Plugin RelNotes.txt

C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\extensions\

addon@freecorder.com

quick_start@gmail.com

{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\searchplugins\

Ask.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]

Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-05-21 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre8\bin\ssv.dll [2014-07-21 463784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}]

Freecorder extension - C:\Program Files\Freecorder extension\ScriptHost.dll [2014-02-25 438784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office15\URLREDIR.DLL [2014-01-23 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~4\Office15\GROOVEEX.DLL [2014-07-27 1730256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-07-21 172456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]

C:\Program Files\BlueStacks\HD-Agent.exe [2014-03-06 819984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4]

C:\Program Files\Google\Chrome\Application\chrome.exe [2014-08-07 860488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive]

C:\Users\pc\AppData\Roaming\newnext.me\nengine.dll [2014-01-06 1283584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]

C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote Control Server]

C:\Program Files\Remote Control Server\Remote Control Server.exe [2013-11-09 1988608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Common Files\Java\Java Update\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

C:\Users\pc\AppData\Roaming\uTorrent\uTorrent.exe [2014-04-08 1268816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VDownloader]

C:\Program Files\VDownloader\VDownloader.exe [2013-07-11 879104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RocketDock.lnk]

C:\Program Files\Elune Skin Pack\RocketDock\RocketDock.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SkinPackMenu.lnk]

C:\Program Files\Elune Skin Pack\SP.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk]

C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2012-08-13 1199104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"wave7"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

"wave8"=wdmaud.drv

"midi8"=wdmaud.drv

"mixer8"=wdmaud.drv

"wave9"=wdmaud.drv

"midi9"=wdmaud.drv

"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-20 08:38:03 ----D---- C:\Program Files\trend micro

2014-08-20 08:38:02 ----D---- C:\rsit

2014-08-13 22:49:07 ----A---- C:\Windows\system32\FNTCACHE.DAT

2014-08-13 08:21:04 ----A---- C:\Windows\system32\infocardapi.dll

2014-08-13 08:20:58 ----A---- C:\Windows\system32\icardres.dll

2014-08-13 08:20:47 ----A---- C:\Windows\system32\icardagt.exe

2014-08-13 08:20:36 ----A---- C:\Windows\system32\TsWpfWrp.exe

2014-08-13 02:03:03 ----A---- C:\Windows\system32\rpcrt4.dll

2014-08-13 02:03:01 ----A---- C:\Windows\system32\drivers\dxgmms1.sys

2014-08-13 02:03:01 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2014-08-13 02:03:00 ----A---- C:\Windows\system32\cdd.dll

2014-08-13 02:02:52 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-08-13 02:02:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-08-13 02:02:51 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-08-13 02:02:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-08-13 02:02:50 ----A---- C:\Windows\system32\iernonce.dll

2014-08-13 02:02:49 ----A---- C:\Windows\system32\urlmon.dll

2014-08-13 02:02:49 ----A---- C:\Windows\system32\jsproxy.dll

2014-08-13 02:02:49 ----A---- C:\Windows\system32\iedkcs32.dll

2014-08-13 02:02:48 ----A---- C:\Windows\system32\msfeeds.dll

2014-08-13 02:02:48 ----A---- C:\Windows\system32\ieUnatt.exe

2014-08-13 02:02:48 ----A---- C:\Windows\system32\dxtmsft.dll

2014-08-13 02:02:45 ----A---- C:\Windows\system32\msrating.dll

2014-08-13 02:02:45 ----A---- C:\Windows\system32\ie4uinit.exe

2014-08-13 02:02:44 ----A---- C:\Windows\system32\iesetup.dll

2014-08-13 02:02:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-08-13 02:02:43 ----A---- C:\Windows\system32\vbscript.dll

2014-08-13 02:02:43 ----A---- C:\Windows\system32\ieapfltr.dll

2014-08-13 02:02:42 ----A---- C:\Windows\system32\wininet.dll

2014-08-13 02:02:39 ----A---- C:\Windows\system32\dxtrans.dll

2014-08-13 02:02:38 ----A---- C:\Windows\system32\ieui.dll

2014-08-13 02:02:37 ----A---- C:\Windows\system32\ieframe.dll

2014-08-13 02:02:35 ----A---- C:\Windows\system32\mshtmled.dll

2014-08-13 02:02:34 ----A---- C:\Windows\system32\mshtmlmedia.dll

2014-08-13 02:02:33 ----A---- C:\Windows\system32\MshtmlDac.dll

2014-08-13 02:02:33 ----A---- C:\Windows\system32\iertutil.dll

2014-08-13 02:02:30 ----A---- C:\Windows\system32\jscript9diag.dll

2014-08-13 02:02:29 ----A---- C:\Windows\system32\jscript9.dll

2014-08-13 02:02:28 ----A---- C:\Windows\system32\mshtml.dll

2014-08-13 02:02:12 ----A---- C:\Windows\system32\win32k.sys

2014-08-13 02:02:12 ----A---- C:\Windows\system32\gdi32.dll

2014-08-13 02:02:07 ----A---- C:\Windows\system32\tzres.dll

2014-08-13 02:01:41 ----A---- C:\Windows\system32\msihnd.dll

2014-08-13 02:01:41 ----A---- C:\Windows\system32\msi.dll

2014-08-13 02:01:41 ----A---- C:\Windows\system32\consent.exe

2014-08-13 02:01:41 ----A---- C:\Windows\system32\authui.dll

2014-08-13 02:01:18 ----A---- C:\Windows\system32\aepdu.dll

2014-08-13 02:01:15 ----A---- C:\Windows\system32\aeinv.dll

2014-08-13 02:01:13 ----A---- C:\Windows\system32\shell32.dll

2014-08-13 02:01:01 ----A---- C:\Windows\system32\KBDYAK.DLL

2014-08-13 02:01:01 ----A---- C:\Windows\system32\KBDTAT.DLL

2014-08-13 02:01:01 ----A---- C:\Windows\system32\KBDRU1.DLL

2014-08-13 02:01:01 ----A---- C:\Windows\system32\KBDRU.DLL

2014-08-13 02:01:01 ----A---- C:\Windows\system32\KBDBASH.DLL

2014-08-12 01:01:46 ----D---- C:\Users\pc\AppData\Roaming\PopcornTime

2014-08-09 19:51:27 ----D---- C:\Users\pc\AppData\Roaming\TeamViewer

2014-08-09 19:51:16 ----D---- C:\Program Files\TeamViewer

2014-08-07 20:33:51 ----D---- C:\Program Files\Common Files\Skype

2014-08-02 23:58:59 ----D---- C:\Program Files\Mozilla Firefox

2014-08-02 15:27:22 ----A---- C:\Windows\system32\wups2.dll

2014-08-02 15:27:22 ----A---- C:\Windows\system32\wucltux.dll

2014-08-02 15:27:22 ----A---- C:\Windows\system32\wuauclt.exe

2014-08-02 15:27:21 ----A---- C:\Windows\system32\wuaueng.dll

2014-08-02 15:27:09 ----A---- C:\Windows\system32\wups.dll

2014-08-02 15:27:09 ----A---- C:\Windows\system32\wudriver.dll

2014-08-02 15:27:09 ----A---- C:\Windows\system32\wuapi.dll

2014-08-02 15:26:47 ----A---- C:\Windows\system32\wuwebv.dll

2014-08-02 15:26:45 ----A---- C:\Windows\system32\wuapp.exe

2014-07-30 00:37:18 ----D---- C:\SUPERDelete

2014-07-21 20:50:15 ----A---- C:\Windows\system32\javaws.exe

======List of files/folders modified in the last 1 month======

2014-08-20 09:35:37 ----D---- C:\Users\pc\AppData\Roaming\Skype

2014-08-20 08:39:31 ----D---- C:\Windows\Prefetch

2014-08-20 08:38:03 ----RD---- C:\Program Files

2014-08-20 08:37:56 ----D---- C:\Windows\Temp

2014-08-20 05:34:25 ----D---- C:\ProgramData\NVIDIA

2014-08-19 21:53:09 ----D---- C:\Windows\system32\config

2014-08-19 20:56:22 ----D---- C:\Users\pc\AppData\Roaming\vlc

2014-08-18 11:22:35 ----AD---- C:\ProgramData\TEMP

2014-08-18 11:22:31 ----D---- C:\Program Files\SpywareBlaster

2014-08-17 18:19:22 ----SHD---- C:\System Volume Information

2014-08-14 18:34:12 ----D---- C:\Windows\rescache

2014-08-14 17:18:05 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-08-14 17:18:02 ----D---- C:\Windows\system32\LogFiles

2014-08-14 01:31:20 ----D---- C:\Windows\Microsoft.NET

2014-08-14 01:30:07 ----RSD---- C:\Windows\assembly

2014-08-13 22:50:02 ----D---- C:\Windows\inf

2014-08-13 22:49:38 ----D---- C:\Windows

2014-08-13 22:49:07 ----D---- C:\Windows\System32

2014-08-13 19:53:10 ----D---- C:\Windows\winsxs

2014-08-13 19:53:04 ----SHD---- C:\Windows\Installer

2014-08-13 19:53:03 ----D---- C:\ProgramData\Microsoft Help

2014-08-13 19:46:08 ----D---- C:\Windows\system32\catroot2

2014-08-13 19:42:39 ----D---- C:\Windows\system32\catroot

2014-08-13 19:34:55 ----D---- C:\Windows\debug

2014-08-13 17:53:34 ----D---- C:\Windows\ehome

2014-08-13 17:53:33 ----D---- C:\Windows\system32\nl-NL

2014-08-13 17:53:33 ----D---- C:\Windows\system32\en-US

2014-08-13 17:53:33 ----D---- C:\Windows\system32\drivers

2014-08-13 17:53:33 ----D---- C:\Windows\PolicyDefinitions

2014-08-13 17:53:31 ----D---- C:\Program Files\Internet Explorer

2014-08-13 17:53:27 ----SD---- C:\Windows\system32\CompatTel

2014-08-13 17:53:15 ----RSD---- C:\Windows\Fonts

2014-08-13 08:34:29 ----D---- C:\Windows\system32\MRT

2014-08-13 08:30:09 ----A---- C:\Windows\system32\MRT.exe

2014-08-13 08:22:20 ----A---- C:\Windows\win.ini

2014-08-13 00:37:17 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-08-09 19:51:40 ----D---- C:\Windows\system32\Tasks

2014-08-08 02:22:24 ----D---- C:\Program Files\Popcorn Time

2014-08-07 23:12:42 ----HD---- C:\ProgramData

2014-08-07 23:12:42 ----D---- C:\Windows\Tasks

2014-08-07 20:34:00 ----D---- C:\ProgramData\Skype

2014-08-07 20:33:51 ----D---- C:\Program Files\Common Files

2014-08-06 13:46:46 ----D---- C:\Program Files\Mozilla Maintenance Service

2014-07-30 00:50:30 ----D---- C:\ONE TOUCH Upgrade S 2.8.0

2014-07-27 03:14:41 ----D---- C:\Program Files\CCleaner

2014-07-24 17:50:21 ----D---- C:\Program Files\Microsoft Silverlight

2014-07-21 20:50:25 ----D---- C:\ProgramData\Oracle

2014-07-21 20:50:01 ----A---- C:\Windows\system32\WindowsAccessBridge.dll

2014-07-21 20:49:59 ----A---- C:\Windows\system32\javaw.exe

2014-07-21 20:49:59 ----A---- C:\Windows\system32\java.exe

2014-07-21 20:49:55 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]

R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [2014-03-06 113424]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]

R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]

R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]

R3 MRV6X32P;Vista 32-bits Native WiFi Driver; C:\Windows\system32\DRIVERS\MRVW13B.sys [2007-05-03 256000]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2013-09-17 161056]

R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]

R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-10 629760]

S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-25 13440]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]

S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]

S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []

S3 usbser;USB Serial Emulation Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]

S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]

R2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files\BlueStacks\HD-Service.exe [2014-03-06 402192]

R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [2014-03-06 385808]

R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files\BlueStacks\HD-UpdaterService.exe [2014-03-06 770832]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 663896]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-27 1364256]

R2 Popcorn Time Updater;Popcorn Time Updater; C:\Program Files\Popcorn Time\PopcornTimeUpdater.exe [2014-05-22 210944]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]

R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]

R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]

R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-14 262320]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13 116648]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-09 194032]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 108032]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-03 119408]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-07-27 563624]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-13 1343400]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93};c
 C:\Program Files\Freecorder extension;fs
 Popcorn Time Updater;s
 C:\Program Files\Popcorn Time;fs
 C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\extensions\[email="addon@freecorder.com"][color=blue]addon@freecorder.com[/color][/email];fs
 C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\extensions\[email="quick_start@gmail.com"][color=blue]quick_start@gmail.com[/color][/email];fs
 C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d};fs
 C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\searchplugins\Ask.xml;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe];r
 C:\Users\pc\AppData\Roaming\PopcornTime;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Deep Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 19-08-2014

Tool run by pc on wo 20-08-2014 at 12:07:13,05.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\pc\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

20-8-2014 12:09:49 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\AGEIA Technologies deleted successfully

C:\Program Files\dumps deleted successfully

C:\Program Files\MediaBuzzV1 deleted successfully

C:\Program Files\Movies Toolbar deleted successfully

C:\Program Files\RichMediaViewV1 deleted successfully

C:\Program Files\Rockstar Games deleted successfully

C:\PROGRA~2\Oracle deleted successfully

C:\Users\pc\AppData\Roaming\Google deleted successfully

C:\Users\pc\AppData\Roaming\Logitech deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1577482832-1229427741-2884412449-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} deleted successfully

HKEY_USERS\S-1-5-21-1577482832-1229427741-2884412449-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} deleted successfully

HKEY_USERS\S-1-5-21-1577482832-1229427741-2884412449-1000\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Running Processes ======================

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\BlueStacks\HD-LogRotatorService.exe

C:\Program Files\BlueStacks\HD-UpdaterService.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Popcorn Time\PopcornTimeUpdater.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\BlueStacks\HD-Service.exe

C:\Windows\Explorer.EXE

C:\Program Files\BlueStacks\HD-Network.exe

C:\Windows\system32\conhost.exe

C:\Program Files\BlueStacks\HD-BlockDevice.exe

C:\Windows\system32\conhost.exe

C:\Program Files\BlueStacks\HD-SharedFolder.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_176_ActiveX.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\System32\MsSpellCheckingFacility.exe

C:\Users\pc\Downloads\zoek.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Popcorn Time Updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Popcorn Time Updater deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default

---- Lines ask.com removed from prefs.js ----

user_pref("browser.search.defaultenginename", "Ask.com");

user_pref("browser.search.order.1", "Ask.com");

user_pref("browser.search.selectedEngine", "Ask.com");

user_pref("keyword.URL", "Ask.com

---- Lines crossrider removed from prefs.js ----

user_pref("extensions.crossrider.bic", "144b2d1f9c98fb80017c09cda4e01f96");

---- FireFox user.js and prefs.js backups ----

user_20-08-2014_1223_.backup

prefs_20-08-2014_1223_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\Program Files\Freecorder extension deleted

C:\Program Files\Popcorn Time deleted

C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\extensions\addon@freecorder.com deleted

C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} deleted

C:\Users\pc\AppData\Roaming\PopcornTime deleted

C:\Users\pc\AppData\Local\genienext deleted

C:\Users\pc\daemonprocess.txt deleted

C:\Users\pc\.android deleted

C:\Program Files\GUT223C.tmp deleted

C:\Program Files\GUM223B.tmp deleted

C:\Program Files\VDownloader deleted

C:\Users\pc\AppData\Roaming\newnext.me deleted

C:\PROGRA~2\IePluginService deleted

C:\PROGRA~2\WPM deleted

C:\PROGRA~2\Tarma Installer deleted

C:\PROGRA~2\Package Cache deleted

C:\Users\pc\AppData\Local\cache deleted

C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx deleted

C:\Users\pc\Searches deleted

C:\Users\pc\AppData\LocalLow\DataMngr deleted

C:\Windows\system32\config\systemprofile\Searches deleted

C:\Users\pc\Documents\Mobogenie deleted

C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\searchplugins\Ask.xml deleted

C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\somotomoviestoolbar181 deleted

C:\Users\pc\Desktop\VDownloader.lnk deleted

C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml deleted

"C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\extensions\quick_start@gmail.com" deleted

"C:\Users\pc\AppData\Local\Mobogenie" deleted

==== System Specs ======================

Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601)

Memory (RAM): 2048 MB

CPU Info: Intel® Pentium® Dual CPU E2160 @ 1.80GHz

CPU Speed: 1765,8 MHz

Sound Card: Luidsprekers (2- High Definitio |

Luidsprekers (2- High Definitio |

Display Adapters: NVIDIA GeForce 210 | NVIDIA GeForce 210 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1280 X 1024 - 32 bit

Network: Network Present

Network Adapters: Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter | NETGEAR WG311v3 54Mbps Wireless PCI Adapter | Realtek PCIe GBE Family Controller

CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-224DB

Ports: COM1 | COM2 LPT1

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C: 373,1GB

Hard Disks - Free: C: 264,8GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 08/30/07 | DELL - 8000730

Time Zone: West-Europa (standaardtijd)

Motherboard *: NEC Computers SAS ECS-945G

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: Microsoft Security Essentials disabled (Outdated)

Default Browser: Firefox 31.0

Internet Explorer Version: 11.0.9600.17239

Mozilla Firefox version: 31.0 (x86 nl)

Google Chrome version: 36.0.1985.143

Adobe Reader version: 11.0.07.79

Sun Java version: 1.8.0_11 (32-bit)

Flash Player version: 14.0.0.145

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\pc\AppData\Local\Temp ====

====== Java Cache =====

2014-08-18 05:49:20 E8B7CABB76DE48FA002A1A81205471A6 95 ----a-w- C:\Users\pc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\4f038bca-f55a6f7642190875b27f0f016d0986b22abdccd6da0c1082add5c4539b3a56f1-6.0.lap

2014-08-18 05:49:47 ECF4123D119922532FA7D40E57E51561 85 ----a-w- C:\Users\pc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\66b148ce-459529750f7872bd81ebdbff78fea7bc251323c19d90bb99c61625edf2508e52-6.0.lap

2014-08-18 05:49:25 D9D40F8EEEDEE656CA6C6C1BF0B6587B 8913 ----a-w- C:\Users\pc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\7d7caccf-46c47230

2014-08-18 05:49:45 90FD9F9BB1F980586096D4D326C9EDD8 13192 ----a-w- C:\Users\pc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\984882a-37656c50

2014-08-18 06:14:50 F3450967A4281B6AEB0570D79F49BD3B 112702425 ----a-w- C:\Users\pc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\46bbb7bf-22834b9b

2014-08-18 05:49:45 FA2873259BAE12E84EA83039220D40C3 85 ----a-w- C:\Users\pc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\66fd0948-9c57d1ff4f2bf675aae805c26868ea6582c68260db7eb8d4951ab5266f510438-6.0.lap

====== C:\Windows\system32 =====

2014-08-13 20:49:07 E6B01B9FF2A8B13BA9FD95B0BF23AABA 456320 ----a-w- C:\Windows\System32\FNTCACHE.DAT

2014-08-13 06:21:04 AF6655214DEBB2C8446DE843A02AAEBA 99480 ----a-w- C:\Windows\System32\infocardapi.dll

2014-08-13 06:20:58 370FC4421ADE62FC89AC93B345570388 8856 ----a-w- C:\Windows\System32\icardres.dll

2014-08-13 06:20:47 8D466B36076BCD7997838C0DDB69764C 619672 ----a-w- C:\Windows\System32\icardagt.exe

2014-08-13 06:20:36 28A8B99DE70F376B18709E6B07D6A352 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe

2014-08-13 00:03:03 C9059EF0C94C55C0DA9CACEE160A5F66 654336 ----a-w- C:\Windows\System32\rpcrt4.dll

2014-08-13 00:03:00 5860EE5C807CB3866551B845123493C6 107520 ----a-w- C:\Windows\System32\cdd.dll

2014-08-13 00:02:52 41A3A54603686FD437FA4E8EB95025F9 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2014-08-13 00:02:51 FEE3E022B00A5165ED645E38C1E6C776 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll

2014-08-13 00:02:51 004DFEA0B7AE3F8F438CD2D8C643DAEE 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-08-13 00:02:50 478824EC0BCE9968C0DC787164B1753B 32768 ----a-w- C:\Windows\System32\iernonce.dll

2014-08-13 00:02:50 3BB3D5D1CACD68BE8F7A16CCB3AADA93 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-08-13 00:02:49 7B051C4A70F23A84A09366999FE63CBD 307384 ----a-w- C:\Windows\System32\iedkcs32.dll

2014-08-13 00:02:49 6D017C0E499443ACDE3D9B5DCD753F32 1169920 ----a-w- C:\Windows\System32\urlmon.dll

2014-08-13 00:02:49 36B67392AFB8901CC442EA988AD4603D 43008 ----a-w- C:\Windows\System32\jsproxy.dll

2014-08-13 00:02:48 E9B28B60C0272E2E1E462E6FB38E6B55 367104 ----a-w- C:\Windows\System32\dxtmsft.dll

2014-08-13 00:02:48 87C2B5010779DF6BE4732751C5DB5D64 112128 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-08-13 00:02:48 1A05CFA45B6AEBFCCC835DCF68CBD1D0 526336 ----a-w- C:\Windows\System32\msfeeds.dll

2014-08-13 00:02:47 E8D46F442AB53A52BDBB3EA0C51BDABD 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2014-08-13 00:02:46 E70C00791A18866BB23B3A652E3390A0 2001920 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-08-13 00:02:45 B91AA3BC8083E66925FAE29FDA485CEA 164864 ----a-w- C:\Windows\System32\msrating.dll

2014-08-13 00:02:45 7EFBB7A3C664A8DF93C9937DF76760A4 663040 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-08-13 00:02:44 D7D412D3436CFB85B383CDD3C9B455F0 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2014-08-13 00:02:44 4D0E91438CE181AF94C653B3BBE3C65A 61952 ----a-w- C:\Windows\System32\iesetup.dll

2014-08-13 00:02:43 9D16B568E318F49535AD72539C9997C2 455168 ----a-w- C:\Windows\System32\vbscript.dll

2014-08-13 00:02:43 18A3154606E3F8945956948A4E708007 704512 ----a-w- C:\Windows\System32\ieapfltr.dll

2014-08-13 00:02:42 B945BAA81B4805AD6BDDF4D026DCFB47 1792512 ----a-w- C:\Windows\System32\wininet.dll

2014-08-13 00:02:39 239575F9EA0D227516843EEE8B7342CA 239616 ----a-w- C:\Windows\System32\dxtrans.dll

2014-08-13 00:02:38 F48A1A114382AB4EF8000E1943E6CF1F 438784 ----a-w- C:\Windows\System32\ieui.dll

2014-08-13 00:02:37 90FF511B751A0327D07C4073760F1578 11772928 ----a-w- C:\Windows\System32\ieframe.dll

2014-08-13 00:02:35 444EB30B1610A35FC99D62A91B2BCAA7 69632 ----a-w- C:\Windows\System32\mshtmled.dll

2014-08-13 00:02:34 49FFD37673BD20279A8BF27CC20040B3 1068032 ----a-w- C:\Windows\System32\mshtmlmedia.dll

2014-08-13 00:02:33 FF4A917DD7C387BD2715A5F67307FED1 2184704 ----a-w- C:\Windows\System32\iertutil.dll

2014-08-13 00:02:33 272420427EB96EA052C719AA796C09F2 61952 ----a-w- C:\Windows\System32\MshtmlDac.dll

2014-08-13 00:02:30 24FA5F74D3B4BA62539DF87285BA934E 597504 ----a-w- C:\Windows\System32\jscript9diag.dll

2014-08-13 00:02:29 7C1BFC2ABE297BCA1A7BA77A8292C088 4204032 ----a-w- C:\Windows\System32\jscript9.dll

2014-08-13 00:02:28 8453DDF167CE2986AA4AB04BC6824925 17524224 ----a-w- C:\Windows\System32\mshtml.dll

2014-08-13 00:02:12 EB0AAAAC964609473049AF9A1AE26F42 2352640 ----a-w- C:\Windows\System32\win32k.sys

2014-08-13 00:02:12 8C192180F49B102626B6517E9B94645F 305152 ----a-w- C:\Windows\System32\gdi32.dll

2014-08-13 00:02:07 D08819FEE0CDB8A8A58E2B34D05E7A11 2048 ----a-w- C:\Windows\System32\tzres.dll

2014-08-13 00:01:41 CADC4CFE957C24984FFA718AB7E4EF3C 101824 ----a-w- C:\Windows\System32\consent.exe

2014-08-13 00:01:41 C212A43AA83A717AD38505F23ACDCB33 2363392 ----a-w- C:\Windows\System32\msi.dll

2014-08-13 00:01:41 9DA1CCDBBF8136AC2383C2624CA8CD14 337408 ----a-w- C:\Windows\System32\msihnd.dll

2014-08-13 00:01:41 43CD23B65CBF04D6F8ACA984B0EF93FE 1805824 ----a-w- C:\Windows\System32\authui.dll

2014-08-13 00:01:18 D14DF403FF550F6B1F4702CD2F288ABD 412160 ----a-w- C:\Windows\System32\aepdu.dll

2014-08-13 00:01:15 C4675C2734716F56FCA370CF1183457F 302592 ----a-w- C:\Windows\System32\aeinv.dll

2014-08-13 00:01:13 386BF6FD9FC562B1A5558C49E1C3A6FB 12874240 ----a-w- C:\Windows\System32\shell32.dll

2014-08-13 00:01:03 06FC8A93A4FA1F42A3D1D06694F2B339 419992 ----a-w- C:\Windows\System32\locale.nls

2014-08-13 00:01:01 F1886C30C3E4A7C5513525CBA665AA31 6144 ----a-w- C:\Windows\System32\KBDTAT.DLL

2014-08-13 00:01:01 EB3D06A9EDFDFD12228AD7A9F24D15D6 5632 ----a-w- C:\Windows\System32\KBDRU.DLL

2014-08-13 00:01:01 40FFC65117C4AC69D33DEC6D567392FD 6144 ----a-w- C:\Windows\System32\KBDYAK.DLL

2014-08-13 00:01:01 33DB506498E0419CD50B144DE7CCFC75 6144 ----a-w- C:\Windows\System32\KBDBASH.DLL

2014-08-13 00:01:01 1235259E135F87BF4AE5864A818E1513 6144 ----a-w- C:\Windows\System32\KBDRU1.DLL

====== C:\Windows\system32\drivers =====

2014-08-13 00:03:01 3583A5A8CC2E682BFFBD4630D0FEC08B 730048 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2014-08-13 00:03:01 0EC652D17AB4607745FB4E6958E8FAB6 219072 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-08-20 06:38:03 -------- d-----w- C:\Program Files\trend micro

2014-08-09 17:51:16 -------- d-----w- C:\Program Files\TeamViewer

2014-08-07 18:33:51 -------- d-----w- C:\Program Files\Common Files\Skype

======= C: =====

====== C:\Users\pc\AppData\Roaming ======

2014-08-13 20:50:04 C3AD71C846ECDA1450D5248E51E367B1 117528 ----a-w- C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT

2014-08-09 17:51:27 -------- d-----w- C:\Users\pc\AppData\Roaming\TeamViewer

====== C:\Users\pc ======

2014-08-20 06:37:56 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\pc\Downloads\RSIT.exe

====== C: exe-files ==

2014-08-20 06:38:03 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\pc.exe

2014-08-20 06:37:56 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\pc\Downloads\RSIT.exe

2014-08-20 06:37:27 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HE4D0WDK\RSIT.exe

2014-08-15 02:11:47 C56CB929FDC62BA6AFA025C0DF95CA73 1836624 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.143\36.0.1985.143_36.0.1985.125_chrome_updater.exe

2014-08-13 20:49:56 1BD4BE37E56C7BE2C0B21D7638CB5892 1355776 ----a-w- C:\Windows\Temp\set5CA.tmp.exe

2014-08-13 17:54:45 59632669E2ADB61DF0E878881BE1117F 2600960 ----a-w- C:\Windows\Temp\setFE0F.tmp.exe

2014-08-13 15:57:23 E6619660A1903A2AFD3BEED33B414BDC 2818048 ----a-w- C:\Windows\Temp\set89C7.tmp.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1577482832-1229427741-2884412449-1003\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-1577482832-1229427741-2884412449-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BCSSync"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BlueStacks Agent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BlueStacks Agent"

"hkey"="HKLM"

"command"="C:\\Program Files\\BlueStacks\\HD-Agent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NextLive]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NextLive"

"hkey"="HKCU"

"command"="C:\\Windows\\system32\\rundll32.exe \"C:\\Users\\pc\\AppData\\Roaming\\newnext.me\\nengine.dll\",EntryPoint -m l"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NvBackend"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\NVIDIA Corporation\\Update Core\\NvBackend.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="QuickTime Task"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Remote Control Server]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Remote Control Server"

"hkey"="HKCU"

"command"="C:\\Program Files\\Remote Control Server\\Remote Control Server.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SUPERAntiSpyware"

"hkey"="HKCU"

"command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="uTorrent"

"hkey"="HKCU"

"command"="\"C:\\Users\\pc\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VDownloader]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="VDownloader"

"hkey"="HKLM"

"command"="C:\\Program Files\\VDownloader\\VDownloader.exe /silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RocketDock.lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\RocketDock.lnk"

"backup"="C:\\Windows\\pss\\RocketDock.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\Program Files\\Elune Skin Pack\\RocketDock\\RocketDock.exe "

"item"="RocketDock"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SkinPackMenu.lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\SkinPackMenu.lnk"

"backup"="C:\\Windows\\pss\\SkinPackMenu.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\Program Files\\Elune Skin Pack\\SP.exe "

"item"="SkinPackMenu"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk]

"path"="C:\\Users\\pc\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.4.1.lnk"

"backup"="C:\\Windows\\pss\\OpenOffice.org 3.4.1.lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\PROGRA~1\\OPENOF~1.ORG\\program\\QUICKS~1.EXE "

"item"="OpenOffice.org 3.4.1"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14-08-2014 17:18]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-07-2013 02:30]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-07-2013 02:30]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1577482832-1229427741-2884412449-1000Core.job --a------ C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [06-12-2013 03:41]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1577482832-1229427741-2884412449-1000UA.job --a------ C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [06-12-2013 03:41]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe]

"C:\Windows\system32\tasks\4392" [wscript.exe C:\Users\pc\AppData\Local\Temp\launchie.vbs //B]

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1577482832-1229427741-2884412449-1000Core" [C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1577482832-1229427741-2884412449-1000UA" [C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"quick_start@gmail.com"="C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\extensions\quick_start@gmail.com" []

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default

0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

99407FF47487D59D749545B93CDCE4D3 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll - Java Platform SE 8 U11

F42962C2257294BE4AB0CB6038D9E477 - C:\Program Files\Java\jre8\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.110.12

4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash

FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update

B5269A90EB2C747C4802E2FE0527C5D2 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa

893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In

14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat

14365399E83D7BC15760E8676E890C87 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat

5596E40701BE8A4AEC399F57DBCE289E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.5

5596E40701BE8A4AEC399F57DBCE289E - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.5

87FCE1D38F135B923EEC502825B5C7F6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.5

87FCE1D38F135B923EEC502825B5C7F6 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.5

5A2AF08FEF626D3825AA7923B0A9DFF5 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.5

5A2AF08FEF626D3825AA7923B0A9DFF5 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.5

B033D1486EAD65BE7857114DFAFD8429 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.5

B033D1486EAD65BE7857114DFAFD8429 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.5

DA632EC5CCC16F0B0FAC9BB21C10B2C3 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.5

DA632EC5CCC16F0B0FAC9BB21C10B2C3 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.5

4B12052DEA1DEA28FFADBC27C6D5CB20 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision

B573EFC0DAD162E35FC11258C0496E70 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION

D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013

68BCBB241EF254BC5100D9E6C06ECC71 - C:\Users\pc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator

99FE6AFE80EB7FE3EEB75DC504A326A3 - C:\Users\pc\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer

AF42019A3B0EDBFA6878F75B9377A792 - C:\Users\pc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin

B674373AED09BDC9C4150B5762FD4360 - C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll - Harmony Firefox Plugin

99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

gpicboiclhmnllnjdcfcffifpoaebgkm - C:\Program Files\Freecorder extension\Freecorder.crx[]

omaonpoimgkmbllpdihbnmgphjoipdhf - C:\Program Files\Logitech\Harmony Remote Driver\harmony_chrome.crx[01-05-2012 21:45]

pelmeidfhdlhlbjimpabfcbnnojbboma - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx[]

Google Docs - pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Freecorder - pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm

Hangouts - pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd

Google Wallet - pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Preferences

"homepage": "Google",

"startup_urls": [ "Google" ],

==== Chrome Fix ======================

C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

"Default_Page_URL"="V9"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://www.awesomehp.com/web/?type=ds&ts=1393198871&from=amt&uid=ST3750640AS_3QD0HHC5XXXX3QD0HHC5&q={searchTerms}"

"Default_Page_URL"="V9"

"Start Page"="V9"

"Search Page"="http://www.awesomehp.com/web/?type=ds&ts=1393198871&from=amt&uid=ST3750640AS_3QD0HHC5XXXX3QD0HHC5&q={searchTerms}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Start Page"="Google"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="Bing"

"Search Page"="Bing"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="{searchTerms - Google Search}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\quick_start@gmail.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VDownloader deleted successfully

==== HijackThis Entries ======================

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office15\URLREDIR.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~4\Office15\GROOVEEX.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1577482832-1229427741-2884412449-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-1577482832-1229427741-2884412449-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help" /build:7601 (User 'Default user')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office15\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office15\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe

O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe

O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-UpdaterService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

==== Empty IE Cache ======================

C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0B33H25Z will be deleted at reboot

C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYOU9WS will be deleted at reboot

C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HE4D0WDK will be deleted at reboot

C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWMCQ3S1 will be deleted at reboot

C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RH2EPB2O will be deleted at reboot

C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UI7G7RVN will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2116 folders=319 372486289 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\pc\AppData\Local\Temp will be emptied at reboot

C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

C:\Users\UpdatusUser.pc-PC\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\pc\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0B33H25Z" not found

"C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYOU9WS" not found

"C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HE4D0WDK" not found

"C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWMCQ3S1" not found

"C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RH2EPB2O" not found

"C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UI7G7RVN" not found

==== EOF on wo 20-08-2014 at 12:35:05,60 ======================

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.